Network Analysis

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: yandex.ru

HTTP/1.1 302 Moved temporarily Accept-CH: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT Cache-Control: max-age=1209600,private Date: Tue, 05 Sep 2023 22:39:42 GMT Location: https://dzen.ru/?yredirect=true NEL: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} P3P: policyref="/w3c/p3p.xml", CP="NON DSP ADM DEV PSD IVDo OUR IND STP PHY PRE NAV UNI" Portal: Home Report-To: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} Transfer-Encoding: chunked X-Content-Type-Options: nosniff X-Robots-Tag: unavailable_after: 12 Sep 2022 00:00:00 PST X-Yandex-Req-Id: 1693953582720737-15666097135630509121-balancer-l7leveler-kubr-yp-sas-136-BAL-6810 set-cookie: is_gdpr=0; Path=/; Domain=.yandex.ru; Expires=Thu, 04 Sep 2025 22:39:42 GMT set-cookie: is_gdpr_b=CLnyExDhzAEoAg==; Path=/; Domain=.yandex.ru; Expires=Thu, 04 Sep 2025 22:39:42 GMT set-cookie: _yasc=MdVyIVCPh1OUZ9LP6oYtsuKxQZi8q8SJAdhU3J4aRQHsriRdSem5jbOFEztft3j7qg==; domain=.yandex.ru; path=/; expires=Fri, 02 Sep 2033 22:39:42 GMT; secure set-cookie: i=7En1vzWxgBknLkBaE8P9ZBKYeeyCuUAxh+D/b9xG+YvKk7Ce74mr9MvCs1q2rkhW4Eh1yqCT0rKU1bHriLyMlphDbZ0=; Expires=Thu, 04-Sep-2025 22:39:42 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly set-cookie: yandexuid=2305091211693953582; Expires=Thu, 04-Sep-2025 22:39:42 GMT; Domain=.yandex.ru; Path=/; Secure

GET /?yredirect=true HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: dzen.ru

HTTP/1.1 302 Found Content-Length: 0 Content-Type: application/json;charset=utf-8 Date: Tue, 05 Sep 2023 22:39:44 GMT Location: https://sso.passport.yandex.ru/push?uuid=bc95c885-a33d-4f0b-a172-5792d56f2b99&retpath=https%3A%2F%2Fdzen.ru%2F%3Fyredirect%3Dtrue Set-Cookie: zen_sso_checked=1; Path=/; Domain=.dzen.ru; Expires=Wed, 06-Sep-2023 10:39:44 GMT; Max-Age=43200; Secure; HttpOnly Set-Cookie: _yasc=mBVTV57vEDq+wSMty994kmtHRDsYIFk10soMmgyOYoM0q+/H6L9ZJS455RA24pM=; domain=.dzen.ru; path=/; expires=Fri, 02 Sep 2033 22:39:44 GMT; secure

GET /push?uuid=bc95c885-a33d-4f0b-a172-5792d56f2b99&retpath=https%3A%2F%2Fdzen.ru%2F%3Fyredirect%3Dtrue HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sso.passport.yandex.ru Cookie: yandexuid=2305091211693953582; i=7En1vzWxgBknLkBaE8P9ZBKYeeyCuUAxh+D/b9xG+YvKk7Ce74mr9MvCs1q2rkhW4Eh1yqCT0rKU1bHriLyMlphDbZ0=; _yasc=MdVyIVCPh1OUZ9LP6oYtsuKxQZi8q8SJAdhU3J4aRQHsriRdSem5jbOFEztft3j7qg==; is_gdpr_b=CLnyExDhzAEoAg==; is_gdpr=0

HTTP/1.1 200 OK Server: nginx Date: Tue, 05 Sep 2023 22:39:46 GMT Content-Type: text/html; charset=utf-8 Content-Length: 1959 Connection: close Vary: Accept-Encoding X-Download-Options: noopen X-Content-Type-Options: nosniff Surrogate-Control: no-store Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate Pragma: no-cache Expires: 0 X-DNS-Prefetch-Control: off X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src 'none'; frame-ancestors https://*.dzen.ru https://dzen.ru; connect-src 'self'; script-src 'nonce-243f9956c569f897f4da64e6089211c1' 'self'; img-src 'self' Set-Cookie: mda2_beacon=1693953585990; Domain=.passport.yandex.ru; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; Path=/ Set-Cookie: ys=c_chck.1381424693; Domain=.yandex.ru; Secure; Path=/ Set-Cookie: mda2_domains=dzen.ru; Domain=.passport.yandex.ru; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; Path=/ Referrer-Policy: origin ETag: W/"7a7-rHmWr4E+fk5KHpaow0IWILjDCPg" Strict-Transport-Security: max-age=315360000; includeSubDomains

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Tue, 05 Sep 2023 22:39:50 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Cache-control: max-age=28800 X-IPLB-Request-ID: AC46E919:68A6_93878F2E:0050_64F77A00_2226F347:24679 X-IPLB-Instance: 30783 CF-Cache-Status: HIT Age: 13366 Last-Modified: Tue, 05 Sep 2023 18:57:04 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jf9301Eo6Wcc%2BQk3ufBBJ1Eg1LLKJ2V8FzjnzZ%2FwmQ9Sas%2FpQgwtGdgW58xLXjz8u%2FZUDrE8E%2BV0c3PSwmnpLLj41xlU1EMxtpw6zW5R8W9Xrp%2FLrFlV%2ByG4g%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8021f8767e8e8360-KIX alt-svc: h3=":443"; ma=86400

POST /v2/p31e4d59ee6ad1a0b5cc80695a873e43a8fbca06/self HTTP/1.1 Connection: Keep-Alive Referer: https://db-ip.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 0 Host: api.db-ip.com

HTTP/1.1 200 OK Date: Tue, 05 Sep 2023 22:39:51 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: http*://*db-ip.com Cache-control: max-age=180 X-IPLB-Request-ID: AC46E904:89DE_93878F2E:0050_64F7AE37_222B47D6:2467C X-IPLB-Instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJnKVlkHdoEV24vNLlmYMWxHafnnlBlJwfLzhogBP4WcEdIO6CYIUToovtxyujooloN7MDcPE5C8i0luAqEMGYxs%2BBued84f4XGltTJQjjidT7F2BvBqz2CoiOAgKj4%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8021f87789658367-KIX alt-svc: h3=":443"; ma=86400

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: api.myip.com

HTTP/1.1 200 OK Date: Tue, 05 Sep 2023 22:40:08 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eo%2FViwnBuLIQ9eL%2BODfWlbEUlhS1K9utXQ5wqOEYu3QHzX3yKtixv4VIxKwZ2hcTO5uhg7kTewNR%2BvDkwVsCY%2FpOJOvvUn0%2FYTdq3l3tk5hLq9hQgkEISwQxhktPBA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8021f8e1b98319d4-KIX

GET /doc746114504_647280747?hash=cvDFKP5q0CQEjBCbeoeHvPNrWE0xbMxZEmrkIeNKcET&dl=G42DMMJRGQ2TANA:1661413520:uZNj68vRUvQaydRD8wpAK8zluN0I7otw5AHbA1ZlN9T&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: kittenx Date: Tue, 05 Sep 2023 22:40:15 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 305082 Connection: keep-alive X-Powered-By: KPHP/7.4.114557 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixlang=17; expires=Fri, 30 Aug 2024 22:49:02 GMT; path=/; domain=.vk.com Set-Cookie: remixstlid=9083870950821077889_VkDdIW5KvEZuFVNzIYqlYK4WhGaw9mQAQCkTO8nwryw; expires=Wed, 04 Sep 2024 22:40:15 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixlgck=da87ab061679ed4139; expires=Tue, 03 Sep 2024 07:06:56 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstid=260077307_X2Hv0ME5G4IaCUHtJzCah4Kx93aIPcOzaoaPUmyuKGL; expires=Wed, 11 Sep 2024 12:22:46 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605108 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /7725eaa6592c80f8124e769b4e8a07f7.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sergejbukotko.com Cache-Control: no-cache

HTTP/1.1 523 Date: Tue, 05 Sep 2023 22:40:23 GMT Content-Length: 0 Connection: keep-alive Cache-Control: no-store, no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTjCZGAU23uIx%2FVglp2TLgl%2FyIn2frtTu8c2mx4dQCVBkIx7iVKsegvFbeUkAdtTCDWNp1aQep9VzdAV3Wc1O1zz%2FIdsnpsM%2FJUJDxkvN8Z814Op4rF1h4dA2tyTBSiha2c%2FdA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8021f92feeb30abe-KIX alt-svc: h3=":443"; ma=86400

GET /setup294.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: preconcert.pw Cache-Control: no-cache

GET /doc44017378_668841700?hash=B7naXG9fPpueUKaZxzbzFzqgThiLopd9A232GVSoLbD&dl=VDCn0RuU4RRcIuzpA6hHZu4JCvVt7UCUAmWFRORbSKs&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9083870950821077889_VkDdIW5KvEZuFVNzIYqlYK4WhGaw9mQAQCkTO8nwryw; remixlgck=da87ab061679ed4139; remixstid=260077307_X2Hv0ME5G4IaCUHtJzCah4Kx93aIPcOzaoaPUmyuKGL

HTTP/1.1 302 Found Server: kittenx Date: Tue, 05 Sep 2023 22:40:30 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114557 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-23.userapi.com/c909618/u44017378/docs/d58/502f8d1b7c6f/Synapse.bmp?extra=7ymvw_aFwN4_Uj7FsOWPKcOeA3Uvoj8EikYjHvdatt0X3JP-3DmTnc04rqW9o15Tpv6WRsx3NGvtPS7zQz6ZuNvop6Jj1TXski6zguIEMge-ITDtAes8MpdXIiCKNbvKN4nbBz6NMzSp29ZK X-Frontend: front605108 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc44017378_668913178?hash=82bcV2gCZ1FH8Z8HToaxuiwCiEN2mz2z1qfoXJTCPC0&dl=ErxeeY7X3LIyZIBiZ0QDMkzCLk2vvDO29uX36h22aek&api=1&no_preview=1#u9 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9083870950821077889_VkDdIW5KvEZuFVNzIYqlYK4WhGaw9mQAQCkTO8nwryw; remixlgck=da87ab061679ed4139; remixstid=260077307_X2Hv0ME5G4IaCUHtJzCah4Kx93aIPcOzaoaPUmyuKGL

HTTP/1.1 302 Found Server: kittenx Date: Tue, 05 Sep 2023 22:40:30 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114557 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://psv4.userapi.com/c909328/u44017378/docs/d20/80a165d7642a/3c8fttmg7n06dp.bmp?extra=nuZcn5b8fGh0uPRKfbUAXX0VAMxL-cYveJG88PCotdD--pDq-7gxijOyIWQPtaUUAWSIRH_w1wstuzNboJLwKcBxW1Y6MIjCb1xhxyymyAxolfvAbMP9rCDe9gfZUPLDuOK0pAEC8-MuwAkw X-Frontend: front605108 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909618/u44017378/docs/d58/502f8d1b7c6f/Synapse.bmp?extra=7ymvw_aFwN4_Uj7FsOWPKcOeA3Uvoj8EikYjHvdatt0X3JP-3DmTnc04rqW9o15Tpv6WRsx3NGvtPS7zQz6ZuNvop6Jj1TXski6zguIEMge-ITDtAes8MpdXIiCKNbvKN4nbBz6NMzSp29ZK HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-23.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Tue, 05 Sep 2023 22:40:31 GMT Content-Type: image/x-ms-bmp Content-Length: 349188 Connection: keep-alive Last-Modified: Mon, 04 Sep 2023 05:06:55 GMT ETag: "64f565ef-55404" Expires: Thu, 05 Oct 2023 22:40:31 GMT Cache-Control: max-age=2592000 X-Frontend: front6-23 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc44017378_668679037?hash=6lxdrm9NUkSryZCfzYZn4zR2sOTXzaKgfQIcVCaPnvX&dl=FLqYTpktPSSWsXhtSyyzRawRyuZZexn7WIKXiXEZBv4&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9083870950821077889_VkDdIW5KvEZuFVNzIYqlYK4WhGaw9mQAQCkTO8nwryw; remixlgck=da87ab061679ed4139; remixstid=260077307_X2Hv0ME5G4IaCUHtJzCah4Kx93aIPcOzaoaPUmyuKGL

HTTP/1.1 302 Found Server: kittenx Date: Tue, 05 Sep 2023 22:40:32 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114557 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-20.userapi.com/c909618/u44017378/docs/d36/c9a88b9c7135/PL_Client.bmp?extra=tJtT3z6UbzYseJPa76j1zRBj1wmyid3YaDvAzaMsz31tqOzwexxS6SL75PPvYs4H2kzJbhj1WI3RcZekL6A_lMuCQ7wlgzvR82UbZKpo_7rDNXDLKPfZIU6wTZ5q87vSoPPRjK5zIRkegmYD X-Frontend: front605108 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909328/u44017378/docs/d20/80a165d7642a/3c8fttmg7n06dp.bmp?extra=nuZcn5b8fGh0uPRKfbUAXX0VAMxL-cYveJG88PCotdD--pDq-7gxijOyIWQPtaUUAWSIRH_w1wstuzNboJLwKcBxW1Y6MIjCb1xhxyymyAxolfvAbMP9rCDe9gfZUPLDuOK0pAEC8-MuwAkw HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: psv4.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Tue, 05 Sep 2023 22:40:33 GMT Content-Type: image/x-ms-bmp Content-Length: 1343492 Connection: keep-alive Last-Modified: Tue, 05 Sep 2023 14:08:54 GMT ETag: "64f73676-148004" Accept-Ranges: bytes Expires: Tue, 12 Sep 2023 22:40:33 GMT Cache-Control: max-age=604800 X-Frontend: front632912 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Methods: GET, HEAD, OPTIONS Access-Control-Allow-Origin: * Strict-Transport-Security: max-age=15768000 Accept-Ranges: bytes

GET /c909618/u44017378/docs/d36/c9a88b9c7135/PL_Client.bmp?extra=tJtT3z6UbzYseJPa76j1zRBj1wmyid3YaDvAzaMsz31tqOzwexxS6SL75PPvYs4H2kzJbhj1WI3RcZekL6A_lMuCQ7wlgzvR82UbZKpo_7rDNXDLKPfZIU6wTZ5q87vSoPPRjK5zIRkegmYD HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-20.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Tue, 05 Sep 2023 22:40:33 GMT Content-Type: image/x-ms-bmp Content-Length: 3685892 Connection: keep-alive Last-Modified: Thu, 31 Aug 2023 13:24:51 GMT ETag: "64f094a3-383e04" Expires: Thu, 05 Oct 2023 22:40:33 GMT Cache-Control: max-age=2592000 X-Frontend: front6-20 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc44017378_668850966?hash=seNAc9XpZGb24lXnAxVAwPiPVaSTe6IiTQaY7IFhggw&dl=A9mazd4TmUx700iSSJAZzZTPnbX30hG5PEtIhQs2FVw&api=1&no_preview=1#utube HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9083870950821077889_VkDdIW5KvEZuFVNzIYqlYK4WhGaw9mQAQCkTO8nwryw; remixlgck=da87ab061679ed4139; remixstid=260077307_X2Hv0ME5G4IaCUHtJzCah4Kx93aIPcOzaoaPUmyuKGL

HTTP/1.1 302 Found Server: kittenx Date: Tue, 05 Sep 2023 22:40:33 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114557 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://psv4.userapi.com/c909328/u44017378/docs/d1/0a7c8509d5a4/setup.bmp?extra=P2d8Fo57PDhjSbNAarsgzs7s47HfESup6nA9QPs2Jx9jlMkoKc6DXgshHhytmelgvUOzcd0WK42AeucPRw8quv3aFraVcKsYb_UHW5Cd0JUYBJDY9kc3IYxPpdUAHDMFXkZCj96W410tKA54 X-Frontend: front605108 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc44017378_668685574?hash=2Z9kWDMxHv9Bg52ieOFMjjyZlIe2LzZhpXJtbJfi2jD&dl=MckLSTrLnFqxzbDQcQsY8zw8KxvNLWnEyU8AMbhyK6s&api=1&no_preview=1#WW1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9083870950821077889_VkDdIW5KvEZuFVNzIYqlYK4WhGaw9mQAQCkTO8nwryw; remixlgck=da87ab061679ed4139; remixstid=260077307_X2Hv0ME5G4IaCUHtJzCah4Kx93aIPcOzaoaPUmyuKGL

HTTP/1.1 302 Found Server: kittenx Date: Tue, 05 Sep 2023 22:40:33 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114557 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-21.userapi.com/c909628/u44017378/docs/d11/7f1a7c274f11/WWW1.bmp?extra=ibUwsIlBLQfXz5F54C2lVB4_UNTN1SYsuHJjPdJG1kmKXbQKYUdmzOpzkBzvq_CQ0kTWEzPmDitIXdL62nwV1Wz6vYHp9FTHjt_sDl-d0N1MlyijNg1uwrPaBxnTvlsmksXyhzo9dFkQw3Dx X-Frontend: front605108 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909628/u44017378/docs/d11/7f1a7c274f11/WWW1.bmp?extra=ibUwsIlBLQfXz5F54C2lVB4_UNTN1SYsuHJjPdJG1kmKXbQKYUdmzOpzkBzvq_CQ0kTWEzPmDitIXdL62nwV1Wz6vYHp9FTHjt_sDl-d0N1MlyijNg1uwrPaBxnTvlsmksXyhzo9dFkQw3Dx HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-21.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Tue, 05 Sep 2023 22:40:35 GMT Content-Type: image/x-ms-bmp Content-Length: 4861444 Connection: keep-alive Last-Modified: Thu, 31 Aug 2023 15:21:34 GMT ETag: "64f0affe-4a2e04" Expires: Thu, 05 Oct 2023 22:40:35 GMT Cache-Control: max-age=2592000 X-Frontend: front6-21 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc44017378_668897025?hash=9izn0TzhC6Gq52AYs6wKluNJs8IMGa5IygoIE2NWiZX&dl=RzpPQgkrU5Bo3xTNnupfnzibo1sU36B0QqzJYdEUq3c&api=1&no_preview=1#redcl HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9083870950821077889_VkDdIW5KvEZuFVNzIYqlYK4WhGaw9mQAQCkTO8nwryw; remixlgck=da87ab061679ed4139; remixstid=260077307_X2Hv0ME5G4IaCUHtJzCah4Kx93aIPcOzaoaPUmyuKGL; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Tue, 05 Sep 2023 22:40:35 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114557 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://psv4.userapi.com/c235131/u44017378/docs/d5/eb6fe76df516/red.bmp?extra=ME0T5ttRod9kvT9aKKSwe-oAdBL69d6YUKjB4zWwRSSWsFL7VU3KidZTPIhbjE0zWgoso1_RHm-VuqcNV5k7SY-fZDpTkZFPHptlTeudtXPzawqATgpx9GnpEDrul3HPvZeDLFV3JEzI7tmA X-Frontend: front605108 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c235131/u44017378/docs/d5/eb6fe76df516/red.bmp?extra=ME0T5ttRod9kvT9aKKSwe-oAdBL69d6YUKjB4zWwRSSWsFL7VU3KidZTPIhbjE0zWgoso1_RHm-VuqcNV5k7SY-fZDpTkZFPHptlTeudtXPzawqATgpx9GnpEDrul3HPvZeDLFV3JEzI7tmA HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: psv4.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Tue, 05 Sep 2023 22:40:37 GMT Content-Type: image/x-ms-bmp Content-Length: 178180 Connection: keep-alive Last-Modified: Tue, 05 Sep 2023 08:49:33 GMT ETag: "64f6eb9d-2b804" Accept-Ranges: bytes Expires: Tue, 12 Sep 2023 22:40:37 GMT Cache-Control: max-age=604800 X-Frontend: front632912 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Methods: GET, HEAD, OPTIONS Access-Control-Allow-Origin: * Strict-Transport-Security: max-age=15768000 Accept-Ranges: bytes

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: api.myip.com

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Tue, 05 Sep 2023 22:41:56 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Cache-control: max-age=28800 X-IPLB-Request-ID: 8D655679:3CDE_93878F2E:0050_64F79151_221DD51F:2467A X-IPLB-Instance: 30783 CF-Cache-Status: HIT Age: 7523 Last-Modified: Tue, 05 Sep 2023 20:36:33 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzaX4XvEux%2BdI6ecCPBs6qw61aaqu6rxohBnKac8K8qjcPhlBHGbn9rhB7yTjVtETwrfyC1Kdu44uJT08dtix89Dv3QpVkw46jzsgVKbdgdGaTZIZNDsvmhrog%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8021fb85bd0d19de-KIX alt-svc: h3=":443"; ma=86400

POST /v2/p31e4d59ee6ad1a0b5cc80695a873e43a8fbca06/self HTTP/1.1 Connection: Keep-Alive Referer: https://db-ip.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 0 Host: api.db-ip.com

HTTP/1.1 200 OK Date: Tue, 05 Sep 2023 22:41:56 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: http*://*db-ip.com Cache-control: max-age=180 X-IPLB-Request-ID: AC46E970:B11E_93878F2E:0050_64F7AEB4_22200391:2467A X-IPLB-Instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYZw4Y%2BEH9Xhjfa1rUHeyyRVWRKGpdrzs9z3I1fMFZMjvZ3FTy1YAiBdWI6n%2BlfCutOHAH012gZdab9Cd8DlZ%2FDOeTaPDbTA6jdqP42JZ4j6pMA73NHSha%2F5xz46NAc%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8021fb87bf0d8320-KIX alt-svc: h3=":443"; ma=86400

GET /doc746114504_647280747?hash=cvDFKP5q0CQEjBCbeoeHvPNrWE0xbMxZEmrkIeNKcET&dl=G42DMMJRGQ2TANA:1661413520:uZNj68vRUvQaydRD8wpAK8zluN0I7otw5AHbA1ZlN9T&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9083870950821077889_VkDdIW5KvEZuFVNzIYqlYK4WhGaw9mQAQCkTO8nwryw; remixlgck=da87ab061679ed4139; remixstid=260077307_X2Hv0ME5G4IaCUHtJzCah4Kx93aIPcOzaoaPUmyuKGL

HTTP/1.1 200 OK Server: kittenx Date: Tue, 05 Sep 2023 22:42:00 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 305081 Connection: keep-alive X-Powered-By: KPHP/7.4.114557 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front623306 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc44017378_668777192?hash=bErtt2Itw8CZPTouyuXblBKb3pLfVImQzvGWnZ4CyVs&dl=vm2AArvcYQaQAETnMlmPKTg0CoqMAAqRh2fogvAYbWP&api=1&no_preview=1#tmwvr HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9083870950821077889_VkDdIW5KvEZuFVNzIYqlYK4WhGaw9mQAQCkTO8nwryw; remixlgck=da87ab061679ed4139; remixstid=260077307_X2Hv0ME5G4IaCUHtJzCah4Kx93aIPcOzaoaPUmyuKGL

HTTP/1.1 302 Found Server: kittenx Date: Tue, 05 Sep 2023 22:42:07 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114557 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-21.userapi.com/c235131/u44017378/docs/d58/cc01f1bebaed/tmvwr.bmp?extra=q1LcznyK48tN8Wen35rZ4SsDNwN0UeWZ55tLITfBZg-6OTIEQfzGqel91B2rOXtWrIKTnt-LHmOoR4Rgiv5jb_s-93At_nSn5l0lxswHLYTdEqposLIc_-NG6GXefWaiEN4nocBNujY4KphO X-Frontend: front623306 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c235131/u44017378/docs/d58/cc01f1bebaed/tmvwr.bmp?extra=q1LcznyK48tN8Wen35rZ4SsDNwN0UeWZ55tLITfBZg-6OTIEQfzGqel91B2rOXtWrIKTnt-LHmOoR4Rgiv5jb_s-93At_nSn5l0lxswHLYTdEqposLIc_-NG6GXefWaiEN4nocBNujY4KphO HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-21.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Tue, 05 Sep 2023 22:42:08 GMT Content-Type: image/x-ms-bmp Content-Length: 6029628 Connection: keep-alive Last-Modified: Sat, 02 Sep 2023 13:19:51 GMT ETag: "64f33677-5c013c" Expires: Thu, 05 Oct 2023 22:42:08 GMT Cache-Control: max-age=2592000 X-Frontend: front6-21 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive Host: 193.42.32.118

HTTP/1.1 302 Found Date: Tue, 05 Sep 2023 22:39:46 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Set-Cookie: WHMCSdN8ZDh5Ye5PW=sdaup4d8h016n4u91eptau0bva; path=/; secure; HttpOnly Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Location: https://ironhost.io/index.php Content-Length: 0 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=utf-8

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-Robots-Tag: noindex Referrer-Policy: same-origin Last-Modified: Mon, 21 Aug 2023 22:08:28 GMT ETag: "37d-603761e33cf00" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Tue, 05 Sep 2023 23:39:49 GMT Date: Tue, 05 Sep 2023 22:39:49 GMT Connection: keep-alive

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive Host: 94.142.138.131

HTTP/1.1 200 OK Date: Tue, 05 Sep 2023 22:39:50 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firecom.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 25 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Tue, 05 Sep 2023 22:39:50 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 3 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /geoip/v2.1/city/me HTTP/1.1 Connection: Keep-Alive Referer: https://www.maxmind.com/en/locate-my-ip-address User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: www.maxmind.com

HTTP/1.1 301 Moved Permanently Date: Tue, 05 Sep 2023 22:39:51 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Tue, 05 Sep 2023 23:39:51 GMT Location: https://www.maxmind.com/geoip/v2.1/city/me Server: cloudflare CF-RAY: 8021f87a1ea9fffc-ICN

POST /api/firecom.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 13 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Tue, 05 Sep 2023 22:39:51 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firecom.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 69 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Tue, 05 Sep 2023 22:39:51 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 42 Keep-Alive: timeout=5, max=97 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /download/WWW14_n.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 94.156.253.187 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Tue, 05 Sep 2023 22:39:53 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Thu, 31 Aug 2023 12:39:35 GMT ETag: "768200-6043756299f14" Accept-Ranges: bytes Content-Length: 7766528 Content-Type: application/x-msdos-program

GET /download/WWW14_n.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 94.156.253.187 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Tue, 05 Sep 2023 22:39:54 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Thu, 31 Aug 2023 12:39:35 GMT ETag: "768200-6043756299f14" Accept-Ranges: bytes Content-Length: 7766528 Content-Type: application/x-msdos-program

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Tue, 05 Sep 2023 22:40:06 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 389 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Tue, 05 Sep 2023 22:40:09 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Tue, 05 Sep 2023 22:40:10 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Tue, 05 Sep 2023 22:40:19 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 2240 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /netTime.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: red.mk Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently Connection: Keep-Alive Keep-Alive: timeout=5, max=100 date: Tue, 05 Sep 2023 22:40:20 GMT server: LiteSpeed location: https://red.mk/netTime.exe vary: User-Agent

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-Robots-Tag: noindex Referrer-Policy: same-origin Last-Modified: Mon, 21 Aug 2023 22:08:28 GMT ETag: "37d-603761e33cf00" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Tue, 05 Sep 2023 23:40:20 GMT Date: Tue, 05 Sep 2023 22:40:20 GMT Connection: keep-alive

GET /netTime.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: red.mk Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently Connection: Keep-Alive Keep-Alive: timeout=5, max=100 content-type: text/html content-length: 707 date: Tue, 05 Sep 2023 22:40:22 GMT server: LiteSpeed location: https://red.mk/netTime.exe vary: User-Agent

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Tue, 05 Sep 2023 22:41:50 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 413 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Tue, 05 Sep 2023 22:41:50 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 2053 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Tue, 05 Sep 2023 22:41:53 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Tue, 05 Sep 2023 22:41:54 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Tue, 05 Sep 2023 22:41:55 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /geoip/v2.1/city/me HTTP/1.1 Connection: Keep-Alive Referer: https://www.maxmind.com/en/locate-my-ip-address User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: www.maxmind.com

HTTP/1.1 301 Moved Permanently Date: Tue, 05 Sep 2023 22:41:56 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Tue, 05 Sep 2023 23:41:56 GMT Location: https://www.maxmind.com/geoip/v2.1/city/me Server: cloudflare CF-RAY: 8021fb8a5ea9350e-ICN

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Tue, 05 Sep 2023 22:42:02 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 768 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /ummaa.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 05 Sep 2023 22:42:04 GMT Content-Type: application/octet-stream Content-Length: 202752 Last-Modified: Thu, 31 Aug 2023 18:17:58 GMT Connection: keep-alive ETag: "64f0d956-31800" Accept-Ranges: bytes

HEAD /super.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Tue, 05 Sep 2023 22:42:04 GMT Content-Type: text/html Content-Length: 564 Connection: keep-alive

GET /ummaa.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 05 Sep 2023 22:42:04 GMT Content-Type: application/octet-stream Content-Length: 202752 Last-Modified: Thu, 31 Aug 2023 18:17:58 GMT Connection: keep-alive ETag: "64f0d956-31800" Accept-Ranges: bytes

GET /super.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Cache-Control: no-cache

HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Tue, 05 Sep 2023 22:42:04 GMT Content-Type: text/html Content-Length: 564 Connection: keep-alive

HEAD /f/fikim0809331.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 230809204625331.nes.dtf99.top Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Server: Caddy Status: 404 Not Found X-Powered-By: PHP/7.3.25 Date: Tue, 05 Sep 2023 22:42:04 GMT

GET /f/fikim0809331.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 230809204625331.nes.dtf99.top Cache-Control: no-cache

HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Server: Caddy Status: 404 Not Found X-Powered-By: PHP/7.3.25 Date: Tue, 05 Sep 2023 22:42:05 GMT Content-Length: 17