root@arisuchan ~# cat /var/log/nginx/access.log | grep "xobor.de"
212.236.230.113 - - [06/Jun/2025:14:24:28 -0400] "GET /r/ HTTP/1.1" 200 4386 "http://avtodinozavr.xobor.de/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
84.32.15.96 - - [08/Jun/2025:20:08:28 -0400] "GET /r/ HTTP/1.1" 200 4982 "http://avtodinozavr.xobor.de/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "84.32.15.96" "84.32.15.96" "Headers: arisuchan.xyz text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 GB"
194.169.162.29 - - [09/Jun/2025:09:59:55 -0400] "GET /r/ HTTP/1.1" 200 4372 "http://avtodinozavr.xobor.de/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "194.169.162.29" "194.169.162.29" "Headers: arisuchan.xyz text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 NL"
212.52.5.206 - - [10/Jun/2025:09:03:35 -0400] "GET /r/ HTTP/1.1" 200 4372 "http://avtodinozavr.xobor.de/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.52.5.206" "212.52.5.206" "Headers: arisuchan.xyz text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 NL"
108.181.57.133 - - [12/Jun/2025:02:46:02 -0400] "GET /r/ HTTP/1.1" 200 5028 "http://avtodinozavr.xobor.de/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "108.181.57.133" "108.181.57.133" "Headers: arisuchan.xyz text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 US"
91.215.152.12 - - [12/Jun/2025:18:38:36 -0400] "GET /r/ HTTP/1.1" 200 5005 "http://avtodinozavr.xobor.de/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "91.215.152.12" "91.215.152.12" "Headers: arisuchan.xyz text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 BG"
root@arisuchan ~# cat 212.236.230.113.log 
212.236.230.113 - - [06/Jun/2025:14:24:28 -0400] "GET /r/ HTTP/1.1" 200 4386 "http://avtodinozavr.xobor.de/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:24:28 -0400] "GET /captcheck/captcheck.js HTTP/1.1" 304 0 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:24:29 -0400] "GET /js/jquery.min.js HTTP/1.1" 304 0 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:24:29 -0400] "GET /js/inline-expanding.js HTTP/1.1" 304 0 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:24:29 -0400] "GET /main.js HTTP/1.1" 304 0 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:24:29 -0400] "GET /js/code/highlight.min.js HTTP/1.1" 304 0 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:24:29 -0400] "GET /js/show-op.js HTTP/1.1" 304 0 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:24:29 -0400] "GET /js/expand.js HTTP/1.1" 304 0 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:24:30 -0400] "GET /js/auto-reload.js HTTP/1.1" 304 0 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:24:30 -0400] "GET /js/local-time.js HTTP/1.1" 304 0 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:24:30 -0400] "GET /js/post-hover.js HTTP/1.1" 304 0 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:24:30 -0400] "GET /js/expand-video.js HTTP/1.1" 304 0 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:24:30 -0400] "GET /js/multi-image.js HTTP/1.1" 304 0 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:24:30 -0400] "GET /b.php HTTP/1.1" 200 20042 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:24:30 -0400] "GET /fonts/lovelt-webfont.woff HTTP/1.1" 304 0 "https://arisuchan.xyz/stylesheets/styles.css?v3" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:24:30 -0400] "GET /fonts/u0TOpm082MNkS5K0Q4rhqvesZW2xOQ-xsNqO47m55DA.woff2 HTTP/1.1" 304 0 "https://arisuchan.xyz/stylesheets/styles.css?v3" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:24:30 -0400] "GET /fonts/CWB0XYA8bzo0kSThX0UTuA.woff2 HTTP/1.1" 304 0 "https://arisuchan.xyz/stylesheets/styles.css?v3" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:24:31 -0400] "GET /fonts/hMqPNLsu_dywMa4C_DEpY44P5ICox8Kq3LLUNMylGO4.woff2 HTTP/1.1" 304 0 "https://arisuchan.xyz/stylesheets/styles.css?v3" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:24:31 -0400] "GET /fonts/N4duVc9C58uwPiY8_59Fz4lIZu-HDpmDIZMigmsroc4.woff2 HTTP/1.1" 304 0 "https://arisuchan.xyz/stylesheets/styles.css?v3" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:24:31 -0400] "GET /fonts/d-6IYplOFocCacKzxwXSOFtXRa8TVwTICgirnJhmVJw.woff2 HTTP/1.1" 304 0 "https://arisuchan.xyz/stylesheets/styles.css?v3" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:26:45 -0400] "GET /fonts/mErvLBYg_cXG3rLvUsKT_fesZW2xOQ-xsNqO47m55DA.woff2 HTTP/1.1" 404 187 "https://arisuchan.xyz/stylesheets/styles.css?v3" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:26:46 -0400] "GET /captcheck/api.php?action=new HTTP/1.1" 200 334 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:26:46 -0400] "GET /captcheck/api.php?action=img&s=201ba47b6bec1955f7ce9f2cb93e835415c50684332e603af02.97696608&c=e0c2113ca969afd45a6e HTTP/1.1" 200 1309 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:26:46 -0400] "GET /captcheck/api.php?action=img&s=201ba47b6bec1955f7ce9f2cb93e835415c50684332e603af02.97696608&c=4ab81e7dd8ab90d4f91a HTTP/1.1" 200 1205 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:26:46 -0400] "GET /captcheck/api.php?action=img&s=201ba47b6bec1955f7ce9f2cb93e835415c50684332e603af02.97696608&c=a870568b985f1239de37 HTTP/1.1" 200 1228 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:26:46 -0400] "GET /captcheck/api.php?action=img&s=201ba47b6bec1955f7ce9f2cb93e835415c50684332e603af02.97696608&c=39c66b58ca36e25cc181 HTTP/1.1" 200 1278 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:26:46 -0400] "GET /captcheck/api.php?action=img&s=201ba47b6bec1955f7ce9f2cb93e835415c50684332e603af02.97696608&c=0702195ad7cb4ea3df8e HTTP/1.1" 200 800 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:27:12 -0400] "POST /post.php HTTP/1.1" 303 5 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:27:13 -0400] "GET /r/index.html HTTP/1.1" 200 4982 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:27:13 -0400] "GET /b.php HTTP/1.1" 200 1348911 "https://arisuchan.xyz/r/index.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
212.236.230.113 - - [06/Jun/2025:14:27:13 -0400] "GET /r/thumb/1749234432724.png HTTP/1.1" 200 67658 "https://arisuchan.xyz/r/index.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "212.236.230.113" "212.236.230.113" "Headers: arisuchan.xyz image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 AT"
root@arisuchan ~# cat 91.215.152.12.log 
91.215.152.12 - - [12/Jun/2025:18:38:36 -0400] "GET /r/ HTTP/1.1" 200 5005 "http://avtodinozavr.xobor.de/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "91.215.152.12" "91.215.152.12" "Headers: arisuchan.xyz text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 BG"
91.215.152.12 - - [12/Jun/2025:18:38:42 -0400] "GET /b.php HTTP/1.1" 200 661472 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "91.215.152.12" "91.215.152.12" "Headers: arisuchan.xyz image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 BG"
91.215.152.12 - - [12/Jun/2025:18:38:43 -0400] "GET /fonts/lovelt-webfont.woff HTTP/1.1" 304 0 "https://arisuchan.xyz/stylesheets/styles.css?v3" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "91.215.152.12" "91.215.152.12" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 BG"
91.215.152.12 - - [12/Jun/2025:18:38:45 -0400] "GET /fonts/d-6IYplOFocCacKzxwXSOFtXRa8TVwTICgirnJhmVJw.woff2 HTTP/1.1" 304 0 "https://arisuchan.xyz/stylesheets/styles.css?v3" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "91.215.152.12" "91.215.152.12" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 BG"
91.215.152.12 - - [12/Jun/2025:18:38:45 -0400] "GET /fonts/hMqPNLsu_dywMa4C_DEpY44P5ICox8Kq3LLUNMylGO4.woff2 HTTP/1.1" 304 0 "https://arisuchan.xyz/stylesheets/styles.css?v3" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "91.215.152.12" "91.215.152.12" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 BG"
91.215.152.12 - - [12/Jun/2025:18:38:45 -0400] "GET /fonts/N4duVc9C58uwPiY8_59Fz4lIZu-HDpmDIZMigmsroc4.woff2 HTTP/1.1" 304 0 "https://arisuchan.xyz/stylesheets/styles.css?v3" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "91.215.152.12" "91.215.152.12" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 BG"
91.215.152.12 - - [12/Jun/2025:18:39:30 -0400] "GET /fonts/mErvLBYg_cXG3rLvUsKT_fesZW2xOQ-xsNqO47m55DA.woff2 HTTP/1.1" 404 187 "https://arisuchan.xyz/stylesheets/styles.css?v3" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "91.215.152.12" "91.215.152.12" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 BG"
91.215.152.12 - - [12/Jun/2025:18:39:30 -0400] "GET /captcheck/api.php?action=new HTTP/1.1" 200 332 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "91.215.152.12" "91.215.152.12" "Headers: arisuchan.xyz */* ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 BG"
91.215.152.12 - - [12/Jun/2025:18:39:30 -0400] "GET /captcheck/api.php?action=img&s=535a9d9b91bc40ee7a216f95d6bf4fde8629e684b57225f9895.85837709&c=18ded0dad4df97429870 HTTP/1.1" 200 1274 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "91.215.152.12" "91.215.152.12" "Headers: arisuchan.xyz image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 BG"
91.215.152.12 - - [12/Jun/2025:18:39:30 -0400] "GET /captcheck/api.php?action=img&s=535a9d9b91bc40ee7a216f95d6bf4fde8629e684b57225f9895.85837709&c=5852685f1424a05d01f3 HTTP/1.1" 200 1251 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "91.215.152.12" "91.215.152.12" "Headers: arisuchan.xyz image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 BG"
91.215.152.12 - - [12/Jun/2025:18:39:30 -0400] "GET /captcheck/api.php?action=img&s=535a9d9b91bc40ee7a216f95d6bf4fde8629e684b57225f9895.85837709&c=d544b82e6a963d73f5db HTTP/1.1" 200 769 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "91.215.152.12" "91.215.152.12" "Headers: arisuchan.xyz image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 BG"
91.215.152.12 - - [12/Jun/2025:18:39:30 -0400] "GET /captcheck/api.php?action=img&s=535a9d9b91bc40ee7a216f95d6bf4fde8629e684b57225f9895.85837709&c=a23d4a0890efb518b36a HTTP/1.1" 200 1197 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "91.215.152.12" "91.215.152.12" "Headers: arisuchan.xyz image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 BG"
91.215.152.12 - - [12/Jun/2025:18:39:30 -0400] "GET /captcheck/api.php?action=img&s=535a9d9b91bc40ee7a216f95d6bf4fde8629e684b57225f9895.85837709&c=813a9417112a5c6fa015 HTTP/1.1" 200 1361 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "91.215.152.12" "91.215.152.12" "Headers: arisuchan.xyz image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 BG"
91.215.152.12 - - [12/Jun/2025:18:39:41 -0400] "POST /post.php HTTP/1.1" 303 5 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "91.215.152.12" "91.215.152.12" "Headers: arisuchan.xyz text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 BG"
91.215.152.12 - - [12/Jun/2025:18:39:41 -0400] "GET /r/index.html HTTP/1.1" 200 5315 "https://arisuchan.xyz/r/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "91.215.152.12" "91.215.152.12" "Headers: arisuchan.xyz text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 BG"
91.215.152.12 - - [12/Jun/2025:18:39:41 -0400] "GET /b.php HTTP/1.1" 200 364356 "https://arisuchan.xyz/r/index.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "91.215.152.12" "91.215.152.12" "Headers: arisuchan.xyz image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 BG"
91.215.152.12 - - [12/Jun/2025:18:39:42 -0400] "GET /r/thumb/1749767981169.png HTTP/1.1" 200 94080 "https://arisuchan.xyz/r/index.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" "91.215.152.12" "91.215.152.12" "Headers: arisuchan.xyz image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 ru,en-US;q=0.9,en;q=0.8,pl;q=0.7 BG"
root@arisuchan ~# 

^^all off sessions started via a link on http://avtodinozavr.xobor.de/ to arisuchan.xyz/r/ (look at the first line of each individual session)


IP leaks show the user was in Moscow:
00:00:00	─	Sunday (June 15)
03:52:49	cf_fw	[2025-06-15T07:51:01Z] Rule a9054a70421c40a190fb141e0b7affd5 triggered:
03:52:49	cf_fw	action: block
03:52:49	cf_fw	client IP: 91.225.105.30
03:52:49	cf_fw	real IP: 95.27.69.5
03:52:49	cf_fw	timezone: Europe/Moscow
03:52:49	cf_fw	languages: ['ru', 'en-US', 'pl', 'en']
03:52:49	cf_fw	user agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
03:52:49	cf_fw	--------------------------------------------------
00:00:00	─	Monday (June 16)
07:03:33	cf_fw	[2025-06-16T11:02:26Z] Rule a9054a70421c40a190fb141e0b7affd5 triggered:
07:03:34	cf_fw	action: block
07:03:34	cf_fw	client IP: 5.180.25.193
07:03:34	cf_fw	real IP: 95.27.71.166
07:03:34	cf_fw	timezone: Europe/Moscow
07:03:34	cf_fw	languages: ['ru', 'en-US', 'pl', 'en']
07:03:34	cf_fw	user agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
07:03:34	cf_fw	--------------------------------------------------
13:08:12	cf_fw	[2025-06-16T17:06:32Z] Rule a9054a70421c40a190fb141e0b7affd5 triggered:
13:08:12	cf_fw	action: block
13:08:12	cf_fw	client IP: 2605:f700:c0:1::6c36:812c
13:08:12	cf_fw	real IP: 95.27.71.166
13:08:12	cf_fw	timezone: Europe/Moscow
13:08:12	cf_fw	languages: ['ru', 'en-US', 'pl', 'en']
13:08:13	cf_fw	user agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
13:08:13	cf_fw	--------------------------------------------------
00:00:00	─	Friday (June 27, 11 days later)
18:25:33	cf_fw	[2025-06-27T22:24:21Z] Rule a9054a70421c40a190fb141e0b7affd5 triggered:
18:25:33	cf_fw	action: block
18:25:33	cf_fw	client IP: 91.134.18.46
18:25:33	cf_fw	real IP: 100.122.202.6
18:25:33	cf_fw	timezone: Europe/Moscow
18:25:33	cf_fw	languages: ['ru', 'en-US', 'pl', 'en']
18:25:34	cf_fw	user agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
18:25:34	cf_fw	--------------------------------------------------
00:00:00	─	Sunday (July 6, 9 days later)
03:23:32	cf_fw	[2025-07-06T07:21:52Z] Rule a9054a70421c40a190fb141e0b7affd5 triggered:
03:23:32	cf_fw	action: block
03:23:32	cf_fw	client IP: 2a05:4740:16d::1
03:23:32	cf_fw	real IP: 95.27.68.238
03:23:32	cf_fw	timezone: Europe/Moscow
03:23:32	cf_fw	languages: ['ru', 'en-US', 'pl', 'en']
03:23:32	cf_fw	user agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
03:23:32	cf_fw	--------------------------------------------------