Network Analysis

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: api.myip.com

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:58:06 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MV1a%2F7yB0LKRH6lhq2uQ%2Be91e24Emkjs4%2BWX%2BZAa2aqeMHkzxtHMVx9kJbXPMuzCyQz6RVpCkZYXPOB7c97MyvX0P%2BEgcvmbngBym1b1pMLzJ%2FLn9zo6MN9F1kTKuQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7eb7de96cbb51a00-KIX

GET /doc746114504_647280747?hash=cvDFKP5q0CQEjBCbeoeHvPNrWE0xbMxZEmrkIeNKcET&dl=G42DMMJRGQ2TANA:1661413520:uZNj68vRUvQaydRD8wpAK8zluN0I7otw5AHbA1ZlN9T&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: kittenx Date: Sun, 23 Jul 2023 23:58:10 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 244151 Connection: keep-alive X-Powered-By: KPHP/7.4.114229 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixlang=17; expires=Thu, 18 Jul 2024 04:04:25 GMT; path=/; domain=.vk.com Set-Cookie: remixstlid=9086400428686055066_ga4MkGDimodwFYKE8XEK6W9lWpaFzNKP8gK4I8NvT3H; expires=Mon, 22 Jul 2024 23:58:10 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixlgck=bb698d577115e237ed; expires=Wed, 24 Jul 2024 21:31:57 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstid=525504606_iyxJgVQaQjSPPVX3umFm5rOViBZPkRQ8GE8zWyeZXck; expires=Tue, 23 Jul 2024 09:52:19 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220007 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /setup294.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: hooligapps.site Cache-Control: no-cache

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:58:14 GMT Content-Type: application/x-msdos-program Content-Length: 1636064 Connection: keep-alive Last-Modified: Sun, 23 Jul 2023 22:23:36 GMT ETag: "18f6e0-6012ef2ecea00" Cache-Control: max-age=14400 CF-Cache-Status: EXPIRED Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdGxPyK1CSln7Q%2FQZGjCdHvo2QwTzXxUDlahiMSOBy7WsEBOE0OFVGH7buBWFcVAB6IhaRSPfy8Eb4VWm7GacBN6f7SZlsjFdm64hn0ExSrXtzhLmNxmJgAmjyX7BqjIlCQ%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7eb7decabbbd8d0a-KIX alt-svc: h3=":443"; ma=86400

GET /doc801981293_666823296?hash=IkJXfnuRw7ihxGiXRSyiY2Z66FKnxYargchJZwaWxKw&dl=zHJ4ClZYwxBgGwgirt2pehVBbUfVD7lazG0pZS1wCZ8&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9086400428686055066_ga4MkGDimodwFYKE8XEK6W9lWpaFzNKP8gK4I8NvT3H; remixlgck=bb698d577115e237ed; remixstid=525504606_iyxJgVQaQjSPPVX3umFm5rOViBZPkRQ8GE8zWyeZXck

HTTP/1.1 302 Found Server: kittenx Date: Sun, 23 Jul 2023 23:58:18 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114229 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-22.userapi.com/c235131/u801981293/docs/d11/116f9d602a25/siddharthabuddh4_4.bmp?extra=zkyMG_R3qc33Emr1Cl3mpi0mF28Gk_cCLAcfZBeum5io9FHkKTy5Dp0PqaVi7M96RtGK1_UnwA0QvZVpqzqZ9_t7r791eyVCkWLSzwl5GMtGh_rRKvTXCnT_6j85oh-liVkYZ8uBjvH_DJhClg X-Frontend: front220007 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c235131/u801981293/docs/d11/116f9d602a25/siddharthabuddh4_4.bmp?extra=zkyMG_R3qc33Emr1Cl3mpi0mF28Gk_cCLAcfZBeum5io9FHkKTy5Dp0PqaVi7M96RtGK1_UnwA0QvZVpqzqZ9_t7r791eyVCkWLSzwl5GMtGh_rRKvTXCnT_6j85oh-liVkYZ8uBjvH_DJhClg HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-22.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Sun, 23 Jul 2023 23:58:19 GMT Content-Type: image/x-ms-bmp Content-Length: 1394868 Connection: keep-alive Last-Modified: Sat, 22 Jul 2023 02:55:56 GMT ETag: "64bb453c-1548b4" Expires: Tue, 22 Aug 2023 23:58:19 GMT Cache-Control: max-age=2592000 X-Frontend: front6-22 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#test HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9086400428686055066_ga4MkGDimodwFYKE8XEK6W9lWpaFzNKP8gK4I8NvT3H; remixlgck=bb698d577115e237ed; remixstid=525504606_iyxJgVQaQjSPPVX3umFm5rOViBZPkRQ8GE8zWyeZXck

HTTP/1.1 200 OK Server: kittenx Date: Sun, 23 Jul 2023 23:58:20 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 244166 Connection: keep-alive X-Powered-By: KPHP/7.4.114229 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220007 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc808950829_664295976?hash=wWP2uKSW6vc2Zwh4dERWVq2558nuK0zAmie4S5babxg&dl=fnVWutUVH5EHCOnwUxAqrClRC7zCIeOyomm4pfSrZFc&api=1&no_preview=1#rise_test HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9086400428686055066_ga4MkGDimodwFYKE8XEK6W9lWpaFzNKP8gK4I8NvT3H; remixlgck=bb698d577115e237ed; remixstid=525504606_iyxJgVQaQjSPPVX3umFm5rOViBZPkRQ8GE8zWyeZXck; remixir=1

HTTP/1.1 200 OK Server: kittenx Date: Sun, 23 Jul 2023 23:58:20 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 244108 Connection: keep-alive X-Powered-By: KPHP/7.4.114229 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220007 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc801981293_666823290?hash=C40VUqDqCeh9PmntwYoL5pVZTrUVqPDt6gbkO0YPVBz&dl=5eyzOvvEImXidOsKxS45wfidN1CDlCKKPGBOYBev5Ag&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9086400428686055066_ga4MkGDimodwFYKE8XEK6W9lWpaFzNKP8gK4I8NvT3H; remixlgck=bb698d577115e237ed; remixstid=525504606_iyxJgVQaQjSPPVX3umFm5rOViBZPkRQ8GE8zWyeZXck

HTTP/1.1 302 Found Server: kittenx Date: Sun, 23 Jul 2023 23:58:22 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114229 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-22.userapi.com/c909218/u801981293/docs/d17/e63cac1f34e6/PMmp.bmp?extra=JSZmi3lRDlLBvysi7G2k0PMnw9wqHxLMnf7FARS6kST7q2QTR68L9KPweJ8Zi9G-6y5u2B-wJYgU5SaiapXpmw6Nf-IZX5N0WtS04aL89D3vS04WsInzdw1JZeA7GgJoIh0rWvy-av1wdDU0vg X-Frontend: front220007 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909218/u801981293/docs/d17/e63cac1f34e6/PMmp.bmp?extra=JSZmi3lRDlLBvysi7G2k0PMnw9wqHxLMnf7FARS6kST7q2QTR68L9KPweJ8Zi9G-6y5u2B-wJYgU5SaiapXpmw6Nf-IZX5N0WtS04aL89D3vS04WsInzdw1JZeA7GgJoIh0rWvy-av1wdDU0vg HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-22.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Sun, 23 Jul 2023 23:58:23 GMT Content-Type: image/x-ms-bmp Content-Length: 6771716 Connection: keep-alive Last-Modified: Sat, 22 Jul 2023 02:55:07 GMT ETag: "64bb450b-675404" Expires: Tue, 22 Aug 2023 23:58:23 GMT Cache-Control: max-age=2592000 X-Frontend: front6-22 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /doc801981293_666878057?hash=1cohXPp9aLK2Xz7H2hezj89drs50PYuLRBoirKPj3B8&dl=vMZbPrQFZIXfQgzBVvuUmx7NUXxKHs9ZVFMOgU7roi0&api=1&no_preview=1#WW1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9086400428686055066_ga4MkGDimodwFYKE8XEK6W9lWpaFzNKP8gK4I8NvT3H; remixlgck=bb698d577115e237ed; remixstid=525504606_iyxJgVQaQjSPPVX3umFm5rOViBZPkRQ8GE8zWyeZXck

HTTP/1.1 302 Found Server: kittenx Date: Sun, 23 Jul 2023 23:58:24 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114229 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-21.userapi.com/c237031/u801981293/docs/d45/afe6b4201ea0/WWW1.bmp?extra=Ahkwb4X7D03MOVnuohrOn5GaJOSm-ySjjpWB8o4YjiTyV8BFSKMzX0zWOGJyn2lzCKP7OAgybf4Y4BKzWFlfqax1i0ppeQp_MKFC8eWfoIneuuU7UXGOzuUqVHnBRBKxF8M01xk8Dy4jZd7MpA X-Frontend: front220007 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c237031/u801981293/docs/d45/afe6b4201ea0/WWW1.bmp?extra=Ahkwb4X7D03MOVnuohrOn5GaJOSm-ySjjpWB8o4YjiTyV8BFSKMzX0zWOGJyn2lzCKP7OAgybf4Y4BKzWFlfqax1i0ppeQp_MKFC8eWfoIneuuU7UXGOzuUqVHnBRBKxF8M01xk8Dy4jZd7MpA HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-21.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Sun, 23 Jul 2023 23:58:25 GMT Content-Type: image/x-ms-bmp Content-Length: 4861444 Connection: keep-alive Last-Modified: Sun, 23 Jul 2023 11:14:48 GMT ETag: "64bd0ba8-4a2e04" Expires: Tue, 22 Aug 2023 23:58:25 GMT Cache-Control: max-age=2592000 X-Frontend: front6-21 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#stats HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9086400428686055066_ga4MkGDimodwFYKE8XEK6W9lWpaFzNKP8gK4I8NvT3H; remixlgck=bb698d577115e237ed; remixstid=525504606_iyxJgVQaQjSPPVX3umFm5rOViBZPkRQ8GE8zWyeZXck; remixir=1

HTTP/1.1 200 OK Server: kittenx Date: Sun, 23 Jul 2023 23:58:25 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 244167 Connection: keep-alive X-Powered-By: KPHP/7.4.114229 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220007 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: db-ip.com

POST /v2/p31e4d59ee6ad1a0b5cc80695a873e43a8fbca06/self HTTP/1.1 Connection: Keep-Alive Referer: https://db-ip.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 0 Host: api.db-ip.com

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:59:01 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: http*://*db-ip.com Cache-control: max-age=180 X-IPLB-Request-ID: 8D65565E:9FAA_93878F2E:0050_64BDBEC4_1D8A67B9:24679 X-IPLB-Instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9%2FiTlnMa69VS8kCyYX6DFs9a%2B%2FmIHUimql1YLlmvF7NE%2BwhgUZaAoQEyxhKO23HKBsVAEDA41Nniw9gy3hwUpOP%2BhHlO13v2%2FYexSHFEEn7uemNj5Cp2KlB%2BshtXPY%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7eb7dfee3be219ec-KIX alt-svc: h3=":443"; ma=86400

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:59:00 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Cache-control: max-age=28800 X-IPLB-Request-ID: AC46E918:5B78_93878F2E:0050_64BDAD7F_1D86CFAA:2467C X-IPLB-Instance: 30783 CF-Cache-Status: HIT Age: 4421 Last-Modified: Sun, 23 Jul 2023 22:45:19 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICTF7jSEzAfXq%2B4%2BXJKO5YoPCPX8msmZo%2BfXkN%2FaeGQrGA1q3qyqVDWPjrtan11sYBk%2FlQPdJTPt26YwBEX2aRpCy9AZq7nfBDhAp9rMf4MsMZZeWLjG1SA%2FZw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7eb7dfee5f9d8d18-KIX alt-svc: h3=":443"; ma=86400

POST /v2/p31e4d59ee6ad1a0b5cc80695a873e43a8fbca06/self HTTP/1.1 Connection: Keep-Alive Referer: https://db-ip.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 0 Host: api.db-ip.com

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:59:01 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: http*://*db-ip.com Cache-control: max-age=180 X-IPLB-Request-ID: AC4631BB:AFF8_93878F2E:0050_64BDBEC5_1D8800A7:2467C X-IPLB-Instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJc72ZdEZWkP%2Fpj4D3cS8DAva7QMAQDbDoVSW61qHy4NGjLXeGG4BketJo%2Fb8a3TyY5pdhloa26zkCmdLSay8OixxDS9AghurUW8ts5CbGlVJs8woAlu6kzoGrSp1uE%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7eb7dfef69430a76-KIX alt-svc: h3=":443"; ma=86400

GET /get/g41szIYKqo/kgec63hr0ubmn.exe HTTP/1.1 Host: transfer.sh Connection: Keep-Alive

HTTP/1.1 200 OK Cache-Control: no-store Connection: keep-alive Content-Disposition: attachment; filename="kgec63hr0ubmn.exe" Content-Length: 2933248 Content-Type: application/x-msdos-program Retry-After: Mon, 24 Jul 2023 01:59:40 GMT Server: Transfer.sh HTTP Server Vary: Range, Referer, X-Decrypt-Password X-Made-With: <3 by DutchCoders X-Ratelimit-Key: 175.208.134.152 X-Ratelimit-Limit: 30 X-Ratelimit-Rate: 1800 X-Ratelimit-Remaining: 29 X-Ratelimit-Reset: 1690156780 X-Remaining-Days: n/a X-Remaining-Downloads: n/a X-Served-By: Proudly served by DutchCoders Date: Sun, 23 Jul 2023 23:59:40 GMT

GET /get/1YKo4A8Wqj/12.exe HTTP/1.1 Host: transfer.sh

HTTP/1.1 200 OK Cache-Control: no-store Connection: keep-alive Content-Disposition: attachment; filename="12.exe" Content-Length: 6029016 Content-Type: application/x-msdos-program Retry-After: Mon, 24 Jul 2023 01:59:44 GMT Server: Transfer.sh HTTP Server Vary: Range, Referer, X-Decrypt-Password X-Made-With: <3 by DutchCoders X-Ratelimit-Key: 175.208.134.152 X-Ratelimit-Limit: 30 X-Ratelimit-Rate: 1800 X-Ratelimit-Remaining: 29 X-Ratelimit-Reset: 1690156784 X-Remaining-Days: n/a X-Remaining-Downloads: n/a X-Served-By: Proudly served by DutchCoders Date: Sun, 23 Jul 2023 23:59:43 GMT

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:58:05 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:58:06 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:58:12 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 3884 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /info/photo220.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 77.91.124.47 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Content-Length: 527360 Content-Type: application/octet-stream Last-Modified: Mon, 24 Jul 2023 07:57:35 GMT Accept-Ranges: bytes ETag: "cd36d3814bed91:0" Server: Microsoft-IIS/10.0 Date: Mon, 24 Jul 2023 07:58:13 GMT

HEAD /g.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 87.120.88.198 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:58:14 GMT Server: Apache/2.4.52 (Ubuntu) Last-Modified: Sun, 23 Jul 2023 23:45:01 GMT ETag: "59000-60130161f3742" Accept-Ranges: bytes Content-Length: 364544 Content-Type: application/x-msdos-program

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=0 Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT ETag: "37d-5f433188daa00" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Mon, 24 Jul 2023 00:58:14 GMT Date: Sun, 23 Jul 2023 23:58:14 GMT Connection: keep-alive

GET /g.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 87.120.88.198 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:58:14 GMT Server: Apache/2.4.52 (Ubuntu) Last-Modified: Sun, 23 Jul 2023 23:45:01 GMT ETag: "59000-60130161f3742" Accept-Ranges: bytes Content-Length: 364544 Content-Type: application/x-msdos-program

GET /info/photo220.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 77.91.124.47 Cache-Control: no-cache

HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Mon, 24 Jul 2023 07:57:35 GMT Accept-Ranges: bytes ETag: "cd36d3814bed91:0" Server: Microsoft-IIS/10.0 Date: Mon, 24 Jul 2023 07:58:13 GMT Content-Length: 527360

HEAD /dl/6523.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: hugersi.com Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.22.1 Date: Sun, 23 Jul 2023 23:58:15 GMT Content-Type: application/octet-stream Content-Length: 265216 Last-Modified: Sun, 23 Jul 2023 23:30:03 GMT Connection: keep-alive ETag: "64bdb7fb-40c00" Accept-Ranges: bytes

HEAD /m/okka25.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: zzz.fhauiehgha.com Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Sun, 23 Jul 2023 23:58:14 GMT Content-Type: application/octet-stream Content-Length: 247808 Last-Modified: Sun, 23 Jul 2023 12:55:36 GMT Connection: keep-alive ETag: "64bd2348-3c800" Accept-Ranges: bytes

GET /m/okka25.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: zzz.fhauiehgha.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Sun, 23 Jul 2023 23:58:15 GMT Content-Type: application/octet-stream Content-Length: 247808 Last-Modified: Sun, 23 Jul 2023 12:55:36 GMT Connection: keep-alive ETag: "64bd2348-3c800" Accept-Ranges: bytes

GET /4.php HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 176.113.115.84:8080 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:58:15 GMT Server: Apache/2.4.6 (CentOS) PHP/5.4.16 X-Powered-By: PHP/5.4.16 Content-Transfer-Encoding: Binary Content-disposition: attachment; filename="nt826haw.exe" Transfer-Encoding: chunked Content-Type: application/octet-stream

GET /dl/6523.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: hugersi.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.22.1 Date: Sun, 23 Jul 2023 23:58:15 GMT Content-Type: application/octet-stream Content-Length: 265216 Last-Modified: Sun, 23 Jul 2023 23:30:03 GMT Connection: keep-alive ETag: "64bdb7fb-40c00" Accept-Ranges: bytes

GET /sts/imagc.jpg HTTP/1.1 User-Agent: HTTPREAD Host: us.imgjeoigaa.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Sun, 23 Jul 2023 23:58:57 GMT Content-Type: image/jpeg Content-Length: 1506508 Last-Modified: Wed, 28 Jun 2023 02:36:24 GMT Connection: keep-alive ETag: "649b9ca8-16fccc" Accept-Ranges: bytes

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 517 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:58:58 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:58:59 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 208.67.104.60

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:58:59 GMT Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29 X-Powered-By: PHP/7.4.29 Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /check/safe HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43 Host: aa.imgjeoogbb.com

HTTP/1.1 200 OK Server: nginx Date: Sun, 23 Jul 2023 23:58:59 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/7.4.30

POST /check/?sid=264684&key=159175a7edd0b25e9c835df79aa00f9e HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43 Content-Length: 160 Host: aa.imgjeoogbb.com

HTTP/1.1 200 OK Server: nginx Date: Sun, 23 Jul 2023 23:58:59 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/7.4.30

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:59:00 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /geoip/v2.1/city/me HTTP/1.1 Connection: Keep-Alive Referer: https://www.maxmind.com/en/locate-my-ip-address User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: www.maxmind.com

HTTP/1.1 301 Moved Permanently Date: Sun, 23 Jul 2023 23:59:01 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Mon, 24 Jul 2023 00:59:01 GMT Location: https://www.maxmind.com/geoip/v2.1/city/me Server: cloudflare CF-RAY: 7eb7dfef8950a7d7-ICN

GET /geoip/v2.1/city/me HTTP/1.1 Connection: Keep-Alive Referer: https://www.maxmind.com/en/locate-my-ip-address User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: www.maxmind.com

HTTP/1.1 301 Moved Permanently Date: Sun, 23 Jul 2023 23:59:01 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Mon, 24 Jul 2023 00:59:01 GMT Location: https://www.maxmind.com/geoip/v2.1/city/me Server: cloudflare CF-RAY: 7eb7dff32dd4c091-ICN

POST /home/love/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.68.3 Content-Length: 90 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:59:10 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 6 Content-Type: text/html; charset=UTF-8

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:59:24 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-SkJZCCVguDrgxC8y_Q-OMg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2316 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-23-23; expires=Tue, 22-Aug-2023 23:59:24 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVFcfpiuTOevwo6O5krTHKWQuk-5YrR2KdAUrfl85L9-K8zP2gXkpw; expires=Fri, 19-Jan-2024 23:59:24 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=AR79GytXI9fOwzLOAia1kGWoU3rvb6EIgacSF-une7wl7S8YpiuuP5Z8vuJjXple7yFhiWhNFZZyHd0xZGuU2QgihontTGijuRLUXhzS6xyRUFlLBL2JQqqd1oa33LNXya9bOnK2CDrwESadk1bq4E2donsZ0-AR5C5gzhXlZXg; expires=Mon, 22-Jan-2024 23:59:24 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:59:24 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-GASlvV4wCLoaoNEO7nqt6A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2319 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-23-23; expires=Tue, 22-Aug-2023 23:59:24 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVHTGTqqLeYHIiitqCAdbIkUg7S3VtDLCRc_GbqgRzmw5VkNUZ_Q8g; expires=Fri, 19-Jan-2024 23:59:24 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=GWp3hIo1HXRQXiU07RqYWZdedEtgYw-RSToUcuUczDLQwaRNXzBTbtrWD77E1p6GogSeaEvh4Y2Ulb-lmaPC9ouEDbfVzJujpiOm3p5V1IGic6H52IwNRaWZ5SZX8tlnPtyjscs9uSfmM9AnMRDPZPbV2i7YSaidt7OTIummQBc; expires=Mon, 22-Jan-2024 23:59:24 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:59:24 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-hBG3s4tfRD5TN-vw8AE4Dw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2315 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-23-23; expires=Tue, 22-Aug-2023 23:59:24 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVEzgqUOlJXIYBS0oa4pj742ozrq4Hg7_KWQ1iTDL5KFp1hCX-LDzts; expires=Fri, 19-Jan-2024 23:59:24 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=G1KacZuwcedf5pdTbNz9UNlHogiRdElnJ9164WZT0R98K6JH_B0dC_DaVyHyw3MvsBLzO38mBHJTE9Wg_XPtF2Y9fa1y_1C00VS-Sqp59r7KS2IHlv6T5rylstCg8s46R0V0KN2CBosmrDuaxhaNL-YPj7O90EZcAk2G41P_NLY; expires=Mon, 22-Jan-2024 23:59:24 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:59:24 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-dRez6H3QXta-uQNzFwx5-g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2318 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-23-23; expires=Tue, 22-Aug-2023 23:59:24 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVHD4vY4vM1wEd7m1CyIcr5eK7j6fQRr1Ded2RZLdvwnWZwFBe3SBQ; expires=Fri, 19-Jan-2024 23:59:24 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=McOhDecQdWpdlFYfTWO6iZrAbGYZ9W4-owHrx5HyYNx7mZt0N8fSfpuO0hgZDuTkDWxk2ugfqyvKPGrEcWh3bIo-KS-pnGeb1giG2poFYPN63N1LDW88k-PSu9eZ_S6V_bexZpAoC3ESJcWtETDiVQCoDRFUgYFOt2JYrcTvdwg; expires=Mon, 22-Jan-2024 23:59:24 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:59:24 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-iU0JXyYR5X500j2P9JvKAQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2319 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-23-23; expires=Tue, 22-Aug-2023 23:59:24 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVGdylXTMJzLeFeghRAXk7LF-I-A_r_ogN6bEo5Br70IGDjLBtzbaC8; expires=Fri, 19-Jan-2024 23:59:24 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=ZSyYdYQRt10Sl4Bex_RWLr-ur3C22kHrVf0ZCoOo6tZG5lI5JjY3mQVoBWq85GyS8uNVPAtOTn32wPspvsupngY3uP8KyyMv4WdfW_sj2Mg2lTInfjczSXLnIhn2r2C-y72bq7ztHu7aVqRNowc1e3-TRF7M9JsWiDp153-EVcw; expires=Mon, 22-Jan-2024 23:59:24 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:59:25 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-gMF-_esIBXb2xceVv3vZ_A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2318 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-23-23; expires=Tue, 22-Aug-2023 23:59:25 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVF6FEFOxTNEasKNY_Xe_OMW-N_k5ceSKOagQeVUB5dVm14XWYbVoA; expires=Fri, 19-Jan-2024 23:59:25 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=tok2TnJW6SZtoRwaxP_T5NtrOSmlPhNX_OQfmH2BIwHk0LOiFJG-ZX_gunNqcgKLTJ7uWhhqOxD43IKjmDxlaruWKn3C-R8U41U6WEzZhEkL85jbVG4fp5i1yi8qYE1dtauiNf0maYd6ZoTgklV3ZFU3E7tcuiGzuYuSwCBT3zs; expires=Mon, 22-Jan-2024 23:59:25 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:59:25 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-G9EmzRvnh1iuY9lvPSLhWw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2317 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-23-23; expires=Tue, 22-Aug-2023 23:59:25 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVG80WXK6xdEfvRH0H9aY12BVxaB51r332rD-Gnb2iUW9RsDNS0sLg; expires=Fri, 19-Jan-2024 23:59:25 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=o1mu0qLUya_kky-UJrU5VqH6m5wr_J_WrgtaHxuNvEdTTV7vXdFjNbXm9TjCSVE7QCXkIMsv8FhxkC-qH_qiwHERkI7k0uWngD1BShaL7okcyXOvJ2eai1G12H8EauKwNRA6LiqlHxJDTn9hvn3rlNC93HxZ930YJVYlYrZ18Nk; expires=Mon, 22-Jan-2024 23:59:25 GMT; path=/; domain=.google.com; HttpOnly

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Content-Security-Policy: default-src 'self' *.identrust.com Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT ETag: "37d-5f433188daa00" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Mon, 24 Jul 2023 00:59:40 GMT Date: Sun, 23 Jul 2023 23:59:40 GMT Connection: keep-alive

GET / HTTP/1.1 Host: www.microsoft.com Cache-Control: no-cache

HTTP/1.1 200 OK Accept-Ranges: bytes Content-Type: text/html ETag: "6082151bd56ea922e1357f5896a90d0a:1425454794" Last-Modified: Wed, 04 Mar 2015 07:39:54 GMT Server: AkamaiNetStorage Content-Length: 1020 Date: Sun, 23 Jul 2023 23:59:44 GMT Connection: keep-alive

GET /json/?fields=query,status,countryCode,city,timezone HTTP/1.1 Content-Type: application/json User-Agent: Cat Host: ip-api.com

HTTP/1.1 200 OK Date: Sun, 23 Jul 2023 23:59:44 GMT Content-Type: application/json; charset=utf-8 Content-Length: 108 Access-Control-Allow-Origin: * X-Ttl: 60 X-Rl: 44